Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/gDJSwBb-hNVf56Zr8PwZ_IwXqzs.roa
File: gDJSwBb-hNVf56Zr8PwZ_IwXqzs.roa (raw, json)
Hash identifier: iAyEVqtIZ4B4zrw1lUyQjkAEd9H4DLGSVL38IRW28QA=
Subject key identifier: 80:32:52:C0:16:FE:84:D5:5F:E7:A6:6B:F0:FC:19:FC:8C:17:AB:3B
Certificate issuer: /CN=368e35a05f2707b5a741c2a72f5e4bb34c9b09a8
Certificate serial: 018CC64A8875C159419D703871DB87C1EA8D
Authority key identifier: 36:8E:35:A0:5F:27:07:B5:A7:41:C2:A7:2F:5E:4B:B3:4C:9B:09:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/No41oF8nB7WnQcKnL15Ls0ybCag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/gDJSwBb-hNVf56Zr8PwZ_IwXqzs.roa
Signing time: Mon 01 Jan 2024 18:30:22 +0000
ROA not before: Mon 01 Jan 2024 18:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8596
IP address blocks: 185.74.0.0/22 maxlen: 22
82.150.192.0/19 maxlen: 19
2a02:5d8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:88:75:c1:59:41:9d:70:38:71:db:87:c1:ea:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368e35a05f2707b5a741c2a72f5e4bb34c9b09a8
Validity
Not Before: Jan 1 18:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=803252c016fe84d55fe7a66bf0fc19fc8c17ab3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a9:38:9d:a3:f9:7b:db:d3:5e:a9:8b:08:2f:
84:f4:e8:4e:cf:56:73:e5:73:86:01:ea:ba:19:3a:
50:66:62:eb:d4:e3:e8:20:4d:9b:42:37:c3:2e:67:
ad:9e:be:09:8b:71:df:39:07:1d:7e:c7:8a:81:5b:
ca:97:7b:e1:a7:75:94:b5:f2:e1:b9:06:58:4f:7d:
c4:74:46:1c:3f:f2:ff:7c:db:50:c5:20:cb:4b:98:
28:d4:94:79:86:15:60:8c:3d:29:03:64:c5:00:03:
99:95:cb:42:0a:20:b5:11:02:cf:3d:45:10:f7:6e:
4d:1a:fd:83:f3:af:8c:60:5f:6c:43:54:44:7a:b6:
93:e8:d9:6a:25:dd:5f:74:4f:e8:06:ff:d6:d0:73:
af:56:5f:aa:06:50:bf:22:6d:55:92:11:5f:e5:18:
d4:d8:67:6e:33:3c:ab:3e:78:c1:d7:67:73:f1:06:
5a:ca:66:e8:70:b8:f2:02:56:33:43:a8:00:3a:fc:
39:e0:ec:d6:22:de:ab:38:e5:12:cb:35:ec:6c:4b:
fc:c4:09:0a:c1:10:53:a6:61:0c:d7:b1:75:11:56:
0b:99:b2:65:ca:85:b9:bf:ff:98:db:85:59:00:e9:
ae:0d:6b:8b:30:80:3c:e3:bf:e0:71:ad:d7:3e:8d:
4b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:32:52:C0:16:FE:84:D5:5F:E7:A6:6B:F0:FC:19:FC:8C:17:AB:3B
X509v3 Authority Key Identifier:
keyid:36:8E:35:A0:5F:27:07:B5:A7:41:C2:A7:2F:5E:4B:B3:4C:9B:09:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/No41oF8nB7WnQcKnL15Ls0ybCag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/gDJSwBb-hNVf56Zr8PwZ_IwXqzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/bb54d1-892d-4711-a9cf-76f135c4f311/1/No41oF8nB7WnQcKnL15Ls0ybCag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.192.0/19
185.74.0.0/22
IPv6:
