Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/aFYztHttvTMbdhYQ2dSqa61ZZlA.roa
File: aFYztHttvTMbdhYQ2dSqa61ZZlA.roa (raw, json)
Hash identifier: vW3Mmu9e6bEFMGev75D2LsGpUB5Ty8CLNuV1FW5fAx4=
Subject key identifier: 68:56:33:B4:7B:6D:BD:33:1B:76:16:10:D9:D4:AA:6B:AD:59:66:50
Certificate issuer: /CN=e373bcd3255a0dad5f4a350d11dc891fa0be0437
Certificate serial: 018CC5DD3EEC35EF61568A6B287F9F087662
Authority key identifier: E3:73:BC:D3:25:5A:0D:AD:5F:4A:35:0D:11:DC:89:1F:A0:BE:04:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/43O80yVaDa1fSjUNEdyJH6C-BDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/aFYztHttvTMbdhYQ2dSqa61ZZlA.roa
Signing time: Mon 01 Jan 2024 16:31:00 +0000
ROA not before: Mon 01 Jan 2024 16:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205311
IP address blocks: 185.219.108.0/22 maxlen: 23
2a0b:e540::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:3e:ec:35:ef:61:56:8a:6b:28:7f:9f:08:76:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e373bcd3255a0dad5f4a350d11dc891fa0be0437
Validity
Not Before: Jan 1 16:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=685633b47b6dbd331b761610d9d4aa6bad596650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8d:2a:0f:f6:5f:a9:79:7a:9e:0e:88:ed:3b:
3e:49:d5:1b:91:9f:05:a6:8b:e1:34:78:c3:8e:91:
12:85:6b:d9:9a:5f:8b:89:9e:97:ff:31:21:e2:99:
f3:1e:ca:63:3c:74:d8:35:87:cd:15:92:f5:8a:06:
b2:3d:e5:8a:30:83:9f:de:de:7f:78:68:02:54:ac:
49:39:b7:49:99:6f:9d:e4:85:7b:fb:f9:4e:1d:9e:
a5:7e:89:3b:f5:8c:9e:3a:8b:f0:45:24:5b:53:28:
08:cb:57:6d:ea:ee:37:3c:7a:72:29:00:62:3c:19:
1b:43:c3:55:28:17:43:7e:9b:1c:28:41:4a:05:09:
4e:53:80:09:49:47:39:dd:ae:32:e0:c2:b8:8a:04:
64:f6:72:59:3d:78:75:50:74:01:d4:5e:4a:2a:a7:
64:6f:df:15:bb:89:21:52:02:82:d3:d8:43:9b:d1:
bf:4f:da:b9:c4:ae:97:53:94:33:a7:e4:79:84:79:
cb:c9:44:39:bb:8c:cf:71:4f:e5:02:ff:43:2c:59:
2d:fb:68:bf:05:a6:b4:e3:9a:42:f5:47:f8:b2:30:
45:72:a1:64:51:6d:3b:5a:e1:e3:40:0a:a8:7c:65:
95:50:f4:d7:ce:cf:63:7a:b3:1f:61:29:54:93:2b:
ae:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:56:33:B4:7B:6D:BD:33:1B:76:16:10:D9:D4:AA:6B:AD:59:66:50
X509v3 Authority Key Identifier:
keyid:E3:73:BC:D3:25:5A:0D:AD:5F:4A:35:0D:11:DC:89:1F:A0:BE:04:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/43O80yVaDa1fSjUNEdyJH6C-BDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/aFYztHttvTMbdhYQ2dSqa61ZZlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/d20dbc-2ab4-43fb-80a2-04e7b1a8ce18/1/43O80yVaDa1fSjUNEdyJH6C-BDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.108.0/22
IPv6:
2a0b:e540::/29
