Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/pO2fGUFp2rXApeusrgw6vMb4tXY.roa
File: pO2fGUFp2rXApeusrgw6vMb4tXY.roa (raw, json)
Hash identifier: Pkin568RUSpDzgV7FXdlg7t+RhSbfXpBFLC7LpXjWl8=
Subject key identifier: A4:ED:9F:19:41:69:DA:B5:C0:A5:EB:AC:AE:0C:3A:BC:C6:F8:B5:76
Certificate issuer: /CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Certificate serial: 0187CE77A90DEF819108F9A0FEA3C7F84DE7
Authority key identifier: 53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/pO2fGUFp2rXApeusrgw6vMb4tXY.roa
Signing time: Sat 29 Apr 2023 19:22:41 +0000
ROA not before: Sat 29 Apr 2023 19:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8282
IP address blocks: 80.252.112.0/22 maxlen: 24
80.252.116.0/22 maxlen: 24
194.70.36.0/24 maxlen: 24
80.252.124.0/22 maxlen: 24
84.246.192.0/21 maxlen: 24
93.188.176.0/21 maxlen: 24
2a01:2c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ce:77:a9:0d:ef:81:91:08:f9:a0:fe:a3:c7:f8:4d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5389ab9b7fd5fdfd04f51af8873cdf9b24d08380
Validity
Not Before: Apr 29 19:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ed9f194169dab5c0a5ebacae0c3abcc6f8b576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fa:8e:f6:f2:66:7f:4b:8f:87:50:a4:f5:db:
ca:25:38:01:67:5a:11:eb:b5:42:f8:6b:d2:5a:0f:
99:60:2b:24:7d:87:61:97:68:ec:c2:2c:c0:0c:28:
62:82:ff:24:2e:13:45:81:7f:5b:2b:92:c7:8f:cc:
61:56:62:2d:99:77:54:0a:1c:eb:5c:78:90:3d:7e:
e4:36:be:d5:8a:3f:35:e8:e5:4f:41:9a:2d:2e:8a:
f5:e5:89:57:7f:be:4b:d6:d6:67:e1:c8:79:bd:79:
86:0c:d3:f1:ce:87:e8:71:26:af:84:2b:af:12:82:
33:99:93:59:0f:9e:6c:0b:a5:43:68:55:c0:f5:49:
f2:bf:74:83:69:57:16:8c:54:c9:92:c1:ab:c4:e2:
0c:30:2a:69:4c:92:5d:f2:db:8f:88:3e:8c:d1:36:
66:21:fd:fc:c6:d4:0e:4c:55:a7:dd:08:ea:26:31:
0c:1b:af:d6:39:cb:02:f7:df:ea:a5:dd:08:d2:60:
9f:81:49:ff:2e:60:73:3f:13:11:26:8a:b0:1b:62:
1e:21:8b:30:93:dd:78:58:21:f7:39:ac:07:bd:d1:
50:d1:cf:22:ca:af:77:74:24:e5:35:a2:1c:fc:9a:
c1:ac:d8:68:7f:be:48:04:bc:5a:4c:5c:b6:2b:c5:
3d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:ED:9F:19:41:69:DA:B5:C0:A5:EB:AC:AE:0C:3A:BC:C6:F8:B5:76
X509v3 Authority Key Identifier:
keyid:53:89:AB:9B:7F:D5:FD:FD:04:F5:1A:F8:87:3C:DF:9B:24:D0:83:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/pO2fGUFp2rXApeusrgw6vMb4tXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2d84f5-1e6f-4d52-85fa-34f761035360/1/U4mrm3_V_f0E9Rr4hzzfmyTQg4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.112.0/21
80.252.124.0/22
84.246.192.0/21
93.188.176.0/21
