Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/CVEhRMB9QaG9QamTU_m3v_wJsIQ.roa
File: CVEhRMB9QaG9QamTU_m3v_wJsIQ.roa (raw, json)
Hash identifier: AHjD78RD6dsOFUe9I521NYbqL+JqgLh81raLZE6A0KU=
Subject key identifier: 09:51:21:44:C0:7D:41:A1:BD:41:A9:93:53:F9:B7:BF:FC:09:B0:84
Certificate issuer: /CN=3bbbb1f5d986668ab3bd47cd18c5fb1efd249b04
Certificate serial: 018CC42457B86695DBF66DD30189667D5519
Authority key identifier: 3B:BB:B1:F5:D9:86:66:8A:B3:BD:47:CD:18:C5:FB:1E:FD:24:9B:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O7ux9dmGZoqzvUfNGMX7Hv0kmwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/CVEhRMB9QaG9QamTU_m3v_wJsIQ.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34032
IP address blocks: 185.98.204.0/24 maxlen: 24
185.98.206.0/24 maxlen: 24
185.98.205.0/24 maxlen: 24
185.98.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:57:b8:66:95:db:f6:6d:d3:01:89:66:7d:55:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bbbb1f5d986668ab3bd47cd18c5fb1efd249b04
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09512144c07d41a1bd41a99353f9b7bffc09b084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4a:84:36:ab:c7:d2:32:e8:0a:4a:a1:ae:c0:
8c:8d:3a:08:06:df:e5:d6:f4:39:74:8a:67:73:33:
18:4b:b6:7a:da:44:a1:10:ef:5f:7c:5a:ba:05:2e:
95:cd:8f:3f:8e:a0:6d:b9:13:fe:97:a7:d1:01:05:
e9:38:80:e7:98:d4:d0:bd:63:65:24:b3:58:0f:c4:
18:c9:f0:b9:cb:f0:a4:54:00:1e:72:6f:93:02:f3:
35:d4:9f:13:1f:c6:3c:9f:f9:7f:f6:0c:b5:ca:a0:
53:23:f4:dd:f4:29:c4:fa:32:3b:b3:71:f1:54:2f:
80:c5:7f:b5:36:96:16:15:35:18:11:1e:5a:ae:a8:
4e:e8:ba:77:67:97:85:98:9e:5c:67:2f:eb:46:e7:
ae:89:ac:35:e5:ca:65:ad:58:3d:f7:3d:a2:55:46:
b7:bd:a1:8e:ce:13:30:e9:41:f0:32:06:ec:51:b4:
3c:53:c1:ca:28:1e:23:4a:75:54:e1:c3:88:bb:80:
50:88:49:46:1d:e0:79:d7:c3:a6:26:f4:f0:9d:7d:
40:7e:51:40:32:cd:73:38:cf:19:f1:e8:a3:68:72:
c0:ec:06:ab:c4:ca:4a:7a:63:5e:6c:33:d2:8b:62:
15:07:d0:69:4d:bf:60:53:4d:33:dc:a2:66:9a:b4:
b0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:51:21:44:C0:7D:41:A1:BD:41:A9:93:53:F9:B7:BF:FC:09:B0:84
X509v3 Authority Key Identifier:
keyid:3B:BB:B1:F5:D9:86:66:8A:B3:BD:47:CD:18:C5:FB:1E:FD:24:9B:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O7ux9dmGZoqzvUfNGMX7Hv0kmwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/CVEhRMB9QaG9QamTU_m3v_wJsIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/cede0d-027f-45ad-8480-c117f27ba9c0/1/O7ux9dmGZoqzvUfNGMX7Hv0kmwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.204.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:ec:c7:80:fb:d9:ec:83:1d:9d:86:17:5c:3e:61:55:f4:e9:
