Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/g486sGxNFtcMtLC55wpEH8BjF3o.roa
File: g486sGxNFtcMtLC55wpEH8BjF3o.roa (raw, json)
Hash identifier: KWMbGFwyibSVsXClVjKMdagQ8LgH3HdjcRIOGx3WaPs=
Subject key identifier: 83:8F:3A:B0:6C:4D:16:D7:0C:B4:B0:B9:E7:0A:44:1F:C0:63:17:7A
Certificate issuer: /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial: 0193B0D3F9103BE93CE57BE8E33F2B0959C5
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/g486sGxNFtcMtLC55wpEH8BjF3o.roa
Signing time: Tue 10 Dec 2024 13:48:22 +0000
ROA not before: Tue 10 Dec 2024 13:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 91.233.120.0/24 maxlen: 24
2a11:6740::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:d3:f9:10:3b:e9:3c:e5:7b:e8:e3:3f:2b:09:59:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
Validity
Not Before: Dec 10 13:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=838f3ab06c4d16d70cb4b0b9e70a441fc063177a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1d:e6:0a:8c:ab:57:35:12:d7:f8:9b:5e:76:
71:ce:f2:4e:a6:14:c9:bf:e3:d5:95:ea:4a:2d:bd:
78:01:a0:29:35:b6:4d:69:85:e2:ab:e1:f6:22:17:
95:70:2a:1d:83:97:f4:e2:89:0b:3d:de:7c:6c:36:
12:74:d7:84:45:af:c0:33:16:53:ed:d2:b6:4d:27:
e9:e4:1a:2d:ea:25:98:e7:b7:4b:44:b6:0b:b3:7b:
b5:3a:17:95:78:95:75:97:12:27:53:a1:0b:0d:4f:
de:f9:2e:61:02:22:46:c4:46:02:17:fb:79:4e:98:
39:12:e1:a6:9a:f3:1e:8e:d3:18:be:f5:89:5c:4b:
49:d6:14:2a:e7:d9:5e:1b:86:25:98:de:5d:2c:90:
18:9c:93:01:66:c2:9c:b0:3d:11:60:45:4e:dd:3e:
8f:ed:bc:98:51:af:1f:9a:77:ac:6f:70:e4:cb:f0:
27:01:3a:72:63:c5:9a:16:e6:e1:79:4b:93:f5:66:
6d:52:89:3c:a5:46:95:6d:f6:13:b9:c9:30:95:64:
39:18:b6:41:d6:ef:8c:b0:7b:6e:98:dc:0c:7c:22:
69:41:fe:be:cd:9c:d8:f6:37:a5:bd:54:8d:37:36:
f0:d5:3b:f5:2a:a1:3e:1a:7d:6f:9d:ca:62:eb:86:
ba:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8F:3A:B0:6C:4D:16:D7:0C:B4:B0:B9:E7:0A:44:1F:C0:63:17:7A
X509v3 Authority Key Identifier:
keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/g486sGxNFtcMtLC55wpEH8BjF3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.120.0/24
IPv6:
2a11:6740::/29
Signature Algorithm: sha256WithRSAEncryption
ae:5e:8f:a7:f2:42:d6:03:79:70:c1:57:f9:a5:0c:44:46:79:
ab:44:8e:20:08:28:7f:d1:eb:b8:f3:ef:b3:b0:42:4c:a4:cb:
12:25:87:02:af:06:d2:0a:bd:96:f8:19:e3:1a:3f:9f:9b:8b:
dc:13:d9:82:70:e1:56:d5:4b:14:c6:4b:6f:86:08:43:23:df:
c4:84:bf:f7:1d:da:0c:4d:f3:98:fb:cc:4b:4f:6c:2f:30:b4:
ee:98:e2:bd:10:6a:7d:cd:f3:0a:38:31:1d:52:08:d5:d7:4b:
a2:06:5f:47:d5:53:45:95:7b:18:db:cb:3e:e3:54:ba:92:33:
01:48:45:c2:b6:ce:4d:d8:39:3a:b6:83:6c:b6:d0:c2:8f:1d:
de:0a:53:35:da:74:5b:ef:f0:54:8e:af:57:01:46:f4:31:01:
13:ef:f3:75:5d:38:d0:d7:3a:19:15:e2:e3:65:a6:9f:b2:f2:
35:a0:39:5d:32:ed:7b:b8:f5:70:3b:eb:26:d2:d6:5e:61:a0:
6c:c2:53:11:1f:11:39:a7:34:df:65:cf:c0:70:f4:1f:95:3f:
d5:27:a1:22:bc:ef:38:2f:cf:30:b3:2e:d7:1e:ba:01:11:24:
9c:14:ee:8c:22:3f:6a:d8:ca:53:20:a7:c1:8a:b0:13:ed:ef:
87:90:c7:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOw0/kQO+k85Xvo4z8rCVnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTA2YzE4Nzk1M2NmYzgxMzNiMmJlZWU1ZjAxYTE1ZTQ1
ZGEwNzgwHhcNMjQxMjEwMTM0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhmM2FiMDZjNGQxNmQ3MGNiNGIwYjllNzBhNDQxZmMwNjMxNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh3mCoyrVzUS1/ibXnZxzvJOphTJ
v+PVlepKLb14AaApNbZNaYXiq+H2IheVcCodg5f04okLPd58bDYSdNeERa/AMxZT
7dK2TSfp5Bot6iWY57dLRLYLs3u1OheVeJV1lxInU6ELDU/e+S5hAiJGxEYCF/t5
Tpg5EuGmmvMejtMYvvWJXEtJ1hQq59leG4YlmN5dLJAYnJMBZsKcsD0RYEVO3T6P
7byYUa8fmnesb3Dky/AnATpyY8WaFubheUuT9WZtUok8pUaVbfYTuckwlWQ5GLZB
1u+MsHtumNwMfCJpQf6+zZzY9jelvVSNNzbw1Tv1KqE+Gn1vncpi64a62wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIOPOrBsTRbXDLSwuecKRB/AYxd6MB8GA1UdIwQY
MBaAFFmgbBh5U8/IEzsr7uXwGhXkXaB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODct
ZTQ2ZWE4OWJmODQ5LzEvZzQ4NnNHeE5GdGNNdExDNTV3cEVIOEJqRjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODctZTQ2ZWE4OWJmODQ5
LzEvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW+l4MA0E
AgACMAcDBQMqEWdAMA0GCSqGSIb3DQEBCwUAA4IBAQCuXo+n8kLWA3lwwVf5pQxE
RnmrRI4gCCh/0eu48++zsEJMpMsSJYcCrwbSCr2W+BnjGj+fm4vcE9mCcOFW1UsU
xktvhghDI9/EhL/3HdoMTfOY+8xLT2wvMLTumOK9EGp9zfMKODEdUgjV10uiBl9H
1VNFlXsY28s+41S6kjMBSEXCts5N2Dk6toNsttDCjx3eClM12nRb7/BUjq9XAUb0
MQET7/N1XTjQ1zoZFeLjZaafsvI1oDldMu17uPVwO+sm0tZeYaBswlMRHxE5pzTf
Zc/AcPQflT/VJ6EivO84L88wsy7XHroBESScFO6MIj9q2MpTIKfBirAT7e+HkMeM
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:28 2024 by rpki-client on console.sobornost.net