Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/BtYf4SdWIJ4LjS4lldpvT_ocvM4.roa
File: BtYf4SdWIJ4LjS4lldpvT_ocvM4.roa (raw, json)
Hash identifier: X/RMPgxsEn2YSyxsjFV54Hjl2FQJOIM2njS7qiNQCLw=
Subject key identifier: 06:D6:1F:E1:27:56:20:9E:0B:8D:2E:25:95:DA:6F:4F:FA:1C:BC:CE
Certificate issuer: /CN=6f38a983cf4373aa4974985ab22d514c0f481d2e
Certificate serial: 0193DAC1819AF1C108103714C4001A5290EF
Authority key identifier: 6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/BtYf4SdWIJ4LjS4lldpvT_ocvM4.roa
Signing time: Wed 18 Dec 2024 17:12:14 +0000
ROA not before: Wed 18 Dec 2024 17:12:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41779
IP address blocks: 185.211.108.0/22 maxlen: 22
2a0b:6440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:c1:81:9a:f1:c1:08:10:37:14:c4:00:1a:52:90:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f38a983cf4373aa4974985ab22d514c0f481d2e
Validity
Not Before: Dec 18 17:12:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06d61fe12756209e0b8d2e2595da6f4ffa1cbcce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d9:ef:ad:fb:c8:81:77:7d:18:39:62:f2:b6:
c7:49:13:c8:39:21:19:3c:94:70:8e:d2:81:33:10:
9a:54:2d:ce:77:39:62:34:50:37:d1:b3:0d:fe:ab:
1c:d7:7d:0b:8c:a6:ff:7d:9d:4b:4f:4e:6b:f4:83:
25:06:19:2a:24:de:6d:13:c3:2f:a0:26:4e:1b:a3:
18:42:fa:c4:d7:f5:d5:9c:7f:4f:96:17:bc:61:b1:
2b:fb:a9:e9:ef:59:1a:d7:4b:87:f2:0e:02:3b:56:
13:f9:54:42:e4:6f:39:40:ed:41:02:0d:39:49:3a:
41:f6:17:37:0c:2e:79:41:88:63:79:34:00:89:e5:
ff:ba:41:9d:e5:45:fc:dd:5e:0d:6d:8b:40:d6:12:
66:5f:29:1a:b0:7e:9e:e0:e9:65:ed:63:ef:78:4b:
17:1a:ac:0d:0d:f3:c4:9f:fa:49:82:01:5e:57:43:
9c:86:b8:0f:30:11:08:a7:07:35:92:72:a1:0e:0f:
6b:6f:c3:24:4c:1d:14:14:8e:87:6d:b8:d2:00:b8:
bd:9b:55:0f:be:d9:07:c0:8d:56:e9:d6:79:24:fb:
a5:3f:dd:54:f1:7b:06:64:9b:d0:1c:60:67:5c:ef:
a4:f5:42:82:aa:be:e4:c6:29:cd:97:59:f3:8e:a8:
3b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D6:1F:E1:27:56:20:9E:0B:8D:2E:25:95:DA:6F:4F:FA:1C:BC:CE
X509v3 Authority Key Identifier:
keyid:6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/BtYf4SdWIJ4LjS4lldpvT_ocvM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.108.0/22
IPv6:
2a0b:6440::/29
Signature Algorithm: sha256WithRSAEncryption
5e:0e:be:57:92:5e:1a:97:f4:a9:64:4f:7a:c2:9d:12:d0:9e:
5f:70:e7:d7:19:7e:98:05:5a:49:53:53:42:d3:c5:a9:8a:7c:
a4:c9:a4:3d:1d:de:85:a5:0b:a6:33:8a:78:18:fb:c6:c6:f9:
c1:fc:10:6e:48:72:d3:0d:24:e4:07:c6:3e:25:12:68:27:e4:
31:77:1b:c7:ef:c4:f3:1e:bd:8d:8e:5c:f5:d6:d5:fa:20:9a:
cd:33:fe:c3:21:a1:48:d5:6a:bb:9e:40:a4:a2:02:50:61:8c:
a1:60:1e:5e:2c:73:b9:74:d2:b7:e3:ea:5f:2d:80:aa:f6:27:
81:13:9e:6f:7c:1d:ec:ac:e9:3b:ae:00:2c:c6:f3:1f:30:5a:
d2:7c:fe:ed:78:1b:e5:11:0b:86:2d:a1:d1:2b:7c:74:76:86:
99:5d:9c:f1:42:54:01:b1:06:f3:5e:fb:cf:63:5a:b9:eb:01:
99:2a:f3:05:2f:a4:80:d8:0c:04:df:dc:91:bd:bb:80:2b:0d:
1f:ce:e8:9e:c0:dc:b5:55:49:29:ec:6c:2a:01:79:cf:55:b4:
db:8a:aa:70:33:e5:ed:58:2e:0d:d7:2f:1e:5e:d3:a9:3c:da:
19:b3:84:27:29:6e:7c:f6:db:ea:12:a5:22:9b:60:5d:e0:c0:
b8:3b:5d:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZPawYGa8cEIEDcUxAAaUpDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzhhOTgzY2Y0MzczYWE0OTc0OTg1YWIyMmQ1MTRjMGY0
ODFkMmUwHhcNMjQxMjE4MTcxMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmQ2MWZlMTI3NTYyMDllMGI4ZDJlMjU5NWRhNmY0ZmZhMWNiY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9nvrfvIgXd9GDli8rbHSRPIOSEZ
PJRwjtKBMxCaVC3OdzliNFA30bMN/qsc130LjKb/fZ1LT05r9IMlBhkqJN5tE8Mv
oCZOG6MYQvrE1/XVnH9Plhe8YbEr+6np71ka10uH8g4CO1YT+VRC5G85QO1BAg05
STpB9hc3DC55QYhjeTQAieX/ukGd5UX83V4NbYtA1hJmXykasH6e4Oll7WPveEsX
GqwNDfPEn/pJggFeV0OchrgPMBEIpwc1knKhDg9rb8MkTB0UFI6HbbjSALi9m1UP
vtkHwI1W6dZ5JPulP91U8XsGZJvQHGBnXO+k9UKCqr7kxinNl1nzjqg7awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAbWH+EnViCeC40uJZXab0/6HLzOMB8GA1UdIwQY
MBaAFG84qYPPQ3OqSXSYWrItUUwPSB0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQt
YWY1YTU2NzczMmVmLzEvQnRZZjRTZFdJSjRMalM0bGxkcHZUX29jdk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQtYWY1YTU2NzczMmVm
LzEvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudNsMA0E
AgACMAcDBQMqC2RAMA0GCSqGSIb3DQEBCwUAA4IBAQBeDr5Xkl4al/SpZE96wp0S
0J5fcOfXGX6YBVpJU1NC08WpinykyaQ9Hd6FpQumM4p4GPvGxvnB/BBuSHLTDSTk
B8Y+JRJoJ+QxdxvH78TzHr2Njlz11tX6IJrNM/7DIaFI1Wq7nkCkogJQYYyhYB5e
LHO5dNK34+pfLYCq9ieBE55vfB3srOk7rgAsxvMfMFrSfP7teBvlEQuGLaHRK3x0
doaZXZzxQlQBsQbzXvvPY1q56wGZKvMFL6SA2AwE39yRvbuAKw0fzuiewNy1VUkp
7GwqAXnPVbTbiqpwM+XtWC4N1y8eXtOpPNoZs4QnKW589tvqEqUim2Bd4MC4O10v
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:23 2024 by rpki-client on console.sobornost.net