Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/81a0df-04b5-47ef-8695-4b5864b9d1d9/1/Pk1-KB9_vY04utwjhYtp6YDWoyQ.roa
File: Pk1-KB9_vY04utwjhYtp6YDWoyQ.roa (raw, json)
Hash identifier: oK+Ik/VRrlMu02k1WSV14/bUEFGBDxxS7UCIJUzjZ6E=
Subject key identifier: 3E:4D:7E:28:1F:7F:BD:8D:38:BA:DC:23:85:8B:69:E9:80:D6:A3:24
Certificate issuer: /CN=56f2666f6da410b35a40b77265fafed6f1b9426c
Certificate serial: 018CC87055BC83E8CEF93F56C3A6855B007B
Authority key identifier: 56:F2:66:6F:6D:A4:10:B3:5A:40:B7:72:65:FA:FE:D6:F1:B9:42:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VvJmb22kELNaQLdyZfr-1vG5Qmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/81a0df-04b5-47ef-8695-4b5864b9d1d9/1/Pk1-KB9_vY04utwjhYtp6YDWoyQ.roa
Signing time: Tue 02 Jan 2024 04:30:54 +0000
ROA not before: Tue 02 Jan 2024 04:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51626
IP address blocks: 91.220.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:55:bc:83:e8:ce:f9:3f:56:c3:a6:85:5b:00:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56f2666f6da410b35a40b77265fafed6f1b9426c
Validity
Not Before: Jan 2 04:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e4d7e281f7fbd8d38badc23858b69e980d6a324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:31:20:bd:f0:bf:90:e0:8d:a5:1c:ef:93:d0:
a9:e7:96:cb:18:e1:08:25:aa:f5:3d:bc:d7:7d:a2:
7f:94:52:53:fa:fe:d7:7b:1a:c5:7f:0c:45:c6:f0:
9f:4c:b8:1b:24:c1:b8:5f:4a:bf:4d:37:c3:eb:67:
79:70:eb:32:2f:8e:82:56:77:1b:f0:5a:73:f0:b9:
3a:27:7a:c9:6e:73:74:a2:16:06:17:73:96:df:27:
ae:de:b1:00:f5:8b:2f:9d:f9:47:9d:40:fa:1b:73:
e6:58:ac:0e:f2:ea:0e:ae:b3:be:31:b5:cc:62:e4:
23:35:34:07:6d:25:3f:50:a1:84:8a:c8:90:61:a5:
03:07:a4:0e:22:a9:cf:c9:fd:ee:54:3c:e7:13:80:
5f:f3:ad:19:12:5a:b3:46:1c:4d:bc:cf:df:0d:88:
9f:a1:16:d1:80:88:fb:ce:79:1c:b6:2a:56:fd:43:
f3:e7:07:eb:1c:29:5c:5b:29:07:11:5c:c1:b0:63:
41:19:c7:cb:7a:fe:0c:62:b3:6a:e6:24:b4:48:10:
2b:07:74:79:98:4b:70:43:a5:f7:ce:38:85:57:77:
0e:e9:91:36:c3:13:36:8b:3f:d6:5c:dd:b1:50:d9:
1c:85:c4:37:fb:3b:4e:45:88:ea:94:e8:f4:2c:ff:
ee:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4D:7E:28:1F:7F:BD:8D:38:BA:DC:23:85:8B:69:E9:80:D6:A3:24
X509v3 Authority Key Identifier:
keyid:56:F2:66:6F:6D:A4:10:B3:5A:40:B7:72:65:FA:FE:D6:F1:B9:42:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VvJmb22kELNaQLdyZfr-1vG5Qmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/81a0df-04b5-47ef-8695-4b5864b9d1d9/1/Pk1-KB9_vY04utwjhYtp6YDWoyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/81a0df-04b5-47ef-8695-4b5864b9d1d9/1/VvJmb22kELNaQLdyZfr-1vG5Qmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.13.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a3:46:32:ad:ce:31:18:c2:a4:c0:b5:3c:db:93:e4:6d:a0:
