Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/4285rdG6PZ1Yvzn1_kDU4k0YbF4.roa
File: 4285rdG6PZ1Yvzn1_kDU4k0YbF4.roa (raw, json)
Hash identifier: 4aoU9vgGjtCopezu+YYMssMGMAFt/5UWfo9W6gdfHHo=
Subject key identifier: E3:6F:39:AD:D1:BA:3D:9D:58:BF:39:F5:FE:40:D4:E2:4D:18:6C:5E
Certificate issuer: /CN=4b993958d47daae349eec6fd2eba28354377e5d4
Certificate serial: 018CC7267AFAC388A59380A285C874098B6B
Authority key identifier: 4B:99:39:58:D4:7D:AA:E3:49:EE:C6:FD:2E:BA:28:35:43:77:E5:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5k5WNR9quNJ7sb9LrooNUN35dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/4285rdG6PZ1Yvzn1_kDU4k0YbF4.roa
Signing time: Mon 01 Jan 2024 22:30:36 +0000
ROA not before: Mon 01 Jan 2024 22:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44196
IP address blocks: 195.2.202.0/24 maxlen: 24
195.2.202.0/23 maxlen: 23
195.2.203.0/24 maxlen: 24
195.93.132.0/24 maxlen: 24
195.93.132.0/23 maxlen: 23
195.93.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:7a:fa:c3:88:a5:93:80:a2:85:c8:74:09:8b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b993958d47daae349eec6fd2eba28354377e5d4
Validity
Not Before: Jan 1 22:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e36f39add1ba3d9d58bf39f5fe40d4e24d186c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:12:f8:df:28:0a:9b:0f:f5:e3:72:d5:08:53:
ee:23:35:ca:71:9f:f9:0f:e0:27:74:20:07:25:3b:
88:fb:cd:60:7d:8b:2e:64:62:4a:1f:d5:92:51:b1:
5d:8d:13:6f:57:cc:b3:45:42:fb:cc:74:26:78:d3:
12:25:2c:8f:ab:ea:7a:83:74:06:69:0a:71:1f:af:
b5:15:9f:3a:f1:7d:a1:5d:a9:35:7c:53:4d:ba:b8:
3f:60:ff:7b:12:44:2a:50:5f:69:0b:62:db:b8:20:
cc:48:c9:2b:1f:c2:7a:ae:ea:f7:04:41:0a:09:da:
0e:ab:e7:c1:77:b6:90:23:68:06:94:99:e6:5f:37:
8a:26:11:e7:87:b2:3a:d8:f7:0a:a6:7f:69:b0:5d:
e4:a2:ae:9a:a2:5d:42:ee:51:8a:bb:7a:6a:8d:c4:
4a:24:70:f7:34:32:cf:b6:45:f0:0a:9e:76:0d:70:
2c:b0:c4:36:41:3c:64:16:c5:9e:8a:27:f1:c0:83:
91:1a:e6:7d:2a:22:2b:3e:60:68:88:f8:1d:6f:b1:
36:1f:52:3d:15:d2:13:f7:31:51:86:a7:15:80:d7:
d3:be:a6:fc:ce:84:b9:5a:b6:4d:49:c5:d4:0a:e5:
f6:83:68:62:87:52:44:bf:a5:49:3f:bd:53:cc:95:
74:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6F:39:AD:D1:BA:3D:9D:58:BF:39:F5:FE:40:D4:E2:4D:18:6C:5E
X509v3 Authority Key Identifier:
keyid:4B:99:39:58:D4:7D:AA:E3:49:EE:C6:FD:2E:BA:28:35:43:77:E5:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5k5WNR9quNJ7sb9LrooNUN35dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/4285rdG6PZ1Yvzn1_kDU4k0YbF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9c89bf-c81e-413f-a2d4-a05560601ac2/1/S5k5WNR9quNJ7sb9LrooNUN35dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.2.202.0/23
