Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/hfqvNnkH0SIAG6HqmB5z2EKxkyk.roa
File: hfqvNnkH0SIAG6HqmB5z2EKxkyk.roa (raw, json)
Hash identifier: yczndr5Hfac0YjciCNGJ+eLEgZgN4c8+k5zpQRWat/E=
Subject key identifier: 85:FA:AF:36:79:07:D1:22:00:1B:A1:EA:98:1E:73:D8:42:B1:93:29
Certificate issuer: /CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Certificate serial: 0189970BEA93BD520692B08628A7414D1FDB
Authority key identifier: 53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/hfqvNnkH0SIAG6HqmB5z2EKxkyk.roa
Signing time: Thu 27 Jul 2023 11:11:27 +0000
ROA not before: Thu 27 Jul 2023 11:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8282
IP address blocks: 80.252.116.0/22 maxlen: 24
194.70.36.0/24 maxlen: 24
80.252.124.0/22 maxlen: 24
84.246.192.0/22 maxlen: 24
93.188.176.0/21 maxlen: 24
2a01:2c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:0b:ea:93:bd:52:06:92:b0:86:28:a7:41:4d:1f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Validity
Not Before: Jul 27 11:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85faaf367907d122001ba1ea981e73d842b19329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c6:55:50:3d:86:8b:26:ec:28:75:ae:db:97:
a2:9b:84:0e:04:56:43:f2:8f:9b:54:ea:d4:59:26:
44:12:43:8b:9f:83:39:f4:e5:41:d9:b4:21:95:ef:
4d:fe:62:20:35:6c:87:1b:0d:27:95:bb:71:55:71:
b3:3b:55:ee:13:a6:9f:81:7e:9e:e9:90:f4:3f:4a:
16:65:3d:a5:2d:36:2e:f0:71:d2:48:c3:2a:52:f4:
f9:99:7a:c4:0b:c1:c8:59:7d:b9:ec:d5:81:27:6a:
43:69:db:32:32:15:f9:96:3b:e8:0c:6d:31:be:d9:
4e:7d:d1:07:1d:3e:11:e0:83:7f:00:a3:73:18:e4:
50:30:17:45:22:7e:81:0c:96:3e:53:4c:c2:8d:ee:
74:1b:e4:69:a2:53:0a:3c:e2:47:71:45:0e:b7:74:
2f:b0:2c:78:60:4f:97:60:83:a2:89:36:38:52:8a:
af:3f:79:49:85:05:4b:30:83:78:57:c7:20:ec:10:
04:a3:b2:b0:f7:dd:a6:da:85:5b:1a:f1:15:d3:dd:
d7:85:1b:6f:f7:81:a4:d0:59:d4:5b:f0:12:8f:7c:
12:c9:00:0d:db:a4:b8:68:34:98:a8:83:a0:28:12:
aa:4a:79:62:b3:97:91:3e:5e:26:3b:75:06:82:97:
1f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FA:AF:36:79:07:D1:22:00:1B:A1:EA:98:1E:73:D8:42:B1:93:29
X509v3 Authority Key Identifier:
keyid:53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/hfqvNnkH0SIAG6HqmB5z2EKxkyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.116.0/22
80.252.124.0/22
84.246.192.0/22
93.188.176.0/21
194.70.36.0/24
IPv6:
2a01:2c0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:33:27:d9:6f:c0:ed:43:84:1f:08:28:e6:46:f1:ba:71:75:
0a:73:73:aa:ce:2f:96:9c:3b:d7:e0:55:4d:fc:21:c2:91:bc:
e5:9f:86:cc:76:fc:bb:5d:c7:f4:d1:85:bb:88:48:52:4b:c3:
84:10:5f:de:38:52:48:e2:ba:44:92:cf:53:72:e0:a4:49:ef:
e2:5e:6a:14:06:3d:21:81:d5:82:ad:98:56:20:25:85:6a:a6:
df:5b:ce:3b:d4:5a:b1:b5:7a:84:0f:d4:5d:e9:5f:5b:34:ec:
61:1e:21:15:43:9e:d4:cf:ae:2b:74:56:c3:fd:7f:f7:7c:21:
4f:b9:4b:c2:fc:d9:1a:cc:53:54:e5:25:3f:5b:63:bb:4f:5d:
95:ff:43:16:26:0c:96:e3:8e:a9:6b:d9:ef:d3:5c:05:43:3f:
9e:08:5a:8b:40:eb:e4:40:5a:67:77:8b:46:63:80:8c:fc:3f:
98:bb:4f:f4:12:1b:1d:9c:b9:06:5b:75:ab:cf:76:9d:8c:a0:
dc:20:0a:1f:fb:78:f1:d9:0c:14:9d:76:f3:ae:78:90:b0:5b:
df:4d:ee:db:d1:a0:b7:13:a0:4a:74:eb:4b:fe:ad:fa:b9:64:
d1:6f:7b:eb:bb:97:48:37:09:42:87:74:1d:a9:e6:f5:b3:43:
ed:04:a7:6a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYmXC+qTvVIGkrCGKKdBTR/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzODlhYjliN2ZkNWZkZmQwNGY1MWFmODg3M2NkZjliMjRk
MDgzODAwHhcNMjMwNzI3MTExMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWZhYWYzNjc5MDdkMTIyMDAxYmExZWE5ODFlNzNkODQyYjE5MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsZVUD2GiybsKHWu25eim4QOBFZD
8o+bVOrUWSZEEkOLn4M59OVB2bQhle9N/mIgNWyHGw0nlbtxVXGzO1XuE6afgX6e
6ZD0P0oWZT2lLTYu8HHSSMMqUvT5mXrEC8HIWX257NWBJ2pDadsyMhX5ljvoDG0x
vtlOfdEHHT4R4IN/AKNzGORQMBdFIn6BDJY+U0zCje50G+RpolMKPOJHcUUOt3Qv
sCx4YE+XYIOiiTY4UoqvP3lJhQVLMIN4V8cg7BAEo7Kw992m2oVbGvEV093XhRtv
94Gk0FnUW/ASj3wSyQAN26S4aDSYqIOgKBKqSnlis5eRPl4mO3UGgpcfawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIX6rzZ5B9EiABuh6pgec9hCsZMpMB8GA1UdIwQY
MBaAFFOJq5t/1f39BPUa+Ic835sk0IOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEt
MzRmNzYxMDM1MzYwLzEvaGZxdk5ua0gwU0lBRzZIcW1CNXoyRUt4a3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEtMzRmNzYxMDM1MzYw
LzEvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCUPx0AwQC
UPx8AwQCVPbAAwQDXbywAwQAwkYkMA0EAgACMAcDBQAqAQLAMA0GCSqGSIb3DQEB
CwUAA4IBAQBLMyfZb8DtQ4QfCCjmRvG6cXUKc3Oqzi+WnDvX4FVN/CHCkbzln4bM
dvy7Xcf00YW7iEhSS8OEEF/eOFJI4rpEks9TcuCkSe/iXmoUBj0hgdWCrZhWICWF
aqbfW8471FqxtXqED9Rd6V9bNOxhHiEVQ57Uz64rdFbD/X/3fCFPuUvC/NkazFNU
5SU/W2O7T12V/0MWJgyW446pa9nv01wFQz+eCFqLQOvkQFpnd4tGY4CM/D+Yu0/0
EhsdnLkGW3Wrz3adjKDcIAof+3jx2QwUnXbzrniQsFvfTe7b0aC3E6BKdOtL/q36
uWTRb3vru5dINwlCh3Qdqeb1s0PtBKdq
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:43 2023 by rpki-client on console.sobornost.net