Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/AEsYZWag985uDGtyQ1WNcXmwsTw.roa
File: AEsYZWag985uDGtyQ1WNcXmwsTw.roa (raw, json)
Hash identifier: 0m9MTAO4RvqM15Ez4+7e4kfcW8+p41LztdlAsnIebA8=
Subject key identifier: 00:4B:18:65:66:A0:F7:CE:6E:0C:6B:72:43:55:8D:71:79:B0:B1:3C
Certificate issuer: /CN=922e330b5879590abae81bf40a91a5101bc18fa0
Certificate serial: 018CC801638B5252C6A03CFCD4D53DB2649E
Authority key identifier: 92:2E:33:0B:58:79:59:0A:BA:E8:1B:F4:0A:91:A5:10:1B:C1:8F:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ki4zC1h5WQq66Bv0CpGlEBvBj6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/AEsYZWag985uDGtyQ1WNcXmwsTw.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8699
IP address blocks: 185.120.28.0/24 maxlen: 24
185.120.28.0/22 maxlen: 24
185.120.29.0/24 maxlen: 24
185.120.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:63:8b:52:52:c6:a0:3c:fc:d4:d5:3d:b2:64:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922e330b5879590abae81bf40a91a5101bc18fa0
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=004b186566a0f7ce6e0c6b7243558d7179b0b13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ae:da:07:2f:15:59:bf:13:c8:97:6c:51:5c:
a6:2e:c2:3d:04:7c:e4:fd:07:48:dc:86:8e:9a:1d:
f8:64:3b:be:cb:4a:24:89:fe:91:7d:ec:92:e1:94:
32:d0:79:a4:94:fd:92:2d:fb:d4:41:07:d1:0a:8e:
ba:30:24:7e:12:dc:ee:d1:3a:2f:de:b9:29:89:ce:
e0:be:6c:34:e7:1d:f6:0f:70:0b:1a:3d:17:09:11:
b9:c2:dc:dc:11:0c:24:18:ef:31:76:f4:a6:9d:16:
34:a9:79:67:dd:67:da:b3:8c:89:23:0c:48:b3:ca:
1e:22:4e:62:dc:42:6a:ed:b5:68:24:04:04:a4:a4:
16:1d:97:83:03:4a:f4:f5:d7:51:5d:13:d6:0f:b8:
4d:8e:0e:8c:d0:e5:62:ab:d4:b2:c2:21:7c:21:b7:
c4:e7:e9:b6:c2:3f:f0:5c:1e:0f:ac:75:3e:87:20:
92:65:2c:87:17:da:9e:43:23:bc:69:d4:4a:8b:70:
fb:7a:4b:f1:11:14:75:fe:3e:57:fc:38:6c:2a:24:
5e:13:5c:62:e0:02:a3:8f:77:91:38:16:0e:ea:7c:
e6:b4:48:d8:0a:de:e9:ad:98:7e:d5:e8:4c:34:e0:
35:2d:8d:f0:50:0e:fc:40:65:69:18:3e:fb:46:d6:
42:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4B:18:65:66:A0:F7:CE:6E:0C:6B:72:43:55:8D:71:79:B0:B1:3C
X509v3 Authority Key Identifier:
keyid:92:2E:33:0B:58:79:59:0A:BA:E8:1B:F4:0A:91:A5:10:1B:C1:8F:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ki4zC1h5WQq66Bv0CpGlEBvBj6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/AEsYZWag985uDGtyQ1WNcXmwsTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/ki4zC1h5WQq66Bv0CpGlEBvBj6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.28.0/22
Signature Algorithm: sha256WithRSAEncryption
