Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/2QJ9MfW4BxJBKn-gcVJYEYx38LQ.roa
File: 2QJ9MfW4BxJBKn-gcVJYEYx38LQ.roa (raw, json)
Hash identifier: DyeCa4qTbaNv2x6r72+iaGl+yoQSIcMkyMQa6pVklYE=
Subject key identifier: D9:02:7D:31:F5:B8:07:12:41:2A:7F:A0:71:52:58:11:8C:77:F0:B4
Certificate issuer: /CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Certificate serial: 0191AA067310E99ADB45FC96583FC8B682B2
Authority key identifier: BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/2QJ9MfW4BxJBKn-gcVJYEYx38LQ.roa
Signing time: Sat 31 Aug 2024 20:00:34 +0000
ROA not before: Sat 31 Aug 2024 20:00:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208669
IP address blocks: 85.202.92.0/24 maxlen: 24
85.202.93.0/24 maxlen: 24
85.202.95.0/24 maxlen: 24
2a10:1900::/32 maxlen: 32
2a10:1901::/32 maxlen: 32
2a10:1902::/32 maxlen: 32
2a10:1903::/32 maxlen: 32
2a10:1904::/32 maxlen: 32
2a10:1905::/32 maxlen: 32
2a10:1906::/32 maxlen: 32
2a10:1907::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:aa:06:73:10:e9:9a:db:45:fc:96:58:3f:c8:b6:82:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6aa7362d36792cbcfa83609b5d75cc965f3faf
Validity
Not Before: Aug 31 20:00:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9027d31f5b80712412a7fa0715258118c77f0b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d2:e3:20:4f:60:88:e6:f8:be:c6:e2:5a:6c:
c8:54:24:d7:88:41:d1:39:eb:4a:fd:ab:5c:11:25:
11:fe:ad:e9:c7:ec:dd:62:be:b9:ed:c6:2b:17:85:
8a:66:33:02:39:29:46:ce:12:fa:40:76:5c:7c:40:
f5:5d:9f:e5:d7:89:e7:a6:a2:61:ba:c2:2e:59:9b:
47:11:94:47:28:b9:df:83:c2:b9:8c:48:a3:8c:4b:
ac:e7:b5:f2:98:9c:65:ef:85:39:c1:c8:97:db:5b:
1f:2b:9d:72:3d:5d:b0:42:fe:e0:8d:3a:30:9c:f8:
c6:aa:56:4d:8d:c6:50:88:5d:9d:43:fa:1b:53:20:
15:6e:b2:63:db:ea:e6:1a:b0:65:27:e5:84:2a:6d:
a3:12:a2:98:a4:82:2a:32:15:5c:4b:14:21:75:e6:
60:8d:c6:0b:68:92:08:7d:8b:25:39:d2:c5:ef:55:
08:e1:ec:0b:dc:a3:e3:a6:e5:32:d4:da:1f:ea:47:
ec:91:11:fc:b2:35:94:5b:7b:ef:ba:9c:3b:fa:f5:
22:c5:97:3c:1e:83:8e:de:7f:60:67:08:8e:39:cb:
42:5a:19:09:bd:98:cf:a9:bd:fa:b5:2c:d5:bf:bd:
a9:a9:57:33:66:96:c9:be:f1:e8:80:49:bf:dc:28:
7c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:02:7D:31:F5:B8:07:12:41:2A:7F:A0:71:52:58:11:8C:77:F0:B4
X509v3 Authority Key Identifier:
keyid:BD:6A:A7:36:2D:36:79:2C:BC:FA:83:60:9B:5D:75:CC:96:5F:3F:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWqnNi02eSy8-oNgm111zJZfP68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/2QJ9MfW4BxJBKn-gcVJYEYx38LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f9a8ec-f582-475c-8cc9-d5c8635bec88/1/vWqnNi02eSy8-oNgm111zJZfP68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.92.0/23
