Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/85-69GrZNOomZlcw55kCtccg5no.roa
File: 85-69GrZNOomZlcw55kCtccg5no.roa (raw, json)
Hash identifier: pd5AWpDTAQJa8XtSTakIekEHKJ0fjkKvrDvv5ToPfkY=
Subject key identifier: F3:9F:BA:F4:6A:D9:34:EA:26:66:57:30:E7:99:02:B5:C7:20:E6:7A
Certificate issuer: /CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Certificate serial: 019107B2C86A117D4034449729FC7EFA1437
Authority key identifier: C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/85-69GrZNOomZlcw55kCtccg5no.roa
Signing time: Wed 31 Jul 2024 07:30:42 +0000
ROA not before: Wed 31 Jul 2024 07:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197692
IP address blocks: 31.22.120.0/21 maxlen: 24
185.131.0.0/22 maxlen: 24
2a02:6f00::/29 maxlen: 48
2a02:6f00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:07:b2:c8:6a:11:7d:40:34:44:97:29:fc:7e:fa:14:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Validity
Not Before: Jul 31 07:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f39fbaf46ad934ea26665730e79902b5c720e67a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d5:67:4a:5a:78:6f:79:74:c0:e6:3c:a2:2b:
7f:27:af:a9:ce:d3:00:3b:49:dd:87:64:79:07:cb:
b9:30:28:ff:5b:78:5b:36:30:cd:35:b5:6d:ce:7d:
a0:18:ca:61:c1:43:17:5a:fe:ca:15:b6:b4:59:c0:
48:a0:7c:23:df:f3:d0:f0:e8:c2:af:6b:c9:bf:8e:
e0:ec:70:3e:d1:73:34:a2:1a:d2:ab:e6:27:26:ad:
46:c9:83:a7:47:31:97:fe:a0:3a:15:2a:6d:9e:25:
e7:4b:ca:9f:02:31:90:b7:a1:4a:47:5a:1a:53:19:
81:f0:f2:30:c7:ec:e5:8e:8b:43:7f:75:1c:50:d3:
45:4d:4f:db:40:cb:e8:c6:00:97:ae:65:8c:49:f2:
7d:eb:e8:79:45:42:6b:a7:06:9d:ea:3c:55:0b:70:
c5:b4:d1:82:c2:16:4a:2b:d5:21:29:f3:8a:b1:7d:
0f:bd:ff:8a:48:3b:89:e5:fe:94:06:ee:62:ba:af:
2f:1c:56:2b:48:62:fb:26:8a:f7:48:fa:d7:00:45:
ca:6c:bc:b6:14:96:8e:6c:db:2f:71:60:1c:47:9f:
e8:13:88:c4:2e:da:b7:9f:37:7c:8d:83:a8:b3:d2:
ae:72:a5:50:21:59:f5:9b:32:51:93:32:c4:1a:ae:
e8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9F:BA:F4:6A:D9:34:EA:26:66:57:30:E7:99:02:B5:C7:20:E6:7A
X509v3 Authority Key Identifier:
keyid:C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/85-69GrZNOomZlcw55kCtccg5no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/xOuh_fbE3hksHT7fioAMpZf5fWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.120.0/21
185.131.0.0/22
IPv6:
2a02:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
1f:0c:4d:3f:12:9d:44:00:c7:85:06:14:86:71:1d:ec:27:ad:
4d:51:e1:91:da:5e:55:27:d5:bc:5c:97:c7:5a:14:07:79:87:
5e:6d:ec:56:c9:37:b2:16:65:40:ed:f8:54:57:69:52:42:c4:
9f:6c:8d:b1:3c:0f:11:2b:4a:9b:4b:f8:49:87:b7:87:89:48:
4e:d5:52:0f:50:7e:13:40:53:07:ef:6c:f1:34:9f:ae:38:e7:
84:db:46:7a:9b:27:67:30:6d:da:48:a5:54:dc:1c:38:7d:51:
2b:ca:37:7c:b7:3e:92:78:e1:d9:b2:dd:3a:e7:e7:85:be:8d:
64:5e:1d:ca:89:9b:17:48:53:40:c6:d8:95:34:33:09:9b:0e:
0e:66:d4:f5:3b:bf:a3:b5:ad:ea:85:ca:15:68:f6:e2:da:d4:
8a:aa:34:49:b6:3b:6b:1d:1c:af:b9:36:30:74:13:5d:88:97:
be:5e:1f:a7:3d:b3:85:5d:32:45:4c:cb:79:64:a8:ce:2a:d5:
b1:f6:f5:a6:07:a0:ab:02:ab:95:d3:c7:5c:d1:12:c3:28:c7:
7e:74:2e:a6:f0:0c:14:8b:ba:a3:44:93:4f:34:7b:0a:3d:a2:
b6:7e:da:0f:82:3b:ad:cd:17:50:e3:7b:1a:60:51:84:b9:da:
b1:d5:ec:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZEHsshqEX1ANESXKfx++hQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWJhMWZkZjZjNGRlMTkyYzFkM2VkZjhhODAwY2E1OTdm
OTdkNjgwHhcNMjQwNzMxMDczMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzlmYmFmNDZhZDkzNGVhMjY2NjU3MzBlNzk5MDJiNWM3MjBlNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9VnSlp4b3l0wOY8oit/J6+pztMA
O0ndh2R5B8u5MCj/W3hbNjDNNbVtzn2gGMphwUMXWv7KFba0WcBIoHwj3/PQ8OjC
r2vJv47g7HA+0XM0ohrSq+YnJq1GyYOnRzGX/qA6FSptniXnS8qfAjGQt6FKR1oa
UxmB8PIwx+zljotDf3UcUNNFTU/bQMvoxgCXrmWMSfJ96+h5RUJrpwad6jxVC3DF
tNGCwhZKK9UhKfOKsX0Pvf+KSDuJ5f6UBu5iuq8vHFYrSGL7Jor3SPrXAEXKbLy2
FJaObNsvcWAcR5/oE4jELtq3nzd8jYOos9KucqVQIVn1mzJRkzLEGq7oLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPOfuvRq2TTqJmZXMOeZArXHIOZ6MB8GA1UdIwQY
MBaAFMTrof32xN4ZLB0+34qADKWX+X1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYt
NTEyODU2MGRiZGZjLzEvODUtNjlHclpOT29tWmxjdzU1a0N0Y2NnNW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYtNTEyODU2MGRiZGZj
LzEveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHxZ4AwQC
uYMAMA0EAgACMAcDBQMqAm8AMA0GCSqGSIb3DQEBCwUAA4IBAQAfDE0/Ep1EAMeF
BhSGcR3sJ61NUeGR2l5VJ9W8XJfHWhQHeYdebexWyTeyFmVA7fhUV2lSQsSfbI2x
PA8RK0qbS/hJh7eHiUhO1VIPUH4TQFMH72zxNJ+uOOeE20Z6mydnMG3aSKVU3Bw4
fVEryjd8tz6SeOHZst065+eFvo1kXh3KiZsXSFNAxtiVNDMJmw4OZtT1O7+jta3q
hcoVaPbi2tSKqjRJtjtrHRyvuTYwdBNdiJe+Xh+nPbOFXTJFTMt5ZKjOKtWx9vWm
B6CrAquV08dc0RLDKMd+dC6m8AwUi7qjRJNPNHsKPaK2ftoPgjutzRdQ43saYFGE
udqx1eyF
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:12 2024 by rpki-client on console.sobornost.net