Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/I1r2jLlZPmGZuxIh8A8ZQpu7aeQ.roa
File: I1r2jLlZPmGZuxIh8A8ZQpu7aeQ.roa (raw, json)
Hash identifier: 0eluamT73TjbPg0GlKVRVk9bGwRIUbWhYqMz62Jb+EU=
Subject key identifier: 23:5A:F6:8C:B9:59:3E:61:99:BB:12:21:F0:0F:19:42:9B:BB:69:E4
Certificate issuer: /CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Certificate serial: 019390B9BBB8B6001D84729F22EBFBAF73F9
Authority key identifier: D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/I1r2jLlZPmGZuxIh8A8ZQpu7aeQ.roa
Signing time: Wed 04 Dec 2024 08:11:51 +0000
ROA not before: Wed 04 Dec 2024 08:11:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25091
IP address blocks: 5.144.32.0/21 maxlen: 24
46.20.240.0/20 maxlen: 24
85.8.128.0/24 maxlen: 24
91.247.176.0/24 maxlen: 24
185.60.52.0/22 maxlen: 24
212.102.126.0/24 maxlen: 24
2a02:2528::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:90:b9:bb:b8:b6:00:1d:84:72:9f:22:eb:fb:af:73:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9fc0bec60d0bace1889677bd9bb90190cc4fd22
Validity
Not Before: Dec 4 08:11:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=235af68cb9593e6199bb1221f00f19429bbb69e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:17:3d:04:aa:47:00:d0:7b:e5:42:2e:be:d7:
41:0c:ce:12:9d:67:df:e8:a8:3f:04:0f:c1:5a:82:
8b:cf:e6:02:bb:73:f3:4f:74:88:ce:57:55:07:3e:
4c:3b:a1:53:bb:2f:d6:08:8b:7f:fa:22:3f:22:ad:
83:e2:2d:74:57:40:39:4b:f7:95:80:ee:1c:a6:cd:
30:48:ee:f5:54:16:65:30:a7:7a:ed:b0:cc:16:3b:
78:e8:ec:b0:91:82:bf:d9:54:b4:41:9c:91:4f:18:
a4:96:b6:6c:19:2d:bc:02:dd:6a:fd:99:20:22:ba:
33:45:cc:07:f6:d4:94:d4:cc:90:f0:67:53:69:65:
6c:54:e5:ea:c5:fd:e5:87:9f:b0:93:46:14:a0:34:
a9:11:cb:02:4d:29:b9:1e:9f:8b:54:30:9f:c8:4f:
c8:04:07:fc:55:30:12:de:d8:c7:80:4e:6e:bf:33:
0b:ee:b2:12:28:5e:ef:ce:7d:3f:e5:f4:21:cf:df:
a8:1f:dd:04:40:44:06:a1:28:9b:95:17:62:98:cf:
4c:e5:1a:0f:f9:3f:44:db:75:e3:64:3e:d5:9e:75:
3b:da:c6:b4:08:76:b5:2a:c2:3f:76:d3:98:a8:ac:
d7:dc:6f:82:45:ae:88:09:1b:81:a6:a6:ac:31:a0:
99:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5A:F6:8C:B9:59:3E:61:99:BB:12:21:F0:0F:19:42:9B:BB:69:E4
X509v3 Authority Key Identifier:
keyid:D9:FC:0B:EC:60:D0:BA:CE:18:89:67:7B:D9:BB:90:19:0C:C4:FD:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fwL7GDQus4YiWd72buQGQzE_SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/I1r2jLlZPmGZuxIh8A8ZQpu7aeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b0d6e6-2ed7-4928-ad69-3469034fa441/1/2fwL7GDQus4YiWd72buQGQzE_SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.32.0/21
46.20.240.0/20
