Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/gW5pRbos4_o1c-WFd52eMfuBm0M.roa
File: gW5pRbos4_o1c-WFd52eMfuBm0M.roa (raw, json)
Hash identifier: DJ0VdGOBKYwkBvLNG7QD4vspr5DBTTTnZR2XJYxYsy8=
Subject key identifier: 81:6E:69:45:BA:2C:E3:FA:35:73:E5:85:77:9D:9E:31:FB:81:9B:43
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 01907D18AB1E7A257911EFA862CA0F3EBB52
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/gW5pRbos4_o1c-WFd52eMfuBm0M.roa
Signing time: Thu 04 Jul 2024 09:34:46 +0000
ROA not before: Thu 04 Jul 2024 09:34:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1820
IP address blocks: 31.172.136.0/21 maxlen: 32
80.92.224.0/20 maxlen: 32
82.117.229.0/24 maxlen: 32
85.90.223.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
92.119.220.0/22 maxlen: 32
128.0.168.0/21 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
193.111.0.0/23 maxlen: 32
193.111.48.0/22 maxlen: 32
212.110.144.0/21 maxlen: 32
217.20.160.0/19 maxlen: 32
2a01:6b0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:18:ab:1e:7a:25:79:11:ef:a8:62:ca:0f:3e:bb:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jul 4 09:34:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=816e6945ba2ce3fa3573e585779d9e31fb819b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:25:46:60:2a:70:67:eb:e2:e1:b1:8f:71:97:
3b:c9:c8:7e:78:8e:c8:81:39:27:df:3c:95:58:c9:
12:d2:34:9c:d6:c6:b0:61:7e:1b:e9:e8:f4:62:55:
eb:50:bd:0d:5a:2f:5d:9e:a7:70:f2:53:f8:14:ce:
ee:e5:21:36:80:3a:f1:47:97:ed:8e:93:10:5a:9e:
62:a7:75:de:1b:9e:52:88:53:27:e4:be:11:ff:21:
bb:19:6e:29:1b:2f:18:79:40:a6:71:3a:6f:03:1c:
4a:26:25:16:ab:27:c1:7a:46:50:75:ae:52:28:c8:
6d:a4:37:c3:2e:7b:c6:bf:89:4c:e3:c4:4e:e9:12:
2b:0b:97:f9:5b:32:da:60:f1:f7:2c:d4:1b:64:78:
fa:d9:21:c2:96:72:c1:07:2f:2d:01:1d:b9:fa:90:
76:41:c2:18:10:2a:da:4f:be:25:83:9e:a4:74:12:
bc:80:1a:70:80:69:66:47:1a:4c:76:db:ed:de:8f:
59:2a:69:b5:7f:25:78:03:ed:f8:e3:34:38:b1:ab:
e9:68:0c:eb:71:b7:fe:3d:a6:da:8d:3d:ad:65:f8:
c4:12:94:21:82:c6:34:0d:2f:23:cd:c1:4a:4a:06:
0f:15:e1:31:65:d3:f7:e7:14:7c:c5:43:00:53:00:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:6E:69:45:BA:2C:E3:FA:35:73:E5:85:77:9D:9E:31:FB:81:9B:43
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/gW5pRbos4_o1c-WFd52eMfuBm0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
80.92.224.0/20
82.117.229.0/24
85.90.223.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.38.208.0/23
185.39.196.0/22
193.111.0.0/23
193.111.48.0/22
212.110.144.0/21
217.20.160.0/19
IPv6:
2a01:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:3b:c7:f0:32:1d:ec:73:85:c6:9d:91:df:72:12:b0:6a:19:
19:92:0a:09:ef:6a:f5:5e:f5:f8:bd:f8:29:8b:0d:23:54:82:
eb:ed:48:f8:7f:24:fc:07:4c:0c:e3:1e:1c:cb:e6:56:56:58:
36:53:5c:20:06:45:72:f7:67:fa:d9:b3:37:f7:aa:94:c0:7a:
13:21:ff:8f:cc:94:95:91:b9:c9:3e:82:12:a9:59:97:5c:77:
62:3d:a2:b9:1e:90:fe:9d:0f:1b:6b:39:e4:16:cf:9f:08:08:
f0:75:16:ea:a7:17:37:8e:eb:73:35:cb:70:ef:bc:02:5b:35:
2a:a0:76:dc:18:11:fd:49:36:87:1a:8b:14:2f:2f:2a:30:96:
23:b7:13:6c:98:84:e4:28:ce:af:5d:2c:f8:a0:9d:ac:76:de:
c9:48:21:ba:5b:4c:2e:2a:b3:57:70:4b:a4:96:57:04:ce:6d:
75:ec:ee:75:fa:dc:4b:96:ae:d3:a2:bf:bb:56:ae:db:b0:c4:
22:e5:9d:0c:77:60:63:59:26:e9:8f:08:1c:d6:92:13:23:fd:
13:4f:d8:c7:f8:c0:5f:01:6d:53:db:24:f4:3d:bd:22:4e:d9:
37:60:e9:5c:df:19:00:05:12:8f:74:6f:a4:f1:d3:5d:aa:e8:
06:a5:24:da
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZB9GKseeiV5Ee+oYsoPPrtSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjQwNzA0MDkzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTZlNjk0NWJhMmNlM2ZhMzU3M2U1ODU3NzlkOWUzMWZiODE5YjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iVGYCpwZ+vi4bGPcZc7ych+eI7I
gTkn3zyVWMkS0jSc1sawYX4b6ej0YlXrUL0NWi9dnqdw8lP4FM7u5SE2gDrxR5ft
jpMQWp5ip3XeG55SiFMn5L4R/yG7GW4pGy8YeUCmcTpvAxxKJiUWqyfBekZQda5S
KMhtpDfDLnvGv4lM48RO6RIrC5f5WzLaYPH3LNQbZHj62SHClnLBBy8tAR25+pB2
QcIYECraT74lg56kdBK8gBpwgGlmRxpMdtvt3o9ZKmm1fyV4A+344zQ4savpaAzr
cbf+PabajT2tZfjEEpQhgsY0DS8jzcFKSgYPFeExZdP35xR8xUMAUwBmvQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFIFuaUW6LOP6NXPlhXednjH7gZtDMB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvZ1c1cFJib3M0X28xYy1XRmQ1MmVNZnVCbTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDH6yIAwQE
UFzgAwQAUnXlAwQAVVrfAwQEXDywAwQCXHfcAwQDgACoAwQBuSbQAwQCuSfEAwQB
wW8AAwQCwW8wAwQD1G6QAwQF2RSgMA0EAgACMAcDBQAqAQawMA0GCSqGSIb3DQEB
CwUAA4IBAQCyO8fwMh3sc4XGnZHfchKwahkZkgoJ72r1XvX4vfgpiw0jVILr7Uj4
fyT8B0wM4x4cy+ZWVlg2U1wgBkVy92f62bM396qUwHoTIf+PzJSVkbnJPoISqVmX
XHdiPaK5HpD+nQ8baznkFs+fCAjwdRbqpxc3jutzNctw77wCWzUqoHbcGBH9STaH
GosULy8qMJYjtxNsmITkKM6vXSz4oJ2sdt7JSCG6W0wuKrNXcEukllcEzm117O51
+txLlq7Tor+7Vq7bsMQi5Z0Md2BjWSbpjwgc1pITI/0TT9jH+MBfAW1T2yT0Pb0i
Ttk3YOlc3xkABRKPdG+k8dNdqugGpSTa
-----END CERTIFICATE-----
Generated at Sun Jul 14 11:13:15 2024 by rpki-client on console.sobornost.net