Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/YxYRh0JYFG2DD0yTMBmp-pEIAWY.roa
File: YxYRh0JYFG2DD0yTMBmp-pEIAWY.roa (raw, json)
Hash identifier: vxltZ+UonXGDM5MFpgb5Oq895mlJjbY/W5n8H9MQM6k=
Subject key identifier: 63:16:11:87:42:58:14:6D:83:0F:4C:93:30:19:A9:FA:91:08:01:66
Certificate issuer: /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial: 018F351AAFB53C5A28AD6E3D6F869F0EE837
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/YxYRh0JYFG2DD0yTMBmp-pEIAWY.roa
Signing time: Wed 01 May 2024 17:01:32 +0000
ROA not before: Wed 01 May 2024 17:01:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216360
IP address blocks: 85.114.96.0/24 maxlen: 24
85.114.105.0/24 maxlen: 24
85.114.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:35:1a:af:b5:3c:5a:28:ad:6e:3d:6f:86:9f:0e:e8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
Validity
Not Before: May 1 17:01:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=631611874258146d830f4c933019a9fa91080166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:13:e9:e7:a5:8d:bb:9c:73:30:79:60:aa:5b:
47:b6:1b:28:6e:22:06:41:78:8c:b2:3d:a7:62:22:
94:b4:f6:b0:35:3f:13:98:31:a6:a6:71:c4:5b:30:
b6:39:7f:e8:1e:a0:b4:4f:16:f7:2e:50:a0:69:03:
aa:ec:8e:07:d0:12:4e:38:55:e1:53:d2:86:d2:59:
dd:e2:69:a2:99:e8:fd:20:f3:b1:ee:6f:95:08:27:
83:5b:96:f9:f2:05:8c:ac:a7:98:57:75:83:d3:80:
af:9d:68:4c:5a:62:4f:56:c8:ee:98:55:97:ce:b3:
64:8d:bc:7d:c3:2e:4f:03:c7:33:d8:5e:da:c7:1e:
15:cf:28:e0:90:7e:42:08:c0:13:cd:4a:e5:a5:ca:
a3:80:ea:9f:35:b0:61:6d:bd:6c:ca:b5:b6:10:c9:
cb:df:9c:b0:99:b5:0b:3c:05:e6:0e:61:e0:8c:ac:
6f:7b:8d:0d:ed:36:92:a9:e1:d5:40:37:fb:ce:cd:
42:89:0a:07:87:c3:6b:66:76:60:3c:24:9e:1b:89:
c8:80:72:de:be:13:62:81:44:f7:af:41:55:a0:50:
5e:e9:7f:1d:aa:57:ac:ad:5a:c8:8d:2d:92:6a:5e:
10:07:85:04:b8:6e:55:16:21:5d:dd:b6:43:65:30:
ab:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:16:11:87:42:58:14:6D:83:0F:4C:93:30:19:A9:FA:91:08:01:66
X509v3 Authority Key Identifier:
keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/YxYRh0JYFG2DD0yTMBmp-pEIAWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.96.0/24
85.114.105.0-85.114.106.255
Signature Algorithm: sha256WithRSAEncryption
6f:db:d6:3c:a5:7c:2f:7e:ff:9b:8b:ea:7e:76:3c:49:13:56:
dd:f6:e6:17:a0:0d:56:6c:e4:be:d0:c9:82:f4:3d:a0:2f:86:
24:1e:f8:e1:85:f2:4d:99:7b:27:1a:4e:1a:53:63:60:07:98:
b7:28:9e:3e:47:99:e3:c8:d5:c6:f3:2d:3b:ff:65:b9:bf:04:
83:ca:30:78:e8:ce:38:b9:91:a3:b8:a2:6f:a9:7e:13:1f:fb:
ee:e5:64:c2:9d:55:6c:29:73:53:3e:88:7c:9d:c9:dd:ec:64:
5b:5c:67:12:2e:ef:a9:c2:2a:31:1f:c3:fe:7b:a9:42:b3:32:
4b:de:22:72:6d:bc:28:48:b8:bb:30:ac:90:51:de:74:ac:74:
ae:76:c0:1d:18:8d:c8:7d:9e:6f:4d:82:cc:9c:cb:4a:cf:65:
a9:23:e8:ae:45:e3:68:5b:09:fb:c4:e8:f5:93:42:a1:c0:88:
6e:ce:b8:d9:b7:fa:50:75:00:ff:6e:0b:ae:93:51:c3:3a:3c:
4f:e0:bd:d8:02:e1:be:e7:73:06:d4:1e:be:0d:9d:87:dd:79:
a3:a7:cc:f5:6d:95:b1:3e:c0:db:27:b1:2a:07:73:9a:4e:39:
c8:3e:b5:01:43:0d:2c:65:53:67:32:c3:c9:1d:26:66:00:ee:
1e:5c:c7:1c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY81Gq+1PFoorW49b4afDug3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjQwNTAxMTcwMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE2MTE4NzQyNTgxNDZkODMwZjRjOTMzMDE5YTlmYTkxMDgwMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxPp56WNu5xzMHlgqltHthsobiIG
QXiMsj2nYiKUtPawNT8TmDGmpnHEWzC2OX/oHqC0Txb3LlCgaQOq7I4H0BJOOFXh
U9KG0lnd4mmimej9IPOx7m+VCCeDW5b58gWMrKeYV3WD04CvnWhMWmJPVsjumFWX
zrNkjbx9wy5PA8cz2F7axx4VzyjgkH5CCMATzUrlpcqjgOqfNbBhbb1syrW2EMnL
35ywmbULPAXmDmHgjKxve40N7TaSqeHVQDf7zs1CiQoHh8NrZnZgPCSeG4nIgHLe
vhNigUT3r0FVoFBe6X8dqlesrVrIjS2Sal4QB4UEuG5VFiFd3bZDZTCrnwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGMWEYdCWBRtgw9MkzAZqfqRCAFmMB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvWXhZUmgwSllGRzJERDB5VE1CbXAtcEVJQVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVXJgMAwD
BABVcmkDBABVcmowDQYJKoZIhvcNAQELBQADggEBAG/b1jylfC9+/5uL6n52PEkT
Vt325hegDVZs5L7QyYL0PaAvhiQe+OGF8k2ZeycaThpTY2AHmLconj5HmePI1cbz
LTv/Zbm/BIPKMHjozji5kaO4om+pfhMf++7lZMKdVWwpc1M+iHydyd3sZFtcZxIu
76nCKjEfw/57qUKzMkveInJtvChIuLswrJBR3nSsdK52wB0Yjch9nm9Ngsycy0rP
Zakj6K5F42hbCfvE6PWTQqHAiG7OuNm3+lB1AP9uC66TUcM6PE/gvdgC4b7ncwbU
Hr4NnYfdeaOnzPVtlbE+wNsnsSoHc5pOOcg+tQFDDSxlU2cyw8kdJmYA7h5cxxw=
-----END CERTIFICATE-----
Generated at Mon May 13 23:37:23 2024 by rpki-client on console.sobornost.net