2a02:5d8::/32
Signature Algorithm: sha256WithRSAEncryption
90:78:8d:09:01:6d:21:54:45:be:4c:1f:d6:67:2d:5b:3d:31:
6a:d6:9d:a6:d2:67:3a:e3:7f:c7:fb:49:fe:f3:8d:2a:09:3a:
a4:c6:9e:e5:61:15:03:b8:ce:33:36:1e:5e:bb:19:c5:10:b5:
b9:59:65:d9:5e:6e:24:0d:37:51:05:47:cd:2e:14:bf:45:5e:
84:ef:5b:d0:2c:e2:71:64:8f:aa:e4:ce:1b:5b:b4:e9:ef:db:
d7:3c:7f:ab:b0:4d:9c:c3:95:91:6d:4a:b4:12:3b:d7:cd:e6:
c8:01:03:e0:f2:fe:8b:d4:ae:ad:6d:99:a3:75:5a:76:93:04:
5e:2c:01:7d:7e:39:01:57:0f:53:aa:ef:7c:f4:7b:68:fa:e0:
37:bb:20:0b:ee:2a:08:f5:af:b8:90:4b:d8:88:c9:fb:0f:6c:
92:41:67:c5:77:0d:37:f6:f9:b3:1e:81:83:76:6e:5b:c3:63:
72:b6:74:70:c4:c5:12:8b:d0:e1:ea:f1:76:c4:7b:94:b4:94:
89:4b:3c:3b:fe:26:5d:7e:4b:65:42:38:0a:b5:73:98:ec:31:
e8:a5:d3:34:8c:60:d3:1d:67:02:1d:fa:fd:5c:a0:7e:46:ba:
e8:f7:6e:19:36:b4:fc:5b:2c:d7:77:17:ee:fc:2a:8f:9e:bb:
7e:c0:47:0d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSoh1wVlBnXA4cduHweqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGUzNWEwNWYyNzA3YjVhNzQxYzJhNzJmNWU0YmIzNGM5
YjA5YTgwHhcNMjQwMTAxMTgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDMyNTJjMDE2ZmU4NGQ1NWZlN2E2NmJmMGZjMTlmYzhjMTdhYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qk4naP5e9vTXqmLCC+E9OhOz1Zz
5XOGAeq6GTpQZmLr1OPoIE2bQjfDLmetnr4Ji3HfOQcdfseKgVvKl3vhp3WUtfLh
uQZYT33EdEYcP/L/fNtQxSDLS5go1JR5hhVgjD0pA2TFAAOZlctCCiC1EQLPPUUQ
925NGv2D86+MYF9sQ1REeraT6NlqJd1fdE/oBv/W0HOvVl+qBlC/Im1VkhFf5RjU
2GduMzyrPnjB12dz8QZaymbocLjyAlYzQ6gAOvw54OzWIt6rOOUSyzXsbEv8xAkK
wRBTpmEM17F1EVYLmbJlyoW5v/+Y24VZAOmuDWuLMIA847/gca3XPo1LSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIAyUsAW/oTVX+ema/D8GfyMF6s7MB8GA1UdIwQY
MBaAFDaONaBfJwe1p0HCpy9eS7NMmwmoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm80MW9GOG5CN1duUWNLbkwxNUxzMHliQ2FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9iYjU0ZDEtODkyZC00NzExLWE5Y2Yt
NzZmMTM1YzRmMzExLzEvZ0RKU3dCYi1oTlZmNTZacjhQd1pfSXdYcXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9iYjU0ZDEtODkyZC00NzExLWE5Y2YtNzZmMTM1YzRmMzEx
LzEvTm80MW9GOG5CN1duUWNLbkwxNUxzMHliQ2FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUpbAAwQC
uUoAMA0EAgACMAcDBQAqAgXYMA0GCSqGSIb3DQEBCwUAA4IBAQCQeI0JAW0hVEW+
TB/WZy1bPTFq1p2m0mc643/H+0n+840qCTqkxp7lYRUDuM4zNh5euxnFELW5WWXZ
Xm4kDTdRBUfNLhS/RV6E71vQLOJxZI+q5M4bW7Tp79vXPH+rsE2cw5WRbUq0EjvX
zebIAQPg8v6L1K6tbZmjdVp2kwReLAF9fjkBVw9Tqu989Hto+uA3uyAL7ioI9a+4
kEvYiMn7D2ySQWfFdw039vmzHoGDdm5bw2NytnRwxMUSi9Dh6vF2xHuUtJSJSzw7
/iZdfktlQjgKtXOY7DHopdM0jGDTHWcCHfr9XKB+Rrro924ZNrT8WyzXdxfu/CqP
nrt+wEcN
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:41 2024 by rpki-client on console.sobornost.net