Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/IZ-hS2S0bJsg-wQCpsx_0DigjPs.roa
File: IZ-hS2S0bJsg-wQCpsx_0DigjPs.roa (raw, json)
Hash identifier: HwW54T6Ss5TlGzmIzDomOr9AG7CQcAZnoqxIfJGWtTM=
Subject key identifier: 21:9F:A1:4B:64:B4:6C:9B:20:FB:04:02:A6:CC:7F:D0:38:A0:8C:FB
Certificate issuer: /CN=5bd3e848c58a6451ca874cdcfc37e9bc0f5d9ac7
Certificate serial: 018CC94E0EE27AFC48436437BA5E42A0F3AA
Authority key identifier: 5B:D3:E8:48:C5:8A:64:51:CA:87:4C:DC:FC:37:E9:BC:0F:5D:9A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9PoSMWKZFHKh0zc_DfpvA9dmsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/IZ-hS2S0bJsg-wQCpsx_0DigjPs.roa
Signing time: Tue 02 Jan 2024 08:33:05 +0000
ROA not before: Tue 02 Jan 2024 08:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209820
IP address blocks: 80.209.254.0/24 maxlen: 24
185.40.140.0/24 maxlen: 24
80.208.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:0e:e2:7a:fc:48:43:64:37:ba:5e:42:a0:f3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd3e848c58a6451ca874cdcfc37e9bc0f5d9ac7
Validity
Not Before: Jan 2 08:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=219fa14b64b46c9b20fb0402a6cc7fd038a08cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:66:1f:10:a9:b1:8c:bc:f5:9e:c1:93:66:
e2:6c:08:0b:cf:39:cd:54:27:b7:b6:71:6e:e4:a0:
aa:af:ed:5d:30:49:e6:b4:62:28:d2:8b:58:a5:93:
a1:70:4e:b2:a0:c7:24:4b:96:f6:bd:e4:62:f5:b0:
99:b1:19:62:f6:c4:ca:fd:39:2f:31:fa:73:d0:b5:
f3:33:7b:8e:a7:0e:70:70:1d:48:1a:0a:c4:2f:9b:
78:bc:ab:43:f6:ff:0e:00:73:e8:63:e2:aa:19:74:
b7:e2:fd:a8:2b:23:5e:fc:48:51:78:d4:b6:28:32:
93:d4:7b:10:8d:3e:36:43:8e:81:e8:d4:8b:fe:af:
f9:8c:ba:48:3b:c5:22:68:1f:47:8f:29:cf:88:6a:
ff:79:eb:8e:10:cd:62:66:c9:50:f1:38:74:01:bc:
15:04:58:eb:84:fa:cf:05:3d:c4:8a:5b:fd:f1:ec:
5d:b4:0c:42:32:85:b1:33:1e:2f:c6:b1:5f:c8:29:
c5:dc:28:51:e7:24:96:0e:17:04:03:9a:7a:d0:f1:
4e:5d:bc:4e:6b:63:f7:eb:79:be:2b:23:dd:22:e9:
ab:3f:08:02:ab:cf:2e:83:c1:b5:f0:1c:08:1c:23:
6c:72:85:83:98:af:79:9f:25:7b:f2:55:9f:26:aa:
23:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9F:A1:4B:64:B4:6C:9B:20:FB:04:02:A6:CC:7F:D0:38:A0:8C:FB
X509v3 Authority Key Identifier:
keyid:5B:D3:E8:48:C5:8A:64:51:CA:87:4C:DC:FC:37:E9:BC:0F:5D:9A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9PoSMWKZFHKh0zc_DfpvA9dmsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/IZ-hS2S0bJsg-wQCpsx_0DigjPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0b87f5-e5d2-456f-abe0-484d4586ee7b/1/W9PoSMWKZFHKh0zc_DfpvA9dmsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.208.254.0/24
80.209.254.0/24
