Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/alOMuZVhsS67N7ZnOE3UngI8qxA.roa
File: alOMuZVhsS67N7ZnOE3UngI8qxA.roa (raw, json)
Hash identifier: i44PVP4+vFQHHttw4b/yr9wYaxyAaKqElZoaD2cjz8c=
Subject key identifier: 6A:53:8C:B9:95:61:B1:2E:BB:37:B6:67:38:4D:D4:9E:02:3C:AB:10
Certificate issuer: /CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Certificate serial: 0193C957008F899D8B25AD7C9303C946CBAA
Authority key identifier: 58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/alOMuZVhsS67N7ZnOE3UngI8qxA.roa
Signing time: Sun 15 Dec 2024 08:02:22 +0000
ROA not before: Sun 15 Dec 2024 08:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201119
IP address blocks: 185.195.145.0/24 maxlen: 24
185.195.147.0/24 maxlen: 24
2a0a:5bc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c9:57:00:8f:89:9d:8b:25:ad:7c:93:03:c9:46:cb:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Validity
Not Before: Dec 15 08:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a538cb99561b12ebb37b667384dd49e023cab10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ec:18:98:68:14:e9:f5:e4:73:97:54:69:ec:
b6:aa:3d:7a:91:b0:3c:46:99:6d:24:56:7d:46:9c:
b4:43:09:5a:3d:73:49:85:d8:26:c9:13:a1:45:fa:
80:0c:80:7e:a2:9c:bf:27:7e:f6:90:87:6e:59:e3:
78:42:ae:2c:13:d2:3e:c7:b0:50:7e:84:43:1a:f9:
a1:02:ad:c1:81:a2:68:d3:96:8e:b1:fe:d1:84:ff:
3d:6b:56:81:71:92:d9:37:0b:dc:f9:57:05:8a:d4:
15:39:5b:65:50:82:eb:7f:ce:2f:45:d5:09:09:2c:
59:d5:1b:a9:e2:90:ab:5c:25:b3:7b:30:12:3e:be:
5b:59:25:71:79:0b:a7:8d:a5:aa:5a:a5:b1:d4:af:
73:e5:a6:67:55:74:03:bc:96:f6:60:b6:3f:ee:96:
e5:fd:c4:bf:47:ac:02:c2:43:23:5d:e4:1c:b0:e1:
5f:f6:d2:04:19:71:86:13:75:c4:50:b4:87:e9:49:
3c:1a:0e:e4:f5:f2:86:fa:cf:f6:aa:cc:97:ab:ac:
9a:87:f1:77:60:96:ef:2e:24:2d:6f:b4:1d:8c:81:
d7:aa:33:2d:df:75:da:ba:99:67:ad:fd:d1:74:d1:
b6:fd:e5:05:e3:e3:f6:26:c9:57:d8:5b:5e:a0:a3:
78:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:53:8C:B9:95:61:B1:2E:BB:37:B6:67:38:4D:D4:9E:02:3C:AB:10
X509v3 Authority Key Identifier:
keyid:58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/alOMuZVhsS67N7ZnOE3UngI8qxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.145.0/24
185.195.147.0/24
IPv6:
2a0a:5bc0::/48
Signature Algorithm: sha256WithRSAEncryption
66:dc:6a:1a:3e:84:65:60:8b:d2:c2:cd:fb:1d:0f:62:58:0e:
ff:f8:e5:d0:7f:18:17:14:ae:a5:8b:23:68:c0:85:63:00:34:
d4:46:4a:e1:d1:bf:11:ea:01:3f:33:20:a1:53:3f:c8:48:ac:
1a:3a:be:0d:b8:61:bd:a1:b2:3b:f3:8a:db:36:b3:c6:4a:b0:
05:02:96:84:3a:b2:ca:32:b1:55:1a:ed:dd:7d:05:78:55:9c:
04:50:35:73:a1:7b:a1:01:a4:eb:00:01:d0:65:76:71:9b:64:
a7:69:84:46:37:74:ee:3b:78:d6:3c:82:17:1e:3c:aa:09:30:
fb:86:d5:12:44:7f:42:b2:02:74:67:a5:59:dd:1c:47:12:b0:
dc:46:69:14:ba:09:30:1a:61:74:c0:55:ae:28:99:6f:90:09:
c7:e3:36:f4:33:f8:73:94:de:48:80:17:f3:f7:26:8b:d6:ab:
41:98:84:7e:44:3a:79:2b:6f:1c:97:42:b2:cb:2e:a9:46:3b:
82:52:6a:00:f5:9f:5e:e7:f1:69:78:d3:46:ee:bb:c0:90:dc:
2a:4c:54:52:2c:2f:54:30:d1:59:02:f2:24:b5:43:a8:9c:f6:
7b:79:11:47:3f:68:5f:43:d8:f2:4e:2c:16:cb:3b:ad:7a:10:
92:e1:7e:00
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZPJVwCPiZ2LJa18kwPJRsuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MGRkZGI1MTE2MDNlNDFjMmI3YWJiYTNkMjQ5ZDVlZjVl
ZDRkMTEwHhcNMjQxMjE1MDgwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTUzOGNiOTk1NjFiMTJlYmIzN2I2NjczODRkZDQ5ZTAyM2NhYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ewYmGgU6fXkc5dUaey2qj16kbA8
RpltJFZ9Rpy0QwlaPXNJhdgmyROhRfqADIB+opy/J372kIduWeN4Qq4sE9I+x7BQ
foRDGvmhAq3BgaJo05aOsf7RhP89a1aBcZLZNwvc+VcFitQVOVtlUILrf84vRdUJ
CSxZ1Rup4pCrXCWzezASPr5bWSVxeQunjaWqWqWx1K9z5aZnVXQDvJb2YLY/7pbl
/cS/R6wCwkMjXeQcsOFf9tIEGXGGE3XEULSH6Uk8Gg7k9fKG+s/2qsyXq6yah/F3
YJbvLiQtb7QdjIHXqjMt33Xauplnrf3RdNG2/eUF4+P2JslX2FteoKN4HQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGpTjLmVYbEuuze2ZzhN1J4CPKsQMB8GA1UdIwQY
MBaAFFgN3bURYD5Bwreruj0knV717U0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGIt
M2NkNDE3YWVlOWNlLzEvYWxPTXVaVmhzUzY3Tjdabk9FM1VuZ0k4cXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGItM2NkNDE3YWVlOWNl
LzEvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAucORAwQA
ucOTMA8EAgACMAkDBwAqClvAAAAwDQYJKoZIhvcNAQELBQADggEBAGbcaho+hGVg
i9LCzfsdD2JYDv/45dB/GBcUrqWLI2jAhWMANNRGSuHRvxHqAT8zIKFTP8hIrBo6
vg24Yb2hsjvzits2s8ZKsAUCloQ6ssoysVUa7d19BXhVnARQNXOhe6EBpOsAAdBl
dnGbZKdphEY3dO47eNY8ghcePKoJMPuG1RJEf0KyAnRnpVndHEcSsNxGaRS6CTAa
YXTAVa4omW+QCcfjNvQz+HOU3kiAF/P3JovWq0GYhH5EOnkrbxyXQrLLLqlGO4JS
agD1n17n8Wl400buu8CQ3CpMVFIsL1Qw0VkC8iS1Q6ic9nt5EUc/aF9D2PJOLBbL
O616EJLhfgA=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:16 2024 by rpki-client on console.sobornost.net