Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/uCnXEloO28XAlBaZpT5eUFwallI.roa
File: uCnXEloO28XAlBaZpT5eUFwallI.roa (raw, json)
Hash identifier: qurigOUHqwvE2zmD/yNAh906DSAye7vbA/hd0Ld1aew=
Subject key identifier: B8:29:D7:12:5A:0E:DB:C5:C0:94:16:99:A5:3E:5E:50:5C:1A:96:52
Certificate issuer: /CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Certificate serial: 018CCA2A0A521AF02EF3890A5F8E8CC48E7E
Authority key identifier: D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/uCnXEloO28XAlBaZpT5eUFwallI.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2200
IP address blocks: 152.77.0.0/16 maxlen: 16
129.88.0.0/16 maxlen: 16
147.171.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0a:52:1a:f0:2e:f3:89:0a:5f:8e:8c:c4:8e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79ea47ae161cbb3daef97789730d70c4cba89d0
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b829d7125a0edbc5c0941699a53e5e505c1a9652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:fa:c6:ac:ca:f7:af:e6:ec:f0:3e:62:3e:
91:75:38:c0:75:c3:ae:2c:2b:de:63:2f:29:9f:5d:
52:c6:5a:71:86:fc:f5:71:69:00:d1:58:61:8a:04:
21:2f:a7:f9:ea:d9:3e:58:3b:c9:c4:5f:c2:00:79:
91:af:5d:35:44:fa:b4:73:53:1d:1b:d3:41:d8:38:
32:0c:10:13:57:2a:ea:be:33:a6:67:b4:c5:d8:6f:
24:10:3e:f3:dd:bd:9a:e0:31:6d:f3:3d:ca:72:a6:
0d:e0:ad:99:49:76:1f:b1:ed:e9:0f:d0:bb:ca:85:
e5:5e:62:e6:8c:0f:0a:44:42:c0:00:33:bb:bb:3e:
2c:16:66:94:6c:9a:a5:5a:82:79:eb:dc:30:6a:87:
7f:df:23:91:35:56:1e:89:cb:ad:83:be:82:65:46:
a8:f8:97:33:72:83:18:02:b7:49:92:bb:c3:b6:b3:
bf:d8:7c:e9:95:44:cd:68:3e:65:9f:ee:31:a4:af:
58:56:66:76:7d:8d:7c:df:60:09:5b:44:52:bc:86:
00:e7:12:8e:f9:d3:26:27:28:93:9f:e2:a0:e8:70:
aa:e1:a2:ba:c4:fb:c9:67:85:92:8f:6a:86:89:f7:
32:74:84:cd:aa:d9:7b:2d:78:1d:24:54:6d:ab:55:
e1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:29:D7:12:5A:0E:DB:C5:C0:94:16:99:A5:3E:5E:50:5C:1A:96:52
X509v3 Authority Key Identifier:
keyid:D7:9E:A4:7A:E1:61:CB:B3:DA:EF:97:78:97:30:D7:0C:4C:BA:89:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/156keuFhy7Pa75d4lzDXDEy6idA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/uCnXEloO28XAlBaZpT5eUFwallI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9cb41-1c3b-46ab-a993-3c3e50dda6cc/1/156keuFhy7Pa75d4lzDXDEy6idA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.88.0.0/16
147.171.0.0/16
152.77.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:7d:46:03:10:de:0d:68:5f:b5:59:5f:59:a7:d7:ff:a2:5d:
ef:2b:05:51:04:6f:41:29:fd:be:f7:f5:22:7b:41:7b:1c:8d:
77:b7:52:3a:95:95:66:14:cb:57:a0:eb:a5:09:6d:6c:a3:a3:
ea:70:02:d2:c4:04:3d:20:e6:f0:2c:11:54:a2:dc:31:10:5a:
f7:1a:65:8d:84:28:e9:a4:68:8e:ce:7a:48:40:65:7d:87:ad:
56:e9:28:7c:fb:90:a4:d8:40:89:31:54:7a:f3:39:f4:9c:39:
64:13:29:05:78:56:1b:73:12:49:64:c4:f8:07:9e:c7:bc:09:
cc:e0:f7:d1:f7:9f:03:32:f0:32:93:cf:02:67:89:51:73:3c:
ec:b4:1c:0d:b5:7a:b1:2f:9d:fb:d0:a0:21:e2:bc:37:86:11:
3e:36:65:8b:e1:dc:8f:4f:31:17:a7:bf:92:ca:42:2d:a5:13:
e0:85:30:9d:8b:97:d3:ee:c4:3d:ce:4b:99:dc:69:c2:63:56:
6a:85:03:da:c4:fa:18:bc:da:9d:b3:fc:e9:e1:d6:44:b2:6c:
6c:1a:f1:56:e9:a5:0e:8f:7a:09:b3:63:22:06:8d:b3:8c:59:
97:c6:73:ab:67:92:6a:4a:7e:bf:33:df:1a:0f:93:ed:2f:04:
2a:99:60:e4
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYzKKgpSGvAu84kKX46MxI5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWVhNDdhZTE2MWNiYjNkYWVmOTc3ODk3MzBkNzBjNGNi
YTg5ZDAwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODI5ZDcxMjVhMGVkYmM1YzA5NDE2OTlhNTNlNWU1MDVjMWE5NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTj6xqzK96/m7PA+Yj6RdTjAdcOu
LCveYy8pn11Sxlpxhvz1cWkA0VhhigQhL6f56tk+WDvJxF/CAHmRr101RPq0c1Md
G9NB2DgyDBATVyrqvjOmZ7TF2G8kED7z3b2a4DFt8z3KcqYN4K2ZSXYfse3pD9C7
yoXlXmLmjA8KRELAADO7uz4sFmaUbJqlWoJ569wwaod/3yORNVYeicutg76CZUao
+JczcoMYArdJkrvDtrO/2HzplUTNaD5ln+4xpK9YVmZ2fY1832AJW0RSvIYA5xKO
+dMmJyiTn+Kg6HCq4aK6xPvJZ4WSj2qGifcydITNqtl7LXgdJFRtq1XhAQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFLgp1xJaDtvFwJQWmaU+XlBcGpZSMB8GA1UdIwQY
MBaAFNeepHrhYcuz2u+XeJcw1wxMuonQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMt
M2MzZTUwZGRhNmNjLzEvdUNuWEVsb08yOFhBbEJhWnBUNWVVRndhbGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWNiNDEtMWMzYi00NmFiLWE5OTMtM2MzZTUwZGRhNmNj
LzEvMTU2a2V1Rmh5N1BhNzVkNGx6RFhERXk2aWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMAgVgDAwCT
qwMDAJhNMA0GCSqGSIb3DQEBCwUAA4IBAQDHfUYDEN4NaF+1WV9Zp9f/ol3vKwVR
BG9BKf2+9/Uie0F7HI13t1I6lZVmFMtXoOulCW1so6PqcALSxAQ9IObwLBFUotwx
EFr3GmWNhCjppGiOznpIQGV9h61W6Sh8+5Ck2ECJMVR68zn0nDlkEykFeFYbcxJJ
ZMT4B57HvAnM4PfR958DMvAyk88CZ4lRczzstBwNtXqxL5370KAh4rw3hhE+NmWL
4dyPTzEXp7+SykItpRPghTCdi5fT7sQ9zkuZ3GnCY1ZqhQPaxPoYvNqds/zp4dZE
smxsGvFW6aUOj3oJs2MiBo2zjFmXxnOrZ5JqSn6/M98aD5PtLwQqmWDk
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:39 2024 by rpki-client on console.sobornost.net