Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/d0gbo-ljZxlur4xPFWPh5sECytY.roa
File: d0gbo-ljZxlur4xPFWPh5sECytY.roa (raw, json)
Hash identifier: 4HWKMtIpeLtY2sGrIMPId5/TGVTBZDXKRgrNqf3gm60=
Subject key identifier: 77:48:1B:A3:E9:63:67:19:6E:AF:8C:4F:15:63:E1:E6:C1:02:CA:D6
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 0193DA4FD056AE93B999B387F3CDA560F5F9
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/d0gbo-ljZxlur4xPFWPh5sECytY.roa
Signing time: Wed 18 Dec 2024 15:08:03 +0000
ROA not before: Wed 18 Dec 2024 15:08:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213224
IP address blocks: 66.71.160.0/20 maxlen: 24
209.227.208.0/20 maxlen: 24
209.227.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:4f:d0:56:ae:93:b9:99:b3:87:f3:cd:a5:60:f5:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Dec 18 15:08:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77481ba3e96367196eaf8c4f1563e1e6c102cad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b5:b5:bd:c1:f9:30:dc:05:49:e1:43:fc:da:
4f:42:73:fd:0a:66:d5:b8:49:ab:6b:50:d9:aa:b7:
af:b4:7d:58:39:b0:4d:fe:f9:f9:b0:91:dc:f7:68:
13:ef:6a:20:b0:74:d4:11:95:e7:3f:92:a0:4f:b3:
5e:c6:43:3e:4e:e8:a5:52:01:a4:eb:d3:32:7d:84:
a2:22:db:33:19:9c:d1:f2:6a:d1:ed:43:69:0c:8c:
5d:c9:11:30:4f:7d:65:c9:a4:1d:c8:b8:27:0b:12:
09:a5:7e:e2:04:37:e7:d5:8b:14:57:8f:2c:5f:d8:
5c:f5:bc:5e:05:89:6d:d7:c5:51:88:24:ad:b2:c9:
a2:56:ef:ce:f4:f8:c7:ed:dc:3d:92:2d:f2:28:7e:
ac:f0:8f:40:84:40:aa:ef:ad:e5:d5:3a:73:ab:0a:
c4:64:2c:57:ab:39:27:d6:35:73:d3:c8:10:ac:b4:
eb:9f:fd:db:c7:46:8d:0b:ca:4d:36:0e:ab:d2:ea:
e7:81:bc:a0:17:d5:78:c7:e0:02:ed:77:4d:bc:ae:
40:52:d8:53:d5:01:2d:0e:40:d7:7b:1c:29:3b:74:
b8:4f:be:28:c4:66:71:75:4c:95:26:2b:25:d7:3f:
f0:0b:3f:8d:c3:32:03:09:29:94:b8:a0:7e:93:a4:
25:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:48:1B:A3:E9:63:67:19:6E:AF:8C:4F:15:63:E1:E6:C1:02:CA:D6
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/d0gbo-ljZxlur4xPFWPh5sECytY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.71.160.0/20
209.227.208.0/20
209.227.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:89:00:0f:50:ef:1d:bf:0a:49:93:76:8b:17:53:35:c5:ac:
a8:6d:b4:1b:96:51:a2:9d:f4:21:44:ae:82:1d:d8:aa:9d:8e:
b7:64:7b:92:c8:1d:0c:87:f5:b8:2b:b1:da:90:8c:97:d8:59:
22:1b:aa:c5:a1:50:f8:09:50:cb:a2:48:10:82:8b:10:5f:13:
a4:53:2b:0b:35:21:f6:e0:15:ea:77:ae:5d:f5:9a:1e:b1:ab:
06:7f:28:28:55:8f:bd:8b:fa:4b:ab:5a:9a:ed:e7:ed:bd:9f:
5a:29:ef:2a:4e:08:20:60:86:4c:74:7b:29:64:9e:53:a8:f8:
af:f2:b1:d5:d9:18:fc:e8:68:46:33:3c:9a:cc:02:3d:2f:96:
0a:f6:3f:65:ae:69:4a:ad:b7:93:a2:f4:83:57:12:c8:2c:2d:
e6:92:29:b2:57:34:36:64:e9:70:dd:fe:2e:89:38:e1:5f:0a:
13:17:05:5b:42:a2:57:24:e3:d3:8f:44:df:0c:61:a1:75:a9:
67:fb:f1:e5:df:dd:52:22:08:26:31:42:c3:07:f3:03:b8:f3:
10:f5:0c:ff:25:d2:9f:22:ed:89:be:74:ef:cb:cf:8e:55:f2:
da:2d:ad:b2:2c:90:e8:a1:8d:4c:aa:80:ba:a5:81:89:84:6e:
ad:84:9a:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPaT9BWrpO5mbOH882lYPX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjQxMjE4MTUwODAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQ4MWJhM2U5NjM2NzE5NmVhZjhjNGYxNTYzZTFlNmMxMDJjYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLW1vcH5MNwFSeFD/NpPQnP9CmbV
uEmra1DZqrevtH1YObBN/vn5sJHc92gT72ogsHTUEZXnP5KgT7NexkM+TuilUgGk
69MyfYSiItszGZzR8mrR7UNpDIxdyREwT31lyaQdyLgnCxIJpX7iBDfn1YsUV48s
X9hc9bxeBYlt18VRiCStssmiVu/O9PjH7dw9ki3yKH6s8I9AhECq763l1TpzqwrE
ZCxXqzkn1jVz08gQrLTrn/3bx0aNC8pNNg6r0urngbygF9V4x+AC7XdNvK5AUthT
1QEtDkDXexwpO3S4T74oxGZxdUyVJisl1z/wCz+NwzIDCSmUuKB+k6Ql1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHdIG6PpY2cZbq+MTxVj4ebBAsrWMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvZDBnYm8tbGpaeGx1cjR4UEZXUGg1c0VDeXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEQkegAwQE
0ePQAwQE0ePwMA0GCSqGSIb3DQEBCwUAA4IBAQCmiQAPUO8dvwpJk3aLF1M1xayo
bbQbllGinfQhRK6CHdiqnY63ZHuSyB0Mh/W4K7HakIyX2FkiG6rFoVD4CVDLokgQ
gosQXxOkUysLNSH24BXqd65d9ZoesasGfygoVY+9i/pLq1qa7eftvZ9aKe8qTggg
YIZMdHspZJ5TqPiv8rHV2Rj86GhGMzyazAI9L5YK9j9lrmlKrbeTovSDVxLILC3m
kimyVzQ2ZOlw3f4uiTjhXwoTFwVbQqJXJOPTj0TfDGGhdaln+/Hl391SIggmMULD
B/MDuPMQ9Qz/JdKfIu2JvnTvy8+OVfLaLa2yLJDooY1MqoC6pYGJhG6thJo3
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:24 2024 by rpki-client on console.sobornost.net