Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/5de8ae-1705-4317-9ff5-ae9d419ef6ea/1/Bi_aMgwUTymFYLZ1dqHN3xb1WIM.roa
File: Bi_aMgwUTymFYLZ1dqHN3xb1WIM.roa (raw, json)
Hash identifier: OlV4UGhtcjUWyQ60wNWyGVKylSK2gkMgaPlselbjwQc=
Subject key identifier: 06:2F:DA:32:0C:14:4F:29:85:60:B6:75:76:A1:CD:DF:16:F5:58:83
Certificate issuer: /CN=66ba47474f2c053d6b06c183cbd06f106e890bf9
Certificate serial: 018CC4937BE3CAE600C28A77AAE2B738F990
Authority key identifier: 66:BA:47:47:4F:2C:05:3D:6B:06:C1:83:CB:D0:6F:10:6E:89:0B:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZrpHR08sBT1rBsGDy9BvEG6JC_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/5de8ae-1705-4317-9ff5-ae9d419ef6ea/1/Bi_aMgwUTymFYLZ1dqHN3xb1WIM.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50670
IP address blocks: 185.96.68.0/22 maxlen: 22
185.96.71.0/24 maxlen: 24
185.96.68.0/24 maxlen: 24
185.96.70.0/24 maxlen: 24
185.96.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7b:e3:ca:e6:00:c2:8a:77:aa:e2:b7:38:f9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ba47474f2c053d6b06c183cbd06f106e890bf9
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=062fda320c144f298560b67576a1cddf16f55883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c3:93:9b:10:51:44:14:91:bd:90:6b:a5:aa:
eb:df:f9:df:eb:c2:9d:69:67:5d:a9:66:74:c4:78:
2a:4c:a0:ab:4a:4e:84:2e:d0:16:e3:2f:66:35:8a:
c6:72:49:f2:aa:f3:54:6f:19:a3:99:9c:1d:e3:f9:
b7:8a:cd:99:8a:d4:29:b3:01:8d:17:6e:1e:c0:eb:
89:c9:e8:49:e7:ab:d8:47:1d:aa:ee:6b:f3:a5:51:
8d:66:d8:6a:77:87:be:00:d4:89:d0:36:5c:56:8a:
24:36:86:54:ab:2a:80:bd:b1:f2:25:17:2b:42:cd:
f5:d2:42:cd:69:f6:63:47:b5:af:01:69:b4:cd:96:
29:0d:50:57:b5:aa:3c:39:9b:75:51:3e:3f:ab:83:
4b:fc:fb:c3:15:dc:5b:29:4a:1c:cc:64:50:af:89:
bd:17:ae:5b:25:fb:ba:59:f5:e0:86:43:94:4f:d1:
ea:b9:ca:13:36:2a:fc:01:ec:42:54:87:00:14:72:
0a:34:22:77:6c:51:37:0c:0a:3d:fa:73:38:c0:96:
53:de:e3:f4:68:a6:b1:f5:be:81:1f:d0:0a:bb:20:
c0:c5:9f:6c:2e:ec:b3:79:dc:e1:c8:77:23:5b:a2:
16:50:87:4b:7f:d3:27:6f:a7:2b:3e:fe:fe:da:1f:
22:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2F:DA:32:0C:14:4F:29:85:60:B6:75:76:A1:CD:DF:16:F5:58:83
X509v3 Authority Key Identifier:
keyid:66:BA:47:47:4F:2C:05:3D:6B:06:C1:83:CB:D0:6F:10:6E:89:0B:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZrpHR08sBT1rBsGDy9BvEG6JC_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/5de8ae-1705-4317-9ff5-ae9d419ef6ea/1/Bi_aMgwUTymFYLZ1dqHN3xb1WIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/5de8ae-1705-4317-9ff5-ae9d419ef6ea/1/ZrpHR08sBT1rBsGDy9BvEG6JC_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.68.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:95:5f:a4:9e:7a:99:85:8e:69:6f:2d:a5:42:47:b8:28:16:
6e:53:80:4a:9c:ec:e1:3f:b1:a4:0a:bf:9d:d3:0b:55:ff:fa:
8c:1b:30:d8:43:41:73:df:e2:54:3f:f1:aa:d8:ce:d0:ab:2a:
dc:97:b1:1b:ed:48:b2:41:a4:05:92:e1:31:da:26:f8:ce:08:
1c:fb:80:63:3e:39:eb:3a:e0:89:3e:75:44:6e:4d:4a:e0:d1:
8a:22:ca:46:8a:8f:c2:60:65:d1:87:c8:ab:dd:bd:12:eb:93:
1a:e6:6d:cd:18:7c:a6:15:01:f8:54:d6:c0:cc:63:f8:28:80:
76:f8:9a:e7:25:c9:8b:92:8a:8a:9b:55:0d:52:97:bf:50:48:
f9:85:44:54:83:4b:a3:f6:65:56:8b:de:30:f1:ac:ba:4a:70:
48:91:03:0a:2b:ac:72:09:ea:53:e7:79:6a:5b:27:19:2f:a7:
8f:4f:78:71:13:d7:f8:b0:27:e4:36:6f:47:f9:58:ab:8d:f3:
fd:89:f2:f4:7e:60:30:80:2d:fd:5c:13:16:81:4d:07:23:3e:
33:d8:a4:84:85:d5:62:12:58:79:53:5d:bd:2a:d1:97:01:1d:
2e:ce:e9:d1:60:6f:ba:a6:2f:bb:f4:eb:b6:ef:07:af:40:88:
9c:94:af:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk3vjyuYAwop3quK3OPmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmE0NzQ3NGYyYzA1M2Q2YjA2YzE4M2NiZDA2ZjEwNmU4
OTBiZjkwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJmZGEzMjBjMTQ0ZjI5ODU2MGI2NzU3NmExY2RkZjE2ZjU1ODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMOTmxBRRBSRvZBrparr3/nf68Kd
aWddqWZ0xHgqTKCrSk6ELtAW4y9mNYrGcknyqvNUbxmjmZwd4/m3is2ZitQpswGN
F24ewOuJyehJ56vYRx2q7mvzpVGNZthqd4e+ANSJ0DZcVookNoZUqyqAvbHyJRcr
Qs310kLNafZjR7WvAWm0zZYpDVBXtao8OZt1UT4/q4NL/PvDFdxbKUoczGRQr4m9
F65bJfu6WfXghkOUT9HqucoTNir8AexCVIcAFHIKNCJ3bFE3DAo9+nM4wJZT3uP0
aKax9b6BH9AKuyDAxZ9sLuyzedzhyHcjW6IWUIdLf9Mnb6crPv7+2h8iKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYv2jIMFE8phWC2dXahzd8W9ViDMB8GA1UdIwQY
MBaAFGa6R0dPLAU9awbBg8vQbxBuiQv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnJwSFIwOHNCVDFyQnNHRHk5QnZFRzZKQ19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi81ZGU4YWUtMTcwNS00MzE3LTlmZjUt
YWU5ZDQxOWVmNmVhLzEvQmlfYU1nd1VUeW1GWUxaMWRxSE4zeGIxV0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi81ZGU4YWUtMTcwNS00MzE3LTlmZjUtYWU5ZDQxOWVmNmVh
LzEvWnJwSFIwOHNCVDFyQnNHRHk5QnZFRzZKQ19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWBEMA0G
CSqGSIb3DQEBCwUAA4IBAQCMlV+knnqZhY5pby2lQke4KBZuU4BKnOzhP7GkCr+d
0wtV//qMGzDYQ0Fz3+JUP/Gq2M7Qqyrcl7Eb7UiyQaQFkuEx2ib4zggc+4BjPjnr
OuCJPnVEbk1K4NGKIspGio/CYGXRh8ir3b0S65Ma5m3NGHymFQH4VNbAzGP4KIB2
+JrnJcmLkoqKm1UNUpe/UEj5hURUg0uj9mVWi94w8ay6SnBIkQMKK6xyCepT53lq
WycZL6ePT3hxE9f4sCfkNm9H+VirjfP9ifL0fmAwgC39XBMWgU0HIz4z2KSEhdVi
Elh5U129KtGXAR0uzunRYG+6pi+79Ou27wevQIiclK+T
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:34 2024 by rpki-client on console.sobornost.net