Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/Bl07xZK5FwNV4uJC1X2SK30R3dM.roa
File: Bl07xZK5FwNV4uJC1X2SK30R3dM.roa (raw, json)
Hash identifier: LoN1tEvPsZvjUEF2xvUc2Htoz9dn6nf+4Nuub+ESDOI=
Subject key identifier: 06:5D:3B:C5:92:B9:17:03:55:E2:E2:42:D5:7D:92:2B:7D:11:DD:D3
Certificate issuer: /CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Certificate serial: 018B1B7330E926520261D42E0AE609EC2A5C
Authority key identifier: 53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/Bl07xZK5FwNV4uJC1X2SK30R3dM.roa
Signing time: Tue 10 Oct 2023 21:16:55 +0000
ROA not before: Tue 10 Oct 2023 21:16:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8282
IP address blocks: 80.252.116.0/22 maxlen: 24
194.70.36.0/24 maxlen: 24
80.252.124.0/22 maxlen: 24
84.246.192.0/22 maxlen: 24
93.188.180.0/22 maxlen: 24
2a01:2c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1b:73:30:e9:26:52:02:61:d4:2e:0a:e6:09:ec:2a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Validity
Not Before: Oct 10 21:16:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=065d3bc592b9170355e2e242d57d922b7d11ddd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4f:86:39:16:25:b4:6a:d3:41:b3:e2:dd:36:
9a:20:6b:f9:60:59:fa:35:9f:69:6d:27:52:8b:6d:
ac:ba:ff:ac:8c:c1:b5:39:8a:54:66:38:af:66:e1:
e7:01:64:a0:05:80:c2:16:1c:72:f8:a1:a7:42:2f:
14:13:68:26:b6:61:ae:dc:f1:80:53:ad:fc:67:9d:
ea:35:3d:cd:a4:24:99:b8:c9:fe:36:1b:44:c8:e2:
c5:78:ee:45:5d:fd:24:2a:66:aa:81:da:21:c8:c3:
8d:a1:91:75:14:ae:34:1d:0a:4d:64:bc:71:2d:7d:
4e:32:54:b2:53:ec:7b:99:b8:ee:66:af:71:b6:4c:
dd:e9:2e:a8:cf:1b:f2:57:3f:e6:2e:4a:ff:0b:e9:
14:fa:ee:c5:3d:7c:c4:a6:5f:67:64:84:ab:5b:89:
b9:34:9e:1f:59:dc:04:db:97:c1:1c:8c:b1:f0:6d:
fc:b6:58:73:27:3c:9f:e9:59:49:55:9b:a0:47:d7:
02:1c:98:b2:b0:b4:bc:ff:f7:61:90:bb:ec:54:40:
31:ad:04:18:b5:52:7a:c9:7c:0d:fd:7b:43:52:3f:
8a:ec:0d:37:25:60:b5:85:0c:11:f7:1a:7c:da:4d:
10:8d:c3:79:41:e8:2a:7e:16:38:ca:91:43:46:9e:
40:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5D:3B:C5:92:B9:17:03:55:E2:E2:42:D5:7D:92:2B:7D:11:DD:D3
X509v3 Authority Key Identifier:
keyid:53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/Bl07xZK5FwNV4uJC1X2SK30R3dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.116.0/22
80.252.124.0/22
84.246.192.0/22
93.188.180.0/22
194.70.36.0/24
IPv6:
2a01:2c0::/32
Signature Algorithm: sha256WithRSAEncryption
