Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/hNXd7zEwfVXWnjXoW1gypeQwzdk.roa
File: hNXd7zEwfVXWnjXoW1gypeQwzdk.roa (raw, json)
Hash identifier: ibZTNZjYFtn5ojKnIHE5Ve3sOUGbeYjCgnQyNSkoCvI=
Subject key identifier: 84:D5:DD:EF:31:30:7D:55:D6:9E:35:E8:5B:58:32:A5:E4:30:CD:D9
Certificate issuer: /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial: 018CC6B8D2505AEBF2F0E601B64922A04F05
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/hNXd7zEwfVXWnjXoW1gypeQwzdk.roa
Signing time: Mon 01 Jan 2024 20:30:50 +0000
ROA not before: Mon 01 Jan 2024 20:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59635
IP address blocks: 91.247.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d2:50:5a:eb:f2:f0:e6:01:b6:49:22:a0:4f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Validity
Not Before: Jan 1 20:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84d5ddef31307d55d69e35e85b5832a5e430cdd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9c:c1:6a:5b:15:d5:1d:31:5e:7b:49:ae:a7:
7b:c9:0b:f5:35:d1:64:2a:b3:84:8d:13:e4:5a:1d:
7e:18:10:bc:ad:e1:cb:b7:9b:09:c5:0e:61:22:8f:
36:0a:15:9b:c4:8a:56:47:64:03:3b:8e:5c:ba:3f:
c5:c9:7d:f5:2d:48:dc:b5:4e:0e:f1:b0:30:08:a8:
03:71:f7:b9:06:c1:c3:d6:2a:77:40:28:b0:21:06:
d8:e1:3c:60:10:f1:6d:a0:14:5a:79:f1:4c:9d:ff:
14:c5:ae:f0:6f:27:b5:2a:a3:5d:93:a8:bf:7c:9d:
72:60:63:f0:22:a2:79:ec:b1:48:ad:e0:d3:d4:73:
5b:0e:06:a7:90:1f:80:45:c3:39:7a:01:74:9c:04:
7e:c2:57:a6:65:4c:4b:28:ce:53:14:7e:00:33:d4:
d7:3f:86:a7:cf:26:2c:0e:18:8a:d0:e0:7f:0f:61:
19:f9:ec:68:00:81:17:ac:74:dd:34:06:8f:56:b8:
b6:3c:81:d5:93:e8:37:57:e0:b4:56:d1:f5:b5:b3:
73:44:ca:bc:8e:12:f9:53:8f:cf:24:c7:14:5b:a3:
1e:33:51:0a:6c:00:85:3f:aa:42:d0:db:a1:61:b7:
dd:8d:02:12:af:00:8f:1f:e9:46:83:d9:f0:66:69:
00:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D5:DD:EF:31:30:7D:55:D6:9E:35:E8:5B:58:32:A5:E4:30:CD:D9
X509v3 Authority Key Identifier:
keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/hNXd7zEwfVXWnjXoW1gypeQwzdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.66.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:5a:8d:01:3c:34:8a:c9:ea:93:c0:57:34:1a:5e:86:17:1a:
98:86:ad:cc:83:25:89:1d:29:a2:9a:9a:2e:7f:ee:ee:52:6e:
50:40:8a:62:3b:97:83:56:fc:33:df:12:ef:11:83:bb:9f:c9:
90:9f:00:b6:1b:ab:18:98:ec:bc:6d:33:b6:36:98:31:2b:36:
f4:ad:3d:89:a8:6b:df:f9:b0:ca:a6:a3:66:26:e4:89:22:33:
0b:65:c2:6e:d1:30:86:8f:3a:e5:31:71:db:18:58:09:3f:6b:
50:2b:0c:97:7d:0d:8b:4d:c5:05:5f:18:5f:77:ea:d0:fb:35:
be:9b:1b:c8:f3:a5:64:25:99:5f:86:e7:fc:a9:69:e6:7f:da:
12:06:66:91:00:3c:e0:db:b0:eb:7e:a4:14:dd:e7:a5:ca:c6:
05:75:d0:81:e8:03:ae:72:d9:c3:22:f1:7b:61:64:cc:88:55:
1d:5d:54:dc:c1:b2:5d:2b:bb:e2:21:5e:0d:88:0b:5e:e3:aa:
82:75:0f:29:29:12:6e:91:7a:59:46:7e:eb:44:f5:3b:cb:90:
2e:e1:4e:c9:2b:80:74:99:56:06:2d:29:38:0b:29:30:c2:79:
d2:92:a3:28:f8:26:9b:a1:88:d3:2d:a1:4f:c3:b1:47:b9:32:
4e:76:93:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuNJQWuvy8OYBtkkioE8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjQwMTAxMjAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ1ZGRlZjMxMzA3ZDU1ZDY5ZTM1ZTg1YjU4MzJhNWU0MzBjZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5zBalsV1R0xXntJrqd7yQv1NdFk
KrOEjRPkWh1+GBC8reHLt5sJxQ5hIo82ChWbxIpWR2QDO45cuj/FyX31LUjctU4O
8bAwCKgDcfe5BsHD1ip3QCiwIQbY4TxgEPFtoBRaefFMnf8Uxa7wbye1KqNdk6i/
fJ1yYGPwIqJ57LFIreDT1HNbDgankB+ARcM5egF0nAR+wlemZUxLKM5TFH4AM9TX
P4anzyYsDhiK0OB/D2EZ+exoAIEXrHTdNAaPVri2PIHVk+g3V+C0VtH1tbNzRMq8
jhL5U4/PJMcUW6MeM1EKbACFP6pC0NuhYbfdjQISrwCPH+lGg9nwZmkA4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITV3e8xMH1V1p416FtYMqXkMM3ZMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvaE5YZDd6RXdmVlhXbmpYb1cxZ3lwZVF3emRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW/dCMA0G
CSqGSIb3DQEBCwUAA4IBAQAPWo0BPDSKyeqTwFc0Gl6GFxqYhq3MgyWJHSmimpou
f+7uUm5QQIpiO5eDVvwz3xLvEYO7n8mQnwC2G6sYmOy8bTO2NpgxKzb0rT2JqGvf
+bDKpqNmJuSJIjMLZcJu0TCGjzrlMXHbGFgJP2tQKwyXfQ2LTcUFXxhfd+rQ+zW+
mxvI86VkJZlfhuf8qWnmf9oSBmaRADzg27DrfqQU3eelysYFddCB6AOuctnDIvF7
YWTMiFUdXVTcwbJdK7viIV4NiAte46qCdQ8pKRJukXpZRn7rRPU7y5Au4U7JK4B0
mVYGLSk4CykwwnnSkqMo+CaboYjTLaFPw7FHuTJOdpN3
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:29 2024 by rpki-client on console.sobornost.net