Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/7ffb3e-8a4c-40b7-876e-6003d5aeed1f/1/0Wg_r-nLFJWvhek_HkzAhfiXpmo.roa
File: 0Wg_r-nLFJWvhek_HkzAhfiXpmo.roa (raw, json)
Hash identifier: kE8ak/rntcfDOiz0JGTY4c4rKc5TGCnslZ1CLD8sVYg=
Subject key identifier: D1:68:3F:AF:E9:CB:14:95:AF:85:E9:3F:1E:4C:C0:85:F8:97:A6:6A
Certificate issuer: /CN=a985b5521d20901882478f0f0941962c3e9c94fa
Certificate serial: 01936D09F76BFE075DC4ACA7D76627D2FD5D
Authority key identifier: A9:85:B5:52:1D:20:90:18:82:47:8F:0F:09:41:96:2C:3E:9C:94:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYW1Uh0gkBiCR48PCUGWLD6clPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/7ffb3e-8a4c-40b7-876e-6003d5aeed1f/1/0Wg_r-nLFJWvhek_HkzAhfiXpmo.roa
Signing time: Wed 27 Nov 2024 09:53:09 +0000
ROA not before: Wed 27 Nov 2024 09:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206009
IP address blocks: 185.184.72.0/22 maxlen: 24
2a0b:2c80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:09:f7:6b:fe:07:5d:c4:ac:a7:d7:66:27:d2:fd:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a985b5521d20901882478f0f0941962c3e9c94fa
Validity
Not Before: Nov 27 09:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1683fafe9cb1495af85e93f1e4cc085f897a66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9f:f2:25:46:b4:80:ff:43:0c:29:b3:b5:06:
5b:2b:83:72:02:8a:b8:d5:d9:21:be:0b:2b:5b:9c:
09:f0:98:94:48:0c:00:be:83:04:12:26:f0:2a:a4:
6c:e7:5b:5b:ec:7f:dd:9a:11:b7:d9:84:82:ae:e5:
36:d9:91:ba:d9:ef:95:ed:f0:5c:0b:7c:dd:b6:59:
3a:f2:51:ee:c5:71:fc:50:08:ab:b4:5a:ce:fd:ab:
07:5a:2d:c9:e9:d3:01:be:eb:dd:d4:ec:e2:57:31:
88:c3:db:00:c4:2e:23:b8:ab:c0:b2:63:a3:d0:dc:
45:ef:b1:0d:0a:ad:45:b6:3c:2b:4c:4a:22:8b:8b:
88:24:fc:31:8d:64:a1:1b:65:c7:01:3e:bd:b3:ff:
ac:bc:2b:51:4e:51:02:09:9f:58:49:df:a7:97:22:
99:c6:d8:d8:a3:7b:9b:b4:38:d6:05:fc:6d:78:74:
60:05:c6:ec:5f:af:fe:e3:64:fd:d6:c1:c4:ce:96:
ca:2f:05:48:ec:14:14:78:c4:24:37:7a:67:44:17:
79:b6:de:bf:f2:15:55:15:c5:23:4b:0a:2d:6c:84:
07:64:d4:85:be:73:77:5e:2b:e3:06:1d:d8:eb:08:
09:b4:36:db:cc:25:e0:db:7c:19:37:49:dc:67:a8:
e2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:68:3F:AF:E9:CB:14:95:AF:85:E9:3F:1E:4C:C0:85:F8:97:A6:6A
X509v3 Authority Key Identifier:
keyid:A9:85:B5:52:1D:20:90:18:82:47:8F:0F:09:41:96:2C:3E:9C:94:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYW1Uh0gkBiCR48PCUGWLD6clPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/7ffb3e-8a4c-40b7-876e-6003d5aeed1f/1/0Wg_r-nLFJWvhek_HkzAhfiXpmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/7ffb3e-8a4c-40b7-876e-6003d5aeed1f/1/qYW1Uh0gkBiCR48PCUGWLD6clPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.72.0/22
