Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/cDPbOTRqHiwcLaqrdbZt6IQV0hg.roa
File: cDPbOTRqHiwcLaqrdbZt6IQV0hg.roa (raw, json)
Hash identifier: o+Ciahdc3RIBbI+iGugF4uPa9wLUqxSA80ytGUeYiQg=
Subject key identifier: 70:33:DB:39:34:6A:1E:2C:1C:2D:AA:AB:75:B6:6D:E8:84:15:D2:18
Certificate issuer: /CN=8c2289ae0b10629350da0a50e87b389109f16c2e
Certificate serial: 01932A9B2258ED78E51577B03EADDFA9217D
Authority key identifier: 8C:22:89:AE:0B:10:62:93:50:DA:0A:50:E8:7B:38:91:09:F1:6C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jCKJrgsQYpNQ2gpQ6Hs4kQnxbC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/cDPbOTRqHiwcLaqrdbZt6IQV0hg.roa
Signing time: Thu 14 Nov 2024 12:17:09 +0000
ROA not before: Thu 14 Nov 2024 12:17:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25189
IP address blocks: 213.251.208.0/20 maxlen: 24
213.251.215.0/24 maxlen: 24
213.251.240.0/20 maxlen: 24
213.251.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:9b:22:58:ed:78:e5:15:77:b0:3e:ad:df:a9:21:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c2289ae0b10629350da0a50e87b389109f16c2e
Validity
Not Before: Nov 14 12:17:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7033db39346a1e2c1c2daaab75b66de88415d218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f7:6f:d2:6c:13:6b:5c:92:61:b5:8c:8e:c6:
92:40:62:b3:25:2b:31:c1:45:bf:64:e0:2d:e1:92:
47:7e:f5:25:d7:34:1b:ee:fd:41:83:20:cc:1f:f8:
10:ea:33:91:4a:e3:de:8a:40:79:4b:97:7c:6a:0f:
f9:44:d3:5a:6a:46:89:73:73:55:03:cf:be:a3:17:
06:e1:d2:8b:99:b9:ec:e3:fc:0a:ef:0b:13:9e:09:
3f:02:cc:6b:50:00:77:b0:28:b5:80:ca:9b:34:e7:
eb:90:d2:9d:94:90:3a:84:52:39:53:af:67:75:82:
2d:21:87:35:36:93:be:a3:de:6b:15:b8:50:18:12:
be:ab:17:1a:49:18:1c:9d:3a:07:95:38:ab:c9:b2:
0e:16:46:00:ac:6e:16:06:66:4f:1b:ed:fa:a2:6a:
93:f9:a3:3a:ff:59:b6:8d:0b:0c:35:d1:8a:eb:2a:
31:8c:df:17:2c:11:0f:32:32:d8:e7:d1:37:9a:71:
a4:d9:35:fa:72:b9:48:02:dd:32:0c:c6:c5:b4:fe:
76:79:b7:c3:f9:4c:36:f4:20:58:85:09:99:e6:aa:
91:d6:6b:1f:07:7e:2a:8b:c3:c6:63:e7:b9:51:1b:
c8:cb:13:26:5e:e7:df:1b:4b:fe:ce:17:80:cf:8c:
eb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:33:DB:39:34:6A:1E:2C:1C:2D:AA:AB:75:B6:6D:E8:84:15:D2:18
X509v3 Authority Key Identifier:
keyid:8C:22:89:AE:0B:10:62:93:50:DA:0A:50:E8:7B:38:91:09:F1:6C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jCKJrgsQYpNQ2gpQ6Hs4kQnxbC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/cDPbOTRqHiwcLaqrdbZt6IQV0hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/343379-f8e1-4be6-be01-f83946c2c82e/1/jCKJrgsQYpNQ2gpQ6Hs4kQnxbC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.251.208.0/20
