Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/Ngf1iYdJcEjbC-qMihgDzEJbjRc.roa
File: Ngf1iYdJcEjbC-qMihgDzEJbjRc.roa (raw, json)
Hash identifier: Gyy/Jutck7J8XQSH37dc1Lig5nD1tZNNZnVOOO00GVo=
Subject key identifier: 36:07:F5:89:87:49:70:48:DB:0B:EA:8C:8A:18:03:CC:42:5B:8D:17
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 0190D0FDE67D97EF4166BA1186DA22CC3845
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/Ngf1iYdJcEjbC-qMihgDzEJbjRc.roa
Signing time: Sat 20 Jul 2024 16:33:38 +0000
ROA not before: Sat 20 Jul 2024 16:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197579
IP address blocks: 91.223.113.0/24 maxlen: 24
185.92.232.0/22 maxlen: 22
2a13:6b40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d0:fd:e6:7d:97:ef:41:66:ba:11:86:da:22:cc:38:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Jul 20 16:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3607f58987497048db0bea8c8a1803cc425b8d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:e5:ed:6e:d3:60:33:9f:80:97:c4:d1:0c:
2c:02:61:b9:95:63:bb:ec:9c:2e:19:01:18:5e:55:
10:0d:bb:5d:f3:e6:30:4d:36:f5:91:5f:55:8b:e6:
04:7f:e4:a8:57:02:cf:f3:1e:d5:e2:f9:5d:ff:08:
c7:32:3f:0a:0e:78:23:1e:11:f0:42:fe:1a:90:18:
65:85:97:c8:a0:ea:9d:ef:a9:2a:dc:db:00:39:be:
36:23:fb:e3:9d:bf:0c:21:23:64:cd:3b:3c:20:b7:
04:96:08:7d:d0:bc:e7:12:75:31:09:87:17:5b:34:
62:6a:f2:7d:40:8c:ba:26:5b:06:41:97:0d:67:6a:
c7:c0:2c:82:10:5e:a6:26:cd:e3:2c:0a:49:e6:b7:
92:25:11:cb:b5:c7:13:da:35:3f:7d:18:10:78:67:
c3:89:2b:f8:b5:67:a8:e7:d8:30:bc:d4:2e:21:f6:
15:e6:28:de:09:bc:48:e1:09:b4:62:7a:08:60:6b:
ab:1e:8c:a0:fd:ce:6e:44:d5:74:7d:86:9a:1c:64:
c5:f9:7d:70:7e:35:e5:34:f9:1b:54:d2:a0:7e:55:
a5:4d:48:26:89:b4:b9:71:57:06:a0:e7:5c:87:c3:
2d:f3:81:8e:5f:ba:79:09:fe:52:89:cd:b0:a6:f7:
30:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:07:F5:89:87:49:70:48:DB:0B:EA:8C:8A:18:03:CC:42:5B:8D:17
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/Ngf1iYdJcEjbC-qMihgDzEJbjRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.113.0/24
185.92.232.0/22
IPv6:
2a13:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
70:9e:d4:e2:a7:46:e4:ef:40:d0:ba:b5:75:a3:d2:40:1c:6c:
6f:6e:ec:0b:7e:0c:98:0e:a8:dd:09:c4:03:c4:e4:36:b9:63:
52:ae:7b:58:83:77:15:cd:2a:37:4a:39:44:77:93:78:ad:c9:
3b:13:6f:f9:c8:c5:20:fc:29:78:03:5e:cf:81:22:7f:d5:89:
e9:f1:ae:b9:c1:89:40:76:15:17:e8:d3:8e:41:ce:c4:dc:89:
7b:e9:2f:99:b5:b5:c5:e9:83:d2:f7:99:64:a4:da:7f:2c:d4:
80:92:a7:da:63:08:02:2b:db:b9:8b:c1:de:e3:fb:28:8f:3e:
da:b7:a9:ef:49:b8:39:89:e7:3d:86:85:64:10:1d:18:49:b4:
88:b7:d5:74:fe:bc:75:a3:fa:30:03:7d:55:11:94:3e:cc:9b:
8c:34:ef:61:2b:e7:58:77:bf:b1:5d:b0:dd:70:d2:d2:f5:26:
64:d7:88:17:d5:56:39:65:d2:22:96:90:9e:84:d9:45:60:e6:
b8:a3:54:dd:04:3d:16:90:dc:6e:fa:a7:53:ba:f5:64:33:2f:
f0:b1:ed:29:d6:45:bd:27:99:bb:f2:7c:e4:44:ed:fa:dd:a4:
e5:8b:f1:b5:76:c8:3d:25:b5:44:79:07:1c:c4:06:c5:ed:ef:
0e:4b:a7:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDQ/eZ9l+9BZroRhtoizDhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjQwNzIwMTYzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjA3ZjU4OTg3NDk3MDQ4ZGIwYmVhOGM4YTE4MDNjYzQyNWI4ZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhbl7W7TYDOfgJfE0QwsAmG5lWO7
7JwuGQEYXlUQDbtd8+YwTTb1kV9Vi+YEf+SoVwLP8x7V4vld/wjHMj8KDngjHhHw
Qv4akBhlhZfIoOqd76kq3NsAOb42I/vjnb8MISNkzTs8ILcElgh90LznEnUxCYcX
WzRiavJ9QIy6JlsGQZcNZ2rHwCyCEF6mJs3jLApJ5reSJRHLtccT2jU/fRgQeGfD
iSv4tWeo59gwvNQuIfYV5ijeCbxI4Qm0YnoIYGurHoyg/c5uRNV0fYaaHGTF+X1w
fjXlNPkbVNKgflWlTUgmibS5cVcGoOdch8Mt84GOX7p5Cf5Sic2wpvcwiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDYH9YmHSXBI2wvqjIoYA8xCW40XMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvTmdmMWlZZEpjRWpiQy1xTWloZ0R6RUpialJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW99xAwQC
uVzoMA0EAgACMAcDBQMqE2tAMA0GCSqGSIb3DQEBCwUAA4IBAQBwntTip0bk70DQ
urV1o9JAHGxvbuwLfgyYDqjdCcQDxOQ2uWNSrntYg3cVzSo3SjlEd5N4rck7E2/5
yMUg/Cl4A17PgSJ/1Ynp8a65wYlAdhUX6NOOQc7E3Il76S+ZtbXF6YPS95lkpNp/
LNSAkqfaYwgCK9u5i8He4/sojz7at6nvSbg5iec9hoVkEB0YSbSIt9V0/rx1o/ow
A31VEZQ+zJuMNO9hK+dYd7+xXbDdcNLS9SZk14gX1VY5ZdIilpCehNlFYOa4o1Td
BD0WkNxu+qdTuvVkMy/wse0p1kW9J5m78nzkRO363aTli/G1dsg9JbVEeQccxAbF
7e8OS6cg
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:02 2024 by rpki-client on console.sobornost.net