Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/ac6LKpGJGAcP2xzIqkP-vT4F3O0.roa
File: ac6LKpGJGAcP2xzIqkP-vT4F3O0.roa (raw, json)
Hash identifier: 2PJIV5F4n2TnnPeiHdkhvuWw17XVnlO9h/o94mTPYy0=
Subject key identifier: 69:CE:8B:2A:91:89:18:07:0F:DB:1C:C8:AA:43:FE:BD:3E:05:DC:ED
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 0190BB02154C91E90A48EF74B3D84082ADBB
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/ac6LKpGJGAcP2xzIqkP-vT4F3O0.roa
Signing time: Tue 16 Jul 2024 10:06:34 +0000
ROA not before: Tue 16 Jul 2024 10:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1820
IP address blocks: 31.172.136.0/21 maxlen: 32
80.92.224.0/20 maxlen: 32
82.117.229.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
91.231.127.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
92.119.220.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
193.111.0.0/23 maxlen: 32
193.111.48.0/22 maxlen: 32
212.110.129.0/24 maxlen: 32
212.110.130.0/23 maxlen: 32
212.110.132.0/23 maxlen: 32
212.110.136.0/22 maxlen: 32
212.110.140.0/23 maxlen: 32
212.110.144.0/21 maxlen: 32
212.110.154.0/23 maxlen: 32
217.20.160.0/19 maxlen: 32
2a01:6b0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:02:15:4c:91:e9:0a:48:ef:74:b3:d8:40:82:ad:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jul 16 10:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ce8b2a918918070fdb1cc8aa43febd3e05dced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:63:4d:1a:98:40:1f:08:b1:ed:e0:53:d3:b8:
4d:24:b5:1f:18:d4:a7:db:d5:fc:2d:14:92:05:d2:
a8:2e:c5:05:73:c9:c3:6e:c7:72:d4:6a:f3:dc:4e:
b1:7f:56:cc:2b:84:d5:b4:ed:2f:b3:9b:48:4b:a7:
96:e7:70:4e:b9:5b:47:d4:28:10:e8:9f:7a:02:c1:
7d:a6:ef:f3:76:97:d6:e2:72:1d:a5:24:7e:5e:0d:
d2:86:b2:97:8b:7a:19:cd:13:99:19:b0:dd:ee:46:
31:19:59:68:87:a6:6b:33:13:b5:42:86:e1:10:35:
c1:f7:ec:05:09:f4:81:be:2d:f4:08:06:b3:48:15:
48:33:7e:20:35:50:47:f5:a3:3b:de:d1:d0:d9:4d:
06:62:3a:1d:78:74:2e:6a:e0:51:a0:98:85:0c:54:
00:7f:0d:da:fd:13:5c:7c:77:1d:70:1e:99:36:18:
aa:70:76:32:61:8c:fd:81:23:8b:05:ea:3c:e9:9d:
eb:0c:e6:ed:cb:79:58:82:b3:c7:d9:25:32:3c:6f:
f9:0b:76:29:9b:16:7b:f6:ff:c3:a1:38:b0:de:c5:
c6:9d:09:d3:79:27:9f:1c:e9:16:7f:2d:1a:60:28:
22:6c:ca:0a:b3:01:e4:b6:04:37:71:c8:69:77:b4:
9d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CE:8B:2A:91:89:18:07:0F:DB:1C:C8:AA:43:FE:BD:3E:05:DC:ED
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/ac6LKpGJGAcP2xzIqkP-vT4F3O0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
80.92.224.0/20
82.117.229.0/24
85.90.223.0/24
91.231.127.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.38.208.0/23
