Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/95c3d1-d7fa-49eb-8db6-e2608343a6c4/1/4mqsuzSKDuRj5JuwNSkKTLJ9lgs.roa
File: 4mqsuzSKDuRj5JuwNSkKTLJ9lgs.roa (raw, json)
Hash identifier: Vjgy3Od4rf8Hw4AjW1X6Wa3oRctVzU5rGNuwR6OS7yY=
Subject key identifier: E2:6A:AC:BB:34:8A:0E:E4:63:E4:9B:B0:35:29:0A:4C:B2:7D:96:0B
Certificate issuer: /CN=5a9184ec4204901e6de244360d0ad417403622cb
Certificate serial: 01856F1DA3573518072B9C5B28691C7BB0EE
Authority key identifier: 5A:91:84:EC:42:04:90:1E:6D:E2:44:36:0D:0A:D4:17:40:36:22:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpGE7EIEkB5t4kQ2DQrUF0A2Iss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/95c3d1-d7fa-49eb-8db6-e2608343a6c4/1/4mqsuzSKDuRj5JuwNSkKTLJ9lgs.roa
Signing time: Sun 01 Jan 2023 20:54:51 +0000
ROA not before: Sun 01 Jan 2023 20:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206894
IP address blocks: 185.215.96.0/22 maxlen: 22
2a0b:a840::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a3:57:35:18:07:2b:9c:5b:28:69:1c:7b:b0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a9184ec4204901e6de244360d0ad417403622cb
Validity
Not Before: Jan 1 20:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e26aacbb348a0ee463e49bb035290a4cb27d960b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b2:0b:12:e7:cc:ac:4b:aa:17:22:6a:a2:dd:
19:42:f2:f4:43:72:6c:4e:93:19:dc:c3:6e:c3:c5:
51:a7:1a:4b:29:c7:74:dd:dd:85:5e:a7:8c:39:c8:
60:81:72:91:a7:88:cf:d5:ec:15:59:10:31:95:ef:
f3:0e:50:a4:b7:9f:e0:e4:40:0c:be:72:03:2e:f2:
85:d7:6b:c4:bc:92:08:e0:2c:b0:e9:4f:2f:56:f8:
0c:10:b3:42:99:90:c9:1f:c2:62:91:d9:49:b4:ff:
0a:88:0e:8a:0d:b3:c5:00:78:99:8d:94:88:c5:6e:
7d:20:a5:7c:b5:87:2e:22:a9:36:1f:4a:d1:7c:d5:
65:35:40:6e:52:ae:06:43:37:7f:8d:87:e1:fd:1a:
c4:6a:36:bc:b2:e8:9e:8c:a5:be:c2:03:18:ec:55:
e1:b9:9b:d4:b0:8d:8c:e5:3f:2b:f3:7f:6a:e1:59:
9a:9f:c2:d5:e1:09:55:fe:d7:a9:8f:e4:24:09:c2:
44:22:8b:ad:dc:fe:1b:9e:eb:71:27:2c:18:0c:5f:
88:7c:a1:a4:8e:39:1b:5a:7a:70:5d:7d:47:bc:21:
81:10:ec:23:44:4a:c8:03:11:c0:d0:08:6d:18:e5:
7d:4e:f4:2d:b1:1c:d8:35:09:00:9e:f2:88:5a:c7:
1b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6A:AC:BB:34:8A:0E:E4:63:E4:9B:B0:35:29:0A:4C:B2:7D:96:0B
X509v3 Authority Key Identifier:
keyid:5A:91:84:EC:42:04:90:1E:6D:E2:44:36:0D:0A:D4:17:40:36:22:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpGE7EIEkB5t4kQ2DQrUF0A2Iss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/95c3d1-d7fa-49eb-8db6-e2608343a6c4/1/4mqsuzSKDuRj5JuwNSkKTLJ9lgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/95c3d1-d7fa-49eb-8db6-e2608343a6c4/1/WpGE7EIEkB5t4kQ2DQrUF0A2Iss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.96.0/22
