Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/TtqPAQL8diNk57Yq0YS4dWolVxc.roa
File: TtqPAQL8diNk57Yq0YS4dWolVxc.roa (raw, json)
Hash identifier: hyT/dSsNXH1YYxYPe1clQR9INrFEb97EIe7wb0cvXxE=
Subject key identifier: 4E:DA:8F:01:02:FC:76:23:64:E7:B6:2A:D1:84:B8:75:6A:25:57:17
Certificate issuer: /CN=630213aba1ea928b9ed32491de9ba10464b0636c
Certificate serial: 018CC5DC15FFE188EFA3F2386FD2CB7D8143
Authority key identifier: 63:02:13:AB:A1:EA:92:8B:9E:D3:24:91:DE:9B:A1:04:64:B0:63:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwITq6Hqkoue0ySR3puhBGSwY2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/TtqPAQL8diNk57Yq0YS4dWolVxc.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203136
IP address blocks: 185.143.176.0/24 maxlen: 24
185.143.176.0/22 maxlen: 22
185.143.179.0/24 maxlen: 24
185.143.178.0/24 maxlen: 24
185.143.177.0/24 maxlen: 24
2a0e:2702::/32 maxlen: 32
2a0e:2700::/32 maxlen: 32
2a0e:2703::/32 maxlen: 32
2a0e:2701::/32 maxlen: 32
2a0e:2700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:15:ff:e1:88:ef:a3:f2:38:6f:d2:cb:7d:81:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=630213aba1ea928b9ed32491de9ba10464b0636c
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4eda8f0102fc762364e7b62ad184b8756a255717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b2:01:fe:23:db:f5:1a:18:92:a6:2a:c5:da:
e6:3d:c3:84:5b:f6:03:23:6d:e3:ae:42:ff:c8:b9:
f8:09:96:ff:ff:05:c2:a7:e0:18:eb:fc:5a:7a:03:
66:46:14:5a:35:5d:88:2a:22:e8:73:5d:2b:d1:a8:
12:3a:c6:f8:ba:5a:17:d9:63:47:67:fe:8a:47:45:
e6:2e:b6:f8:e7:01:ee:76:50:da:1b:df:56:8e:26:
10:b2:61:eb:1a:35:a3:7d:91:09:2a:2b:a1:6c:18:
b0:8a:66:ef:76:df:8c:ce:e4:9b:96:31:19:1d:34:
32:ff:15:15:52:08:6c:ef:d4:26:a6:3d:a5:75:05:
21:62:80:c6:0c:f8:fd:5c:be:41:35:1f:44:5f:3a:
27:87:a0:73:72:33:2d:93:9f:d2:c1:e8:35:1d:48:
3e:6c:f4:e6:e7:12:23:f8:f9:de:6f:ed:4b:4d:c3:
1f:f2:3a:42:8d:d7:5d:ad:a5:fd:4e:0b:f4:34:0b:
04:92:c8:05:12:5b:e6:33:7c:22:98:d5:b5:eb:ca:
fc:24:47:fc:6e:75:c7:79:58:29:12:8b:89:fb:18:
e8:db:37:6e:c5:3c:55:b3:33:7e:13:7c:63:2a:c6:
d1:6f:c0:c5:06:ce:51:7f:d4:4c:14:40:5e:dd:50:
e3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DA:8F:01:02:FC:76:23:64:E7:B6:2A:D1:84:B8:75:6A:25:57:17
X509v3 Authority Key Identifier:
keyid:63:02:13:AB:A1:EA:92:8B:9E:D3:24:91:DE:9B:A1:04:64:B0:63:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwITq6Hqkoue0ySR3puhBGSwY2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/TtqPAQL8diNk57Yq0YS4dWolVxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/YwITq6Hqkoue0ySR3puhBGSwY2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.176.0/22