89:3e:ed:e8:ae:58:fb:2e:d4:85:29:da:40:b3:73:0d:0b:99:
26:f1:7e:19:14:23:9d:34:85:04:2a:ce:e8:8c:1f:30:d1:a0:
39:a4:84:f8:7f:57:b4:a1:46:19:9a:2c:db:e7:42:54:2c:22:
0b:79:6d:0b:8d:d4:4f:1b:60:50:cc:33:a5:e2:ba:57:04:f7:
5f:1e:59:c3:96:24:d4:11:81:61:86:b8:e0:dc:1f:13:22:a5:
dd:92:c2:4c:c7:ac:f5:09:06:7f:42:6b:72:87:e7:61:75:a7:
9a:44:80:e4:71:3a:72:3b:17:25:a4:af:b4:32:0f:a1:21:5b:
5c:24:8b:f5:21:e9:b5:0c:31:08:f0:b1:40:60:d6:ce:b8:97:
8c:ee:3f:72:5d:5b:cc:10:ed:d7:28:08:f0:be:70:2d:14:eb:
63:e4:c7:d9:6a:c6:ff:c0:ab:53:9c:a4:b9:b8:7a:6c:be:be:
0b:6e:8b:e3:2b:ac:e1:8e:30:a5:9b:f9:1c:0e:68:31:4b:59:
66:ae:20:7c:1c:7e:a3:44:ae:f7:91:5c:46:99:bf:e2:7f:43:
5d:71:6e:c1:55:66:9a:dc:0a:f6:4b:d3:34:7c:6a:34:36:52:
0d:7d:b0:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFe4ZpXb9m3TAYlmfVUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYmJiMWY1ZDk4NjY2OGFiM2JkNDdjZDE4YzVmYjFlZmQy
NDliMDQwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTUxMjE0NGMwN2Q0MWExYmQ0MWE5OTM1M2Y5YjdiZmZjMDliMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UqENqvH0jLoCkqhrsCMjToIBt/l
1vQ5dIpnczMYS7Z62kShEO9ffFq6BS6VzY8/jqBtuRP+l6fRAQXpOIDnmNTQvWNl
JLNYD8QYyfC5y/CkVAAecm+TAvM11J8TH8Y8n/l/9gy1yqBTI/Td9CnE+jI7s3Hx
VC+AxX+1NpYWFTUYER5arqhO6Lp3Z5eFmJ5cZy/rRueuiaw15cplrVg99z2iVUa3
vaGOzhMw6UHwMgbsUbQ8U8HKKB4jSnVU4cOIu4BQiElGHeB518OmJvTwnX1AflFA
Ms1zOM8Z8eijaHLA7AarxMpKemNebDPSi2IVB9BpTb9gU00z3KJmmrSweQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlRIUTAfUGhvUGpk1P5t7/8CbCEMB8GA1UdIwQY
MBaAFDu7sfXZhmaKs71HzRjF+x79JJsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzd1eDlkbUdab3F6dlVmTkdNWDdIdjBrbXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jZWRlMGQtMDI3Zi00NWFkLTg0ODAt
YzExN2YyN2JhOWMwLzEvQ1ZFaFJNQjlRYUc5UWFtVFVfbTN2X3dKc0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jZWRlMGQtMDI3Zi00NWFkLTg0ODAtYzExN2YyN2JhOWMw
LzEvTzd1eDlkbUdab3F6dlVmTkdNWDdIdjBrbXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWLMMA0G
CSqGSIb3DQEBCwUAA4IBAQBO7MeA+9nsgx2dhhdcPmFV9OmJPu3orlj7LtSFKdpA
s3MNC5km8X4ZFCOdNIUEKs7ojB8w0aA5pIT4f1e0oUYZmizb50JULCILeW0LjdRP
G2BQzDOl4rpXBPdfHlnDliTUEYFhhrjg3B8TIqXdksJMx6z1CQZ/Qmtyh+dhdaea
RIDkcTpyOxclpK+0Mg+hIVtcJIv1Iem1DDEI8LFAYNbOuJeM7j9yXVvMEO3XKAjw
vnAtFOtj5MfZasb/wKtTnKS5uHpsvr4LbovjK6zhjjClm/kcDmgxS1lmriB8HH6j
RK73kVxGmb/if0NdcW7BVWaa3Ar2S9M0fGo0NlINfbAm
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:28 2024 by rpki-client on console.sobornost.net