IPv6:
2a0b:a840::/32
Signature Algorithm: sha256WithRSAEncryption
29:7a:b7:43:86:81:ad:19:c6:30:8c:22:ba:72:ed:d3:c7:09:
7c:48:d5:8e:7b:d5:ba:00:79:ec:a1:5e:58:0c:8c:b5:ca:e1:
30:18:ea:6a:da:33:92:06:4f:61:6b:d2:5c:e0:ed:2a:71:42:
e5:a9:4e:55:8c:a4:6a:7c:a7:c0:68:ee:66:22:fa:c8:62:fd:
9c:ad:fb:95:1f:ac:3f:1b:21:90:e6:91:5b:7d:a4:c4:47:1b:
94:5c:4b:7c:f0:f0:54:bc:c1:81:f0:c6:03:cb:9f:79:ba:49:
e7:f1:7b:2c:eb:52:36:a7:ba:3f:39:14:c6:94:7d:f9:01:60:
ad:a3:87:bc:07:7f:14:25:ed:a1:84:26:e5:e1:dd:2f:d4:4b:
b4:e9:a9:dc:6f:53:e3:76:de:7c:f7:dd:61:52:16:03:16:cb:
bc:bb:a0:cc:0a:cf:f7:f4:0e:81:ba:5c:b3:9c:c4:ab:92:22:
8c:b6:fe:f3:eb:15:85:65:d6:db:fc:0f:b0:ae:90:29:ac:eb:
5c:a8:26:7a:c4:fe:49:a5:74:ce:a8:e2:8c:1a:66:3c:ef:7c:
37:52:4e:de:88:f8:62:1f:be:c7:ce:75:75:36:b6:eb:a4:87:
0b:c7:ba:ab:80:08:18:1d:d6:57:b6:05:19:f9:fb:0c:45:80:
c3:2d:e9:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHaNXNRgHK5xbKGkce7DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTE4NGVjNDIwNDkwMWU2ZGUyNDQzNjBkMGFkNDE3NDAz
NjIyY2IwHhcNMjMwMTAxMjA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjZhYWNiYjM0OGEwZWU0NjNlNDliYjAzNTI5MGE0Y2IyN2Q5NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLILEufMrEuqFyJqot0ZQvL0Q3Js
TpMZ3MNuw8VRpxpLKcd03d2FXqeMOchggXKRp4jP1ewVWRAxle/zDlCkt5/g5EAM
vnIDLvKF12vEvJII4Cyw6U8vVvgMELNCmZDJH8JikdlJtP8KiA6KDbPFAHiZjZSI
xW59IKV8tYcuIqk2H0rRfNVlNUBuUq4GQzd/jYfh/RrEaja8suiejKW+wgMY7FXh
uZvUsI2M5T8r839q4Vman8LV4QlV/tepj+QkCcJEIout3P4bnutxJywYDF+IfKGk
jjkbWnpwXX1HvCGBEOwjRErIAxHA0AhtGOV9TvQtsRzYNQkAnvKIWscbXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOJqrLs0ig7kY+SbsDUpCkyyfZYLMB8GA1UdIwQY
MBaAFFqRhOxCBJAebeJENg0K1BdANiLLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BHRTdFSUVrQjV0NGtRMkRRclVGMEEySXNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NWMzZDEtZDdmYS00OWViLThkYjYt
ZTI2MDgzNDNhNmM0LzEvNG1xc3V6U0tEdVJqNUp1d05Ta0tUTEo5bGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NWMzZDEtZDdmYS00OWViLThkYjYtZTI2MDgzNDNhNmM0
LzEvV3BHRTdFSUVrQjV0NGtRMkRRclVGMEEySXNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuddgMA0E
AgACMAcDBQAqC6hAMA0GCSqGSIb3DQEBCwUAA4IBAQAperdDhoGtGcYwjCK6cu3T
xwl8SNWOe9W6AHnsoV5YDIy1yuEwGOpq2jOSBk9ha9Jc4O0qcULlqU5VjKRqfKfA
aO5mIvrIYv2crfuVH6w/GyGQ5pFbfaTERxuUXEt88PBUvMGB8MYDy595uknn8Xss
61I2p7o/ORTGlH35AWCto4e8B38UJe2hhCbl4d0v1Eu06ancb1Pjdt58991hUhYD
Fsu8u6DMCs/39A6BulyznMSrkiKMtv7z6xWFZdbb/A+wrpAprOtcqCZ6xP5JpXTO
qOKMGmY873w3Uk7eiPhiH77HznV1NrbrpIcLx7qrgAgYHdZXtgUZ+fsMRYDDLems
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:27 2023 by rpki-client on console.sobornost.net