Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/GbHIz2VdkoUXht0aGwbl1MnQh8g.roa
File: GbHIz2VdkoUXht0aGwbl1MnQh8g.roa (raw, json)
Hash identifier: BIQHwKOnt3zKyZLMxgIsXPPleZ3KXbpBFVYTHJyHZMI=
Subject key identifier: 19:B1:C8:CF:65:5D:92:85:17:86:DD:1A:1B:06:E5:D4:C9:D0:87:C8
Certificate issuer: /CN=4a407ca3a6af469a31bb52030fcd911c91e66c1b
Certificate serial: 018CCA96E5440C380F0B3F7DB84668A9EA5E
Authority key identifier: 4A:40:7C:A3:A6:AF:46:9A:31:BB:52:03:0F:CD:91:1C:91:E6:6C:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkB8o6avRpoxu1IDD82RHJHmbBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/GbHIz2VdkoUXht0aGwbl1MnQh8g.roa
Signing time: Tue 02 Jan 2024 14:32:15 +0000
ROA not before: Tue 02 Jan 2024 14:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8803
IP address blocks: 194.124.217.0/24 maxlen: 24
193.8.176.0/24 maxlen: 24
193.8.179.0/24 maxlen: 24
193.8.177.0/24 maxlen: 24
193.8.178.0/24 maxlen: 24
193.8.180.0/24 maxlen: 24
193.8.181.0/24 maxlen: 24
193.5.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:e5:44:0c:38:0f:0b:3f:7d:b8:46:68:a9:ea:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a407ca3a6af469a31bb52030fcd911c91e66c1b
Validity
Not Before: Jan 2 14:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19b1c8cf655d92851786dd1a1b06e5d4c9d087c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:43:b2:0e:c8:0f:cf:bb:e3:57:67:9e:f0:
1e:f8:14:88:e5:3f:89:5a:73:e8:ce:38:bf:39:64:
1c:b4:5d:3f:fa:af:3f:94:26:65:1f:80:0f:99:0a:
cb:d8:20:1a:b6:4c:c6:ed:9a:54:fa:b4:7c:5b:17:
c0:e0:18:90:84:ff:29:d0:aa:5b:54:87:4d:90:37:
3d:9e:ef:dc:b5:e1:36:55:48:16:d0:a1:3c:1d:d2:
84:a0:1e:91:10:ce:9c:38:09:95:07:a7:1f:23:7c:
09:17:7e:cd:1d:b4:66:f8:47:db:59:50:27:91:02:
d2:8f:c8:61:c3:af:47:9e:32:4d:d6:a7:7f:bb:79:
f4:7f:f9:27:68:2a:2f:b5:a5:a4:f9:ef:fe:d5:d9:
dd:67:af:29:3f:9a:0e:09:b3:bb:94:29:5e:03:34:
7f:ac:17:5b:95:28:ba:10:2e:d5:87:53:bf:61:9c:
59:32:0e:b4:c5:d1:91:c5:dd:0b:fb:fd:e8:c5:ea:
a3:3b:fa:de:48:49:bd:68:96:72:59:33:bc:e3:39:
68:99:f5:43:41:77:bb:aa:df:0c:77:91:ee:dc:b6:
7a:45:62:2e:d7:61:53:48:7c:35:9c:a1:99:4d:24:
06:bd:7f:ca:5b:6b:19:8f:3c:a8:c1:9d:1f:4c:16:
82:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B1:C8:CF:65:5D:92:85:17:86:DD:1A:1B:06:E5:D4:C9:D0:87:C8
X509v3 Authority Key Identifier:
keyid:4A:40:7C:A3:A6:AF:46:9A:31:BB:52:03:0F:CD:91:1C:91:E6:6C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkB8o6avRpoxu1IDD82RHJHmbBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/GbHIz2VdkoUXht0aGwbl1MnQh8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d28341-11fa-43f7-8729-4cd81e9f8cba/1/SkB8o6avRpoxu1IDD82RHJHmbBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.172.0/22
