Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/M-SZgEg5heuRbHCIpcTiyygNKYk.roa
File: M-SZgEg5heuRbHCIpcTiyygNKYk.roa (raw, json)
Hash identifier: n7qVgN9+XUv3RTIuv2ez4U9UqPvHoI3ddGDuFsvytMw=
Subject key identifier: 33:E4:99:80:48:39:85:EB:91:6C:70:88:A5:C4:E2:CB:28:0D:29:89
Certificate issuer: /CN=5d6c15ca903d7d25453eaeb5f724a04e3aa65908
Certificate serial: 018CC42543942CDEEDBC65E9A5303BD69706
Authority key identifier: 5D:6C:15:CA:90:3D:7D:25:45:3E:AE:B5:F7:24:A0:4E:3A:A6:59:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWwVypA9fSVFPq619ySgTjqmWQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/M-SZgEg5heuRbHCIpcTiyygNKYk.roa
Signing time: Mon 01 Jan 2024 08:30:25 +0000
ROA not before: Mon 01 Jan 2024 08:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60728
IP address blocks: 185.22.53.0/24 maxlen: 24
185.22.52.0/22 maxlen: 22
185.22.52.0/24 maxlen: 24
185.22.55.0/24 maxlen: 24
185.22.54.0/24 maxlen: 24
2a04:1d40::/32 maxlen: 32
2a04:1d43::/32 maxlen: 32
2a04:1d45::/32 maxlen: 32
2a04:1d40::/29 maxlen: 29
2a04:1d42::/32 maxlen: 32
2a04:1d46::/32 maxlen: 32
2a04:1d47::/32 maxlen: 32
2a04:1d41::/32 maxlen: 32
2a04:1d44::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:43:94:2c:de:ed:bc:65:e9:a5:30:3b:d6:97:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6c15ca903d7d25453eaeb5f724a04e3aa65908
Validity
Not Before: Jan 1 08:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33e49980483985eb916c7088a5c4e2cb280d2989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3b:5b:f5:be:a5:a6:ab:42:f4:31:ca:e6:f3:
fc:99:f4:d4:98:c4:67:b7:f7:d5:a5:71:00:1f:d9:
5d:b0:6b:3b:5c:69:28:0d:53:69:c1:a6:54:ba:9a:
2f:13:02:57:f8:a9:b3:bd:1e:c6:30:63:44:ee:ab:
0e:1e:ae:2a:e3:d1:6d:a8:ea:1d:97:a4:82:97:d6:
a5:6c:39:17:35:ae:b6:01:93:ce:60:39:01:84:6c:
fb:b8:b2:37:d0:4b:0b:75:c5:e2:fb:1d:3b:93:5d:
0b:ba:00:21:6e:ee:81:97:40:5b:89:fb:04:70:d3:
c1:e6:46:ac:48:1b:d3:03:59:02:b7:75:24:6a:a0:
86:98:b1:cd:3c:9c:db:88:39:b3:3d:04:05:86:b1:
c8:58:a6:47:83:81:50:87:00:ab:cf:2c:17:45:09:
e8:56:1e:87:99:f3:64:e6:47:1c:91:f6:e3:91:cb:
53:95:71:6a:a4:75:79:94:3e:c3:86:8e:6d:10:6f:
ba:c4:f9:a4:ae:19:aa:ec:80:0e:75:35:70:45:92:
9a:bc:11:d6:1a:87:f8:2b:77:04:a2:af:43:2b:24:
d7:db:93:c0:81:e9:43:53:74:02:dd:6c:af:65:9b:
1d:8a:d9:09:e5:f6:02:d6:d2:bc:be:52:b6:69:b4:
a3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E4:99:80:48:39:85:EB:91:6C:70:88:A5:C4:E2:CB:28:0D:29:89
X509v3 Authority Key Identifier:
keyid:5D:6C:15:CA:90:3D:7D:25:45:3E:AE:B5:F7:24:A0:4E:3A:A6:59:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWwVypA9fSVFPq619ySgTjqmWQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/M-SZgEg5heuRbHCIpcTiyygNKYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2864c8-c042-428f-a02d-3b34c23b9c5a/1/XWwVypA9fSVFPq619ySgTjqmWQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.52.0/22