185.39.196.0/22
193.111.0.0/23
193.111.48.0/22
212.110.129.0-212.110.133.255
212.110.136.0-212.110.141.255
212.110.144.0/21
212.110.154.0/23
217.20.160.0/19
IPv6:
2a01:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
15:56:8c:e7:c2:d1:1c:b0:15:de:56:a3:a8:38:12:69:d3:af:
75:1e:ae:58:9e:42:8b:89:5f:f1:07:4c:2b:54:9f:67:1c:86:
13:20:6c:e7:59:b7:8e:61:34:89:bc:d4:cd:38:2f:95:0a:ad:
97:ff:b5:06:d6:4b:d8:e2:e9:98:06:b5:26:1b:1a:9d:fb:9d:
35:8c:7d:ac:76:1b:26:6e:97:be:0b:3c:f2:5c:0d:3c:8a:7d:
bc:bd:16:4e:c1:69:c8:6f:68:79:25:32:ba:65:8e:76:8f:ff:
55:5a:ea:ee:2c:f1:69:62:70:f6:d9:5d:d2:a8:64:7c:b7:7c:
42:b6:2b:23:41:bf:f0:85:c3:b4:30:19:5f:21:18:77:d6:0a:
85:88:fc:09:86:91:c4:4b:9b:2c:fb:50:5c:5f:24:f9:90:d9:
64:87:8b:7b:13:66:97:cc:6b:85:81:15:d6:85:a4:92:9c:d3:
44:1e:94:d1:ea:14:4b:d8:d4:af:6f:ff:8a:97:e3:8c:c5:00:
37:68:21:98:92:5e:7f:c9:70:7a:7d:54:92:c4:4c:9a:0c:1e:
66:2d:e9:75:81:ee:9a:07:c1:b4:3a:a4:30:4d:35:c2:37:7d:
17:64:e3:e4:94:a1:ff:69:7e:00:3b:cf:38:18:4c:af:31:80:
a5:f2:69:65
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZC7AhVMkekKSO90s9hAgq27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjQwNzE2MTAwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNlOGIyYTkxODkxODA3MGZkYjFjYzhhYTQzZmViZDNlMDVkY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmNNGphAHwix7eBT07hNJLUfGNSn
29X8LRSSBdKoLsUFc8nDbsdy1Grz3E6xf1bMK4TVtO0vs5tIS6eW53BOuVtH1CgQ
6J96AsF9pu/zdpfW4nIdpSR+Xg3ShrKXi3oZzROZGbDd7kYxGVloh6ZrMxO1Qobh
EDXB9+wFCfSBvi30CAazSBVIM34gNVBH9aM73tHQ2U0GYjodeHQuauBRoJiFDFQA
fw3a/RNcfHcdcB6ZNhiqcHYyYYz9gSOLBeo86Z3rDObty3lYgrPH2SUyPG/5C3Yp
mxZ79v/DoTiw3sXGnQnTeSefHOkWfy0aYCgibMoKswHktgQ3cchpd7SdjQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFGnOiyqRiRgHD9scyKpD/r0+BdztMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvYWM2TEtwR0pHQWNQMnh6SXFrUC12VDRGM08wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQDH6yI
AwQEUFzgAwQAUnXlAwQAVVrfAwQAW+d/AwQEXDywAwQCXHfcAwQDgACoAwQBuSbQ
AwQCuSfEAwQBwW8AAwQCwW8wMAwDBADUboEDBAHUboQwDAMEA9RuiAMEAdRujAME
A9RukAMEAdRumgMEBdkUoDANBAIAAjAHAwUAKgEGsDANBgkqhkiG9w0BAQsFAAOC
AQEAFVaM58LRHLAV3lajqDgSadOvdR6uWJ5Ci4lf8QdMK1SfZxyGEyBs51m3jmE0
ibzUzTgvlQqtl/+1BtZL2OLpmAa1JhsanfudNYx9rHYbJm6Xvgs88lwNPIp9vL0W
TsFpyG9oeSUyumWOdo//VVrq7izxaWJw9tld0qhkfLd8QrYrI0G/8IXDtDAZXyEY
d9YKhYj8CYaRxEubLPtQXF8k+ZDZZIeLexNml8xrhYEV1oWkkpzTRB6U0eoUS9jU
r2//ipfjjMUAN2ghmJJef8lwen1UksRMmgweZi3pdYHumgfBtDqkME01wjd9F2Tj
5JSh/2l+ADvPOBhMrzGApfJpZQ==
-----END CERTIFICATE-----
Generated at Sat Jul 27 04:45:12 2024 by rpki-client on console.sobornost.net