Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/bphrYntzGxINl6eUpdhUwtHhlUs.roa
File: bphrYntzGxINl6eUpdhUwtHhlUs.roa (raw, json)
Hash identifier: BlhtMT+DPXfTk7H0ug3T0hX3aKrZ1pcX+nj2m0OvmnE=
Subject key identifier: 6E:98:6B:62:7B:73:1B:12:0D:97:A7:94:A5:D8:54:C2:D1:E1:95:4B
Certificate issuer: /CN=90d426209bd8c405cbefee5741b1a52548012bab
Certificate serial: 01919501B5959583C489656CF081B84EA240
Authority key identifier: 90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/bphrYntzGxINl6eUpdhUwtHhlUs.roa
Signing time: Tue 27 Aug 2024 18:03:22 +0000
ROA not before: Tue 27 Aug 2024 18:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60388
IP address blocks: 185.31.108.0/22 maxlen: 32
212.73.96.0/19 maxlen: 32
212.73.99.0/24 maxlen: 24
212.73.102.0/24 maxlen: 24
212.73.103.0/24 maxlen: 24
2a00:b4a0::/32 maxlen: 128
2a01:70c0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:95:01:b5:95:95:83:c4:89:65:6c:f0:81:b8:4e:a2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d426209bd8c405cbefee5741b1a52548012bab
Validity
Not Before: Aug 27 18:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e986b627b731b120d97a794a5d854c2d1e1954b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:9f:1c:94:bb:a9:78:71:1f:0a:6c:9a:e1:
98:66:d7:fb:96:f5:93:40:fd:2b:30:90:38:59:33:
62:1e:4c:6f:b8:48:ff:79:8b:fc:5a:fe:48:39:b9:
20:d3:d2:10:4f:15:26:fb:48:59:34:7c:ce:69:f3:
b7:ec:70:86:9e:37:3b:7b:58:bb:65:1c:e2:b1:d6:
fa:45:04:95:43:2d:b8:ae:13:f2:43:64:b2:9a:a0:
e4:37:22:2f:ed:79:22:3a:8a:47:f7:e2:8b:df:c8:
2e:dc:46:a2:6b:f9:68:81:79:5a:5a:b8:7d:9c:6b:
0e:7d:47:e7:1d:9f:ed:4a:5c:0b:1f:e5:2b:ad:29:
6d:72:38:1e:0e:e7:7b:2b:de:4f:3f:c6:d0:12:6b:
e4:f2:f2:71:6e:26:37:25:c7:f3:2e:fb:42:48:8a:
1e:d2:0b:4c:43:7f:39:0d:0d:de:68:62:f2:ca:1e:
d0:64:48:c0:33:2b:bf:99:86:49:78:2f:39:04:1d:
4c:8b:73:cd:4a:9c:14:de:7c:eb:97:3c:6a:94:f3:
59:6b:81:83:63:04:01:a0:9d:1e:4d:42:71:b3:8d:
97:b0:6a:4c:1c:69:fb:41:7c:1e:5b:bb:0a:a3:f3:
c7:5a:49:8c:a2:94:47:7d:aa:e7:f9:1e:83:aa:9a:
85:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:98:6B:62:7B:73:1B:12:0D:97:A7:94:A5:D8:54:C2:D1:E1:95:4B
X509v3 Authority Key Identifier:
keyid:90:D4:26:20:9B:D8:C4:05:CB:EF:EE:57:41:B1:A5:25:48:01:2B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNQmIJvYxAXL7-5XQbGlJUgBK6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/bphrYntzGxINl6eUpdhUwtHhlUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ec9616-79ad-4a36-aba4-84bd67ed0eef/1/kNQmIJvYxAXL7-5XQbGlJUgBK6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.108.0/22