213.251.240.0/20
Signature Algorithm: sha256WithRSAEncryption
57:69:b7:20:39:7d:85:37:ca:39:68:1e:c1:76:bb:99:1a:93:
dd:8f:69:89:9d:0a:54:47:b7:09:90:85:48:b9:1f:31:a2:b1:
bb:14:59:db:bd:1e:ef:ef:96:7c:e2:15:a6:56:df:a9:2a:b9:
27:6e:82:95:41:e2:99:51:d2:51:d1:cd:df:18:32:2e:79:55:
cb:37:52:31:d3:31:4d:50:b1:e0:d2:ec:94:34:7e:c9:9c:f5:
24:3c:65:71:b4:59:7a:ea:20:5a:01:dc:34:02:c5:55:36:20:
39:b2:96:39:5b:c6:7d:78:26:9c:52:99:f9:20:c0:f9:11:60:
e8:45:9b:5d:b5:64:55:c7:d1:77:84:2f:2d:8c:f8:6f:38:54:
18:d9:7f:71:80:67:50:d9:24:f4:e2:2c:d2:79:c7:6d:cf:ff:
f2:90:a1:69:23:8e:e4:27:3c:eb:90:d4:49:76:52:31:f1:f3:
fd:3e:c7:8e:ef:bb:1d:25:15:1d:4e:a7:72:16:d9:b1:fd:70:
ae:36:46:6b:07:d2:73:69:01:fb:5b:87:8d:80:8a:87:89:b3:
5e:7d:86:9f:a2:a7:a0:b1:3a:c2:00:e6:b8:11:e8:3e:17:66:
5c:49:0c:6a:9b:d1:32:c5:72:88:f1:0a:48:f5:7c:66:3f:49:
a3:49:7c:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMqmyJY7XjlFXewPq3fqSF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMjI4OWFlMGIxMDYyOTM1MGRhMGE1MGU4N2IzODkxMDlm
MTZjMmUwHhcNMjQxMTE0MTIxNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDMzZGIzOTM0NmExZTJjMWMyZGFhYWI3NWI2NmRlODg0MTVkMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vdv0mwTa1ySYbWMjsaSQGKzJSsx
wUW/ZOAt4ZJHfvUl1zQb7v1BgyDMH/gQ6jORSuPeikB5S5d8ag/5RNNaakaJc3NV
A8++oxcG4dKLmbns4/wK7wsTngk/AsxrUAB3sCi1gMqbNOfrkNKdlJA6hFI5U69n
dYItIYc1NpO+o95rFbhQGBK+qxcaSRgcnToHlTirybIOFkYArG4WBmZPG+36omqT
+aM6/1m2jQsMNdGK6yoxjN8XLBEPMjLY59E3mnGk2TX6crlIAt0yDMbFtP52ebfD
+Uw29CBYhQmZ5qqR1msfB34qi8PGY+e5URvIyxMmXuffG0v+zheAz4zrsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHAz2zk0ah4sHC2qq3W2beiEFdIYMB8GA1UdIwQY
MBaAFIwiia4LEGKTUNoKUOh7OJEJ8WwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakNLSnJnc1FZcE5RMmdwUTZIczRrUW54YkM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zNDMzNzktZjhlMS00YmU2LWJlMDEt
ZjgzOTQ2YzJjODJlLzEvY0RQYk9UUnFIaXdjTGFxcmRiWnQ2SVFWMGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zNDMzNzktZjhlMS00YmU2LWJlMDEtZjgzOTQ2YzJjODJl
LzEvakNLSnJnc1FZcE5RMmdwUTZIczRrUW54YkM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE1fvQAwQE
1fvwMA0GCSqGSIb3DQEBCwUAA4IBAQBXabcgOX2FN8o5aB7BdruZGpPdj2mJnQpU
R7cJkIVIuR8xorG7FFnbvR7v75Z84hWmVt+pKrknboKVQeKZUdJR0c3fGDIueVXL
N1Ix0zFNULHg0uyUNH7JnPUkPGVxtFl66iBaAdw0AsVVNiA5spY5W8Z9eCacUpn5
IMD5EWDoRZtdtWRVx9F3hC8tjPhvOFQY2X9xgGdQ2ST04izSecdtz//ykKFpI47k
JzzrkNRJdlIx8fP9PseO77sdJRUdTqdyFtmx/XCuNkZrB9JzaQH7W4eNgIqHibNe
fYafoqegsTrCAOa4Eeg+F2ZcSQxqm9EyxXKI8QpI9XxmP0mjSXzS
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:13:22 2024 by rpki-client on console.sobornost.net