194.70.36.0/24
IPv6:
2a01:2c0::/32
Signature Algorithm: sha256WithRSAEncryption
03:40:1d:4e:4b:aa:c6:83:1e:c4:6b:3a:7b:03:6f:5b:7c:68:
3f:da:25:08:76:58:d3:d7:e5:a0:a8:61:97:89:eb:42:f3:49:
54:67:7e:95:5f:9a:27:d0:23:2d:cf:2c:47:96:8f:4c:0d:be:
54:44:ef:04:88:d4:3c:0b:fd:00:35:66:73:a2:28:a4:b3:a7:
3a:9c:34:3c:02:e3:45:8b:a0:1b:bf:55:47:9b:99:e6:8b:3e:
55:44:38:08:7d:56:66:e7:ef:38:8c:7f:fc:f2:46:b5:28:fa:
40:4c:b2:4f:e6:bb:ae:3b:30:3b:fe:57:57:cb:7f:76:16:03:
93:3e:ef:e5:53:8b:eb:76:82:ea:5a:45:3d:76:8c:cd:90:3f:
80:28:5a:9d:ba:85:f5:7b:58:2b:f2:d3:02:95:2c:e9:60:1f:
89:c3:93:38:66:26:8a:bb:1a:be:c4:7b:95:63:8c:f6:bc:54:
af:0e:bf:20:18:8e:ea:6f:be:bb:69:31:15:71:2a:1b:ac:61:
2e:89:ef:52:c9:8d:23:ef:4e:29:34:cd:e9:42:f1:38:e0:98:
96:dd:42:b0:a5:5f:26:7d:6a:2b:4b:b8:ec:3a:00:a4:a3:7e:
64:1d:f9:24:11:f0:8a:71:55:88:5c:4a:a9:60:f8:fa:75:97:
ce:f4:4f:72
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYfOd6kN74GRCPmg/qPH+E3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzODlhYjliN2ZkNWZkZmQwNGY1MWFmODg3M2NkZjliMjRk
MDgzODAwHhcNMjMwNDI5MTkyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGVkOWYxOTQxNjlkYWI1YzBhNWViYWNhZTBjM2FiY2M2ZjhiNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivqO9vJmf0uPh1Ck9dvKJTgBZ1oR
67VC+GvSWg+ZYCskfYdhl2jswizADChigv8kLhNFgX9bK5LHj8xhVmItmXdUChzr
XHiQPX7kNr7Vij816OVPQZotLor15YlXf75L1tZn4ch5vXmGDNPxzofocSavhCuv
EoIzmZNZD55sC6VDaFXA9Unyv3SDaVcWjFTJksGrxOIMMCppTJJd8tuPiD6M0TZm
If38xtQOTFWn3QjqJjEMG6/WOcsC99/qpd0I0mCfgUn/LmBzPxMRJoqwG2IeIYsw
k914WCH3OawHvdFQ0c8iyq93dCTlNaIc/JrBrNhof75IBLxaTFy2K8U9sQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKTtnxlBadq1wKXrrK4MOrzG+LV2MB8GA1UdIwQY
MBaAFFOJq5t/1f39BPUa+Ic835sk0IOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEt
MzRmNzYxMDM1MzYwLzEvcE8yZkdVRnAyclhBcGV1c3JndzZ2TWI0dFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yZDg0ZjUtMWU2Zi00ZDUyLTg1ZmEtMzRmNzYxMDM1MzYw
LzEvVTRtcm0zX1ZfZjBFOVJyNGh6emZteVRRZzRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDUPxwAwQC
UPx8AwQDVPbAAwQDXbywAwQAwkYkMA0EAgACMAcDBQAqAQLAMA0GCSqGSIb3DQEB
CwUAA4IBAQADQB1OS6rGgx7Eazp7A29bfGg/2iUIdljT1+WgqGGXietC80lUZ36V
X5on0CMtzyxHlo9MDb5URO8EiNQ8C/0ANWZzoiiks6c6nDQ8AuNFi6Abv1VHm5nm
iz5VRDgIfVZm5+84jH/88ka1KPpATLJP5ruuOzA7/ldXy392FgOTPu/lU4vrdoLq
WkU9dozNkD+AKFqduoX1e1gr8tMClSzpYB+Jw5M4ZiaKuxq+xHuVY4z2vFSvDr8g
GI7qb767aTEVcSobrGEuie9SyY0j704pNM3pQvE44JiW3UKwpV8mfWorS7jsOgCk
o35kHfkkEfCKcVWIXEqpYPj6dZfO9E9y
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:43 2023 by rpki-client on console.sobornost.net