195.93.132.0/23
Signature Algorithm: sha256WithRSAEncryption
94:2e:fd:b3:60:ca:a0:06:53:04:99:b2:31:79:ff:05:ca:15:
f5:bc:07:c6:f6:84:ac:1c:4c:f7:ff:40:b7:96:5d:3a:99:c9:
21:7c:a7:a3:b7:0e:26:63:5f:12:ff:6d:f1:43:6d:8c:dd:14:
39:a4:a8:f7:68:f5:dd:51:e0:e2:d0:81:a2:79:58:fc:79:12:
65:0b:5d:7d:7d:8c:34:a7:6b:fd:1a:21:f7:85:fa:9d:3e:8b:
d7:64:b3:c0:98:fc:69:15:fd:33:e7:5b:c4:9d:a7:36:76:a3:
96:b2:2c:8b:6e:6d:ee:7c:4d:86:86:16:80:d9:f8:2f:ec:83:
d7:8b:e8:42:8a:55:10:78:c0:90:c2:00:83:f7:ae:b7:5f:e2:
63:de:e2:45:c7:4a:79:d8:cc:d2:ba:a9:30:f5:8e:5a:94:31:
66:ee:07:b9:a1:7b:7d:38:e2:2b:0f:09:ba:72:6a:b8:52:76:
b9:21:3c:0a:74:92:a3:9f:15:8d:8c:8b:26:54:c5:3f:5a:dc:
f6:ec:f6:b8:48:37:62:a1:0f:88:34:e4:bd:13:a5:8a:f8:7a:
55:b5:c7:31:c5:de:73:8d:4d:68:57:3d:a3:3c:ce:8b:cf:3e:
9a:61:ac:34:ca:78:ad:0d:17:c7:c3:18:b8:b9:71:50:3b:e5:
69:46:3a:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJnr6w4ilk4Cihch0CYtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTkzOTU4ZDQ3ZGFhZTM0OWVlYzZmZDJlYmEyODM1NDM3
N2U1ZDQwHhcNMjQwMTAxMjIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZmMzlhZGQxYmEzZDlkNThiZjM5ZjVmZTQwZDRlMjRkMTg2YzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxL43ygKmw/143LVCFPuIzXKcZ/5
D+AndCAHJTuI+81gfYsuZGJKH9WSUbFdjRNvV8yzRUL7zHQmeNMSJSyPq+p6g3QG
aQpxH6+1FZ868X2hXak1fFNNurg/YP97EkQqUF9pC2LbuCDMSMkrH8J6rur3BEEK
CdoOq+fBd7aQI2gGlJnmXzeKJhHnh7I62PcKpn9psF3koq6aol1C7lGKu3pqjcRK
JHD3NDLPtkXwCp52DXAssMQ2QTxkFsWeiifxwIORGuZ9KiIrPmBoiPgdb7E2H1I9
FdIT9zFRhqcVgNfTvqb8zoS5WrZNScXUCuX2g2hih1JEv6VJP71TzJV0LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFONvOa3Ruj2dWL859f5A1OJNGGxeMB8GA1UdIwQY
MBaAFEuZOVjUfarjSe7G/S66KDVDd+XUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVrNVdOUjlxdU5KN3NiOUxyb29OVU4zNWRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85Yzg5YmYtYzgxZS00MTNmLWEyZDQt
YTA1NTYwNjAxYWMyLzEvNDI4NXJkRzZQWjFZdnpuMV9rRFU0azBZYkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85Yzg5YmYtYzgxZS00MTNmLWEyZDQtYTA1NTYwNjAxYWMy
LzEvUzVrNVdOUjlxdU5KN3NiOUxyb29OVU4zNWRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwwLKAwQB
w12EMA0GCSqGSIb3DQEBCwUAA4IBAQCULv2zYMqgBlMEmbIxef8FyhX1vAfG9oSs
HEz3/0C3ll06mckhfKejtw4mY18S/23xQ22M3RQ5pKj3aPXdUeDi0IGieVj8eRJl
C119fYw0p2v9GiH3hfqdPovXZLPAmPxpFf0z51vEnac2dqOWsiyLbm3ufE2GhhaA
2fgv7IPXi+hCilUQeMCQwgCD9663X+Jj3uJFx0p52MzSuqkw9Y5alDFm7ge5oXt9
OOIrDwm6cmq4Una5ITwKdJKjnxWNjIsmVMU/Wtz27Pa4SDdioQ+INOS9E6WK+HpV
tccxxd5zjU1oVz2jPM6Lzz6aYaw0ynitDRfHwxi4uXFQO+VpRjqu
-----END CERTIFICATE-----
Generated at Tue Feb 27 16:06:17 2024 by rpki-client on console.sobornost.net