Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/3qahZK-YFmBhRV0FzFTZCm6nL5s.roa
File: 3qahZK-YFmBhRV0FzFTZCm6nL5s.roa (raw, json)
Hash identifier: LIn4Z74X9AZ1uUI51wPQ8txdgqzHF50q4Imeg3Dnw+o=
Subject key identifier: DE:A6:A1:64:AF:98:16:60:61:45:5D:05:CC:54:D9:0A:6E:A7:2F:9B
Certificate issuer: /CN=ba94caab27375edf61bf8c99cc1c2b6abbafff15
Certificate serial: 01828F09D76609E76F0DDF279065839C414F
Authority key identifier: BA:94:CA:AB:27:37:5E:DF:61:BF:8C:99:CC:1C:2B:6A:BB:AF:FF:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upTKqyc3Xt9hv4yZzBwraruv_xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/3qahZK-YFmBhRV0FzFTZCm6nL5s.roa
Signing time: Thu 11 Aug 2022 22:32:43 +0000
ROA not before: Thu 11 Aug 2022 22:32:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 185.94.32.0/22 maxlen: 22
185.68.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8f:09:d7:66:09:e7:6f:0d:df:27:90:65:83:9c:41:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba94caab27375edf61bf8c99cc1c2b6abbafff15
Validity
Not Before: Aug 11 22:32:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dea6a164af98166061455d05cc54d90a6ea72f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ea:c9:4c:83:cf:53:0e:cf:ea:79:a8:bd:d2:
ce:31:87:27:b6:2d:2c:0e:d1:cb:ef:89:86:b7:d7:
89:8b:51:2d:f6:37:74:75:2d:84:db:2b:21:e5:af:
50:86:fe:9e:37:d7:4f:eb:5f:30:9f:b9:48:90:b5:
49:2a:0e:97:1b:1a:74:6c:00:05:d5:c7:6f:22:7a:
c3:9f:a4:cc:18:60:28:3d:27:ce:87:d7:19:b3:d9:
0e:2c:32:59:45:63:f7:b4:67:d3:13:c5:55:12:48:
f5:20:97:0d:48:08:38:45:68:f8:e0:a2:ab:5f:a0:
2c:f8:c4:3f:a1:07:d0:b3:45:3b:b6:ae:20:5e:60:
69:95:48:16:fb:3d:9a:ef:1a:8f:25:47:8b:1f:80:
8f:01:8b:12:fc:3d:22:e0:00:75:99:b2:49:15:2b:
03:bd:78:ab:5c:82:a3:06:c8:62:b0:dc:22:d8:a4:
f7:40:7e:52:81:55:f8:b0:ea:d1:75:21:ab:0a:8e:
d9:a9:4a:b8:8d:04:8d:1e:62:35:59:07:48:d1:b8:
11:92:b4:3f:b0:49:88:2c:d8:08:bc:0b:41:3b:05:
ef:20:6a:05:91:81:3e:48:1c:80:73:80:88:d8:3f:
fd:e7:b8:12:23:59:46:dc:e9:79:48:e3:04:fc:f2:
ff:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A6:A1:64:AF:98:16:60:61:45:5D:05:CC:54:D9:0A:6E:A7:2F:9B
X509v3 Authority Key Identifier:
keyid:BA:94:CA:AB:27:37:5E:DF:61:BF:8C:99:CC:1C:2B:6A:BB:AF:FF:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upTKqyc3Xt9hv4yZzBwraruv_xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/3qahZK-YFmBhRV0FzFTZCm6nL5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/b77b81-e5d4-48bc-be77-213771652599/1/upTKqyc3Xt9hv4yZzBwraruv_xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.152.0/22
