Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/dRd0F5pH90DOf1wjb_X17tcb_XA.roa
File: dRd0F5pH90DOf1wjb_X17tcb_XA.roa (raw, json)
Hash identifier: z8Db77NnXhVqa6ldBZir+GhdNX73m/wvUWVLiMBFq04=
Subject key identifier: 75:17:74:17:9A:47:F7:40:CE:7F:5C:23:6F:F5:F5:EE:D7:1B:FD:70
Certificate issuer: /CN=8cad303bc70b12f83dbf89fc1489cb4612cf5526
Certificate serial: 0193DE7FE58C7620C54297570A3EA2FC0254
Authority key identifier: 8C:AD:30:3B:C7:0B:12:F8:3D:BF:89:FC:14:89:CB:46:12:CF:55:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jK0wO8cLEvg9v4n8FInLRhLPVSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/dRd0F5pH90DOf1wjb_X17tcb_XA.roa
Signing time: Thu 19 Dec 2024 10:39:04 +0000
ROA not before: Thu 19 Dec 2024 10:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60258
IP address blocks: 82.194.16.0/24 maxlen: 24
82.194.17.0/24 maxlen: 24
82.194.18.0/24 maxlen: 24
82.194.19.0/24 maxlen: 24
82.194.20.0/24 maxlen: 24
82.194.21.0/24 maxlen: 24
82.194.22.0/24 maxlen: 24
82.194.23.0/24 maxlen: 24
82.194.24.0/24 maxlen: 24
82.194.25.0/24 maxlen: 24
82.194.26.0/24 maxlen: 24
82.194.27.0/24 maxlen: 24
82.194.28.0/24 maxlen: 24
82.194.29.0/24 maxlen: 24
82.194.30.0/24 maxlen: 24
82.194.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:7f:e5:8c:76:20:c5:42:97:57:0a:3e:a2:fc:02:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cad303bc70b12f83dbf89fc1489cb4612cf5526
Validity
Not Before: Dec 19 10:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=751774179a47f740ce7f5c236ff5f5eed71bfd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:89:e5:91:1e:29:e3:73:bd:1a:ba:de:ce:6d:
44:27:47:16:69:6c:c6:55:63:1d:59:1e:cf:59:d8:
5d:6e:ca:05:5d:53:c3:a5:24:7f:43:d2:e3:5b:81:
59:da:d4:e8:c3:55:59:07:94:58:ea:bf:89:11:f3:
3a:da:1a:aa:23:69:c4:c5:24:e4:bf:26:68:27:48:
76:a9:62:97:20:ba:e0:96:fd:6d:3f:e3:85:70:11:
ad:6c:73:26:7e:07:04:d3:cb:be:9a:be:08:8a:3a:
4c:1d:53:47:bf:d2:8b:86:35:64:ea:ae:ce:68:b1:
f0:5e:19:6a:c0:e9:ee:2e:ed:38:5b:4e:4a:40:68:
09:17:a2:79:c1:71:53:8b:5a:69:8e:37:96:fd:eb:
66:e5:26:2f:a4:0d:33:2c:1a:fd:f7:c8:2c:f6:bb:
47:cc:e6:f9:6e:f9:15:c6:c7:87:d7:71:0c:aa:0d:
c4:34:51:ed:8b:2a:86:37:d5:83:81:cb:2e:de:59:
69:7a:e8:19:13:52:58:ea:f5:e9:94:1d:2e:dc:8b:
6e:dc:54:2d:c4:db:44:cb:7c:50:04:fb:b4:6d:64:
64:c7:fe:31:bb:96:cc:ce:be:00:ec:4a:d4:f1:51:
b1:ea:15:26:75:ce:63:66:2a:0c:7e:a3:5b:fb:a1:
0e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:17:74:17:9A:47:F7:40:CE:7F:5C:23:6F:F5:F5:EE:D7:1B:FD:70
X509v3 Authority Key Identifier:
keyid:8C:AD:30:3B:C7:0B:12:F8:3D:BF:89:FC:14:89:CB:46:12:CF:55:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jK0wO8cLEvg9v4n8FInLRhLPVSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/dRd0F5pH90DOf1wjb_X17tcb_XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/jK0wO8cLEvg9v4n8FInLRhLPVSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.16.0/20