193.8.176.0-193.8.181.255
194.124.217.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:54:b1:11:4a:2e:a8:56:a7:25:b6:92:8f:1d:39:9c:80:5e:
04:cc:ea:d4:11:9e:06:47:87:2e:f3:b9:74:a8:0a:6b:a4:08:
11:cb:38:1c:8f:45:44:49:8d:83:10:71:b3:2b:ee:21:5a:6f:
8f:bc:8a:07:4e:8a:b3:d1:b7:2c:8c:e9:52:9a:7c:a0:e2:3f:
07:8e:1f:1c:78:d8:e9:dc:06:93:78:55:c1:f4:cf:b5:a0:9d:
2f:60:b7:24:b9:09:bb:06:3f:74:d1:9e:d3:7b:79:6a:e8:e9:
1b:58:c2:21:28:de:f8:be:c8:8a:af:2a:c5:bf:2f:64:95:3f:
ca:0f:d3:be:fd:99:01:61:9f:ff:0c:af:62:f4:b7:ab:40:b7:
09:39:38:46:c4:e8:8a:e0:10:75:ff:86:fb:fc:73:f5:e5:62:
87:32:b3:47:8d:0a:d0:31:24:39:5d:9f:7b:29:6f:91:6a:de:
1d:82:09:54:59:fd:e5:16:e8:97:21:a4:3b:39:26:d0:6e:f7:
2c:7b:27:a4:cc:2a:16:2f:e7:a8:29:ea:89:e4:57:96:43:8b:
aa:d1:0f:e5:5e:b0:c5:4e:45:e0:83:24:0a:ca:31:2c:c9:67:
5d:9e:8f:a6:bb:cc:d2:e8:14:c9:99:c1:3a:ed:18:8c:61:38:
54:31:ee:f8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzKluVEDDgPCz99uEZoqepeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDA3Y2EzYTZhZjQ2OWEzMWJiNTIwMzBmY2Q5MTFjOTFl
NjZjMWIwHhcNMjQwMTAyMTQzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWIxYzhjZjY1NWQ5Mjg1MTc4NmRkMWExYjA2ZTVkNGM5ZDA4N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR5Dsg7ID8+741dnnvAe+BSI5T+J
WnPozji/OWQctF0/+q8/lCZlH4APmQrL2CAatkzG7ZpU+rR8WxfA4BiQhP8p0Kpb
VIdNkDc9nu/cteE2VUgW0KE8HdKEoB6REM6cOAmVB6cfI3wJF37NHbRm+EfbWVAn
kQLSj8hhw69HnjJN1qd/u3n0f/knaCovtaWk+e/+1dndZ68pP5oOCbO7lCleAzR/
rBdblSi6EC7Vh1O/YZxZMg60xdGRxd0L+/3oxeqjO/reSEm9aJZyWTO84zlomfVD
QXe7qt8Md5Hu3LZ6RWIu12FTSHw1nKGZTSQGvX/KW2sZjzyowZ0fTBaCgQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBmxyM9lXZKFF4bdGhsG5dTJ0IfIMB8GA1UdIwQY
MBaAFEpAfKOmr0aaMbtSAw/NkRyR5mwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tCOG82YXZScG94dTFJREQ4MlJISkhtYkJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kMjgzNDEtMTFmYS00M2Y3LTg3Mjkt
NGNkODFlOWY4Y2JhLzEvR2JISXoyVmRrb1VYaHQwYUd3YmwxTW5RaDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kMjgzNDEtMTFmYS00M2Y3LTg3MjktNGNkODFlOWY4Y2Jh
LzEvU2tCOG82YXZScG94dTFJREQ4MlJISkhtYkJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCwQWsMAwD
BATBCLADBAHBCLQDBADCfNkwDQYJKoZIhvcNAQELBQADggEBAC5UsRFKLqhWpyW2
ko8dOZyAXgTM6tQRngZHhy7zuXSoCmukCBHLOByPRURJjYMQcbMr7iFab4+8igdO
irPRtyyM6VKafKDiPweOHxx42OncBpN4VcH0z7WgnS9gtyS5CbsGP3TRntN7eWro
6RtYwiEo3vi+yIqvKsW/L2SVP8oP0779mQFhn/8Mr2L0t6tAtwk5OEbE6IrgEHX/
hvv8c/XlYocys0eNCtAxJDldn3spb5Fq3h2CCVRZ/eUW6JchpDs5JtBu9yx7J6TM
KhYv56gp6onkV5ZDi6rRD+VesMVOReCDJArKMSzJZ12ej6a7zNLoFMmZwTrtGIxh
OFQx7vg=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:13 2024 by rpki-client on console.sobornost.net