Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/9qI0lJ0qBfACRRFn_CwWVgujgok.roa
File: 9qI0lJ0qBfACRRFn_CwWVgujgok.roa (raw, json)
Hash identifier: I4KIN2DXsi0YTKAKt5HLJYSMuFZdL+MY3eJx4ORCG4g=
Subject key identifier: F6:A2:34:94:9D:2A:05:F0:02:45:11:67:FC:2C:16:56:0B:A3:82:89
Certificate issuer: /CN=1375aa5e37c42f7deb7f3b0e9670bf59a2aca6b5
Certificate serial: 019316CA1076659CDF73612FCE2EECDC9302
Authority key identifier: 13:75:AA:5E:37:C4:2F:7D:EB:7F:3B:0E:96:70:BF:59:A2:AC:A6:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3WqXjfEL33rfzsOlnC_WaKsprU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/9qI0lJ0qBfACRRFn_CwWVgujgok.roa
Signing time: Sun 10 Nov 2024 15:56:01 +0000
ROA not before: Sun 10 Nov 2024 15:56:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214754
IP address blocks: 195.26.234.0/23 maxlen: 24
2a0a:9940::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:16:ca:10:76:65:9c:df:73:61:2f:ce:2e:ec:dc:93:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1375aa5e37c42f7deb7f3b0e9670bf59a2aca6b5
Validity
Not Before: Nov 10 15:56:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6a234949d2a05f002451167fc2c16560ba38289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:82:6a:83:c6:cd:76:ad:7b:7e:76:50:a4:69:
67:65:04:72:e8:9a:c1:48:1b:42:67:87:6a:c7:8d:
34:62:bf:b9:20:1e:b0:0a:7f:a8:73:ba:81:40:ef:
78:64:8e:94:ce:ad:d6:1a:1d:99:85:e8:68:0b:7f:
a7:4d:dd:2f:09:2c:b6:8a:87:b2:3c:03:cf:e7:0f:
26:54:0a:1c:f1:c1:51:b3:4f:db:b9:85:6e:2c:50:
39:3c:92:77:94:80:c2:99:9c:6c:05:cc:d9:a5:ff:
7c:93:5d:dd:12:a0:cd:fa:d9:9e:9f:a0:35:af:de:
4a:a5:8d:3d:71:70:b5:df:c8:c3:9a:20:20:b3:3d:
d6:26:ea:06:0b:95:42:ee:75:36:fe:1b:d8:38:55:
46:f6:ea:8e:e5:17:c3:e8:ba:1d:58:8a:a1:68:00:
f7:e2:4c:3b:a3:29:17:d7:17:00:75:96:78:55:f5:
bf:88:94:fe:b0:5c:50:94:4d:99:5a:45:9e:14:55:
3e:be:c0:4a:e1:8b:f2:2e:f4:f5:45:83:11:8a:e9:
cf:06:6c:92:46:20:67:e5:e2:35:53:a7:4c:83:4a:
d1:6e:68:a6:5a:55:2b:52:0a:d4:8c:de:06:67:9b:
ae:ca:17:31:5c:3e:fb:2b:30:67:17:f4:cf:12:bb:
ef:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A2:34:94:9D:2A:05:F0:02:45:11:67:FC:2C:16:56:0B:A3:82:89
X509v3 Authority Key Identifier:
keyid:13:75:AA:5E:37:C4:2F:7D:EB:7F:3B:0E:96:70:BF:59:A2:AC:A6:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3WqXjfEL33rfzsOlnC_WaKsprU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/9qI0lJ0qBfACRRFn_CwWVgujgok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/de97dd-e721-4192-b8b4-d4b725d0676c/1/E3WqXjfEL33rfzsOlnC_WaKsprU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.234.0/23
IPv6:
2a0a:9940::/29
