Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/JuMm9e7voK0OrcTG72174yGyjEA.roa
File: JuMm9e7voK0OrcTG72174yGyjEA.roa (raw, json)
Hash identifier: jSLcggbQuCDTqJ3ofhdJBG17A4G0nQhy+oDm4OvSnbg=
Subject key identifier: 26:E3:26:F5:EE:EF:A0:AD:0E:AD:C4:C6:EF:6D:7B:E3:21:B2:8C:40
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 019386CC834EFDC012A6DBF184C9315B35E4
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/JuMm9e7voK0OrcTG72174yGyjEA.roa
Signing time: Mon 02 Dec 2024 09:56:10 +0000
ROA not before: Mon 02 Dec 2024 09:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6714
IP address blocks: 78.133.220.0/22 maxlen: 22
2001:4190:8032::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:cc:83:4e:fd:c0:12:a6:db:f1:84:c9:31:5b:35:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Dec 2 09:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26e326f5eeefa0ad0eadc4c6ef6d7be321b28c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:80:ef:12:5b:7e:7b:10:de:fb:52:eb:d9:2e:
92:4c:e4:d1:69:5d:ef:e7:2a:d5:0e:6e:59:d6:5a:
5a:54:8a:38:17:c8:2b:29:8e:b8:83:14:7b:f5:57:
97:f9:05:c3:72:30:d2:b5:0a:d8:1c:43:69:31:fb:
32:af:4c:2e:bb:15:8d:33:69:0a:f5:d6:de:99:7a:
90:f8:3d:36:0a:4a:f5:76:84:f2:14:4a:0d:50:fd:
5e:e1:7a:b0:18:8e:41:38:7e:a5:24:f9:f3:a9:b6:
13:a8:16:a6:f9:50:9d:c7:17:51:21:69:e1:cf:fe:
69:07:70:ca:f2:27:ab:93:38:90:bf:7e:cc:9a:6f:
ec:90:c9:cf:ef:e9:2f:b6:37:08:1e:9e:70:9b:1b:
db:38:56:29:d4:6a:35:92:f1:2c:cb:1f:61:e0:7b:
15:ae:c9:ee:d7:c3:41:f5:c1:ae:9f:4c:88:59:7f:
2b:d6:f6:a0:8f:e1:1d:04:d6:d7:9e:db:7f:18:98:
86:53:02:91:6a:41:cf:73:0e:43:4a:9f:2b:93:3a:
65:e0:4e:06:99:61:27:b5:e2:0f:53:ec:8e:20:38:
1a:e2:df:fc:93:01:54:4b:f4:4c:85:aa:f5:55:92:
54:75:f7:d0:e6:1c:60:78:d4:00:c8:6d:5f:5c:02:
0d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E3:26:F5:EE:EF:A0:AD:0E:AD:C4:C6:EF:6D:7B:E3:21:B2:8C:40
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/JuMm9e7voK0OrcTG72174yGyjEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.220.0/22
IPv6:
2001:4190:8032::/48
Signature Algorithm: sha256WithRSAEncryption
2f:72:7e:3a:dc:b1:44:d5:04:17:f7:19:f5:8b:b3:8c:68:4c:
4b:7f:e7:e1:15:de:13:a0:61:df:34:96:d4:02:ec:0e:09:99:
70:9d:a2:77:b1:02:9e:07:68:ec:81:4a:5b:d8:99:dd:d6:d2:
02:17:51:f8:c1:72:d1:9d:21:c4:c2:2e:18:e4:aa:48:8f:21:
0b:4a:9a:e1:f2:24:4c:ab:bd:45:c4:1e:22:06:cd:f1:9d:81:
59:42:39:36:c8:c7:e3:ae:76:c6:0e:84:db:e0:2d:44:e2:d0:
66:68:83:4f:8b:23:c9:a1:72:94:75:dc:0b:78:4f:fd:6c:68:
34:fa:68:79:22:09:4d:07:da:37:43:b2:37:8c:8c:ea:96:22:
09:16:f2:9d:88:4c:27:3a:b6:33:ec:dd:9b:fa:4f:1a:40:20:
5a:eb:f0:fb:60:d0:cd:aa:ae:3b:e6:b3:be:9a:e1:db:3a:26:
0b:12:15:e0:64:c8:a3:6f:22:8b:be:af:fb:3b:f1:e6:a9:b6:
c1:e3:26:44:8a:e5:38:f3:c0:41:e8:24:2a:7d:ba:bd:1d:d1:
ae:0b:ae:4e:47:25:6a:1f:32:06:08:8f:54:78:f2:f0:61:0f:
7d:37:c3:81:5f:c7:a1:d1:89:82:d2:7f:b7:48:b7:3b:93:2f:
4d:89:59:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZOGzINO/cASptvxhMkxWzXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQxMjAyMDk1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmUzMjZmNWVlZWZhMGFkMGVhZGM0YzZlZjZkN2JlMzIxYjI4YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IDvElt+exDe+1Lr2S6STOTRaV3v
5yrVDm5Z1lpaVIo4F8grKY64gxR79VeX+QXDcjDStQrYHENpMfsyr0wuuxWNM2kK
9dbemXqQ+D02Ckr1doTyFEoNUP1e4XqwGI5BOH6lJPnzqbYTqBam+VCdxxdRIWnh
z/5pB3DK8ierkziQv37Mmm/skMnP7+kvtjcIHp5wmxvbOFYp1Go1kvEsyx9h4HsV
rsnu18NB9cGun0yIWX8r1vagj+EdBNbXntt/GJiGUwKRakHPcw5DSp8rkzpl4E4G
mWEnteIPU+yOIDga4t/8kwFUS/RMhar1VZJUdffQ5hxgeNQAyG1fXAINYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCbjJvXu76CtDq3Exu9te+MhsoxAMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvSnVNbTllN3ZvSzBPcmNURzcyMTc0eUd5akVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCToXcMA8E
AgACMAkDBwAgAUGQgDIwDQYJKoZIhvcNAQELBQADggEBAC9yfjrcsUTVBBf3GfWL
s4xoTEt/5+EV3hOgYd80ltQC7A4JmXCdonexAp4HaOyBSlvYmd3W0gIXUfjBctGd
IcTCLhjkqkiPIQtKmuHyJEyrvUXEHiIGzfGdgVlCOTbIx+OudsYOhNvgLUTi0GZo
g0+LI8mhcpR13At4T/1saDT6aHkiCU0H2jdDsjeMjOqWIgkW8p2ITCc6tjPs3Zv6
TxpAIFrr8Ptg0M2qrjvms76a4ds6JgsSFeBkyKNvIou+r/s78eaptsHjJkSK5Tjz
wEHoJCp9ur0d0a4Lrk5HJWofMgYIj1R48vBhD303w4Ffx6HRiYLSf7dItzuTL02J
Wco=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:40 2024 by rpki-client on console.sobornost.net