Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/kgrOuVvGaAUVNlEJGb2ZU0smj50.roa
File: kgrOuVvGaAUVNlEJGb2ZU0smj50.roa (raw, json)
Hash identifier: T3geok4mM1JuMIZhyNJ4q8OcYcC1ivDJ/A1e9wE/9m4=
Subject key identifier: 92:0A:CE:B9:5B:C6:68:05:15:36:51:09:19:BD:99:53:4B:26:8F:9D
Certificate issuer: /CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Certificate serial: 01925284D0C4DE0B55678C26E1FA5C512BC8
Authority key identifier: A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/kgrOuVvGaAUVNlEJGb2ZU0smj50.roa
Signing time: Thu 03 Oct 2024 13:14:48 +0000
ROA not before: Thu 03 Oct 2024 13:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48846
IP address blocks: 85.8.180.0/23 maxlen: 24
87.253.224.0/21 maxlen: 24
93.191.136.0/21 maxlen: 24
185.76.212.0/22 maxlen: 24
185.190.108.0/22 maxlen: 24
185.228.96.0/23 maxlen: 23
185.228.96.0/24 maxlen: 24
185.228.97.0/24 maxlen: 24
188.210.216.0/22 maxlen: 24
2a05:5c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:84:d0:c4:de:0b:55:67:8c:26:e1:fa:5c:51:2b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Validity
Not Before: Oct 3 13:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=920aceb95bc668051536510919bd99534b268f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:95:f5:30:e1:ab:75:42:7d:dc:d7:48:72:8c:
cd:8d:c3:f6:e5:05:c6:39:7c:a3:68:d3:78:ff:dc:
b0:4b:dd:76:1f:50:9b:94:98:e5:85:41:53:c3:97:
97:0e:15:64:60:05:74:7d:4e:21:a5:39:9d:06:23:
d3:ca:f6:f0:dd:65:a4:e3:6b:8e:d2:2d:79:b2:6e:
97:5c:c5:59:82:6d:5a:b4:52:80:33:74:eb:8e:7f:
ca:f0:09:eb:64:48:df:66:2b:d9:1e:14:9d:1c:83:
40:9e:a8:0e:c8:61:b4:6a:56:e8:71:4b:18:4b:75:
0d:ca:bd:32:fe:f0:91:c5:0c:ff:a7:60:96:f5:dd:
30:d2:a2:40:94:1d:86:7f:83:7a:9a:ed:34:d9:36:
42:5c:e2:a1:19:b3:64:27:2d:d5:e5:57:50:4f:63:
90:77:1a:97:b2:4c:90:c3:a7:df:f1:fa:e6:85:46:
c4:07:85:46:44:b5:53:2d:0c:ab:1a:22:a6:f3:5f:
d6:0e:ee:d1:8b:68:83:51:33:26:37:fa:66:fb:46:
ea:ee:c4:c5:20:18:d5:f1:fb:63:a1:7c:85:02:0a:
f2:88:f5:42:ec:e4:5b:00:e3:31:2e:00:12:ec:8d:
f7:2c:c2:59:13:be:0c:46:95:ec:7a:fa:30:e8:64:
c9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0A:CE:B9:5B:C6:68:05:15:36:51:09:19:BD:99:53:4B:26:8F:9D
X509v3 Authority Key Identifier:
keyid:A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/kgrOuVvGaAUVNlEJGb2ZU0smj50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.180.0/23
87.253.224.0/21
93.191.136.0/21
185.76.212.0/22
185.190.108.0/22
185.228.96.0/23
188.210.216.0/22
IPv6:
2a05:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
b8:e5:07:ae:fb:e0:dc:50:f6:75:2c:7c:a0:a2:4c:db:d2:b5:
e2:7d:ba:38:0f:55:d7:96:52:75:3f:cf:70:27:7e:17:de:3f:
54:41:7e:1b:f2:3f:5b:bc:f2:6b:d9:b8:9b:cb:4d:a1:6e:fa:
f7:1f:65:0f:83:f3:47:0a:1e:0a:86:f6:f7:03:2f:3a:7a:76:
7e:5a:9e:4a:e3:bf:50:d1:ba:78:12:ce:9d:65:6c:fb:a3:ef:
33:b9:d9:ed:1c:e0:9c:81:ba:d8:a1:99:b0:3d:93:de:ae:45:
a3:b5:c7:f0:db:39:e0:b8:c5:1e:fb:10:84:3a:c2:01:6c:45:
a7:26:06:6b:c8:d3:df:98:ea:cc:94:a8:85:16:35:13:f5:ca:
65:58:7f:8f:4e:10:39:d4:a1:0c:62:b7:ec:ed:40:4a:42:27:
f5:f0:27:ed:a6:67:1f:7d:4e:5a:3e:03:8d:a0:ba:ac:67:13:
94:9b:7f:e6:3d:02:3e:a7:69:23:b5:d5:36:6f:2d:be:23:47:
17:55:c9:e7:e8:10:d6:44:bf:a7:5a:3a:fa:9a:36:d3:a0:e2:
ab:45:0a:09:0a:d1:b6:33:5d:9b:34:91:84:ae:b8:e3:72:80:
c0:18:87:06:bc:33:59:47:13:3c:b9:9b:3a:d8:22:4b:4f:0e:
5c:90:0d:7d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZJShNDE3gtVZ4wm4fpcUSvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjBmNDM0NWMwZWU0ZDlkN2ZjNmQ2OWJlZmJmNDU1YmVj
OTg3NDIwHhcNMjQxMDAzMTMxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBhY2ViOTViYzY2ODA1MTUzNjUxMDkxOWJkOTk1MzRiMjY4ZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJX1MOGrdUJ93NdIcozNjcP25QXG
OXyjaNN4/9ywS912H1CblJjlhUFTw5eXDhVkYAV0fU4hpTmdBiPTyvbw3WWk42uO
0i15sm6XXMVZgm1atFKAM3Trjn/K8AnrZEjfZivZHhSdHINAnqgOyGG0albocUsY
S3UNyr0y/vCRxQz/p2CW9d0w0qJAlB2Gf4N6mu002TZCXOKhGbNkJy3V5VdQT2OQ
dxqXskyQw6ff8frmhUbEB4VGRLVTLQyrGiKm81/WDu7Ri2iDUTMmN/pm+0bq7sTF
IBjV8ftjoXyFAgryiPVC7ORbAOMxLgAS7I33LMJZE74MRpXsevow6GTJYwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJIKzrlbxmgFFTZRCRm9mVNLJo+dMB8GA1UdIwQY
MBaAFKgg9DRcDuTZ1/xtab779FW+yYdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYt
NTQwNzllNzMyYjBkLzEva2dyT3VWdkdhQVVWTmxFSkdiMlpVMHNtajUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYtNTQwNzllNzMyYjBk
LzEvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBVQi0AwQD
V/3gAwQDXb+IAwQCuUzUAwQCub5sAwQBueRgAwQCvNLYMA0EAgACMAcDBQMqBVyA
MA0GCSqGSIb3DQEBCwUAA4IBAQC45Qeu++DcUPZ1LHygokzb0rXifbo4D1XXllJ1
P89wJ34X3j9UQX4b8j9bvPJr2biby02hbvr3H2UPg/NHCh4Khvb3Ay86enZ+Wp5K
479Q0bp4Es6dZWz7o+8zudntHOCcgbrYoZmwPZPerkWjtcfw2znguMUe+xCEOsIB
bEWnJgZryNPfmOrMlKiFFjUT9cplWH+PThA51KEMYrfs7UBKQif18CftpmcffU5a
PgONoLqsZxOUm3/mPQI+p2kjtdU2by2+I0cXVcnn6BDWRL+nWjr6mjbToOKrRQoJ
CtG2M12bNJGErrjjcoDAGIcGvDNZRxM8uZs62CJLTw5ckA19
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:04 2024 by rpki-client on console.sobornost.net