Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/9u8l9Ou1v5xwU_PafjsPLy90l2I.roa
File: 9u8l9Ou1v5xwU_PafjsPLy90l2I.roa (raw, json)
Hash identifier: +eG41bAsr+7t8u78LbP4WLLRyn3HYfgc2BkJpcdBsG8=
Subject key identifier: F6:EF:25:F4:EB:B5:BF:9C:70:53:F3:DA:7E:3B:0F:2F:2F:74:97:62
Certificate issuer: /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial: 0193B0D3F96624666048EB97B8A67EF7FF1C
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/9u8l9Ou1v5xwU_PafjsPLy90l2I.roa
Signing time: Tue 10 Dec 2024 13:48:22 +0000
ROA not before: Tue 10 Dec 2024 13:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.233.120.0/24 maxlen: 24
2a11:6740::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:d3:f9:66:24:66:60:48:eb:97:b8:a6:7e:f7:ff:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
Validity
Not Before: Dec 10 13:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6ef25f4ebb5bf9c7053f3da7e3b0f2f2f749762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:05:4d:57:4d:77:f4:cd:2b:31:9a:a2:1b:
3b:69:6e:f3:35:96:5c:97:3c:f8:83:1d:1f:ff:05:
f5:4d:66:dc:ce:ac:69:9c:68:ca:7a:ba:91:39:28:
8c:23:b8:2e:b2:70:02:50:49:7f:10:d0:8f:84:cd:
7e:2a:62:2e:b2:78:82:a0:33:ea:4c:f6:63:80:64:
2e:29:b7:83:49:db:e9:12:18:60:d5:a1:02:01:3b:
ed:2a:a3:1c:40:13:fd:02:ec:2b:a6:5d:4a:4b:c3:
df:29:89:38:a1:e3:3e:f6:5d:e0:ee:34:42:ff:6b:
d9:e9:ac:84:39:70:28:f5:8b:f3:c3:09:55:c8:57:
3b:47:ae:45:ed:76:c4:d6:44:33:d9:e7:f9:53:57:
88:b5:91:d8:99:b1:f3:16:3e:87:5a:49:48:9b:21:
12:38:24:5e:e1:40:be:b7:66:d2:6e:4f:50:7b:4b:
f0:2e:6a:a8:c8:a8:5b:d5:a9:d0:95:83:9c:b2:b6:
6a:25:1b:9b:02:23:3d:6a:fc:e0:6e:92:9b:5f:d9:
68:83:2c:ad:91:8d:39:8a:03:d6:be:8c:2c:d6:6b:
94:a4:da:a9:c2:54:6a:21:f3:18:c5:88:a9:71:a4:
23:f6:14:8a:b4:b6:7a:24:13:54:2a:74:95:fd:da:
87:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:EF:25:F4:EB:B5:BF:9C:70:53:F3:DA:7E:3B:0F:2F:2F:74:97:62
X509v3 Authority Key Identifier:
keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/9u8l9Ou1v5xwU_PafjsPLy90l2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.120.0/24
IPv6:
2a11:6740::/29
Signature Algorithm: sha256WithRSAEncryption
50:b8:04:7f:e0:05:5b:ff:bf:ab:fd:8f:08:92:9e:bd:95:78:
c1:f8:66:30:e8:69:85:f7:f6:79:73:89:6f:9a:35:b5:00:60:
c5:94:ef:36:c3:7b:7a:65:71:f8:fd:5d:27:7d:e1:26:a3:44:
76:e6:44:40:eb:5b:ba:1f:dd:25:7b:e7:85:8c:68:48:8a:13:
5b:a6:8c:3c:1b:e8:8e:c5:a2:67:f7:0f:2d:65:41:71:e4:c2:
d1:3a:00:f3:8a:0f:01:bd:73:e9:d1:cd:1c:5f:2b:cc:9b:2e:
f4:8b:7e:f2:bc:89:a4:89:5b:f2:9d:94:7b:e6:70:4c:51:8b:
2f:25:29:26:87:39:9f:b9:27:d8:51:1a:14:02:19:11:13:3d:
80:f0:ce:70:a5:88:bc:bf:87:d0:1a:d4:34:d2:9a:30:a6:cd:
48:b3:09:60:93:4b:e1:67:0b:7e:27:13:15:e9:37:5a:a5:d9:
cf:7c:ed:fe:26:ba:cf:e1:74:fd:d3:55:d2:2b:d6:31:4a:38:
84:b5:09:6a:b4:93:75:8c:4c:18:82:e4:df:c2:64:1c:93:a8:
d8:a7:d9:3a:b4:76:db:7b:51:54:7e:e8:85:c3:bf:dd:8b:2b:
f8:bc:2a:e1:de:f3:b6:14:63:ad:1c:fe:8e:0d:d0:1b:9e:90:
24:31:dc:4c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOw0/lmJGZgSOuXuKZ+9/8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTA2YzE4Nzk1M2NmYzgxMzNiMmJlZWU1ZjAxYTE1ZTQ1
ZGEwNzgwHhcNMjQxMjEwMTM0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmVmMjVmNGViYjViZjljNzA1M2YzZGE3ZTNiMGYyZjJmNzQ5NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7YFTVdNd/TNKzGaohs7aW7zNZZc
lzz4gx0f/wX1TWbczqxpnGjKerqROSiMI7gusnACUEl/ENCPhM1+KmIusniCoDPq
TPZjgGQuKbeDSdvpEhhg1aECATvtKqMcQBP9Auwrpl1KS8PfKYk4oeM+9l3g7jRC
/2vZ6ayEOXAo9YvzwwlVyFc7R65F7XbE1kQz2ef5U1eItZHYmbHzFj6HWklImyES
OCRe4UC+t2bSbk9Qe0vwLmqoyKhb1anQlYOcsrZqJRubAiM9avzgbpKbX9logyyt
kY05igPWvows1muUpNqpwlRqIfMYxYipcaQj9hSKtLZ6JBNUKnSV/dqHAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPbvJfTrtb+ccFPz2n47Dy8vdJdiMB8GA1UdIwQY
MBaAFFmgbBh5U8/IEzsr7uXwGhXkXaB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODct
ZTQ2ZWE4OWJmODQ5LzEvOXU4bDlPdTF2NXh3VV9QYWZqc1BMeTkwbDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODctZTQ2ZWE4OWJmODQ5
LzEvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l4MA0E
AgACMAcDBQMqEWdAMA0GCSqGSIb3DQEBCwUAA4IBAQBQuAR/4AVb/7+r/Y8Ikp69
lXjB+GYw6GmF9/Z5c4lvmjW1AGDFlO82w3t6ZXH4/V0nfeEmo0R25kRA61u6H90l
e+eFjGhIihNbpow8G+iOxaJn9w8tZUFx5MLROgDzig8BvXPp0c0cXyvMmy70i37y
vImkiVvynZR75nBMUYsvJSkmhzmfuSfYURoUAhkREz2A8M5wpYi8v4fQGtQ00pow
ps1Iswlgk0vhZwt+JxMV6TdapdnPfO3+JrrP4XT901XSK9YxSjiEtQlqtJN1jEwY
guTfwmQck6jYp9k6tHbbe1FUfuiFw7/diyv4vCrh3vO2FGOtHP6ODdAbnpAkMdxM
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:28 2024 by rpki-client on console.sobornost.net