Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/DDqtUqrgBZl7onTB4JefVk-jIKY.roa
File: DDqtUqrgBZl7onTB4JefVk-jIKY.roa (raw, json)
Hash identifier: t+DH+Ewn+HvggT5NmGf3z5maUz8BdVMLoYb5SPvkoCQ=
Subject key identifier: 0C:3A:AD:52:AA:E0:05:99:7B:A2:74:C1:E0:97:9F:56:4F:A3:20:A6
Certificate issuer: /CN=3d2eb4147ee7bfc6ba72fc0349453498f000e581
Certificate serial: 01929FEA2BAA5FC798A75F00A3B0CD195D7E
Authority key identifier: 3D:2E:B4:14:7E:E7:BF:C6:BA:72:FC:03:49:45:34:98:F0:00:E5:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PS60FH7nv8a6cvwDSUU0mPAA5YE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/DDqtUqrgBZl7onTB4JefVk-jIKY.roa
Signing time: Fri 18 Oct 2024 13:56:16 +0000
ROA not before: Fri 18 Oct 2024 13:56:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5619
IP address blocks: 146.192.0.0/17 maxlen: 17
153.110.0.0/16 maxlen: 16
192.146.163.0/24 maxlen: 24
192.146.164.0/24 maxlen: 24
192.146.169.0/24 maxlen: 24
212.18.128.0/19 maxlen: 19
217.17.0.0/20 maxlen: 20
2a02:9c8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:ea:2b:aa:5f:c7:98:a7:5f:00:a3:b0:cd:19:5d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d2eb4147ee7bfc6ba72fc0349453498f000e581
Validity
Not Before: Oct 18 13:56:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c3aad52aae005997ba274c1e0979f564fa320a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:18:a4:4c:74:e1:e7:f5:32:fb:0e:dd:c7:
bb:c0:1e:d1:11:63:da:bf:41:4c:ba:01:cf:26:d8:
46:23:6d:08:32:7f:bf:c0:ea:c4:a7:72:5e:93:d0:
c8:03:5e:e9:19:de:45:52:70:42:63:6e:c2:da:8c:
e7:94:f4:28:a2:0e:07:e0:92:7f:93:99:50:31:d7:
3d:8b:40:d7:94:74:50:05:46:9d:4a:82:60:ae:6c:
4d:97:7d:ec:fa:f4:72:26:7b:cc:71:a2:d5:6b:51:
a5:77:11:49:8f:40:fa:c7:f2:33:2f:87:33:c7:30:
c1:88:7b:f0:3f:7e:dd:b2:ab:fa:1a:f4:e7:a4:43:
5d:62:76:7a:f5:81:b4:3e:23:18:5d:77:48:5c:1b:
3c:71:94:69:67:73:20:71:a1:12:cf:47:e1:f9:d9:
7a:3e:3a:d1:68:17:64:4d:35:23:9e:6c:31:ee:81:
37:f1:ad:b9:34:1d:9c:d0:98:0c:46:77:7f:c9:f2:
6c:1d:10:d9:20:0c:3b:3d:4e:96:9b:67:91:18:27:
9a:c1:8f:2a:f8:e7:0f:c0:be:00:3e:44:77:d3:7c:
d4:b3:b0:6e:6f:a6:eb:73:12:e0:29:48:c0:c5:98:
cd:6b:28:57:a3:6e:68:65:aa:01:f0:cc:8d:c9:d5:
65:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3A:AD:52:AA:E0:05:99:7B:A2:74:C1:E0:97:9F:56:4F:A3:20:A6
X509v3 Authority Key Identifier:
keyid:3D:2E:B4:14:7E:E7:BF:C6:BA:72:FC:03:49:45:34:98:F0:00:E5:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PS60FH7nv8a6cvwDSUU0mPAA5YE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/DDqtUqrgBZl7onTB4JefVk-jIKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/PS60FH7nv8a6cvwDSUU0mPAA5YE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.192.0.0/17
153.110.0.0/16
192.146.163.0-192.146.164.255
