Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/hy58pMkF0MJkI5Ol7gi2X6g0kxg.roa
File: hy58pMkF0MJkI5Ol7gi2X6g0kxg.roa (raw, json)
Hash identifier: kynQcVwNIv+3zuZ4rC7s7h+tApurEXdFfgRFSzdrS/4=
Subject key identifier: 87:2E:7C:A4:C9:05:D0:C2:64:23:93:A5:EE:08:B6:5F:A8:34:93:18
Certificate issuer: /CN=b4dd6d658e14571e839f7813da31f2217422818e
Certificate serial: 018CC8019670F8CAD405F00F0CBB15717E57
Authority key identifier: B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/hy58pMkF0MJkI5Ol7gi2X6g0kxg.roa
Signing time: Tue 02 Jan 2024 02:29:56 +0000
ROA not before: Tue 02 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50304
IP address blocks: 185.213.52.0/22 maxlen: 24
2a0b:8340::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:96:70:f8:ca:d4:05:f0:0f:0c:bb:15:71:7e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4dd6d658e14571e839f7813da31f2217422818e
Validity
Not Before: Jan 2 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=872e7ca4c905d0c2642393a5ee08b65fa8349318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:91:15:8e:8f:e6:04:8b:c8:4e:63:d7:e6:f8:
b4:d3:34:00:c9:de:39:51:de:53:9b:42:30:d7:12:
23:96:10:a2:81:7e:4a:1e:77:1f:3a:9f:e0:09:57:
47:0c:75:ab:21:69:8c:01:4a:e3:8a:6f:8a:f5:72:
9e:28:f7:6a:79:2b:5b:ed:25:7d:04:5a:d0:f4:6f:
44:cc:7a:bd:7c:49:07:1c:d3:c2:15:32:06:39:3b:
48:a0:00:85:90:24:e0:54:ad:20:a9:37:6c:8a:c0:
e1:e1:62:a2:f9:89:ed:62:9d:37:85:e0:20:81:f4:
4f:59:80:1f:a8:2e:ea:96:16:aa:2e:22:12:a1:44:
18:f5:b0:2f:d7:48:d5:be:d4:ea:c6:89:a1:b0:0f:
be:1b:e2:be:c2:cd:71:da:fd:51:3e:81:01:ce:b7:
5c:e1:6a:53:54:d0:40:7e:ab:8a:96:ed:4a:a4:af:
5d:fe:af:ed:ac:60:e1:63:0a:9c:74:f0:be:82:38:
5c:6d:ac:a3:5b:af:4a:f7:62:78:a4:ab:58:d5:d4:
4b:a8:70:97:9d:45:68:40:6d:af:3b:21:68:7d:18:
9b:37:b0:1e:13:05:8b:fd:97:73:57:af:1e:d3:f8:
4f:c3:ae:e2:8c:37:97:00:d1:5a:c5:e6:9e:d5:58:
2d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2E:7C:A4:C9:05:D0:C2:64:23:93:A5:EE:08:B6:5F:A8:34:93:18
X509v3 Authority Key Identifier:
keyid:B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/hy58pMkF0MJkI5Ol7gi2X6g0kxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.52.0/22
IPv6:
2a0b:8340::/29
Signature Algorithm: sha256WithRSAEncryption
38:40:d9:08:12:1f:8d:2a:de:93:58:6d:9a:4d:36:eb:ae:37:
13:01:6c:f9:db:09:2b:45:e3:d1:01:4b:00:a1:fb:3b:06:62:
75:df:3f:18:43:5d:2f:ae:f2:a3:ac:85:1c:e8:9d:a3:25:c5:
84:15:12:e8:22:e2:9f:4f:86:72:b2:18:bd:ec:7b:fc:bb:d2:
ba:2a:12:8b:00:03:40:be:e1:2a:d0:a3:2b:db:39:5e:81:c3:
34:9f:70:5c:01:9b:4d:1b:fa:f1:31:19:90:90:25:b7:b9:2f:
58:ee:1c:7e:ed:7c:4f:8f:48:e9:d1:c6:47:3f:ac:1a:af:ba:
59:b9:d3:4c:8f:ed:7e:f4:a3:e1:2a:10:f4:7a:bc:5c:15:17:
58:3a:5f:c0:8f:cc:af:f6:fd:14:df:5e:2b:a8:f6:7f:ea:76:
f5:b1:65:65:0e:da:02:2d:ef:45:3f:cf:6c:1f:45:f3:af:57:
2e:cb:b6:a9:85:cf:71:a4:b7:3c:61:eb:ac:ec:fd:26:66:a3:
5d:3c:b0:93:4f:4f:fe:5a:4d:f5:c5:d5:82:cc:17:8f:6a:c3:
54:27:7c:64:ac:72:67:b9:97:95:d5:4d:68:ba:16:9f:63:a4:
a3:04:d8:66:a2:08:27:5f:5b:90:36:2c:7e:99:c8:e4:c9:d3:
14:0a:c5:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAZZw+MrUBfAPDLsVcX5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZGQ2ZDY1OGUxNDU3MWU4MzlmNzgxM2RhMzFmMjIxNzQy
MjgxOGUwHhcNMjQwMTAyMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJlN2NhNGM5MDVkMGMyNjQyMzkzYTVlZTA4YjY1ZmE4MzQ5MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupEVjo/mBIvITmPX5vi00zQAyd45
Ud5Tm0Iw1xIjlhCigX5KHncfOp/gCVdHDHWrIWmMAUrjim+K9XKeKPdqeStb7SV9
BFrQ9G9EzHq9fEkHHNPCFTIGOTtIoACFkCTgVK0gqTdsisDh4WKi+YntYp03heAg
gfRPWYAfqC7qlhaqLiISoUQY9bAv10jVvtTqxomhsA++G+K+ws1x2v1RPoEBzrdc
4WpTVNBAfquKlu1KpK9d/q/trGDhYwqcdPC+gjhcbayjW69K92J4pKtY1dRLqHCX
nUVoQG2vOyFofRibN7AeEwWL/ZdzV68e0/hPw67ijDeXANFaxeae1VgtKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIcufKTJBdDCZCOTpe4Itl+oNJMYMB8GA1UdIwQY
MBaAFLTdbWWOFFceg594E9ox8iF0IoGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUt
ODFkMjE0ZWRmMjk4LzEvaHk1OHBNa0YwTUprSTVPbDdnaTJYNmcwa3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUtODFkMjE0ZWRmMjk4
LzEvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudU0MA0E
AgACMAcDBQMqC4NAMA0GCSqGSIb3DQEBCwUAA4IBAQA4QNkIEh+NKt6TWG2aTTbr
rjcTAWz52wkrRePRAUsAofs7BmJ13z8YQ10vrvKjrIUc6J2jJcWEFRLoIuKfT4Zy
shi97Hv8u9K6KhKLAANAvuEq0KMr2zlegcM0n3BcAZtNG/rxMRmQkCW3uS9Y7hx+
7XxPj0jp0cZHP6war7pZudNMj+1+9KPhKhD0erxcFRdYOl/Aj8yv9v0U314rqPZ/
6nb1sWVlDtoCLe9FP89sH0Xzr1cuy7aphc9xpLc8Yeus7P0mZqNdPLCTT0/+Wk31
xdWCzBePasNUJ3xkrHJnuZeV1U1ouhafY6SjBNhmoggnX1uQNix+mcjkydMUCsUK
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:30 2024 by rpki-client on console.sobornost.net