Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/Rolr2baB-MgkMT6zkumr5wY16Ng.roa
File: Rolr2baB-MgkMT6zkumr5wY16Ng.roa (raw, json)
Hash identifier: H2lf79QWpEDnvJeCoc2pKBaiFHru26PK2FTQuJlC0aM=
Subject key identifier: 46:89:6B:D9:B6:81:F8:C8:24:31:3E:B3:92:E9:AB:E7:06:35:E8:D8
Certificate issuer: /CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Certificate serial: 019179EB805570B9919502AAAD75800D1EF2
Authority key identifier: BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/Rolr2baB-MgkMT6zkumr5wY16Ng.roa
Signing time: Thu 22 Aug 2024 11:49:22 +0000
ROA not before: Thu 22 Aug 2024 11:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60284
IP address blocks: 178.238.0.0/22 maxlen: 24
193.9.27.0/24 maxlen: 24
193.135.96.0/22 maxlen: 24
193.135.99.0/24 maxlen: 32
193.228.197.0/24 maxlen: 24
193.228.198.0/24 maxlen: 24
2a13:a200::/29 maxlen: 48
2a13:a200::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:79:eb:80:55:70:b9:91:95:02:aa:ad:75:80:0d:1e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Validity
Not Before: Aug 22 11:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46896bd9b681f8c824313eb392e9abe70635e8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0b:71:a6:f3:f1:ef:b5:b7:b7:29:24:b4:cb:
28:a8:56:24:69:25:95:bd:42:30:9f:b6:a1:1b:46:
1c:76:f0:ba:80:90:85:fd:39:c6:44:62:68:69:b4:
13:43:1f:8d:d9:b9:b4:61:13:24:7b:6e:11:12:3a:
34:e9:a8:a7:97:64:20:a6:fd:5e:32:9e:e5:5e:da:
68:fa:49:55:b4:a6:7e:d3:d8:06:62:e6:4e:9a:7a:
45:0e:95:d9:24:19:06:d0:36:60:87:00:07:e0:f1:
af:b4:71:74:d0:c1:df:d7:b1:12:ef:a1:4b:29:4e:
6c:14:3f:2a:3c:86:d5:a4:c5:ee:3a:d1:5c:5e:9c:
3d:7f:13:9e:a0:08:03:ee:a6:d9:74:36:b1:ca:6b:
6b:88:7d:40:70:30:8d:3e:ee:aa:e4:45:aa:ac:80:
64:07:9a:88:1d:56:de:78:87:55:44:1d:bc:85:97:
2f:9f:d4:2e:49:dc:fd:26:29:ef:b8:3c:e5:8f:8d:
7d:0f:a0:70:99:b1:e4:6f:c9:81:95:86:d3:7c:a7:
d7:90:fc:04:7a:31:1a:db:8a:ac:b1:db:ec:56:88:
89:c0:fa:a8:28:f2:72:ed:f3:0c:66:71:e6:fc:57:
39:86:88:74:e7:ce:52:ff:61:58:67:ea:b1:bb:d0:
3e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:89:6B:D9:B6:81:F8:C8:24:31:3E:B3:92:E9:AB:E7:06:35:E8:D8
X509v3 Authority Key Identifier:
keyid:BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/Rolr2baB-MgkMT6zkumr5wY16Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.238.0.0/22
193.9.27.0/24
193.135.96.0/22
193.228.197.0-193.228.198.255
IPv6:
2a13:a200::/29
Signature Algorithm: sha256WithRSAEncryption