192.146.169.0/24
212.18.128.0/19
217.17.0.0/20
IPv6:
2a02:9c8::/29
Signature Algorithm: sha256WithRSAEncryption
04:93:72:5d:40:56:24:ee:de:13:4a:3b:9b:16:25:80:6c:c6:
c1:0c:a8:65:6a:03:f4:09:69:ba:3b:d0:f2:d0:c9:74:ca:0c:
41:81:b2:c7:03:dc:86:c7:5d:09:2b:65:8b:5f:fc:6d:05:f2:
bf:ea:85:31:08:6b:46:d0:6e:1a:91:15:05:65:7d:21:d1:03:
e8:5e:42:cd:ff:7b:90:c9:94:88:b9:f2:fd:b6:49:3e:2c:6e:
49:47:94:5e:9c:10:b6:eb:62:ad:4b:e3:a4:73:d9:9f:59:69:
b7:16:c3:e8:6f:ba:27:3c:36:8d:27:b9:cc:04:d2:d8:52:2a:
a9:9e:aa:a0:d6:65:3e:6d:d6:a7:7a:bc:3d:05:69:32:1b:51:
57:e0:8f:c3:08:cc:b0:a9:d5:f1:e8:02:3c:12:bf:47:03:48:
49:e3:3a:f9:20:3f:b6:2f:17:dd:a5:3a:77:63:9e:b9:42:ba:
6a:28:38:a6:27:59:30:ef:06:6f:c4:9c:bd:bd:20:4c:0a:37:
87:31:85:91:9c:ec:dd:06:98:cb:b2:8c:4f:f7:aa:00:2b:4a:
f4:8d:f0:1b:f9:39:d8:b8:b2:45:d3:78:cc:9c:99:2a:52:15:
1a:4c:de:d4:b0:72:28:d6:b6:70:d7:62:b6:e9:b2:ff:ae:fe:
bd:7b:b3:7d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZKf6iuqX8eYp18Ao7DNGV1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMmViNDE0N2VlN2JmYzZiYTcyZmMwMzQ5NDUzNDk4ZjAw
MGU1ODEwHhcNMjQxMDE4MTM1NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNhYWQ1MmFhZTAwNTk5N2JhMjc0YzFlMDk3OWY1NjRmYTMyMGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs50YpEx04ef1MvsO3ce7wB7REWPa
v0FMugHPJthGI20IMn+/wOrEp3Jek9DIA17pGd5FUnBCY27C2oznlPQoog4H4JJ/
k5lQMdc9i0DXlHRQBUadSoJgrmxNl33s+vRyJnvMcaLVa1GldxFJj0D6x/IzL4cz
xzDBiHvwP37dsqv6GvTnpENdYnZ69YG0PiMYXXdIXBs8cZRpZ3MgcaESz0fh+dl6
PjrRaBdkTTUjnmwx7oE38a25NB2c0JgMRnd/yfJsHRDZIAw7PU6Wm2eRGCeawY8q
+OcPwL4APkR303zUs7Bub6brcxLgKUjAxZjNayhXo25oZaoB8MyNydVlBQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAw6rVKq4AWZe6J0weCXn1ZPoyCmMB8GA1UdIwQY
MBaAFD0utBR+57/GunL8A0lFNJjwAOWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFM2MEZIN252OGE2Y3Z3RFNVVTBtUEFBNVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9iOGY1M2YtNDY3Zi00NWNmLTgzMDYt
NDI5NTFjMmNhNzM4LzEvRERxdFVxcmdCWmw3b25UQjRKZWZWay1qSUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9iOGY1M2YtNDY3Zi00NWNmLTgzMDYtNDI5NTFjMmNhNzM4
LzEvUFM2MEZIN252OGE2Y3Z3RFNVVTBtUEFBNVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAxBAIAATArAwQHksAAAwMA
mW4wDAMEAMCSowMEAMCSpAMEAMCSqQMEBdQSgAMEBNkRADANBAIAAjAHAwUDKgIJ
yDANBgkqhkiG9w0BAQsFAAOCAQEABJNyXUBWJO7eE0o7mxYlgGzGwQyoZWoD9Alp
ujvQ8tDJdMoMQYGyxwPchsddCStli1/8bQXyv+qFMQhrRtBuGpEVBWV9IdED6F5C
zf97kMmUiLny/bZJPixuSUeUXpwQtutirUvjpHPZn1lptxbD6G+6Jzw2jSe5zATS
2FIqqZ6qoNZlPm3Wp3q8PQVpMhtRV+CPwwjMsKnV8egCPBK/RwNISeM6+SA/ti8X
3aU6d2OeuUK6aig4pidZMO8Gb8Scvb0gTAo3hzGFkZzs3QaYy7KMT/eqACtK9I3w
G/k52LiyRdN4zJyZKlIVGkze1LByKNa2cNditumy/67+vXuzfQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:17 2024 by rpki-client on console.sobornost.net