73:23:db:2a:ae:ec:85:91:91:b9:2b:24:68:18:7e:d2:5d:d7:
f4:b7:53:75:5e:54:35:1f:3f:bc:f5:4c:07:33:d2:5b:4e:2c:
0d:17:3d:b8:c4:d9:fa:d0:6e:b0:63:4b:ee:db:e5:2f:a0:84:
54:da:a0:a4:85:78:d2:d6:78:c8:05:f2:3c:c2:c5:41:27:36:
ad:c0:34:45:9f:fd:7c:7b:11:3f:9c:09:61:89:2c:cb:81:de:
bc:b0:17:4d:86:d7:c3:f6:3a:0b:58:ea:87:34:0c:e9:9e:e4:
47:e3:e6:82:41:ff:c8:b1:76:16:54:25:ad:85:fc:23:b2:a3:
53:c0:da:11:48:77:4e:76:b1:56:e6:c9:f4:c4:4f:73:06:10:
52:a2:59:9c:c6:e6:bc:33:ba:bc:a7:8a:13:a6:14:ab:1f:fe:
63:0f:19:ea:65:ca:c8:46:6f:96:ee:ef:18:34:72:f2:be:3e:
3f:3d:a9:79:b1:49:03:a8:df:16:a4:46:4b:c8:79:8a:5f:9f:
cf:43:3f:4c:b2:d5:bf:30:1a:eb:ef:e4:55:10:bc:fc:dc:6e:
ad:91:7e:fc:18:55:50:11:29:50:01:d3:74:57:8f:6f:86:e2:
55:ef:db:22:66:4e:8f:b2:d4:d8:0a:a5:c9:f7:42:e7:13:27:
04:2d:cc:ac
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYsbczDpJlICYdQuCuYJ7CpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzODlhYjliN2ZkNWZkZmQwNGY1MWFmODg3M2NkZjliMjRk
MDgzODAwHhcNMjMxMDEwMjExNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjVkM2JjNTkyYjkxNzAzNTVlMmUyNDJkNTdkOTIyYjdkMTFkZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE+GORYltGrTQbPi3TaaIGv5YFn6
NZ9pbSdSi22suv+sjMG1OYpUZjivZuHnAWSgBYDCFhxy+KGnQi8UE2gmtmGu3PGA
U638Z53qNT3NpCSZuMn+NhtEyOLFeO5FXf0kKmaqgdohyMONoZF1FK40HQpNZLxx
LX1OMlSyU+x7mbjuZq9xtkzd6S6ozxvyVz/mLkr/C+kU+u7FPXzEpl9nZISrW4m5
NJ4fWdwE25fBHIyx8G38tlhzJzyf6VlJVZugR9cCHJiysLS8//dhkLvsVEAxrQQY
tVJ6yXwN/XtDUj+K7A03JWC1hQwR9xp82k0QjcN5QegqfhY4ypFDRp5ApQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAZdO8WSuRcDVeLiQtV9kit9Ed3TMB8GA1UdIwQY
MBaAFFOJq5t/1f39BPUa+Ic835sk0IOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEt
MzRmNzYxMDM1MzYwLzEvQmwwN3haSzVGd05WNHVKQzFYMlNLMzBSM2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEtMzRmNzYxMDM1MzYw
LzEvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCUPx0AwQC
UPx8AwQCVPbAAwQCXby0AwQAwkYkMA0EAgACMAcDBQAqAQLAMA0GCSqGSIb3DQEB
CwUAA4IBAQBzI9sqruyFkZG5KyRoGH7SXdf0t1N1XlQ1Hz+89UwHM9JbTiwNFz24
xNn60G6wY0vu2+UvoIRU2qCkhXjS1njIBfI8wsVBJzatwDRFn/18exE/nAlhiSzL
gd68sBdNhtfD9joLWOqHNAzpnuRH4+aCQf/IsXYWVCWthfwjsqNTwNoRSHdOdrFW
5sn0xE9zBhBSolmcxua8M7q8p4oTphSrH/5jDxnqZcrIRm+W7u8YNHLyvj4/Pal5
sUkDqN8WpEZLyHmKX5/PQz9MstW/MBrr7+RVELz83G6tkX78GFVQESlQAdN0V49v
huJV79siZk6PstTYCqXJ90LnEycELcys
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:43 2023 by rpki-client on console.sobornost.net