185.94.32.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:bb:28:f9:4b:04:18:1b:c9:38:e8:15:12:fd:59:2b:02:22:
cf:f4:65:e6:8c:50:cc:1f:80:27:2c:64:46:8c:ce:63:26:fb:
29:e5:f1:c0:33:20:73:2a:c1:c3:45:39:d6:f7:1e:25:8c:a6:
51:e9:e3:3b:bd:79:d9:ce:53:4d:1e:b2:e5:10:e1:d0:92:9b:
8a:c6:66:bf:ac:a8:24:e2:65:39:25:60:61:e8:df:be:13:c0:
b1:19:e9:d9:48:4b:7b:e5:3a:c4:b8:c9:49:b4:0a:7e:ff:e4:
91:eb:88:ef:5f:00:a5:16:ea:0a:86:72:f5:a6:61:fa:69:4b:
18:2e:8b:67:da:f5:2d:6f:a6:5e:28:6a:04:41:62:90:2a:d9:
70:ad:fb:7b:f8:09:50:42:f0:4c:b2:25:3d:1e:6d:dd:47:f8:
01:5b:a9:47:54:ae:08:b7:40:5e:b3:07:1c:2b:51:54:97:75:
02:3f:14:b1:b1:3e:bd:e0:2c:05:6e:6d:bb:bd:de:4d:31:a4:
4d:fe:0a:c3:48:0b:46:d0:bb:29:5b:c1:fa:f5:79:b1:6d:23:
ef:21:a8:e0:0d:cf:32:8b:5c:b6:8d:df:5e:05:4f:c9:31:de:
c7:8f:34:fe:2c:24:8e:bc:e6:ec:fc:ec:51:80:b9:bc:38:dd:
bb:7f:e1:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKPCddmCedvDd8nkGWDnEFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOTRjYWFiMjczNzVlZGY2MWJmOGM5OWNjMWMyYjZhYmJh
ZmZmMTUwHhcNMjIwODExMjIzMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE2YTE2NGFmOTgxNjYwNjE0NTVkMDVjYzU0ZDkwYTZlYTcyZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqerJTIPPUw7P6nmovdLOMYcnti0s
DtHL74mGt9eJi1Et9jd0dS2E2ysh5a9Qhv6eN9dP618wn7lIkLVJKg6XGxp0bAAF
1cdvInrDn6TMGGAoPSfOh9cZs9kOLDJZRWP3tGfTE8VVEkj1IJcNSAg4RWj44KKr
X6As+MQ/oQfQs0U7tq4gXmBplUgW+z2a7xqPJUeLH4CPAYsS/D0i4AB1mbJJFSsD
vXirXIKjBshisNwi2KT3QH5SgVX4sOrRdSGrCo7ZqUq4jQSNHmI1WQdI0bgRkrQ/
sEmILNgIvAtBOwXvIGoFkYE+SByAc4CI2D/957gSI1lG3Ol5SOME/PL/FQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6moWSvmBZgYUVdBcxU2Qpupy+bMB8GA1UdIwQY
MBaAFLqUyqsnN17fYb+MmcwcK2q7r/8VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXBUS3F5YzNYdDlodjR5WnpCd3JhcnV2X3hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9iNzdiODEtZTVkNC00OGJjLWJlNzct
MjEzNzcxNjUyNTk5LzEvM3FhaFpLLVlGbUJoUlYwRnpGVFpDbTZuTDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9iNzdiODEtZTVkNC00OGJjLWJlNzctMjEzNzcxNjUyNTk5
LzEvdXBUS3F5YzNYdDlodjR5WnpCd3JhcnV2X3hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUSYAwQC
uV4gMA0GCSqGSIb3DQEBCwUAA4IBAQBfuyj5SwQYG8k46BUS/VkrAiLP9GXmjFDM
H4AnLGRGjM5jJvsp5fHAMyBzKsHDRTnW9x4ljKZR6eM7vXnZzlNNHrLlEOHQkpuK
xma/rKgk4mU5JWBh6N++E8CxGenZSEt75TrEuMlJtAp+/+SR64jvXwClFuoKhnL1
pmH6aUsYLotn2vUtb6ZeKGoEQWKQKtlwrft7+AlQQvBMsiU9Hm3dR/gBW6lHVK4I
t0BeswccK1FUl3UCPxSxsT694CwFbm27vd5NMaRN/grDSAtG0LspW8H69XmxbSPv
IajgDc8yi1y2jd9eBU/JMd7HjzT+LCSOvObs/OxRgLm8ON27f+HG
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:49 2023 by rpki-client on console.sobornost.net