Signature Algorithm: sha256WithRSAEncryption
4f:8b:59:b8:51:26:2f:aa:72:a6:99:83:a3:e4:f4:54:06:f4:
c0:04:40:39:cc:2b:5b:64:a0:c3:24:85:a2:27:51:64:58:c1:
75:fa:1e:f9:dc:06:00:2f:36:8b:65:4f:58:f8:e1:db:d9:16:
98:4f:c0:ad:5c:7b:59:62:42:83:f3:78:2d:9b:28:20:fb:1b:
d6:ab:37:57:2a:b4:5a:c3:0c:5f:3e:13:66:ce:47:60:61:a6:
9d:ba:5e:bf:37:a6:e2:99:a3:d0:db:be:d0:48:6b:f9:f8:d2:
64:5b:a5:ff:69:f4:6a:00:47:e5:e8:45:38:92:93:f3:12:8b:
cf:1f:d8:5f:3b:d0:5f:9a:ea:98:9f:38:10:ba:9d:41:b6:01:
5c:0c:8b:d0:44:06:ee:33:c5:ab:99:31:1c:85:6b:36:ca:ca:
dd:8d:2e:1a:00:f8:99:2a:b2:2e:15:64:80:48:f1:38:2e:b7:
e7:03:9c:6d:d2:0a:f4:a1:d5:f7:e0:2d:f1:0e:90:90:93:9f:
6c:a9:38:6a:66:a1:5c:9f:96:ac:7a:5d:bd:54:3f:d6:04:03:
0e:b7:9a:fe:6b:c2:6e:a9:5e:7c:38:30:65:15:85:a6:8e:fe:
47:cc:35:c7:c4:ff:b5:14:18:40:8d:4b:66:5e:b9:a1:b1:80:
72:c3:29:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3T7sNe9hVoprKH+fCHZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNzNiY2QzMjU1YTBkYWQ1ZjRhMzUwZDExZGM4OTFmYTBi
ZTA0MzcwHhcNMjQwMTAxMTYzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU2MzNiNDdiNmRiZDMzMWI3NjE2MTBkOWQ0YWE2YmFkNTk2NjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgo0qD/ZfqXl6ng6I7Ts+SdUbkZ8F
povhNHjDjpEShWvZml+LiZ6X/zEh4pnzHspjPHTYNYfNFZL1igayPeWKMIOf3t5/
eGgCVKxJObdJmW+d5IV7+/lOHZ6lfok79YyeOovwRSRbUygIy1dt6u43PHpyKQBi
PBkbQ8NVKBdDfpscKEFKBQlOU4AJSUc53a4y4MK4igRk9nJZPXh1UHQB1F5KKqdk
b98Vu4khUgKC09hDm9G/T9q5xK6XU5Qzp+R5hHnLyUQ5u4zPcU/lAv9DLFkt+2i/
Baa045pC9Uf4sjBFcqFkUW07WuHjQAqofGWVUPTXzs9jerMfYSlUkyuulwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGhWM7R7bb0zG3YWENnUqmutWWZQMB8GA1UdIwQY
MBaAFONzvNMlWg2tX0o1DRHciR+gvgQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDNPODB5VmFEYTFmU2pVTkVkeUpINkMtQkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9kMjBkYmMtMmFiNC00M2ZiLTgwYTIt
MDRlN2IxYThjZTE4LzEvYUZZenRIdHR2VE1iZGhZUTJkU3FhNjFaWmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9kMjBkYmMtMmFiNC00M2ZiLTgwYTItMDRlN2IxYThjZTE4
LzEvNDNPODB5VmFEYTFmU2pVTkVkeUpINkMtQkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudtsMA0E
AgACMAcDBQMqC+VAMA0GCSqGSIb3DQEBCwUAA4IBAQBPi1m4USYvqnKmmYOj5PRU
BvTABEA5zCtbZKDDJIWiJ1FkWMF1+h753AYALzaLZU9Y+OHb2RaYT8CtXHtZYkKD
83gtmygg+xvWqzdXKrRawwxfPhNmzkdgYaadul6/N6bimaPQ277QSGv5+NJkW6X/
afRqAEfl6EU4kpPzEovPH9hfO9BfmuqYnzgQup1BtgFcDIvQRAbuM8WrmTEchWs2
ysrdjS4aAPiZKrIuFWSASPE4LrfnA5xt0gr0odX34C3xDpCQk59sqThqZqFcn5as
el29VD/WBAMOt5r+a8JuqV58ODBlFYWmjv5HzDXHxP+1FBhAjUtmXrmhsYBywymU
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:14 2024 by rpki-client on console.sobornost.net