185.40.140.0/24
Signature Algorithm: sha256WithRSAEncryption
50:11:f7:e8:76:3c:55:e2:db:5e:fd:49:7d:db:e2:6c:43:82:
96:8b:f3:fb:a1:ae:64:52:d5:d2:bd:51:f9:f2:5f:9c:67:b3:
5f:70:e2:e2:bc:b1:a5:1b:c5:35:2f:f6:37:98:8e:9f:df:a7:
38:34:fb:c1:33:fa:ba:1c:4c:bc:bf:36:f9:44:b7:a0:82:f3:
69:48:06:7a:5a:66:9b:e8:37:86:73:bb:2a:3d:c6:85:81:a1:
9f:bf:b0:11:02:3f:99:93:0e:11:b6:18:cc:8d:b3:ba:65:81:
f4:f0:3d:ca:29:b6:03:7e:a5:60:3f:8c:fd:33:60:ca:0c:07:
46:6a:2a:dc:9e:46:df:d8:51:e8:df:1e:fd:78:2a:79:ce:66:
ef:2d:81:26:c9:8c:b0:a6:12:09:87:bc:a5:f8:42:10:69:fe:
a9:d8:f0:88:b6:a5:bb:de:8e:69:3d:be:6d:0f:d3:94:2c:be:
bd:e0:20:f1:8f:62:2f:9a:44:97:0c:87:fd:f6:d4:de:88:8a:
a9:8f:a7:e9:47:72:bd:40:93:f6:27:48:48:d9:59:0f:70:d1:
b4:3d:f5:83:48:5d:b6:a1:c6:9c:f3:b6:96:5e:3d:e7:42:cd:
2a:77:fd:7b:27:a2:b6:e5:3c:17:9f:7b:5e:af:0c:0e:6c:9a:
cd:31:fa:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTg7ievxIQ2Q3ul5CoPOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDNlODQ4YzU4YTY0NTFjYTg3NGNkY2ZjMzdlOWJjMGY1
ZDlhYzcwHhcNMjQwMTAyMDgzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTlmYTE0YjY0YjQ2YzliMjBmYjA0MDJhNmNjN2ZkMDM4YTA4Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5VmHxCpsYy89Z7Bk2bibAgLzznN
VCe3tnFu5KCqr+1dMEnmtGIo0otYpZOhcE6yoMckS5b2veRi9bCZsRli9sTK/Tkv
Mfpz0LXzM3uOpw5wcB1IGgrEL5t4vKtD9v8OAHPoY+KqGXS34v2oKyNe/EhReNS2
KDKT1HsQjT42Q46B6NSL/q/5jLpIO8UiaB9HjynPiGr/eeuOEM1iZslQ8Th0AbwV
BFjrhPrPBT3Eilv98exdtAxCMoWxMx4vxrFfyCnF3ChR5ySWDhcEA5p60PFOXbxO
a2P363m+KyPdIumrPwgCq88ug8G18BwIHCNscoWDmK95nyV78lWfJqojPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCGfoUtktGybIPsEAqbMf9A4oIz7MB8GA1UdIwQY
MBaAFFvT6EjFimRRyodM3Pw36bwPXZrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlQb1NNV0taRkhLaDB6Y19EZnB2QTlkbXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYjg3ZjUtZTVkMi00NTZmLWFiZTAt
NDg0ZDQ1ODZlZTdiLzEvSVotaFMyUzBiSnNnLXdRQ3BzeF8wRGlnalBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYjg3ZjUtZTVkMi00NTZmLWFiZTAtNDg0ZDQ1ODZlZTdi
LzEvVzlQb1NNV0taRkhLaDB6Y19EZnB2QTlkbXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUND+AwQA
UNH+AwQAuSiMMA0GCSqGSIb3DQEBCwUAA4IBAQBQEffodjxV4tte/Ul92+JsQ4KW
i/P7oa5kUtXSvVH58l+cZ7NfcOLivLGlG8U1L/Y3mI6f36c4NPvBM/q6HEy8vzb5
RLeggvNpSAZ6Wmab6DeGc7sqPcaFgaGfv7ARAj+Zkw4RthjMjbO6ZYH08D3KKbYD
fqVgP4z9M2DKDAdGaircnkbf2FHo3x79eCp5zmbvLYEmyYywphIJh7yl+EIQaf6p
2PCItqW73o5pPb5tD9OULL694CDxj2IvmkSXDIf99tTeiIqpj6fpR3K9QJP2J0hI
2VkPcNG0PfWDSF22ocac87aWXj3nQs0qd/17J6K25TwXn3terwwObJrNMfqG
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:35 2024 by rpki-client on console.sobornost.net