Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/6IlI7aRMTQmjr2twxxsl01K4p7c.roa
File: 6IlI7aRMTQmjr2twxxsl01K4p7c.roa (raw, json)
Hash identifier: oMA/AcdkH0ltRgYNbTY840kU5pRkL5bPk5cIN0vd0U4=
Subject key identifier: E8:89:48:ED:A4:4C:4D:09:A3:AF:6B:70:C7:1B:25:D3:52:B8:A7:B7
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0193F0AF99BD5C29D6AB7ADFE00E80564BF4
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/6IlI7aRMTQmjr2twxxsl01K4p7c.roa
Signing time: Sun 22 Dec 2024 23:24:20 +0000
ROA not before: Sun 22 Dec 2024 23:24:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f0:af:99:bd:5c:29:d6:ab:7a:df:e0:0e:80:56:4b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Dec 22 23:24:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e88948eda44c4d09a3af6b70c71b25d352b8a7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e0:c6:33:4c:9e:4d:60:06:1f:3c:35:ba:a7:
4b:49:0d:b2:4f:b8:eb:d2:62:d5:8b:e1:7d:1a:5c:
0a:d8:9d:f0:09:28:53:3d:7b:89:4e:6b:7f:d2:72:
d4:2b:2f:5a:e1:a5:44:b9:31:8e:2d:70:cd:bd:d0:
7c:a7:bf:90:e2:ef:c5:48:82:2a:b9:73:b7:63:f0:
70:fa:03:c7:f3:ad:72:51:75:4d:77:de:cb:30:ff:
a6:32:13:97:8e:37:f1:fa:09:b0:4a:a3:84:56:74:
24:fd:b4:5c:2f:b3:9d:16:1b:8a:4b:e8:fe:d2:20:
7f:86:e2:f9:08:66:09:de:10:e6:71:8b:d6:b8:59:
e6:ec:e1:aa:36:3c:a8:e8:28:54:d1:1d:78:58:a5:
19:1f:3b:43:07:05:4a:0d:8a:31:05:32:95:5d:4b:
07:a7:70:b2:6e:a1:22:7b:90:b5:9e:30:83:c6:24:
d7:e5:67:58:ed:90:fc:8d:de:ca:94:21:fc:19:32:
a2:ae:26:c3:f4:39:f8:75:08:e7:aa:3d:7c:9c:af:
de:11:e0:ef:5a:94:d4:f6:b4:6c:f7:11:82:20:54:
6a:fc:22:6e:ae:e4:d3:4f:58:6c:57:1f:2d:b6:d5:
c8:a3:5d:30:e8:34:35:0a:d5:3e:ad:49:dc:6b:82:
01:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:89:48:ED:A4:4C:4D:09:A3:AF:6B:70:C7:1B:25:D3:52:B8:A7:B7
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/6IlI7aRMTQmjr2twxxsl01K4p7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.213.0/24
185.221.26.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fa:2d:25:05:66:fd:ca:65:8d:74:78:46:da:af:07:8e:bb:
c8:a5:e2:e1:09:8c:cd:17:c4:64:a2:86:8a:77:7b:6d:d0:43:
75:21:9e:60:31:3b:71:d9:41:16:ac:bf:0b:01:ba:97:94:3c:
c0:e9:55:01:eb:ff:a6:05:a3:b1:30:bb:51:07:b7:dc:b3:b0:
03:e1:9f:5a:fb:de:2b:41:8d:07:2e:1b:0d:11:4a:4e:f3:56:
ce:04:c5:c8:8b:5d:82:94:8f:5f:3e:53:61:c1:61:71:63:2d:
07:ef:56:c5:a4:86:0e:a9:79:37:e0:99:ea:c7:88:c2:ce:12:
c4:ed:28:f2:95:78:4c:50:31:53:39:46:fc:5d:26:25:25:b1:
c4:cb:a6:3d:97:6d:3d:32:3f:7a:3b:3e:33:bd:6e:7a:fb:03:
13:aa:4f:a0:69:d1:0a:d2:cd:76:b2:cf:52:40:e3:de:60:9e:
ec:d1:69:51:29:a0:da:c2:ea:f1:ba:a5:4f:43:8a:eb:8b:17:
35:0e:90:8e:fb:25:97:df:2c:2c:21:5b:7b:04:39:1b:c7:76:
24:25:12:ba:e0:9c:21:25:61:04:3d:d7:07:b6:d0:68:66:bf:
c3:df:bf:57:0d:50:75:2a:32:af:20:ab:3b:ea:ce:84:52:36:
18:51:cb:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPwr5m9XCnWq3rf4A6AVkv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQxMjIyMjMyNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODg5NDhlZGE0NGM0ZDA5YTNhZjZiNzBjNzFiMjVkMzUyYjhhN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqODGM0yeTWAGHzw1uqdLSQ2yT7jr
0mLVi+F9GlwK2J3wCShTPXuJTmt/0nLUKy9a4aVEuTGOLXDNvdB8p7+Q4u/FSIIq
uXO3Y/Bw+gPH861yUXVNd97LMP+mMhOXjjfx+gmwSqOEVnQk/bRcL7OdFhuKS+j+
0iB/huL5CGYJ3hDmcYvWuFnm7OGqNjyo6ChU0R14WKUZHztDBwVKDYoxBTKVXUsH
p3CybqEie5C1njCDxiTX5WdY7ZD8jd7KlCH8GTKiribD9Dn4dQjnqj18nK/eEeDv
WpTU9rRs9xGCIFRq/CJuruTTT1hsVx8tttXIo10w6DQ1CtU+rUnca4IBzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOiJSO2kTE0Jo69rcMcbJdNSuKe3MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvNklsSTdhUk1UUW1qcjJ0d3h4c2wwMUs0cDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucfVAwQA
ud0aMA0GCSqGSIb3DQEBCwUAA4IBAQB4+i0lBWb9ymWNdHhG2q8HjrvIpeLhCYzN
F8RkooaKd3tt0EN1IZ5gMTtx2UEWrL8LAbqXlDzA6VUB6/+mBaOxMLtRB7fcs7AD
4Z9a+94rQY0HLhsNEUpO81bOBMXIi12ClI9fPlNhwWFxYy0H71bFpIYOqXk34Jnq
x4jCzhLE7SjylXhMUDFTOUb8XSYlJbHEy6Y9l209Mj96Oz4zvW56+wMTqk+gadEK
0s12ss9SQOPeYJ7s0WlRKaDawurxuqVPQ4rrixc1DpCO+yWX3ywsIVt7BDkbx3Yk
JRK64JwhJWEEPdcHttBoZr/D379XDVB1KjKvIKs76s6EUjYYUcvL
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:10 2024 by rpki-client on console.sobornost.net