IPv6:
2a04:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
2c:90:93:a7:ef:db:cf:74:71:dd:c6:61:60:f6:44:0e:41:bd:
d0:10:ce:0d:fb:81:60:e7:bd:dc:aa:ac:e0:7d:b5:d6:99:36:
60:a8:8d:00:d1:f6:ca:38:81:d0:78:4d:d2:61:5c:21:4a:16:
68:1d:e5:d6:dc:4e:33:f2:4e:c3:98:1c:8d:7b:ac:c3:25:f3:
08:ee:51:84:65:08:4b:88:db:e4:5d:e3:d8:e8:e9:aa:70:7a:
62:17:02:b5:df:87:73:a8:a9:fc:ca:76:8f:17:dd:36:aa:35:
66:7b:2a:fe:c7:c9:37:f1:b7:d0:10:58:68:b1:34:81:53:e6:
02:0f:5f:59:98:93:3e:c0:98:8f:3f:70:e7:4a:dd:de:41:12:
a1:da:9b:23:38:00:07:6e:9a:1a:dc:eb:ac:98:50:77:f6:c1:
06:06:33:c5:ff:df:f1:4d:97:c5:39:ad:6c:6c:bb:fe:17:f7:
4a:1a:a8:0b:b4:43:cb:39:bb:7f:9c:c6:3f:fa:24:04:b1:d9:
98:3f:34:d9:a7:6b:41:de:bc:af:2d:1b:6d:ea:89:84:a0:fc:
f6:fa:e7:50:8e:72:af:f6:38:ea:04:38:a8:38:e9:50:07:cc:
d7:ba:28:af:67:4a:95:55:7b:7b:bb:6d:3b:49:02:97:b4:f8:
da:09:e8:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJUOULN7tvGXppTA71pcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNmMxNWNhOTAzZDdkMjU0NTNlYWViNWY3MjRhMDRlM2Fh
NjU5MDgwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2U0OTk4MDQ4Mzk4NWViOTE2YzcwODhhNWM0ZTJjYjI4MGQyOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTtb9b6lpqtC9DHK5vP8mfTUmMRn
t/fVpXEAH9ldsGs7XGkoDVNpwaZUupovEwJX+KmzvR7GMGNE7qsOHq4q49FtqOod
l6SCl9albDkXNa62AZPOYDkBhGz7uLI30EsLdcXi+x07k10LugAhbu6Bl0BbifsE
cNPB5kasSBvTA1kCt3UkaqCGmLHNPJzbiDmzPQQFhrHIWKZHg4FQhwCrzywXRQno
Vh6HmfNk5kcckfbjkctTlXFqpHV5lD7Dho5tEG+6xPmkrhmq7IAOdTVwRZKavBHW
Gof4K3cEoq9DKyTX25PAgelDU3QC3WyvZZsditkJ5fYC1tK8vlK2abSj5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDPkmYBIOYXrkWxwiKXE4ssoDSmJMB8GA1UdIwQY
MBaAFF1sFcqQPX0lRT6utfckoE46plkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFd3VnlwQTlmU1ZGUHE2MTl5U2dUanFtV1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yODY0YzgtYzA0Mi00MjhmLWEwMmQt
M2IzNGMyM2I5YzVhLzEvTS1TWmdFZzVoZXVSYkhDSXBjVGl5eWdOS1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yODY0YzgtYzA0Mi00MjhmLWEwMmQtM2IzNGMyM2I5YzVh
LzEvWFd3VnlwQTlmU1ZGUHE2MTl5U2dUanFtV1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRY0MA0E
AgACMAcDBQMqBB1AMA0GCSqGSIb3DQEBCwUAA4IBAQAskJOn79vPdHHdxmFg9kQO
Qb3QEM4N+4Fg573cqqzgfbXWmTZgqI0A0fbKOIHQeE3SYVwhShZoHeXW3E4z8k7D
mByNe6zDJfMI7lGEZQhLiNvkXePY6OmqcHpiFwK134dzqKn8ynaPF902qjVmeyr+
x8k38bfQEFhosTSBU+YCD19ZmJM+wJiPP3DnSt3eQRKh2psjOAAHbpoa3OusmFB3
9sEGBjPF/9/xTZfFOa1sbLv+F/dKGqgLtEPLObt/nMY/+iQEsdmYPzTZp2tB3ryv
LRtt6omEoPz2+udQjnKv9jjqBDioOOlQB8zXuiivZ0qVVXt7u207SQKXtPjaCegK
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:59 2024 by rpki-client on console.sobornost.net