85.8.128.0/24
91.247.176.0/24
185.60.52.0/22
212.102.126.0/24
IPv6:
2a02:2528::/29
Signature Algorithm: sha256WithRSAEncryption
45:11:47:8f:71:25:33:42:bc:43:a8:53:18:16:19:9b:07:9f:
b1:31:00:08:08:18:56:9c:e9:1d:83:e2:21:11:5d:47:a2:b5:
8f:c8:c1:79:90:78:2c:e2:43:b7:67:a9:f5:fd:5c:32:28:51:
ca:c7:46:0c:f2:d4:02:07:7f:fc:ce:f9:f3:6f:4f:64:15:90:
02:7f:72:df:9e:6c:0f:65:95:a6:ee:de:88:14:31:86:18:20:
b7:08:a1:73:b7:87:9c:4f:67:67:5c:a1:d6:61:2e:96:9e:ca:
9b:78:2e:9e:b9:bd:30:3d:9e:57:d2:37:98:93:9c:2b:84:03:
8f:f0:1a:dd:39:3e:15:d5:b6:c2:66:4c:f9:ca:3d:da:47:57:
51:e8:06:5a:5d:6e:74:94:74:ba:9e:9d:e4:2a:6a:4f:2e:7b:
76:1e:e0:b4:ad:86:6a:bb:f3:ca:75:c0:94:a4:a1:66:d1:3f:
e1:3d:3e:e4:2d:d1:c6:b2:e0:c3:19:f4:f4:23:94:cb:1f:55:
c6:e6:ea:65:4e:93:d2:75:12:12:f3:43:aa:fa:94:8c:0b:23:
bd:eb:ed:8f:b2:ba:18:36:33:e9:56:52:d6:7f:1b:bd:fb:20:
cd:87:b6:71:a5:c1:b5:cb:90:51:f1:e7:60:bb:47:df:b1:70:
7f:bb:c8:9b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZOQubu4tgAdhHKfIuv7r3P5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmMwYmVjNjBkMGJhY2UxODg5Njc3YmQ5YmI5MDE5MGNj
NGZkMjIwHhcNMjQxMjA0MDgxMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVhZjY4Y2I5NTkzZTYxOTliYjEyMjFmMDBmMTk0MjliYmI2OWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxc9BKpHANB75UIuvtdBDM4SnWff
6Kg/BA/BWoKLz+YCu3PzT3SIzldVBz5MO6FTuy/WCIt/+iI/Iq2D4i10V0A5S/eV
gO4cps0wSO71VBZlMKd67bDMFjt46OywkYK/2VS0QZyRTxiklrZsGS28At1q/Zkg
IrozRcwH9tSU1MyQ8GdTaWVsVOXqxf3lh5+wk0YUoDSpEcsCTSm5Hp+LVDCfyE/I
BAf8VTAS3tjHgE5uvzML7rISKF7vzn0/5fQhz9+oH90EQEQGoSiblRdimM9M5RoP
+T9E23XjZD7VnnU72sa0CHa1KsI/dtOYqKzX3G+CRa6ICRuBpqasMaCZjwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCNa9oy5WT5hmbsSIfAPGUKbu2nkMB8GA1UdIwQY
MBaAFNn8C+xg0LrOGIlne9m7kBkMxP0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjkt
MzQ2OTAzNGZhNDQxLzEvSTFyMmpMbFpQbUdadXhJaDhBOFpRcHU3YWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iMGQ2ZTYtMmVkNy00OTI4LWFkNjktMzQ2OTAzNGZhNDQx
LzEvMmZ3TDdHRFF1czRZaVdkNzJidVFHUXpFX1NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBZAgAwQE
LhTwAwQAVQiAAwQAW/ewAwQCuTw0AwQA1GZ+MA0EAgACMAcDBQMqAiUoMA0GCSqG
SIb3DQEBCwUAA4IBAQBFEUePcSUzQrxDqFMYFhmbB5+xMQAICBhWnOkdg+IhEV1H
orWPyMF5kHgs4kO3Z6n1/VwyKFHKx0YM8tQCB3/8zvnzb09kFZACf3LfnmwPZZWm
7t6IFDGGGCC3CKFzt4ecT2dnXKHWYS6WnsqbeC6eub0wPZ5X0jeYk5wrhAOP8Brd
OT4V1bbCZkz5yj3aR1dR6AZaXW50lHS6np3kKmpPLnt2HuC0rYZqu/PKdcCUpKFm
0T/hPT7kLdHGsuDDGfT0I5TLH1XG5uplTpPSdRIS80Oq+pSMCyO96+2PsroYNjPp
VlLWfxu9+yDNh7ZxpcG1y5BR8edgu0ffsXB/u8ib
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:21 2024 by rpki-client on console.sobornost.net