85.202.95.0/24
IPv6:
2a10:1900::/29
Signature Algorithm: sha256WithRSAEncryption
9d:96:e5:e2:91:03:34:e2:ff:b4:d8:a6:75:58:d1:f4:02:e5:
d8:8b:2f:83:ec:66:9e:5e:9f:83:91:b5:59:c2:0f:73:ed:55:
bc:c8:30:fc:0c:1c:f4:f5:e8:87:89:c2:82:69:6b:7b:d1:c1:
d8:db:c0:18:d8:a2:49:f8:8a:1a:bb:1d:b6:d2:6f:72:ce:30:
c7:42:fd:ba:1f:55:2c:8f:92:44:c5:a4:c2:0b:ce:91:91:cf:
08:00:e3:4d:74:e4:63:e7:3b:5a:ba:81:e9:ad:95:34:db:8d:
49:af:cc:ce:18:c1:25:a1:a6:c3:41:f9:e7:9e:0c:f1:50:6e:
3e:48:14:80:e9:17:d4:98:09:01:09:23:75:e8:7d:e6:e1:09:
7d:59:0b:45:93:be:87:e7:f5:b8:a6:52:bc:94:4f:4f:ab:80:
d4:e8:01:48:de:cb:29:31:6f:c7:33:c8:f6:b9:b9:85:f4:bb:
52:89:3b:7c:55:c2:fc:2c:15:05:d0:f9:e1:7e:29:bd:cf:e7:
c4:f4:0a:ea:2f:db:75:cf:69:02:ad:7b:98:70:ed:2e:ac:4f:
2b:4c:a9:13:a0:4b:7e:ad:41:7d:b4:86:c0:78:de:b0:88:6c:
e4:b6:3b:e5:72:92:a1:f0:b3:10:c9:c5:14:9f:81:ce:db:24:
35:ca:da:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGqBnMQ6ZrbRfyWWD/ItoKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmFhNzM2MmQzNjc5MmNiY2ZhODM2MDliNWQ3NWNjOTY1
ZjNmYWYwHhcNMjQwODMxMjAwMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTAyN2QzMWY1YjgwNzEyNDEyYTdmYTA3MTUyNTgxMThjNzdmMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19LjIE9giOb4vsbiWmzIVCTXiEHR
OetK/atcESUR/q3px+zdYr657cYrF4WKZjMCOSlGzhL6QHZcfED1XZ/l14nnpqJh
usIuWZtHEZRHKLnfg8K5jEijjEus57XymJxl74U5wciX21sfK51yPV2wQv7gjTow
nPjGqlZNjcZQiF2dQ/obUyAVbrJj2+rmGrBlJ+WEKm2jEqKYpIIqMhVcSxQhdeZg
jcYLaJIIfYslOdLF71UI4ewL3KPjpuUy1Nof6kfskRH8sjWUW3vvupw7+vUixZc8
HoOO3n9gZwiOOctCWhkJvZjPqb36tSzVv72pqVczZpbJvvHogEm/3Ch8tQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNkCfTH1uAcSQSp/oHFSWBGMd/C0MB8GA1UdIwQY
MBaAFL1qpzYtNnksvPqDYJtddcyWXz+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldxbk5pMDJlU3k4LW9OZ20xMTF6SlpmUDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mOWE4ZWMtZjU4Mi00NzVjLThjYzkt
ZDVjODYzNWJlYzg4LzEvMlFKOU1mVzRCeEpCS24tZ2NWSllFWXgzOExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mOWE4ZWMtZjU4Mi00NzVjLThjYzktZDVjODYzNWJlYzg4
LzEvdldxbk5pMDJlU3k4LW9OZ20xMTF6SlpmUDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBVcpcAwQA
VcpfMA0EAgACMAcDBQMqEBkAMA0GCSqGSIb3DQEBCwUAA4IBAQCdluXikQM04v+0
2KZ1WNH0AuXYiy+D7GaeXp+DkbVZwg9z7VW8yDD8DBz09eiHicKCaWt70cHY28AY
2KJJ+Ioaux220m9yzjDHQv26H1Usj5JExaTCC86Rkc8IAONNdORj5ztauoHprZU0
241Jr8zOGMEloabDQfnnngzxUG4+SBSA6RfUmAkBCSN16H3m4Ql9WQtFk76H5/W4
plK8lE9Pq4DU6AFI3sspMW/HM8j2ubmF9LtSiTt8VcL8LBUF0Pnhfim9z+fE9Arq
L9t1z2kCrXuYcO0urE8rTKkToEt+rUF9tIbAeN6wiGzktjvlcpKh8LMQycUUn4HO
2yQ1ytoX
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:43:23 2024 by rpki-client on console.sobornost.net