Signature Algorithm: sha256WithRSAEncryption
95:9d:b2:7a:cb:ff:88:c2:b0:e9:3e:64:4a:4e:46:b7:3b:67:
29:a6:e5:ff:43:77:ac:b6:b0:45:3e:64:9e:c3:49:14:53:d2:
52:5d:a8:ba:f5:40:df:ea:ae:fb:86:01:e2:bb:66:00:47:ea:
8a:14:ab:4d:42:67:ab:b8:70:48:59:42:90:96:12:66:82:91:
79:f2:e4:e5:5a:60:09:96:19:91:5c:c8:7b:84:aa:1c:12:28:
fd:fb:a3:d1:31:1d:81:45:28:c3:20:4e:90:64:b9:cc:3b:48:
3e:ea:04:a6:8d:7d:b4:4c:07:2d:7c:e9:19:ee:86:4c:d9:6b:
ba:d7:90:c8:4f:40:09:68:12:7d:42:1d:02:a4:7e:b2:16:e1:
4a:98:5d:ea:10:be:55:2e:a1:a9:95:7d:f6:94:fc:f2:19:82:
9c:56:c7:6c:9d:78:52:03:72:4b:93:d5:68:e7:10:a2:9e:35:
f2:fe:e9:07:89:35:52:93:cd:fd:87:1f:9a:2b:e1:e3:85:27:
b7:35:f0:ed:68:0c:06:ea:c0:1e:a8:f1:d3:c7:0c:f7:76:9b:
3f:a7:6f:ad:b3:25:e9:9c:1d:e5:2c:a7:5f:71:ac:79:5e:b6:
9b:96:c6:39:76:0a:d0:3a:eb:4e:ac:8b:a0:65:15:1f:dd:31:
52:d4:a5:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMWyhB2ZZzfc2Evzi7s3JMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzVhYTVlMzdjNDJmN2RlYjdmM2IwZTk2NzBiZjU5YTJh
Y2E2YjUwHhcNMjQxMTEwMTU1NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmEyMzQ5NDlkMmEwNWYwMDI0NTExNjdmYzJjMTY1NjBiYTM4Mjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4Jqg8bNdq17fnZQpGlnZQRy6JrB
SBtCZ4dqx400Yr+5IB6wCn+oc7qBQO94ZI6Uzq3WGh2ZhehoC3+nTd0vCSy2ioey
PAPP5w8mVAoc8cFRs0/buYVuLFA5PJJ3lIDCmZxsBczZpf98k13dEqDN+tmen6A1
r95KpY09cXC138jDmiAgsz3WJuoGC5VC7nU2/hvYOFVG9uqO5RfD6LodWIqhaAD3
4kw7oykX1xcAdZZ4VfW/iJT+sFxQlE2ZWkWeFFU+vsBK4YvyLvT1RYMRiunPBmyS
RiBn5eI1U6dMg0rRbmimWlUrUgrUjN4GZ5uuyhcxXD77KzBnF/TPErvvAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPaiNJSdKgXwAkURZ/wsFlYLo4KJMB8GA1UdIwQY
MBaAFBN1ql43xC996387DpZwv1mirKa1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNXcVhqZkVMMzNyZnpzT2xuQ19XYUtzcHJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZTk3ZGQtZTcyMS00MTkyLWI4YjQt
ZDRiNzI1ZDA2NzZjLzEvOXFJMGxKMHFCZkFDUlJGbl9Dd1dWZ3VqZ29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZTk3ZGQtZTcyMS00MTkyLWI4YjQtZDRiNzI1ZDA2NzZj
LzEvRTNXcVhqZkVMMzNyZnpzT2xuQ19XYUtzcHJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwxrqMA0E
AgACMAcDBQMqCplAMA0GCSqGSIb3DQEBCwUAA4IBAQCVnbJ6y/+IwrDpPmRKTka3
O2cppuX/Q3estrBFPmSew0kUU9JSXai69UDf6q77hgHiu2YAR+qKFKtNQmeruHBI
WUKQlhJmgpF58uTlWmAJlhmRXMh7hKocEij9+6PRMR2BRSjDIE6QZLnMO0g+6gSm
jX20TActfOkZ7oZM2Wu615DIT0AJaBJ9Qh0CpH6yFuFKmF3qEL5VLqGplX32lPzy
GYKcVsdsnXhSA3JLk9Vo5xCinjXy/ukHiTVSk839hx+aK+HjhSe3NfDtaAwG6sAe
qPHTxwz3dps/p2+tsyXpnB3lLKdfcax5XrablsY5dgrQOutOrIugZRUf3TFS1KV7
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:38 2024 by rpki-client on console.sobornost.net