Signature Algorithm: sha256WithRSAEncryption
60:9b:0c:a1:b0:de:cf:58:c9:9d:5a:47:da:8b:92:35:83:4d:
88:47:89:2e:94:d6:2c:2e:85:05:ab:f8:0f:48:c6:74:c2:98:
71:8c:b2:4f:b9:4b:21:99:34:c8:fe:99:9c:43:8a:e3:ba:e4:
21:1b:fa:e8:d5:98:63:2e:67:35:7f:3c:81:7f:4a:ae:71:0b:
2a:60:4d:e4:7d:57:89:11:58:e3:cf:19:f7:47:ed:34:66:2d:
52:95:fc:0b:d8:ae:2d:9a:cf:d7:f0:b6:ba:d0:b0:92:19:d6:
50:bc:07:31:45:a5:da:30:6f:f3:0d:2a:8a:1a:d0:da:5d:d7:
c4:fd:18:5e:b1:fa:3f:22:40:79:a0:9d:51:ff:79:13:4d:00:
38:3f:50:ea:1c:e2:f4:c4:bd:7d:39:fc:f2:3b:68:75:58:ff:
16:8b:af:dc:57:96:52:1a:e3:f0:a0:b1:1b:7f:32:8e:ca:31:
ee:f1:09:63:92:19:a4:c3:da:bd:87:f9:9f:d9:1a:dc:ed:bc:
84:f0:05:a6:75:89:a5:4d:58:c2:bf:61:e7:6c:49:5e:ed:65:
ba:dd:87:b1:92:53:c2:ac:3c:9e:f1:09:3a:db:0e:e1:cb:87:
d8:3a:94:e4:d9:ca:f8:87:ef:43:fa:da:81:35:c1:01:a3:3d:
67:3b:95:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPef+WMdiDFQpdXCj6i/AJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYWQzMDNiYzcwYjEyZjgzZGJmODlmYzE0ODljYjQ2MTJj
ZjU1MjYwHhcNMjQxMjE5MTAzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE3NzQxNzlhNDdmNzQwY2U3ZjVjMjM2ZmY1ZjVlZWQ3MWJmZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYnlkR4p43O9Grrezm1EJ0cWaWzG
VWMdWR7PWdhdbsoFXVPDpSR/Q9LjW4FZ2tTow1VZB5RY6r+JEfM62hqqI2nExSTk
vyZoJ0h2qWKXILrglv1tP+OFcBGtbHMmfgcE08u+mr4IijpMHVNHv9KLhjVk6q7O
aLHwXhlqwOnuLu04W05KQGgJF6J5wXFTi1ppjjeW/etm5SYvpA0zLBr998gs9rtH
zOb5bvkVxseH13EMqg3ENFHtiyqGN9WDgcsu3llpeugZE1JY6vXplB0u3Itu3FQt
xNtEy3xQBPu0bWRkx/4xu5bMzr4A7ErU8VGx6hUmdc5jZioMfqNb+6EOXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUXdBeaR/dAzn9cI2/19e7XG/1wMB8GA1UdIwQY
MBaAFIytMDvHCxL4Pb+J/BSJy0YSz1UmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakswd084Y0xFdmc5djRuOEZJbkxSaExQVlNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZDNmOWUtOWE2Yy00Yzg2LWEwMzYt
NDgyNTU1NDUyODMxLzEvZFJkMEY1cEg5MERPZjF3amJfWDE3dGNiX1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xZDNmOWUtOWE2Yy00Yzg2LWEwMzYtNDgyNTU1NDUyODMx
LzEvakswd084Y0xFdmc5djRuOEZJbkxSaExQVlNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUsIQMA0G
CSqGSIb3DQEBCwUAA4IBAQBgmwyhsN7PWMmdWkfai5I1g02IR4kulNYsLoUFq/gP
SMZ0wphxjLJPuUshmTTI/pmcQ4rjuuQhG/ro1ZhjLmc1fzyBf0qucQsqYE3kfVeJ
EVjjzxn3R+00Zi1SlfwL2K4tms/X8La60LCSGdZQvAcxRaXaMG/zDSqKGtDaXdfE
/Rhesfo/IkB5oJ1R/3kTTQA4P1DqHOL0xL19OfzyO2h1WP8Wi6/cV5ZSGuPwoLEb
fzKOyjHu8Qljkhmkw9q9h/mf2Rrc7byE8AWmdYmlTVjCv2HnbEle7WW63YexklPC
rDye8Qk62w7hy4fYOpTk2cr4h+9D+tqBNcEBoz1nO5UK
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:54 2024 by rpki-client on console.sobornost.net