bc:ab:56:c8:96:0c:5d:43:00:c1:6c:eb:c2:a2:17:46:a3:89:
68:61:bf:1d:01:05:2c:5c:5d:38:80:52:1a:f9:81:6e:5b:09:
e8:f3:02:ca:b8:28:08:03:98:27:56:b0:e8:ec:5e:af:3d:c3:
a3:02:dd:f0:94:af:aa:f9:c7:97:58:c1:4f:d3:da:90:4a:ac:
1e:72:de:07:09:d0:4d:0d:9f:c4:9a:6b:3b:b0:aa:ae:77:64:
fc:3d:96:c8:cf:83:ef:4c:27:9a:0c:69:20:9c:b4:d3:0d:e4:
db:66:6a:47:8f:7b:a6:62:86:01:30:58:f6:a5:a7:da:dd:7c:
08:84:04:a0:2d:86:75:7d:3e:0e:5d:43:8f:2f:6e:9d:cf:0a:
40:58:db:43:0f:d1:0c:c3:52:c7:1c:0f:a1:4d:55:cc:b4:b4:
ca:20:c7:26:32:83:10:c8:b6:17:85:f1:ba:4c:cb:d8:03:a3:
6c:2f:dc:32:8b:78:13:49:6c:f7:14:63:f1:ac:5a:20:dd:35:
8d:26:de:df:87:3b:36:59:8c:d7:15:8c:e3:31:7d:b3:85:a4:
b4:c2:e9:71:ce:2a:33:35:8c:74:8f:4c:ac:69:44:9b:d4:ac:
56:ae:8e:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcFW8g+jO+T9Ww6aFWwB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZjI2NjZmNmRhNDEwYjM1YTQwYjc3MjY1ZmFmZWQ2ZjFi
OTQyNmMwHhcNMjQwMTAyMDQzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRkN2UyODFmN2ZiZDhkMzhiYWRjMjM4NThiNjllOTgwZDZhMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDEgvfC/kOCNpRzvk9Cp55bLGOEI
Jar1PbzXfaJ/lFJT+v7XexrFfwxFxvCfTLgbJMG4X0q/TTfD62d5cOsyL46CVncb
8Fpz8Lk6J3rJbnN0ohYGF3OW3yeu3rEA9YsvnflHnUD6G3PmWKwO8uoOrrO+MbXM
YuQjNTQHbSU/UKGEisiQYaUDB6QOIqnPyf3uVDznE4Bf860ZElqzRhxNvM/fDYif
oRbRgIj7znkctipW/UPz5wfrHClcWykHEVzBsGNBGcfLev4MYrNq5iS0SBArB3R5
mEtwQ6X3zjiFV3cO6ZE2wxM2iz/WXN2xUNkchcQ3+ztORYjqlOj0LP/uEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5Nfigff72NOLrcI4WLaemA1qMkMB8GA1UdIwQY
MBaAFFbyZm9tpBCzWkC3cmX6/tbxuUJsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnZKbWIyMmtFTE5hUUxkeVpmci0xdkc1UW13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84MWEwZGYtMDRiNS00N2VmLTg2OTUt
NGI1ODY0YjlkMWQ5LzEvUGsxLUtCOV92WTA0dXR3amhZdHA2WURXb3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84MWEwZGYtMDRiNS00N2VmLTg2OTUtNGI1ODY0YjlkMWQ5
LzEvVnZKbWIyMmtFTE5hUUxkeVpmci0xdkc1UW13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9wNMA0G
CSqGSIb3DQEBCwUAA4IBAQCfo0Yyrc4xGMKkwLU825PkbaC8q1bIlgxdQwDBbOvC
ohdGo4loYb8dAQUsXF04gFIa+YFuWwno8wLKuCgIA5gnVrDo7F6vPcOjAt3wlK+q
+ceXWMFP09qQSqwect4HCdBNDZ/Emms7sKqud2T8PZbIz4PvTCeaDGkgnLTTDeTb
ZmpHj3umYoYBMFj2pafa3XwIhASgLYZ1fT4OXUOPL26dzwpAWNtDD9EMw1LHHA+h
TVXMtLTKIMcmMoMQyLYXhfG6TMvYA6NsL9wyi3gTSWz3FGPxrFog3TWNJt7fhzs2
WYzXFYzjMX2zhaS0wulxziozNYx0j0ysaUSb1KxWro7g
-----END CERTIFICATE-----
Generated at Thu Apr 4 16:20:07 2024 by rpki-client on console.sobornost.net