212.73.96.0/19
IPv6:
2a00:b4a0::/32
2a01:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
86:81:b4:15:9d:1c:a1:ed:3b:c5:76:4f:87:14:a5:33:59:de:
65:dd:77:c5:a5:8b:a8:b3:3f:00:c1:16:a1:40:b8:01:0d:07:
2a:98:91:b8:bd:d9:67:cc:e4:17:4d:86:0e:34:f2:91:c3:bc:
da:d7:07:f3:37:82:d3:e6:a4:90:23:37:a2:b7:eb:3d:96:21:
e7:56:d6:a8:dc:f7:fb:37:3c:af:59:f6:45:79:93:cb:4a:fd:
e7:4f:46:23:06:e6:17:c9:e5:20:26:d3:1f:e7:37:a3:a1:f9:
2f:d0:5d:6b:2a:e8:6a:44:71:c7:bf:50:01:a1:ec:96:ce:8f:
89:2c:4e:30:e7:81:cc:eb:3a:11:e9:7d:96:4b:f9:37:86:2a:
6a:f3:32:5c:df:4f:93:0e:6f:c6:c0:4d:91:c4:57:29:91:7a:
fa:d7:d1:87:6f:96:9c:ef:75:03:4c:8d:16:59:e1:1d:e5:fc:
3f:45:d7:37:4a:c6:ca:c6:ec:eb:a6:68:05:52:07:a0:7c:dd:
72:a7:75:fd:71:0d:ad:77:fc:3d:71:92:ec:47:2d:3b:af:6e:
04:43:b6:59:35:8f:d8:e2:cd:ff:66:60:74:59:d9:fd:5a:b0:
75:bd:8d:2f:51:71:4e:0c:11:1a:4a:83:37:29:b0:5d:15:17:
cc:92:0e:4a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZGVAbWVlYPEiWVs8IG4TqJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQyNjIwOWJkOGM0MDVjYmVmZWU1NzQxYjFhNTI1NDgw
MTJiYWIwHhcNMjQwODI3MTgwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTk4NmI2MjdiNzMxYjEyMGQ5N2E3OTRhNWQ4NTRjMmQxZTE5NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteefHJS7qXhxHwpsmuGYZtf7lvWT
QP0rMJA4WTNiHkxvuEj/eYv8Wv5IObkg09IQTxUm+0hZNHzOafO37HCGnjc7e1i7
ZRzisdb6RQSVQy24rhPyQ2SymqDkNyIv7XkiOopH9+KL38gu3Eaia/logXlaWrh9
nGsOfUfnHZ/tSlwLH+UrrSltcjgeDud7K95PP8bQEmvk8vJxbiY3JcfzLvtCSIoe
0gtMQ385DQ3eaGLyyh7QZEjAMyu/mYZJeC85BB1Mi3PNSpwU3nzrlzxqlPNZa4GD
YwQBoJ0eTUJxs42XsGpMHGn7QXweW7sKo/PHWkmMopRHfarn+R6DqpqFgQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG6Ya2J7cxsSDZenlKXYVMLR4ZVLMB8GA1UdIwQY
MBaAFJDUJiCb2MQFy+/uV0GxpSVIASurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQt
ODRiZDY3ZWQwZWVmLzEvYnBoclludHpHeElObDZlVXBkaFV3dEhobFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lYzk2MTYtNzlhZC00YTM2LWFiYTQtODRiZDY3ZWQwZWVm
LzEva05RbUlKdll4QVhMNy01WFFiR2xKVWdCSzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuR9sAwQF
1ElgMBQEAgACMA4DBQAqALSgAwUAKgFwwDANBgkqhkiG9w0BAQsFAAOCAQEAhoG0
FZ0coe07xXZPhxSlM1neZd13xaWLqLM/AMEWoUC4AQ0HKpiRuL3ZZ8zkF02GDjTy
kcO82tcH8zeC0+akkCM3orfrPZYh51bWqNz3+zc8r1n2RXmTy0r9509GIwbmF8nl
ICbTH+c3o6H5L9BdayroakRxx79QAaHsls6PiSxOMOeBzOs6Eel9lkv5N4YqavMy
XN9Pkw5vxsBNkcRXKZF6+tfRh2+WnO91A0yNFlnhHeX8P0XXN0rGysbs66ZoBVIH
oHzdcqd1/XENrXf8PXGS7EctO69uBEO2WTWP2OLN/2ZgdFnZ/Vqwdb2NL1FxTgwR
GkqDNymwXRUXzJIOSg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:59 2024 by rpki-client on console.sobornost.net