Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/lm0oAoZuPDglLTO5NkSupkZgPF8.roa
File: lm0oAoZuPDglLTO5NkSupkZgPF8.roa (raw, json)
Hash identifier: 495midBn8SI1gZK3c1KtGNh7SXnMfSLRWx8m8bE0P1I=
Subject key identifier: 96:6D:28:02:86:6E:3C:38:25:2D:33:B9:36:44:AE:A6:46:60:3C:5F
Certificate issuer: /CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Certificate serial: 018CC64B0E1F485A7DA88AA2D73E8777722D
Authority key identifier: 20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/lm0oAoZuPDglLTO5NkSupkZgPF8.roa
Signing time: Mon 01 Jan 2024 18:30:56 +0000
ROA not before: Mon 01 Jan 2024 18:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212763
IP address blocks: 185.165.3.0/24 maxlen: 24
185.165.0.0/23 maxlen: 23
185.165.0.0/24 maxlen: 24
185.165.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0e:1f:48:5a:7d:a8:8a:a2:d7:3e:87:77:72:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200c70d36e013b07e4e6d8ec3ea4ee413b4aaa98
Validity
Not Before: Jan 1 18:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=966d2802866e3c38252d33b93644aea646603c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c8:4f:d5:6f:07:3e:e6:0b:2d:e9:b3:10:c4:
7e:c4:e5:e7:18:a2:fb:2e:75:36:5a:7d:cf:2f:c3:
cc:8a:ed:63:74:7f:9e:79:6b:4a:8f:01:0f:c3:27:
bc:3b:30:30:04:09:b7:0e:e9:c6:30:73:f9:0e:84:
d0:08:9f:1f:55:ad:fa:1f:f0:bf:7d:a9:ae:31:d2:
e8:ff:88:1d:d9:cd:81:c0:05:41:d0:38:c7:b7:14:
24:88:a1:6d:3f:27:11:0e:2e:d0:8f:74:b5:a4:d2:
a6:98:07:ab:ab:e2:60:c4:d3:7e:ae:4c:7b:0a:ee:
87:0c:f2:8c:e6:87:60:b4:77:90:e5:80:81:ab:35:
d9:78:61:7e:9f:96:f8:90:4f:28:c4:af:01:07:76:
56:6d:f1:88:ba:03:19:9e:f1:4f:6e:24:75:f7:27:
a7:1d:f4:f4:35:af:f8:e7:58:be:36:63:51:52:b2:
1e:2a:35:a6:8a:86:1c:57:3b:aa:55:a7:04:3b:3c:
c5:3f:f0:76:48:e9:ca:11:0f:f2:bd:b1:02:51:87:
ca:91:58:95:22:e9:b4:d3:b6:71:1e:be:42:88:e0:
ef:85:a0:06:c6:79:60:db:6f:cd:cb:b9:df:1a:e9:
70:40:e1:b5:da:6d:79:c3:0c:e4:8a:c5:b3:50:26:
9b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6D:28:02:86:6E:3C:38:25:2D:33:B9:36:44:AE:A6:46:60:3C:5F
X509v3 Authority Key Identifier:
keyid:20:0C:70:D3:6E:01:3B:07:E4:E6:D8:EC:3E:A4:EE:41:3B:4A:AA:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAxw024BOwfk5tjsPqTuQTtKqpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/lm0oAoZuPDglLTO5NkSupkZgPF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d5ee0d-475f-41d7-9c25-15803ffb1746/1/IAxw024BOwfk5tjsPqTuQTtKqpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:8b:fa:62:01:4a:b5:d7:0c:82:0f:a7:4b:76:60:1d:b1:82:
