Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/u3QaUK1LcEDqSljDhe5kqz4dKmc.roa
File: u3QaUK1LcEDqSljDhe5kqz4dKmc.roa (raw, json)
Hash identifier: veoWYjJ+aquhxTtEkxsxgbsBMyegrv2DX+yRb/f/L9Q=
Subject key identifier: BB:74:1A:50:AD:4B:70:40:EA:4A:58:C3:85:EE:64:AB:3E:1D:2A:67
Certificate issuer: /CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Certificate serial: 019278D8E02CFDE9506445ED489E0688011A
Authority key identifier: AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/u3QaUK1LcEDqSljDhe5kqz4dKmc.roa
Signing time: Thu 10 Oct 2024 23:52:11 +0000
ROA not before: Thu 10 Oct 2024 23:52:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60783
IP address blocks: 185.25.232.0/24 maxlen: 24
2a04:3480::/29 maxlen: 29
2a0a:8fc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:78:d8:e0:2c:fd:e9:50:64:45:ed:48:9e:06:88:01:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Validity
Not Before: Oct 10 23:52:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb741a50ad4b7040ea4a58c385ee64ab3e1d2a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d5:38:de:64:e2:dc:fe:63:a4:2b:97:e7:e3:
b4:73:ca:fd:b2:d6:ca:c8:fa:65:d2:71:40:9b:8a:
f7:5d:14:15:e5:60:29:4f:57:b6:a4:c0:c1:0e:7a:
3d:cd:d2:89:ac:da:ff:4a:90:0c:7a:71:b9:e1:aa:
69:7a:17:90:58:04:b3:09:31:c3:cc:8e:bd:3b:ea:
75:71:37:b5:51:e3:4e:b5:89:48:df:21:a6:88:91:
4c:ef:1f:5b:25:32:08:d6:ad:27:aa:89:a8:dc:1c:
1e:f1:43:b9:1a:68:c7:6e:f2:d2:29:f6:07:26:8d:
6f:f1:29:ce:04:de:82:dd:35:74:3d:72:f6:b5:42:
0b:c7:3d:cf:73:6a:88:05:97:21:fb:e4:b4:e6:22:
9e:55:00:87:4c:4b:d2:c9:0f:96:08:73:01:9e:83:
8f:ba:bf:1c:52:0d:ad:ee:3e:57:cb:ca:59:8e:55:
0b:04:24:aa:91:90:6a:eb:89:a0:e7:9f:2d:b2:d9:
d7:cd:64:a3:68:ce:74:33:47:10:3a:29:a7:17:75:
d9:1f:3e:cd:2f:e9:b8:8e:46:90:3c:ca:37:38:ac:
ff:f7:bc:36:dd:57:de:8d:87:8d:62:cf:e1:dc:b9:
df:ee:59:94:c4:9f:b2:ac:f4:12:e1:9c:38:d7:fb:
4c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:74:1A:50:AD:4B:70:40:EA:4A:58:C3:85:EE:64:AB:3E:1D:2A:67
X509v3 Authority Key Identifier:
keyid:AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/u3QaUK1LcEDqSljDhe5kqz4dKmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.232.0/24
IPv6:
2a04:3480::/29
2a0a:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:8c:5d:fa:74:66:ad:99:d9:38:78:3f:10:ed:da:e2:1a:f3:
cf:9a:60:cb:21:59:7e:24:5e:56:72:65:96:e9:59:3f:ed:c0:
47:85:e5:08:15:13:64:41:d1:20:16:8d:7a:29:63:3d:a6:74:
c8:05:72:34:c6:0f:ac:b1:90:73:f6:ad:03:73:ef:d2:1a:c9:
31:d1:55:78:af:39:16:fb:cd:36:9b:fc:32:3b:77:4c:7e:37:
74:44:cc:66:59:99:16:89:37:35:2f:81:2a:85:38:17:cf:d5:
fa:05:cb:de:10:3b:f6:2d:36:7a:98:5e:98:ee:d9:82:0d:ba:
0c:a1:27:92:6e:96:32:cf:c6:32:77:4e:ef:43:d3:92:97:c6:
7f:0d:de:55:db:03:33:ea:dd:b6:a0:a3:fc:d5:0c:d0:9a:f0:
51:b8:f3:a5:c8:da:09:ad:0a:ce:8c:cf:02:58:a5:46:57:e3:
02:76:7c:9e:38:a3:53:36:34:88:dc:47:3c:bd:5b:b2:ea:f2:
9d:aa:df:e4:49:b2:3f:79:43:f2:2e:28:8f:08:90:22:66:e5:
ea:c0:c5:2a:0d:c2:12:ee:21:e4:84:76:35:cf:cf:f1:82:99:
f1:07:41:72:f6:df:37:83:e1:9b:2c:7b:a6:7b:b2:a7:0c:6a:
2a:18:ec:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZJ42OAs/elQZEXtSJ4GiAEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYjFkYjBlMDA4MjA4NzZkZmEyMGJlYzliNzE5YWE3OTVh
Y2MxZGUwHhcNMjQxMDEwMjM1MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjc0MWE1MGFkNGI3MDQwZWE0YTU4YzM4NWVlNjRhYjNlMWQyYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9U43mTi3P5jpCuX5+O0c8r9stbK
yPpl0nFAm4r3XRQV5WApT1e2pMDBDno9zdKJrNr/SpAMenG54appeheQWASzCTHD
zI69O+p1cTe1UeNOtYlI3yGmiJFM7x9bJTII1q0nqomo3Bwe8UO5GmjHbvLSKfYH
Jo1v8SnOBN6C3TV0PXL2tUILxz3Pc2qIBZch++S05iKeVQCHTEvSyQ+WCHMBnoOP
ur8cUg2t7j5Xy8pZjlULBCSqkZBq64mg558tstnXzWSjaM50M0cQOimnF3XZHz7N
L+m4jkaQPMo3OKz/97w23VfejYeNYs/h3Lnf7lmUxJ+yrPQS4Zw41/tMSwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLt0GlCtS3BA6kpYw4XuZKs+HSpnMB8GA1UdIwQY
MBaAFKqx2w4Aggh236IL7JtxmqeVrMHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGIt
MjNlMzgxMzY1MWQ0LzEvdTNRYVVLMUxjRURxU2xqRGhlNWtxejRkS21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGItMjNlMzgxMzY1MWQ0
LzEvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAuRnoMBQE
AgACMA4DBQMqBDSAAwUDKgqPwDANBgkqhkiG9w0BAQsFAAOCAQEAC4xd+nRmrZnZ
OHg/EO3a4hrzz5pgyyFZfiReVnJllulZP+3AR4XlCBUTZEHRIBaNeiljPaZ0yAVy
NMYPrLGQc/atA3Pv0hrJMdFVeK85FvvNNpv8Mjt3TH43dETMZlmZFok3NS+BKoU4
F8/V+gXL3hA79i02ephemO7Zgg26DKEnkm6WMs/GMndO70PTkpfGfw3eVdsDM+rd
tqCj/NUM0JrwUbjzpcjaCa0KzozPAlilRlfjAnZ8njijUzY0iNxHPL1bsurynarf
5EmyP3lD8i4ojwiQImbl6sDFKg3CEu4h5IR2Nc/P8YKZ8QdBcvbfN4Phmyx7pnuy
pwxqKhjsjg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:55 2024 by rpki-client on console.sobornost.net