IPv6:
2a0b:2c80::/29
Signature Algorithm: sha256WithRSAEncryption
03:68:36:5f:40:7a:57:05:b9:50:e4:c2:47:5a:e9:ae:69:75:
97:a8:58:da:d3:98:41:4e:91:1a:11:46:82:89:77:d0:25:74:
c2:6e:0c:60:b6:02:ea:f0:ea:0e:50:17:8c:87:d1:fb:a9:e9:
fc:ea:71:df:9d:cb:e4:3e:d1:ee:43:9c:da:43:60:23:b6:1c:
9e:52:3f:31:5d:70:ab:62:28:bd:78:64:52:0a:d9:ed:0e:7d:
f3:02:84:16:f6:ab:16:fe:fe:4d:75:5c:10:53:67:37:e9:80:
18:a3:1d:d5:e6:01:f9:13:a0:5c:86:36:55:8c:a4:6e:ff:fb:
5e:a9:ef:52:44:58:c9:93:bd:08:24:e3:35:1e:02:bd:41:a6:
12:7c:e4:f9:12:a2:b1:db:6e:aa:fa:db:17:ae:09:22:ef:db:
47:f8:44:90:16:33:2c:70:40:4a:f2:2e:2e:3f:98:86:55:50:
31:9c:fe:9b:bf:39:cf:0c:f8:bd:39:f3:cc:96:03:c2:04:4c:
48:e3:80:39:be:93:60:bd:23:f4:3c:57:a0:a5:e5:3e:70:51:
89:cd:01:4f:04:d5:6e:00:a6:22:98:31:94:ce:f1:08:e5:de:
b4:79:e1:e5:a3:44:6c:f5:94:b6:37:28:ec:d0:38:d7:c4:96:
d6:43:e5:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNtCfdr/gddxKyn12Yn0v1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODViNTUyMWQyMDkwMTg4MjQ3OGYwZjA5NDE5NjJjM2U5
Yzk0ZmEwHhcNMjQxMTI3MDk1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTY4M2ZhZmU5Y2IxNDk1YWY4NWU5M2YxZTRjYzA4NWY4OTdhNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ/yJUa0gP9DDCmztQZbK4NyAoq4
1dkhvgsrW5wJ8JiUSAwAvoMEEibwKqRs51tb7H/dmhG32YSCruU22ZG62e+V7fBc
C3zdtlk68lHuxXH8UAirtFrO/asHWi3J6dMBvuvd1OziVzGIw9sAxC4juKvAsmOj
0NxF77ENCq1FtjwrTEoii4uIJPwxjWShG2XHAT69s/+svCtRTlECCZ9YSd+nlyKZ
xtjYo3ubtDjWBfxteHRgBcbsX6/+42T91sHEzpbKLwVI7BQUeMQkN3pnRBd5tt6/
8hVVFcUjSwotbIQHZNSFvnN3XivjBh3Y6wgJtDbbzCXg23wZN0ncZ6jiNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNFoP6/pyxSVr4XpPx5MwIX4l6ZqMB8GA1UdIwQY
MBaAFKmFtVIdIJAYgkePDwlBliw+nJT6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlXMVVoMGdrQmlDUjQ4UENVR1dMRDZjbFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS83ZmZiM2UtOGE0Yy00MGI3LTg3NmUt
NjAwM2Q1YWVlZDFmLzEvMFdnX3ItbkxGSld2aGVrX0hrekFoZmlYcG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS83ZmZiM2UtOGE0Yy00MGI3LTg3NmUtNjAwM2Q1YWVlZDFm
LzEvcVlXMVVoMGdrQmlDUjQ4UENVR1dMRDZjbFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubhIMA0E
AgACMAcDBQMqCyyAMA0GCSqGSIb3DQEBCwUAA4IBAQADaDZfQHpXBblQ5MJHWumu
aXWXqFja05hBTpEaEUaCiXfQJXTCbgxgtgLq8OoOUBeMh9H7qen86nHfncvkPtHu
Q5zaQ2AjthyeUj8xXXCrYii9eGRSCtntDn3zAoQW9qsW/v5NdVwQU2c36YAYox3V
5gH5E6BchjZVjKRu//teqe9SRFjJk70IJOM1HgK9QaYSfOT5EqKx226q+tsXrgki
79tH+ESQFjMscEBK8i4uP5iGVVAxnP6bvznPDPi9OfPMlgPCBExI44A5vpNgvSP0
PFegpeU+cFGJzQFPBNVuAKYimDGUzvEI5d60eeHlo0Rs9ZS2Nyjs0DjXxJbWQ+UR
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:31 2024 by rpki-client on console.sobornost.net