88:66:8b:6b:66:5e:03:47:94:b0:ef:d1:62:fc:2d:07:e2:14:
b5:84:f0:3c:25:c3:3a:7e:f4:b8:99:a5:1d:cf:ee:e6:da:7d:
01:b4:05:93:0d:a5:6c:cb:9b:8f:71:ca:42:e6:e4:84:90:2e:
92:93:c3:aa:2c:69:88:bd:5c:88:68:8b:3f:7c:2c:d5:37:5c:
35:99:9a:ce:fa:b3:db:43:24:2c:52:d6:a2:67:72:31:54:ca:
0e:9b:3c:6e:a5:3a:5b:59:68:f7:c9:29:b8:e0:bd:97:27:25:
10:1a:f1:7d:3f:38:a0:4e:a1:1e:75:3c:f7:66:cf:fc:07:08:
43:19:16:d3:f6:bf:36:36:42:cd:a8:fd:b2:0c:21:c3:c9:93:
f7:64:89:48:10:18:f3:82:21:5d:7e:6d:6d:bf:15:59:d2:c2:
45:43:18:f1:25:d5:dd:4c:c1:ee:1f:31:b8:98:6d:d2:03:99:
24:b8:db:68:16:bb:8d:c0:d5:7f:8d:eb:02:96:65:9d:34:cf:
b1:ae:e8:6a:31:e7:e8:01:16:75:eb:d0:c6:fe:1e:d8:49:6d:
a1:71:59:48:df:4a:bd:98:5d:06:37:a9:c2:a2:4e:67:da:6a:
e5:5e:cd:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSw4fSFp9qIqi1z6Hd3ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMGM3MGQzNmUwMTNiMDdlNGU2ZDhlYzNlYTRlZTQxM2I0
YWFhOTgwHhcNMjQwMTAxMTgzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjZkMjgwMjg2NmUzYzM4MjUyZDMzYjkzNjQ0YWVhNjQ2NjAzYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArshP1W8HPuYLLemzEMR+xOXnGKL7
LnU2Wn3PL8PMiu1jdH+eeWtKjwEPwye8OzAwBAm3DunGMHP5DoTQCJ8fVa36H/C/
famuMdLo/4gd2c2BwAVB0DjHtxQkiKFtPycRDi7Qj3S1pNKmmAerq+JgxNN+rkx7
Cu6HDPKM5odgtHeQ5YCBqzXZeGF+n5b4kE8oxK8BB3ZWbfGIugMZnvFPbiR19yen
HfT0Na/451i+NmNRUrIeKjWmioYcVzuqVacEOzzFP/B2SOnKEQ/yvbECUYfKkViV
Ium007ZxHr5CiODvhaAGxnlg22/Ny7nfGulwQOG12m15wwzkisWzUCabYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZtKAKGbjw4JS0zuTZErqZGYDxfMB8GA1UdIwQY
MBaAFCAMcNNuATsH5ObY7D6k7kE7SqqYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUt
MTU4MDNmZmIxNzQ2LzEvbG0wb0FvWnVQRGdsTFRPNU5rU3Vwa1pnUEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNWVlMGQtNDc1Zi00MWQ3LTljMjUtMTU4MDNmZmIxNzQ2
LzEvSUF4dzAyNEJPd2ZrNXRqc1BxVHVRVHRLcXBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaUAMA0G
CSqGSIb3DQEBCwUAA4IBAQCpi/piAUq11wyCD6dLdmAdsYKIZotrZl4DR5Sw79Fi
/C0H4hS1hPA8JcM6fvS4maUdz+7m2n0BtAWTDaVsy5uPccpC5uSEkC6Sk8OqLGmI
vVyIaIs/fCzVN1w1mZrO+rPbQyQsUtaiZ3IxVMoOmzxupTpbWWj3ySm44L2XJyUQ
GvF9PzigTqEedTz3Zs/8BwhDGRbT9r82NkLNqP2yDCHDyZP3ZIlIEBjzgiFdfm1t
vxVZ0sJFQxjxJdXdTMHuHzG4mG3SA5kkuNtoFruNwNV/jesClmWdNM+xruhqMefo
ARZ169DG/h7YSW2hcVlI30q9mF0GN6nCok5n2mrlXs3M
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:27 2024 by rpki-client on console.sobornost.net