IPv6:
2a0e:2700::/29
Signature Algorithm: sha256WithRSAEncryption
39:4c:65:ee:85:bf:3a:26:74:e8:33:80:c4:d6:c0:38:5d:b8:
6d:a5:a4:e3:17:9e:f4:be:38:ad:ea:36:4e:52:58:62:08:ef:
79:e5:31:52:d9:4f:47:2c:4b:63:5d:02:6a:3a:51:2e:e5:15:
f0:f7:63:0f:7c:af:06:4e:49:c8:a9:25:ca:cc:b5:7a:9b:d8:
f2:ca:6a:9b:a8:02:25:3a:5b:31:2f:52:87:e2:7b:de:ac:f6:
40:a1:fc:4c:7e:fa:d3:9a:89:de:42:8e:2e:b3:ac:a6:b3:75:
d9:cf:75:ea:b3:e7:0d:94:17:67:e2:66:86:df:aa:c7:54:70:
1d:a0:0a:2e:d2:94:55:cf:9c:45:d6:e9:45:1e:7e:1d:70:68:
d3:28:a5:2c:4b:2a:ca:8c:e2:b5:45:45:2e:6e:46:7a:37:22:
69:89:3b:0b:32:a9:e0:80:e1:3b:54:9e:e0:3e:c9:b4:ea:c0:
46:6a:af:62:79:78:59:0d:2f:f7:d7:8f:4d:70:72:3e:07:1a:
09:54:a5:5d:24:4d:de:d3:d7:2e:0b:a3:91:64:b9:f4:d6:c9:
3f:b3:8a:6b:b7:e8:02:50:7c:24:0e:c8:6c:15:2d:9d:f6:dc:
bf:25:87:5a:f4:ed:a8:b4:46:45:92:2c:c4:81:f6:a1:21:db:
04:24:e5:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3BX/4Yjvo/I4b9LLfYFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDIxM2FiYTFlYTkyOGI5ZWQzMjQ5MWRlOWJhMTA0NjRi
MDYzNmMwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWRhOGYwMTAyZmM3NjIzNjRlN2I2MmFkMTg0Yjg3NTZhMjU1NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLIB/iPb9RoYkqYqxdrmPcOEW/YD
I23jrkL/yLn4CZb//wXCp+AY6/xaegNmRhRaNV2IKiLoc10r0agSOsb4uloX2WNH
Z/6KR0XmLrb45wHudlDaG99WjiYQsmHrGjWjfZEJKiuhbBiwimbvdt+MzuSbljEZ
HTQy/xUVUghs79Qmpj2ldQUhYoDGDPj9XL5BNR9EXzonh6BzcjMtk5/Sweg1HUg+
bPTm5xIj+Pneb+1LTcMf8jpCjdddraX9Tgv0NAsEksgFElvmM3wimNW168r8JEf8
bnXHeVgpEouJ+xjo2zduxTxVszN+E3xjKsbRb8DFBs5Rf9RMFEBe3VDjkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE7ajwEC/HYjZOe2KtGEuHVqJVcXMB8GA1UdIwQY
MBaAFGMCE6uh6pKLntMkkd6boQRksGNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdJVHE2SHFrb3VlMHlTUjNwdWhCR1N3WTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9hY2NjNzYtZTEyMy00NWIxLTk2YjQt
OGY0YzU5ZWMyMGJlLzEvVHRxUEFRTDhkaU5rNTdZcTBZUzRkV29sVnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9hY2NjNzYtZTEyMy00NWIxLTk2YjQtOGY0YzU5ZWMyMGJl
LzEvWXdJVHE2SHFrb3VlMHlTUjNwdWhCR1N3WTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY+wMA0E
AgACMAcDBQMqDicAMA0GCSqGSIb3DQEBCwUAA4IBAQA5TGXuhb86JnToM4DE1sA4
XbhtpaTjF570vjit6jZOUlhiCO955TFS2U9HLEtjXQJqOlEu5RXw92MPfK8GTknI
qSXKzLV6m9jyymqbqAIlOlsxL1KH4nverPZAofxMfvrTmoneQo4us6yms3XZz3Xq
s+cNlBdn4maG36rHVHAdoAou0pRVz5xF1ulFHn4dcGjTKKUsSyrKjOK1RUUubkZ6
NyJpiTsLMqnggOE7VJ7gPsm06sBGaq9ieXhZDS/3149NcHI+BxoJVKVdJE3e09cu
C6ORZLn01sk/s4prt+gCUHwkDshsFS2d9ty/JYda9O2otEZFkizEgfahIdsEJOXX
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:38 2024 by rpki-client on console.sobornost.net