Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/1kSH8rZ6IUi88ZhN6UtmOZv558I.roa
File: 1kSH8rZ6IUi88ZhN6UtmOZv558I.roa (raw, json)
Hash identifier: 7q66mFu5Mvpzw5a0b2pAl5/lb4tAljHIZxRT+FyBaUU=
Subject key identifier: D6:44:87:F2:B6:7A:21:48:BC:F1:98:4D:E9:4B:66:39:9B:F9:E7:C2
Certificate issuer: /CN=a663abd479cbff76082304bf60d03adc3187d936
Certificate serial: 018CC26D1536B847BCE5EC267740D95D3A42
Authority key identifier: A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/1kSH8rZ6IUi88ZhN6UtmOZv558I.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:2::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:15:36:b8:47:bc:e5:ec:26:77:40:d9:5d:3a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a663abd479cbff76082304bf60d03adc3187d936
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d64487f2b67a2148bcf1984de94b66399bf9e7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e7:77:ae:2b:e9:52:10:3b:34:65:ec:51:1f:
57:84:24:33:2a:6d:13:24:68:e3:3e:f0:71:a0:50:
cd:65:e0:39:2f:ba:91:e4:8d:1c:94:3d:ac:80:5b:
2b:02:e3:7f:5b:e4:89:cb:a7:37:45:38:15:4b:d7:
bd:68:06:fb:75:21:8e:85:1b:86:a6:8c:b7:2b:a3:
fa:89:52:15:8a:bc:05:9c:28:9f:08:3a:63:8c:5c:
c5:a1:3d:f9:e1:2d:28:9a:9f:97:e0:8d:5b:b9:44:
3d:a2:d4:17:be:02:54:62:85:c2:1f:80:23:7d:eb:
a7:61:39:4c:d8:9c:dd:65:2d:25:f9:69:db:e7:7b:
e4:6c:d0:4e:d5:08:69:9d:80:c1:60:37:f3:06:f0:
d1:0f:43:a2:ba:a9:94:c0:0a:78:f3:f2:26:eb:40:
4a:ee:9e:d9:21:18:0c:c3:da:df:1a:c9:29:ff:00:
d2:dd:f9:e1:83:18:73:c6:75:26:3e:0e:d2:3c:42:
6a:87:f1:33:b7:07:44:7b:c1:09:ad:ed:fe:ae:92:
ea:59:5d:10:ae:8d:6a:55:41:45:1b:72:84:8f:dd:
cb:82:8a:6c:9d:ad:1d:ac:b3:8c:df:94:bc:78:64:
2d:0b:23:34:b4:cb:51:ed:73:fb:3f:81:ec:7d:18:
1e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:44:87:F2:B6:7A:21:48:BC:F1:98:4D:E9:4B:66:39:9B:F9:E7:C2
X509v3 Authority Key Identifier:
keyid:A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/1kSH8rZ6IUi88ZhN6UtmOZv558I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/pmOr1HnL_3YIIwS_YNA63DGH2TY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.89.0-185.198.90.255
IPv6:
2a0a:8f40:2::/47
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
be:9b:c2:a2:fe:6f:9f:cd:31:83:c2:fb:3d:12:43:90:a3:95:
db:1d:5f:ea:48:28:35:ca:25:3e:b6:67:27:e5:53:f0:60:b5:
84:45:00:f3:e1:87:90:96:dc:b9:08:14:a3:01:f0:7e:0c:43:
6c:ff:98:99:1e:63:ae:d9:3b:db:27:40:3a:0a:70:5c:21:ed:
41:af:d1:a5:7d:cd:db:28:a6:06:d0:bc:0a:1f:b1:ee:8f:23:
a7:9a:40:d2:d2:2f:b9:f0:2b:1f:05:00:18:8a:af:8c:55:97:
f5:f0:51:6b:4b:8a:52:79:9e:c3:64:7b:54:e9:78:b1:5a:2f:
72:9f:39:67:41:85:2e:d6:6d:fa:df:ef:a2:48:c9:cb:b0:9a:
c1:d2:49:be:32:8b:a1:82:df:47:43:b6:b1:31:d6:a7:0a:0a:
fb:ac:6b:18:42:bc:15:6d:79:ca:9e:38:71:46:7c:20:97:1f:
be:1c:a5:3d:67:78:0f:3b:44:b1:a6:9a:27:8c:02:66:9d:7c:
78:fa:b9:4b:00:c8:65:7f:63:bb:ae:89:e8:e2:3e:00:7a:62:
36:1f:82:f9:e3:dd:06:7a:33:83:f8:e6:8b:76:2b:04:3f:4f:
8c:18:50:97:9e:c8:e3:b3:f6:ac:ef:3d:23:84:27:c9:a0:27:
a6:6d:1c:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzCbRU2uEe85ewmd0DZXTpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NjNhYmQ0NzljYmZmNzYwODIzMDRiZjYwZDAzYWRjMzE4
N2Q5MzYwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ0ODdmMmI2N2EyMTQ4YmNmMTk4NGRlOTRiNjYzOTliZjllN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+d3rivpUhA7NGXsUR9XhCQzKm0T
JGjjPvBxoFDNZeA5L7qR5I0clD2sgFsrAuN/W+SJy6c3RTgVS9e9aAb7dSGOhRuG
poy3K6P6iVIVirwFnCifCDpjjFzFoT354S0omp+X4I1buUQ9otQXvgJUYoXCH4Aj
feunYTlM2JzdZS0l+Wnb53vkbNBO1QhpnYDBYDfzBvDRD0OiuqmUwAp48/Im60BK
7p7ZIRgMw9rfGskp/wDS3fnhgxhzxnUmPg7SPEJqh/EztwdEe8EJre3+rpLqWV0Q
ro1qVUFFG3KEj93Lgopsna0drLOM35S8eGQtCyM0tMtR7XP7P4HsfRge6wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNZEh/K2eiFIvPGYTelLZjmb+efCMB8GA1UdIwQY
MBaAFKZjq9R5y/92CCMEv2DQOtwxh9k2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMt
YmZhMDRmNmNkZTUwLzEvMWtTSDhyWjZJVWk4OFpoTjZVdG1PWnY1NThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMtYmZhMDRmNmNkZTUw
LzEvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAUBAIAATAOMAwDBAC5xlkD
BAC5xlowLAQCAAIwJgMHASoKj0AAAjASAwcAKgqPQAAHAwcAKgqPQAAMAwcAKgqP
QAAcMA0GCSqGSIb3DQEBCwUAA4IBAQC+m8Ki/m+fzTGDwvs9EkOQo5XbHV/qSCg1
yiU+tmcn5VPwYLWERQDz4YeQlty5CBSjAfB+DENs/5iZHmOu2TvbJ0A6CnBcIe1B
r9Glfc3bKKYG0LwKH7HujyOnmkDS0i+58CsfBQAYiq+MVZf18FFrS4pSeZ7DZHtU
6XixWi9ynzlnQYUu1m363++iSMnLsJrB0km+Mouhgt9HQ7axMdanCgr7rGsYQrwV
bXnKnjhxRnwglx++HKU9Z3gPO0SxpponjAJmnXx4+rlLAMhlf2O7rono4j4AemI2
H4L5490GejOD+OaLdisEP0+MGFCXnsjjs/as7z0jhCfJoCembRyw
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:38 2024 by rpki-client on console.sobornost.net