Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/thOyLvktp7qeD7zHFogy5bKrX40.roa
File: thOyLvktp7qeD7zHFogy5bKrX40.roa (raw, json)
Hash identifier: 7WK6cJ7KPLVqShZxhteuJd5s0hAf2/XA98csSI7Nk9I=
Subject key identifier: B6:13:B2:2E:F9:2D:A7:BA:9E:0F:BC:C7:16:88:32:E5:B2:AB:5F:8D
Certificate issuer: /CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Certificate serial: 0193D18963E52DA3BF9B16C9F77661F9A885
Authority key identifier: 85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/thOyLvktp7qeD7zHFogy5bKrX40.roa
Signing time: Mon 16 Dec 2024 22:14:22 +0000
ROA not before: Mon 16 Dec 2024 22:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204119
IP address blocks: 84.38.64.0/21 maxlen: 21
84.38.64.0/22 maxlen: 22
84.38.78.0/23 maxlen: 24
2a00:5080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d1:89:63:e5:2d:a3:bf:9b:16:c9:f7:76:61:f9:a8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Validity
Not Before: Dec 16 22:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b613b22ef92da7ba9e0fbcc7168832e5b2ab5f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:25:17:e3:f5:ec:86:53:8e:09:ca:90:5e:b3:
a5:df:ea:3a:0a:3a:45:09:f0:b3:82:f1:2b:47:92:
f4:5c:95:18:d8:fc:44:b1:87:2b:c1:20:53:a7:50:
cc:04:d1:e6:36:ce:ce:d8:32:c2:87:28:50:3e:7d:
e0:12:53:61:9d:53:bb:f3:ed:82:ad:9e:15:93:1d:
2e:c4:1e:60:63:26:15:1f:7c:9e:f1:7d:3c:cd:93:
7d:82:1c:32:ba:28:70:76:da:c7:8d:66:10:e8:8f:
be:dc:3d:e0:d2:8f:da:e1:32:cd:bc:88:66:d6:d6:
26:af:a2:24:3b:32:44:63:1f:cb:de:aa:20:b7:33:
f3:e8:6d:ad:f3:bd:14:4e:f3:1c:a7:d0:b1:5e:4e:
7b:76:be:8a:8d:9b:76:89:33:2b:69:39:f2:8c:dc:
a7:e6:99:d5:26:71:fb:4c:58:1a:28:a8:ef:b6:41:
46:65:fc:23:dd:99:c8:2b:bf:be:b9:85:24:7d:37:
ec:26:72:d7:be:70:ac:fc:57:97:97:58:40:a7:70:
10:66:e6:cd:d4:57:31:71:6a:4c:7c:f2:8c:74:82:
77:ab:b6:74:a4:6f:ab:8b:ff:fa:2f:f9:e1:d7:0b:
fa:da:52:3a:18:ce:02:4d:33:ef:7b:d4:47:ad:78:
b6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:13:B2:2E:F9:2D:A7:BA:9E:0F:BC:C7:16:88:32:E5:B2:AB:5F:8D
X509v3 Authority Key Identifier:
keyid:85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/thOyLvktp7qeD7zHFogy5bKrX40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.64.0/21
84.38.78.0/23
IPv6:
2a00:5080::/32
Signature Algorithm: sha256WithRSAEncryption
0b:34:2a:1c:48:1f:4f:27:46:1f:1e:38:88:64:a9:c7:1e:7d:
d5:f8:d8:13:2f:ef:c4:a2:45:41:aa:df:07:a6:71:1d:c4:27:
9f:5f:bf:bb:3c:41:bd:13:3a:d7:a0:df:e9:95:51:b0:e2:b4:
e5:b6:6e:5f:63:14:96:f3:c7:30:81:6f:19:e3:99:9b:1a:93:
ac:1e:94:c2:ec:19:4a:8e:25:13:11:7f:a9:43:a1:15:b5:4c:
e5:75:81:79:90:f0:02:7a:f0:5d:2f:6c:6f:fd:5b:ef:0c:31:
1a:e7:ea:99:3e:33:ba:4b:40:51:0b:c9:c8:88:b5:89:1c:f3:
00:30:b2:69:89:75:37:a9:11:63:6c:c8:07:4e:77:c2:ba:8f:
e6:f0:c2:29:a6:37:5e:46:26:3b:56:06:e8:b5:b5:1b:59:b8:
f2:f2:1e:e5:35:ba:67:16:c4:fe:98:c8:41:de:82:d9:9d:5b:
4e:57:74:95:24:1e:8c:33:3b:00:7e:f0:10:fc:66:a6:05:87:
74:71:4f:5d:da:44:1f:c2:0e:f0:4c:54:92:ab:61:ef:8f:ae:
6f:3e:e5:26:d8:87:df:c0:4a:d8:f9:fd:42:19:b8:c6:89:d7:
9c:82:34:5e:f3:13:0e:29:7a:4f:39:06:27:0e:f6:d2:e8:3a:
5d:f9:a5:61
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZPRiWPlLaO/mxbJ93Zh+aiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzM1MjVkNjhiNjExMTY1NjRlMTZlMWRkNGU1NmNiMDM1
YzljODUwHhcNMjQxMjE2MjIxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjEzYjIyZWY5MmRhN2JhOWUwZmJjYzcxNjg4MzJlNWIyYWI1ZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CUX4/XshlOOCcqQXrOl3+o6CjpF
CfCzgvErR5L0XJUY2PxEsYcrwSBTp1DMBNHmNs7O2DLChyhQPn3gElNhnVO78+2C
rZ4Vkx0uxB5gYyYVH3ye8X08zZN9ghwyuihwdtrHjWYQ6I++3D3g0o/a4TLNvIhm
1tYmr6IkOzJEYx/L3qogtzPz6G2t870UTvMcp9CxXk57dr6KjZt2iTMraTnyjNyn
5pnVJnH7TFgaKKjvtkFGZfwj3ZnIK7++uYUkfTfsJnLXvnCs/FeXl1hAp3AQZubN
1FcxcWpMfPKMdIJ3q7Z0pG+ri//6L/nh1wv62lI6GM4CTTPve9RHrXi2hwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLYTsi75Lae6ng+8xxaIMuWyq1+NMB8GA1UdIwQY
MBaAFIXDUl1othEWVk4W4d1OVssDXJyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDkt
Njk0ZGJmYWRkYjhmLzEvdGhPeUx2a3RwN3FlRDd6SEZvZ3k1YktyWDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDktNjk0ZGJmYWRkYjhm
LzEvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVCZAAwQB
VCZOMA0EAgACMAcDBQAqAFCAMA0GCSqGSIb3DQEBCwUAA4IBAQALNCocSB9PJ0Yf
HjiIZKnHHn3V+NgTL+/EokVBqt8HpnEdxCefX7+7PEG9EzrXoN/plVGw4rTltm5f
YxSW88cwgW8Z45mbGpOsHpTC7BlKjiUTEX+pQ6EVtUzldYF5kPACevBdL2xv/Vvv
DDEa5+qZPjO6S0BRC8nIiLWJHPMAMLJpiXU3qRFjbMgHTnfCuo/m8MIppjdeRiY7
VgbotbUbWbjy8h7lNbpnFsT+mMhB3oLZnVtOV3SVJB6MMzsAfvAQ/GamBYd0cU9d
2kQfwg7wTFSSq2Hvj65vPuUm2IffwErY+f1CGbjGidecgjRe8xMOKXpPOQYnDvbS
6Dpd+aVh
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:01 2024 by rpki-client on console.sobornost.net