53:e2:e9:ac:31:9a:63:97:b0:46:1e:29:1d:02:b7:51:ed:9e:
33:ee:92:44:62:39:ff:52:3d:55:b0:e1:b8:27:16:f8:0f:2e:
89:5f:33:06:db:8a:2d:39:29:21:ba:1e:e2:6c:f4:fe:0f:60:
ba:02:c5:05:31:9a:40:23:da:19:96:1c:41:e5:a4:62:ca:85:
bb:29:e8:a0:30:95:83:09:ab:e1:4b:cd:d9:7a:c8:2b:2c:0a:
ff:48:6b:72:cf:a5:a6:eb:00:22:19:1f:60:85:e2:35:eb:01:
44:e9:14:59:de:ee:0a:5a:12:b1:6b:fd:48:96:7e:85:30:3e:
4a:32:8c:e3:c9:e0:fc:17:64:2b:67:0f:dd:7d:34:b2:19:42:
6e:cb:70:25:e9:2a:53:ac:05:00:3c:12:8a:e6:7f:a6:cc:4c:
de:27:01:e8:15:8d:a3:ef:39:7f:c9:76:88:b5:ae:02:70:b5:
cc:e5:60:72:f8:d2:61:f4:29:bc:98:63:7a:2c:5e:d6:cd:18:
c1:92:d8:71:d9:43:99:40:d1:6e:68:3c:23:d0:4e:7f:9c:ea:
14:97:b9:48:29:cf:98:3d:53:4e:ed:ba:2e:65:00:55:a8:f0:
02:a2:88:0f:80:b2:66:05:06:8e:1c:02:97:d4:c0:6e:5d:b6:
d4:a0:af:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAWOLUlLGoDz81NU9smSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMmUzMzBiNTg3OTU5MGFiYWU4MWJmNDBhOTFhNTEwMWJj
MThmYTAwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRiMTg2NTY2YTBmN2NlNmUwYzZiNzI0MzU1OGQ3MTc5YjBiMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK7aBy8VWb8TyJdsUVymLsI9BHzk
/QdI3IaOmh34ZDu+y0okif6RfeyS4ZQy0HmklP2SLfvUQQfRCo66MCR+Etzu0Tov
3rkpic7gvmw05x32D3ALGj0XCRG5wtzcEQwkGO8xdvSmnRY0qXln3Wfas4yJIwxI
s8oeIk5i3EJq7bVoJAQEpKQWHZeDA0r09ddRXRPWD7hNjg6M0OViq9SywiF8IbfE
5+m2wj/wXB4PrHU+hyCSZSyHF9qeQyO8adRKi3D7ekvxERR1/j5X/DhsKiReE1xi
4AKjj3eROBYO6nzmtEjYCt7prZh+1ehMNOA1LY3wUA78QGVpGD77RtZC3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABLGGVmoPfObgxrckNVjXF5sLE8MB8GA1UdIwQY
MBaAFJIuMwtYeVkKuugb9AqRpRAbwY+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2k0ekMxaDVXUXE2NkJ2MENwR2xFQnZCajZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mMTgwZmYtMzM2Yy00YjQ1LTkzNzgt
NTY4NjcyYzI1Y2E4LzEvQUVzWVpXYWc5ODV1REd0eVExV05jWG13c1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mMTgwZmYtMzM2Yy00YjQ1LTkzNzgtNTY4NjcyYzI1Y2E4
LzEva2k0ekMxaDVXUXE2NkJ2MENwR2xFQnZCajZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXgcMA0G
CSqGSIb3DQEBCwUAA4IBAQBT4umsMZpjl7BGHikdArdR7Z4z7pJEYjn/Uj1VsOG4
Jxb4Dy6JXzMG24otOSkhuh7ibPT+D2C6AsUFMZpAI9oZlhxB5aRiyoW7KeigMJWD
CavhS83ZesgrLAr/SGtyz6Wm6wAiGR9gheI16wFE6RRZ3u4KWhKxa/1Iln6FMD5K
MozjyeD8F2QrZw/dfTSyGUJuy3Al6SpTrAUAPBKK5n+mzEzeJwHoFY2j7zl/yXaI
ta4CcLXM5WBy+NJh9Cm8mGN6LF7WzRjBkthx2UOZQNFuaDwj0E5/nOoUl7lIKc+Y
PVNO7bouZQBVqPACoogPgLJmBQaOHAKX1MBuXbbUoK83
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:37 2024 by rpki-client on console.sobornost.net