Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/aiQ3s7gzpx4wq6UuVjmTCDyDG6w.roa
File: aiQ3s7gzpx4wq6UuVjmTCDyDG6w.roa (raw, json)
Hash identifier: PtqFWV2edRD68SYaeJV9r1P/6nHVhRPGlknXrE5L6Xo=
Subject key identifier: 6A:24:37:B3:B8:33:A7:1E:30:AB:A5:2E:56:39:93:08:3C:83:1B:AC
Certificate issuer: /CN=4cdd6973493ce0c3849b8b919b7502ba5fa013d7
Certificate serial: 01936D0738BCB37DCD8B095E38EA7E5E646D
Authority key identifier: 4C:DD:69:73:49:3C:E0:C3:84:9B:8B:91:9B:75:02:BA:5F:A0:13:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TN1pc0k84MOEm4uRm3UCul-gE9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/aiQ3s7gzpx4wq6UuVjmTCDyDG6w.roa
Signing time: Wed 27 Nov 2024 09:50:09 +0000
ROA not before: Wed 27 Nov 2024 09:50:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44644
IP address blocks: 92.43.192.0/21 maxlen: 24
2a01:9460::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:07:38:bc:b3:7d:cd:8b:09:5e:38:ea:7e:5e:64:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cdd6973493ce0c3849b8b919b7502ba5fa013d7
Validity
Not Before: Nov 27 09:50:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a2437b3b833a71e30aba52e563993083c831bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e8:d4:61:9e:b7:c2:c6:e0:f3:87:c3:79:d2:
24:64:25:2d:49:cb:01:65:44:3a:e7:b6:fb:d5:0e:
50:cd:b8:ae:b2:7a:da:b7:0d:10:46:74:72:5c:10:
e1:a4:19:b1:c0:4b:3e:82:ee:02:bd:71:c8:b8:4b:
7c:0e:71:a5:f2:3b:67:cf:5c:25:ce:5c:c5:0e:c7:
c9:5c:f3:6f:7c:d0:b4:ac:a4:26:f9:da:13:d5:0c:
35:71:3b:29:75:ef:b3:20:ab:a6:66:69:64:d3:2e:
1e:c6:91:28:9c:ed:73:1e:96:cd:80:a3:94:ce:e5:
d7:da:57:a2:06:b6:9e:e4:86:41:10:d2:5f:a6:e7:
d7:0e:22:91:8d:0b:05:7d:e8:fc:60:98:b5:f3:5c:
91:8e:ef:11:f2:00:7f:15:6a:c1:f9:53:3b:60:68:
04:1d:0a:ac:c2:ee:a6:88:de:84:c9:e3:07:5f:0a:
52:45:d4:09:3b:30:f7:77:dd:af:25:c5:00:56:31:
93:67:a0:cb:e6:8f:ec:7f:7a:96:b5:f4:80:d8:0a:
7f:7f:6b:33:e2:4a:69:b2:3a:90:93:ab:3c:20:2f:
17:40:b6:a9:62:d6:6c:94:95:c1:8f:c1:42:07:2b:
14:87:ee:85:20:1d:22:ff:1d:4b:a9:0c:e1:10:71:
c2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:24:37:B3:B8:33:A7:1E:30:AB:A5:2E:56:39:93:08:3C:83:1B:AC
X509v3 Authority Key Identifier:
keyid:4C:DD:69:73:49:3C:E0:C3:84:9B:8B:91:9B:75:02:BA:5F:A0:13:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TN1pc0k84MOEm4uRm3UCul-gE9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/aiQ3s7gzpx4wq6UuVjmTCDyDG6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a35f7f-2194-46d3-91bd-cc0f50bda159/1/TN1pc0k84MOEm4uRm3UCul-gE9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.192.0/21
IPv6:
2a01:9460::/32
