Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/IubN91fGE_c8bPj9dsen4HzonDc.roa
File: IubN91fGE_c8bPj9dsen4HzonDc.roa (raw, json)
Hash identifier: DRtf8iUo9ulR2FQs1NPO0Gc7IrhygxT75AiFTfW1QQ0=
Subject key identifier: 22:E6:CD:F7:57:C6:13:F7:3C:6C:F8:FD:76:C7:A7:E0:7C:E8:9C:37
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 0191126834E554ABD6DE660537CA4FEA887E
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/IubN91fGE_c8bPj9dsen4HzonDc.roa
Signing time: Fri 02 Aug 2024 09:25:04 +0000
ROA not before: Fri 02 Aug 2024 09:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207922
IP address blocks: 185.83.126.0/23 maxlen: 23
195.26.8.0/24 maxlen: 24
195.28.6.0/23 maxlen: 23
2a05:9b40::/29 maxlen: 29
2a0f:4a40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:68:34:e5:54:ab:d6:de:66:05:37:ca:4f:ea:88:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Aug 2 09:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22e6cdf757c613f73c6cf8fd76c7a7e07ce89c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d7:85:6e:77:54:5d:52:08:aa:c4:50:e1:93:
38:73:44:62:f8:07:6c:02:74:10:7f:52:39:d7:15:
8d:13:2a:b0:86:58:08:58:ce:5e:c4:1e:c0:43:ff:
9e:45:77:7a:9e:a6:b0:6f:96:af:a3:97:22:74:c2:
75:ac:20:8b:ae:25:03:84:8a:d1:ad:cd:57:30:9f:
48:28:4e:82:dc:4f:54:57:eb:91:4f:69:28:4e:cd:
19:16:7d:c5:54:b7:7a:57:75:e3:05:49:20:48:78:
3e:bd:df:41:bb:0b:7c:c9:28:d6:3f:ec:e7:5d:44:
8d:59:82:60:6d:36:4f:09:96:e1:05:48:04:8f:13:
29:10:22:a6:75:54:3d:30:50:84:f6:62:ae:3b:9c:
9c:ab:ad:a4:69:4a:e1:e5:7c:82:eb:b7:0f:d4:6e:
a2:30:bb:a0:db:85:8a:6d:9e:e2:5b:39:0e:9a:c2:
61:65:7a:ff:fa:b7:97:70:12:5e:8d:05:43:96:81:
f4:26:e6:1f:28:b9:d7:f7:03:c2:73:09:0a:dd:63:
d5:15:78:d5:7d:b3:3f:e3:99:6e:10:fe:6d:a4:1a:
e2:7d:58:f9:9f:05:77:b1:e8:23:66:e0:4e:b2:d4:
81:e1:31:70:55:20:91:95:e1:12:82:dd:d0:86:d7:
79:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E6:CD:F7:57:C6:13:F7:3C:6C:F8:FD:76:C7:A7:E0:7C:E8:9C:37
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/IubN91fGE_c8bPj9dsen4HzonDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.126.0/23
195.26.8.0/24
195.28.6.0/23
IPv6:
2a05:9b40::/29
2a0f:4a40::/29
Signature Algorithm: sha256WithRSAEncryption
94:8c:f3:8f:b8:20:8d:c1:19:69:9d:cd:da:e7:8f:55:84:e6:
69:58:7b:68:af:bd:69:d1:41:93:a1:78:dc:2b:9f:8e:ef:15:
67:be:35:a3:ff:2e:f7:04:71:7a:48:42:e8:55:b9:58:6c:a4:
34:6a:b5:47:2f:40:20:a0:2c:a6:8b:62:3e:8d:96:02:a3:68:
51:94:a6:4d:87:90:1a:75:4e:35:81:b4:10:91:f3:f5:3a:e6:
a2:d3:f5:e0:3b:95:d9:6f:3a:18:d5:d8:33:af:8e:e8:87:18:
c4:80:14:10:b6:a5:01:27:5e:cd:af:3e:bd:84:91:43:98:ea:
23:db:0a:dc:46:5f:2e:c9:ec:d3:1f:ec:93:f0:a3:89:a4:0c:
2b:af:6f:e4:c6:5e:bd:a1:e0:6d:72:32:35:bf:7d:e0:43:92:
fd:fa:55:38:e4:5b:a7:60:ef:d7:51:5a:d6:73:c7:62:aa:fa:
a8:02:f0:ba:86:5e:df:e6:b9:35:6b:4e:93:e1:eb:6f:e7:2a:
bb:35:e8:ab:b5:f8:10:5b:bf:06:60:97:74:dd:05:58:57:7b:
b3:17:4d:07:8f:4b:04:ae:7b:a7:08:0e:bd:2b:79:da:4b:16:
9c:64:67:7a:f1:10:06:e7:41:09:98:90:1d:88:65:da:41:36:
51:bc:a6:2a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZESaDTlVKvW3mYFN8pP6oh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjQwODAyMDkyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU2Y2RmNzU3YzYxM2Y3M2M2Y2Y4ZmQ3NmM3YTdlMDdjZTg5YzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NeFbndUXVIIqsRQ4ZM4c0Ri+Ads
AnQQf1I51xWNEyqwhlgIWM5exB7AQ/+eRXd6nqawb5avo5cidMJ1rCCLriUDhIrR
rc1XMJ9IKE6C3E9UV+uRT2koTs0ZFn3FVLd6V3XjBUkgSHg+vd9Buwt8ySjWP+zn
XUSNWYJgbTZPCZbhBUgEjxMpECKmdVQ9MFCE9mKuO5ycq62kaUrh5XyC67cP1G6i
MLug24WKbZ7iWzkOmsJhZXr/+reXcBJejQVDloH0JuYfKLnX9wPCcwkK3WPVFXjV
fbM/45luEP5tpBrifVj5nwV3segjZuBOstSB4TFwVSCRleESgt3Qhtd5zQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCLmzfdXxhP3PGz4/XbHp+B86Jw3MB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvSXViTjkxZkdFX2M4YlBqOWRzZW40SHpvbkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBuVN+AwQA
wxoIAwQBwxwGMBQEAgACMA4DBQMqBZtAAwUDKg9KQDANBgkqhkiG9w0BAQsFAAOC
AQEAlIzzj7ggjcEZaZ3N2uePVYTmaVh7aK+9adFBk6F43Cufju8VZ741o/8u9wRx
ekhC6FW5WGykNGq1Ry9AIKAspotiPo2WAqNoUZSmTYeQGnVONYG0EJHz9TrmotP1
4DuV2W86GNXYM6+O6IcYxIAUELalASdeza8+vYSRQ5jqI9sK3EZfLsns0x/sk/Cj
iaQMK69v5MZevaHgbXIyNb994EOS/fpVOORbp2Dv11Fa1nPHYqr6qALwuoZe3+a5
NWtOk+Hrb+cquzXoq7X4EFu/BmCXdN0FWFd7sxdNB49LBK57pwgOvSt52ksWnGRn
evEQBudBCZiQHYhl2kE2UbymKg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:10 2024 by rpki-client on console.sobornost.net