Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/nBBtlHWISXKSa4hfokh3S3QyBVE.roa
File: nBBtlHWISXKSa4hfokh3S3QyBVE.roa (raw, json)
Hash identifier: /sDaI663IftoofKjuLYLcI7nu76f5SHesrYcZPHz+q0=
Subject key identifier: 9C:10:6D:94:75:88:49:72:92:6B:88:5F:A2:48:77:4B:74:32:05:51
Certificate issuer: /CN=a5d954d6db2a1178efbec0d5d959076407cf96ca
Certificate serial: 0192FADAE175DC79D9F3864BFCE2D8C33301
Authority key identifier: A5:D9:54:D6:DB:2A:11:78:EF:BE:C0:D5:D9:59:07:64:07:CF:96:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/nBBtlHWISXKSa4hfokh3S3QyBVE.roa
Signing time: Tue 05 Nov 2024 05:45:01 +0000
ROA not before: Tue 05 Nov 2024 05:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212630
IP address blocks: 82.117.241.0/24 maxlen: 24
91.209.220.0/24 maxlen: 24
2a0b:53c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fa:da:e1:75:dc:79:d9:f3:86:4b:fc:e2:d8:c3:33:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5d954d6db2a1178efbec0d5d959076407cf96ca
Validity
Not Before: Nov 5 05:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c106d9475884972926b885fa248774b74320551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d5:d9:e6:ba:fa:96:18:61:5f:06:f1:9d:8a:
18:f4:68:0a:35:06:32:08:0e:5a:99:34:27:f2:cb:
ec:ad:29:13:39:b6:35:e8:bc:83:1a:25:cf:c1:94:
31:34:42:c5:c6:1c:c0:8d:50:4a:5d:1c:b5:d1:3f:
f9:a8:4e:3d:1e:2d:ad:6a:df:ad:ab:5a:7a:3e:ab:
6a:7c:ec:e1:0e:a0:bc:b8:bd:36:80:cf:b4:be:f3:
0d:19:ed:01:76:49:17:2f:64:90:12:67:0d:6e:b8:
11:fa:2b:23:06:da:20:8c:6c:86:2f:86:2b:f8:e0:
0d:e5:9f:19:98:f8:aa:fe:ef:af:58:c0:fa:b0:74:
0c:93:9a:05:13:95:6e:dc:e9:fd:0d:37:73:37:2e:
e2:53:cf:0b:9a:62:85:61:be:ba:2e:f4:86:f3:03:
ea:90:94:bf:4f:63:70:90:6b:6f:61:b5:f7:28:a6:
38:f3:7b:93:01:c3:ed:5c:90:01:10:a6:18:d9:68:
d1:bc:51:45:ac:b6:9f:c6:c7:23:72:15:7c:ed:e3:
99:5d:2e:3c:a0:70:c0:db:e7:8e:b8:65:fc:96:29:
70:0c:2e:41:aa:54:e4:f3:3f:e9:35:96:2c:24:64:
1e:04:4d:05:91:b8:33:92:ed:39:d9:29:4d:16:79:
16:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:10:6D:94:75:88:49:72:92:6B:88:5F:A2:48:77:4B:74:32:05:51
X509v3 Authority Key Identifier:
keyid:A5:D9:54:D6:DB:2A:11:78:EF:BE:C0:D5:D9:59:07:64:07:CF:96:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/nBBtlHWISXKSa4hfokh3S3QyBVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/pdlU1tsqEXjvvsDV2VkHZAfPlso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.117.241.0/24
91.209.220.0/24
IPv6:
2a0b:53c0::/32
Signature Algorithm: sha256WithRSAEncryption
66:19:d3:1d:9e:3a:8f:fc:c4:47:cb:9a:57:7a:d8:88:f7:6b:
8c:f7:47:d1:cd:fc:5c:bb:09:c6:b4:18:3e:e2:c5:b8:c1:72:
9f:a8:98:89:15:eb:58:ee:91:93:28:9b:9f:ad:2c:99:45:10:
00:54:c4:f3:6a:fa:6a:4e:a9:2a:bb:5a:47:8c:ab:d5:2a:59:
b6:4f:88:f6:29:85:fd:0d:ca:d1:f9:c8:82:e1:d1:39:97:18:
57:94:6c:d6:78:ab:fb:7d:a8:12:84:89:ca:60:bc:38:d1:e4:
5e:bf:58:9c:d6:f8:09:44:f6:cf:bf:7c:32:5b:4c:14:91:3c:
f3:9d:87:84:58:32:4e:e8:a2:d7:fb:cd:98:a6:2c:2f:9b:26:
0f:2e:67:ae:1c:68:05:69:94:40:ae:46:cc:19:ab:ac:b8:e5:
d3:b2:1d:99:fe:12:75:5d:7c:96:51:47:4e:36:5d:a0:46:7b:
f4:4f:26:90:c9:c2:71:6f:6c:aa:6c:26:00:c2:3b:f2:54:aa:
da:38:9c:50:31:02:bd:c6:4b:1a:66:77:8d:90:78:d1:31:dc:
9d:b9:79:17:b2:74:0d:45:49:d6:81:e2:6f:7f:21:be:c1:75:
65:a5:89:5c:ea:f7:98:58:d4:a1:5f:35:fa:33:1f:da:a8:79:
f1:2b:9d:18
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZL62uF13HnZ84ZL/OLYwzMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZDk1NGQ2ZGIyYTExNzhlZmJlYzBkNWQ5NTkwNzY0MDdj
Zjk2Y2EwHhcNMjQxMTA1MDU0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzEwNmQ5NDc1ODg0OTcyOTI2Yjg4NWZhMjQ4Nzc0Yjc0MzIwNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9XZ5rr6lhhhXwbxnYoY9GgKNQYy
CA5amTQn8svsrSkTObY16LyDGiXPwZQxNELFxhzAjVBKXRy10T/5qE49Hi2tat+t
q1p6PqtqfOzhDqC8uL02gM+0vvMNGe0BdkkXL2SQEmcNbrgR+isjBtogjGyGL4Yr
+OAN5Z8ZmPiq/u+vWMD6sHQMk5oFE5Vu3On9DTdzNy7iU88LmmKFYb66LvSG8wPq
kJS/T2NwkGtvYbX3KKY483uTAcPtXJABEKYY2WjRvFFFrLafxscjchV87eOZXS48
oHDA2+eOuGX8lilwDC5BqlTk8z/pNZYsJGQeBE0Fkbgzku052SlNFnkWsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJwQbZR1iElykmuIX6JId0t0MgVRMB8GA1UdIwQY
MBaAFKXZVNbbKhF4777A1dlZB2QHz5bKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGRsVTF0c3FFWGp2dnNEVjJWa0haQWZQbHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mYmYzOWQtOTI0Ny00ZTA3LTllMTUt
MzlmNGFiNmVjN2U2LzEvbkJCdGxIV0lTWEtTYTRoZm9raDNTM1F5QlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mYmYzOWQtOTI0Ny00ZTA3LTllMTUtMzlmNGFiNmVjN2U2
LzEvcGRsVTF0c3FFWGp2dnNEVjJWa0haQWZQbHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUnXxAwQA
W9HcMA0EAgACMAcDBQAqC1PAMA0GCSqGSIb3DQEBCwUAA4IBAQBmGdMdnjqP/MRH
y5pXetiI92uM90fRzfxcuwnGtBg+4sW4wXKfqJiJFetY7pGTKJufrSyZRRAAVMTz
avpqTqkqu1pHjKvVKlm2T4j2KYX9DcrR+ciC4dE5lxhXlGzWeKv7fagShInKYLw4
0eRev1ic1vgJRPbPv3wyW0wUkTzznYeEWDJO6KLX+82YpiwvmyYPLmeuHGgFaZRA
rkbMGausuOXTsh2Z/hJ1XXyWUUdONl2gRnv0TyaQycJxb2yqbCYAwjvyVKraOJxQ
MQK9xksaZneNkHjRMdyduXkXsnQNRUnWgeJvfyG+wXVlpYlc6veYWNShXzX6Mx/a
qHnxK50Y
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:01 2024 by rpki-client on console.sobornost.net