Signature Algorithm: sha256WithRSAEncryption
89:85:67:25:28:2d:9d:c0:cd:01:c6:ad:0a:fe:d6:df:80:d7:
6f:24:d5:79:f1:d2:79:b3:6f:bc:50:3e:69:c1:67:55:94:29:
45:7a:5d:ce:f3:74:21:a6:f8:c5:17:66:16:1e:ef:f3:33:6a:
93:3f:4c:dd:dc:71:53:21:07:d0:b2:c7:6e:ef:3d:b0:49:b4:
5b:39:31:ca:38:a9:b4:10:e6:b9:2b:43:ec:0a:b8:12:c9:11:
9b:22:0e:b7:68:50:8e:fb:98:7e:19:a1:0c:f3:82:ac:ce:e5:
1e:fc:6a:9a:18:17:8b:ca:c4:bc:56:8f:d3:58:a2:9c:e1:5b:
48:3c:e5:95:fb:89:e9:ba:0f:3f:46:2b:73:45:f5:18:34:02:
1e:da:b4:fa:fd:bc:9f:17:dc:e1:de:66:23:18:57:15:d3:06:
d4:b7:ae:7b:cd:91:5f:1c:dc:ce:e1:15:dc:54:28:80:49:41:
88:00:f6:82:4d:d2:cf:b2:d9:76:74:33:fa:9d:c9:9d:8b:98:
4b:3b:6c:fb:89:cf:70:d0:0d:0c:0e:f2:e9:81:4f:a3:10:21:
2a:94:df:36:0b:20:22:57:f6:6e:68:df:4f:e3:11:dd:7b:61:
8c:3b:ea:8f:c1:f8:22:d5:9d:08:59:21:0d:30:28:51:c4:0f:
02:39:96:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNtBzi8s33NiwleOOp+XmRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZGQ2OTczNDkzY2UwYzM4NDliOGI5MTliNzUwMmJhNWZh
MDEzZDcwHhcNMjQxMTI3MDk1MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTI0MzdiM2I4MzNhNzFlMzBhYmE1MmU1NjM5OTMwODNjODMxYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OjUYZ63wsbg84fDedIkZCUtScsB
ZUQ657b71Q5Qzbiusnratw0QRnRyXBDhpBmxwEs+gu4CvXHIuEt8DnGl8jtnz1wl
zlzFDsfJXPNvfNC0rKQm+doT1Qw1cTspde+zIKumZmlk0y4expEonO1zHpbNgKOU
zuXX2leiBrae5IZBENJfpufXDiKRjQsFfej8YJi181yRju8R8gB/FWrB+VM7YGgE
HQqswu6miN6EyeMHXwpSRdQJOzD3d92vJcUAVjGTZ6DL5o/sf3qWtfSA2Ap/f2sz
4kppsjqQk6s8IC8XQLapYtZslJXBj8FCBysUh+6FIB0i/x1LqQzhEHHCwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGokN7O4M6ceMKulLlY5kwg8gxusMB8GA1UdIwQY
MBaAFEzdaXNJPODDhJuLkZt1ArpfoBPXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE4xcGMwazg0TU9FbTR1Um0zVUN1bC1nRTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hMzVmN2YtMjE5NC00NmQzLTkxYmQt
Y2MwZjUwYmRhMTU5LzEvYWlRM3M3Z3pweDR3cTZVdVZqbVRDRHlERzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hMzVmN2YtMjE5NC00NmQzLTkxYmQtY2MwZjUwYmRhMTU5
LzEvVE4xcGMwazg0TU9FbTR1Um0zVUN1bC1nRTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXCvAMA0E
AgACMAcDBQAqAZRgMA0GCSqGSIb3DQEBCwUAA4IBAQCJhWclKC2dwM0Bxq0K/tbf
gNdvJNV58dJ5s2+8UD5pwWdVlClFel3O83QhpvjFF2YWHu/zM2qTP0zd3HFTIQfQ
ssdu7z2wSbRbOTHKOKm0EOa5K0PsCrgSyRGbIg63aFCO+5h+GaEM84KszuUe/Gqa
GBeLysS8Vo/TWKKc4VtIPOWV+4npug8/RitzRfUYNAIe2rT6/byfF9zh3mYjGFcV
0wbUt657zZFfHNzO4RXcVCiASUGIAPaCTdLPstl2dDP6ncmdi5hLO2z7ic9w0A0M
DvLpgU+jECEqlN82CyAiV/ZuaN9P4xHde2GMO+qPwfgi1Z0IWSENMChRxA8COZY4
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:25 2024 by rpki-client on console.sobornost.net