1c:c2:e5:d3:e8:c7:cc:96:3a:a9:ea:63:6e:ff:8a:63:b2:7e:
29:43:64:bc:6c:2d:59:71:29:95:78:7f:3b:d3:6b:81:1f:31:
59:d0:4d:54:dd:ed:95:09:8f:6c:e1:b4:b8:a8:1e:9b:e1:dc:
5f:20:2f:b2:8a:83:f5:bf:43:c3:2c:3f:d5:35:95:93:97:ee:
a6:30:d4:02:5c:cd:9a:9c:5a:ce:95:22:27:6e:00:df:0f:74:
76:19:bd:23:5a:aa:44:41:dc:f3:e8:41:57:f9:7b:f3:1c:3d:
a4:fa:9d:01:cf:46:4d:0f:68:42:b8:89:45:34:e4:96:25:86:
52:22:fe:c3:a8:12:4c:ce:c0:33:a9:fc:f8:6e:55:e0:34:73:
5f:dc:38:e3:d8:d6:70:0d:6b:45:db:84:df:bf:13:38:ec:b2:
eb:22:fd:18:6f:77:8f:38:39:12:96:65:06:4d:24:a8:d0:a6:
8e:90:39:33:03:12:a7:4b:89:e0:17:3f:58:46:36:41:0b:94:
8c:27:40:c7:e3:1d:63:62:d8:80:03:40:01:48:8f:5f:12:5a:
69:d6:c8:4b:cf:02:d4:13:00:4f:5a:ac:64:73:95:4a:d0:54:
79:4f:83:ea:00:4c:5f:ef:53:ca:bc:b3:da:f8:bb:bd:44:fe:
1a:8c:f9:f0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZF564BVcLmRlQKqrXWADR7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTYzNmZmNTIzZTVmMzczNDIyN2YzM2M0NGMyZTUwZmY4
ZDFlZTIwHhcNMjQwODIyMTE0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njg5NmJkOWI2ODFmOGM4MjQzMTNlYjM5MmU5YWJlNzA2MzVlOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wtxpvPx77W3tykktMsoqFYkaSWV
vUIwn7ahG0YcdvC6gJCF/TnGRGJoabQTQx+N2bm0YRMke24REjo06ainl2Qgpv1e
Mp7lXtpo+klVtKZ+09gGYuZOmnpFDpXZJBkG0DZghwAH4PGvtHF00MHf17ES76FL
KU5sFD8qPIbVpMXuOtFcXpw9fxOeoAgD7qbZdDaxymtriH1AcDCNPu6q5EWqrIBk
B5qIHVbeeIdVRB28hZcvn9QuSdz9JinvuDzlj419D6BwmbHkb8mBlYbTfKfXkPwE
ejEa24qssdvsVoiJwPqoKPJy7fMMZnHm/Fc5hoh0585S/2FYZ+qxu9A+OQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFEaJa9m2gfjIJDE+s5Lpq+cGNejYMB8GA1UdIwQY
MBaAFL3mNv9SPl83NCJ/M8RMLlD/jR7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYt
N2JmYjQzODFhYjU0LzEvUm9scjJiYUItTWdrTVQ2emt1bXI1d1kxNk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYtN2JmYjQzODFhYjU0
LzEvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCsu4AAwQA
wQkbAwQCwYdgMAwDBADB5MUDBADB5MYwDQQCAAIwBwMFAyoTogAwDQYJKoZIhvcN
AQELBQADggEBABzC5dPox8yWOqnqY27/imOyfilDZLxsLVlxKZV4fzvTa4EfMVnQ
TVTd7ZUJj2zhtLioHpvh3F8gL7KKg/W/Q8MsP9U1lZOX7qYw1AJczZqcWs6VIidu
AN8PdHYZvSNaqkRB3PPoQVf5e/McPaT6nQHPRk0PaEK4iUU05JYlhlIi/sOoEkzO
wDOp/PhuVeA0c1/cOOPY1nANa0XbhN+/Ezjssusi/Rhvd484ORKWZQZNJKjQpo6Q
OTMDEqdLieAXP1hGNkELlIwnQMfjHWNi2IADQAFIj18SWmnWyEvPAtQTAE9arGRz
lUrQVHlPg+oATF/vU8q8s9r4u71E/hqM+fA=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:49 2024 by rpki-client on console.sobornost.net