Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/A9gbuQWz76Vkj2fBvLrz38vV4cg.roa
File: A9gbuQWz76Vkj2fBvLrz38vV4cg.roa (raw, json)
Hash identifier: /S09ckgBhVM7CFW3YF3ZqIPmVAukd5fxfoEFgR//ePY=
Subject key identifier: 03:D8:1B:B9:05:B3:EF:A5:64:8F:67:C1:BC:BA:F3:DF:CB:D5:E1:C8
Certificate issuer: /CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Certificate serial: 018CC6B7BD476D5BE1BBA11DA93577B30D1C
Authority key identifier: 2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/A9gbuQWz76Vkj2fBvLrz38vV4cg.roa
Signing time: Mon 01 Jan 2024 20:29:39 +0000
ROA not before: Mon 01 Jan 2024 20:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16220
IP address blocks: 89.38.156.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:bd:47:6d:5b:e1:bb:a1:1d:a9:35:77:b3:0d:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Validity
Not Before: Jan 1 20:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03d81bb905b3efa5648f67c1bcbaf3dfcbd5e1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:81:da:86:f8:8d:71:dc:78:d8:41:e5:03:80:
66:3d:f0:62:3a:67:dc:49:9a:62:ed:03:c4:62:6a:
fa:73:65:a2:15:f1:42:e7:bd:ae:c6:e7:c8:be:10:
d0:1d:6c:6a:fa:29:3b:e9:d3:48:93:9d:46:35:69:
f5:97:b3:1a:5a:3c:cf:c8:ac:62:d4:70:8a:cc:a3:
27:fe:05:20:97:3e:b0:5b:9b:6b:db:31:a3:22:ac:
47:58:d4:15:93:c9:8a:01:39:1f:68:f5:b6:e1:2e:
dd:bf:11:19:e5:f6:9f:28:b1:ea:12:d1:1b:45:66:
0c:21:7f:10:a5:a1:ca:c2:82:ea:22:22:00:4d:74:
74:34:82:ce:53:ef:90:af:04:0a:65:be:c5:87:63:
92:87:53:7f:f2:d2:e7:eb:4d:a5:fe:6c:49:63:f9:
f8:f7:d8:ce:01:c2:06:1a:71:f1:42:f7:ac:20:33:
da:4d:fc:fe:aa:0f:e7:20:61:98:3d:eb:17:3f:ea:
07:ba:be:82:3a:cc:7a:68:99:be:ef:be:a9:c6:51:
1a:cc:18:60:88:f0:b3:b1:9d:41:7b:91:8c:b9:c4:
22:97:06:d6:9a:04:5f:b6:fe:fd:b3:1d:85:c7:d8:
14:d2:cb:b5:cd:d4:05:e8:3c:c6:32:69:e8:14:27:
44:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D8:1B:B9:05:B3:EF:A5:64:8F:67:C1:BC:BA:F3:DF:CB:D5:E1:C8
X509v3 Authority Key Identifier:
keyid:2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/A9gbuQWz76Vkj2fBvLrz38vV4cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.156.0/22
Signature Algorithm: sha256WithRSAEncryption
10:e8:fe:f6:79:74:97:14:1f:75:60:9a:67:31:6b:99:75:9f:
fe:7e:b4:6c:7e:56:41:0f:96:71:8d:45:8c:cd:4f:49:ed:98:
92:84:46:6b:56:df:d4:d7:7b:e1:87:ac:50:c6:12:c7:6a:cd:
47:6d:18:b6:a6:a7:ad:c1:e7:4b:3f:30:48:ab:1a:58:6e:dd:
9e:bb:a3:af:2e:06:61:04:6b:91:b6:3f:50:88:7f:b0:79:ab:
cd:e2:ec:db:38:b9:1e:08:fb:05:5e:1f:40:ef:a9:8d:3a:d5:
5a:d1:68:2a:3c:3c:e9:4e:84:6a:90:77:86:37:3e:ac:a3:a1:
28:7e:77:38:ad:b4:c2:68:83:df:fc:8b:05:dd:b7:47:c8:a5:
89:62:f1:6d:ca:e0:fc:8c:46:34:ed:5e:ea:b4:14:b1:97:fe:
6d:e7:1c:9c:06:37:4d:10:55:a9:d9:06:9d:bc:30:a9:72:8f:
62:3f:5c:65:c8:3e:60:55:25:40:ea:65:5a:5f:c3:f8:3c:a3:
9b:c5:4c:70:43:4c:9d:11:d4:be:5c:04:29:ec:f7:41:c2:69:
c0:29:c6:84:e4:77:16:c5:ad:55:48:39:06:7b:b3:81:0f:3b:
f0:28:22:12:ce:84:f8:a2:24:bd:53:d8:0a:33:d9:a3:19:90:
e8:9f:cb:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt71HbVvhu6EdqTV3sw0cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmIzMzQxM2ZhYTVlNWUxZDI3OWEyYTI1ZmY4MWQ4ZDE1
MzI1ZGYwHhcNMjQwMTAxMjAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q4MWJiOTA1YjNlZmE1NjQ4ZjY3YzFiY2JhZjNkZmNiZDVlMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4HahviNcdx42EHlA4BmPfBiOmfc
SZpi7QPEYmr6c2WiFfFC572uxufIvhDQHWxq+ik76dNIk51GNWn1l7MaWjzPyKxi
1HCKzKMn/gUglz6wW5tr2zGjIqxHWNQVk8mKATkfaPW24S7dvxEZ5fafKLHqEtEb
RWYMIX8QpaHKwoLqIiIATXR0NILOU++QrwQKZb7Fh2OSh1N/8tLn602l/mxJY/n4
99jOAcIGGnHxQvesIDPaTfz+qg/nIGGYPesXP+oHur6COsx6aJm+776pxlEazBhg
iPCzsZ1Be5GMucQilwbWmgRftv79sx2Fx9gU0su1zdQF6DzGMmnoFCdEpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPYG7kFs++lZI9nwby689/L1eHIMB8GA1UdIwQY
MBaAFC5rM0E/ql5eHSeaKiX/gdjRUyXfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYt
OGRkODFlNGIzZTMzLzEvQTlnYnVRV3o3NlZrajJmQnZMcnozOHZWNGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYtOGRkODFlNGIzZTMz
LzEvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSacMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ6P72eXSXFB91YJpnMWuZdZ/+frRsflZBD5ZxjUWM
zU9J7ZiShEZrVt/U13vhh6xQxhLHas1HbRi2pqetwedLPzBIqxpYbt2eu6OvLgZh
BGuRtj9QiH+weavN4uzbOLkeCPsFXh9A76mNOtVa0WgqPDzpToRqkHeGNz6so6Eo
fnc4rbTCaIPf/IsF3bdHyKWJYvFtyuD8jEY07V7qtBSxl/5t5xycBjdNEFWp2Qad
vDCpco9iP1xlyD5gVSVA6mVaX8P4PKObxUxwQ0ydEdS+XAQp7PdBwmnAKcaE5HcW
xa1VSDkGe7OBDzvwKCISzoT4oiS9U9gKM9mjGZDon8vm
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:26 2024 by rpki-client on console.sobornost.net