Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/9073ba-88e2-4a45-9daf-5a0a1d0ac58c/1/YO5cOTZl2ldrZwKXW6zOLE4bQqg.roa
File: YO5cOTZl2ldrZwKXW6zOLE4bQqg.roa (raw, json)
Hash identifier: ApXRUpTx1jzGya4XHDzB+ReBaaKmJBdmRb81q56BZT8=
Subject key identifier: 60:EE:5C:39:36:65:DA:57:6B:67:02:97:5B:AC:CE:2C:4E:1B:42:A8
Certificate issuer: /CN=8846405bfcc78066c5192cb3ebe72c443c557288
Certificate serial: 018CC94ADB885535F12DBF5279F479307CA0
Authority key identifier: 88:46:40:5B:FC:C7:80:66:C5:19:2C:B3:EB:E7:2C:44:3C:55:72:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEZAW_zHgGbFGSyz6-csRDxVcog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/9073ba-88e2-4a45-9daf-5a0a1d0ac58c/1/YO5cOTZl2ldrZwKXW6zOLE4bQqg.roa
Signing time: Tue 02 Jan 2024 08:29:35 +0000
ROA not before: Tue 02 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205644
IP address blocks: 185.68.182.0/24 maxlen: 24
2a13:8b00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:db:88:55:35:f1:2d:bf:52:79:f4:79:30:7c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8846405bfcc78066c5192cb3ebe72c443c557288
Validity
Not Before: Jan 2 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60ee5c393665da576b6702975bacce2c4e1b42a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:9e:3e:eb:90:82:c8:b8:ae:8a:03:4b:d2:
9c:0d:a5:c7:27:35:e8:d4:b3:d9:08:6a:fd:d2:68:
6e:c8:a8:4e:2d:9e:6d:65:fc:e6:d8:65:60:f7:64:
cb:ea:f2:a6:c7:79:1c:61:50:7f:45:6b:30:a5:5b:
37:d1:51:ed:f0:dd:b2:93:87:90:9f:b4:7c:5d:eb:
2f:ac:d2:f2:7c:e0:ef:6a:b2:91:3a:1e:a6:c7:55:
14:cf:58:9c:c4:74:d3:58:82:6f:64:27:20:63:b1:
10:5c:e7:e5:b8:ad:d5:cf:8c:9a:ee:63:1c:dc:49:
4f:24:4d:45:4a:d2:8a:e8:1e:54:8c:0b:cf:45:90:
71:c0:a2:3e:d6:4d:12:b1:ca:3c:20:71:68:4d:d2:
20:4a:d1:90:b6:64:68:59:ac:83:e4:64:13:0c:79:
ac:2d:d1:a2:34:d2:29:7a:07:fc:00:c6:0c:f1:d3:
00:16:f6:d7:90:ec:ae:e7:0d:90:45:c6:82:78:34:
76:ee:fa:8b:8d:eb:ce:ca:92:ed:ba:e1:6f:75:0e:
8e:9b:00:c5:5a:ab:6f:05:be:36:68:23:4c:d9:04:
62:06:69:f7:5b:e6:29:2f:3a:ba:52:2a:20:15:c1:
6d:11:c2:bb:7d:0b:94:a3:0d:33:4b:5d:dd:1f:70:
73:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EE:5C:39:36:65:DA:57:6B:67:02:97:5B:AC:CE:2C:4E:1B:42:A8
X509v3 Authority Key Identifier:
keyid:88:46:40:5B:FC:C7:80:66:C5:19:2C:B3:EB:E7:2C:44:3C:55:72:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEZAW_zHgGbFGSyz6-csRDxVcog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9073ba-88e2-4a45-9daf-5a0a1d0ac58c/1/YO5cOTZl2ldrZwKXW6zOLE4bQqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9073ba-88e2-4a45-9daf-5a0a1d0ac58c/1/iEZAW_zHgGbFGSyz6-csRDxVcog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.182.0/24
IPv6:
2a13:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
ad:fc:06:0e:d7:93:4b:04:41:a2:f5:6a:a0:22:88:75:e6:36:
68:34:71:c7:43:26:a4:fb:6e:d6:b1:22:b1:6a:df:66:0e:5e:
52:86:e6:7c:13:67:ae:80:ab:aa:3d:f5:f0:de:43:7d:44:af:
98:00:c1:fb:b1:3a:ff:ed:0b:d6:23:a3:85:e6:8d:00:9a:fd:
ce:a9:75:a2:76:49:77:ca:11:0b:5f:fc:8c:69:45:ab:24:be:
92:93:20:0a:ff:3c:e0:35:11:fb:3c:6c:cb:75:d0:85:8c:71:
ac:af:3d:f1:66:a4:2b:3d:66:e6:ba:7f:3a:35:7d:03:58:79:
bf:5d:a2:2a:a5:62:d1:30:8f:65:57:dd:81:f8:59:ec:21:f5:
ba:74:f5:ef:c2:59:ff:73:ab:bd:7a:39:07:83:61:eb:70:2d:
b5:50:61:5b:2a:f0:79:d8:29:71:58:a3:dd:51:42:67:e2:67:
b7:fd:db:08:dd:d0:e2:97:68:75:19:8d:77:ed:4d:bd:b8:de:
15:6b:b7:1e:a2:43:d2:70:10:0a:6e:55:e8:1a:5e:96:e5:a5:
c1:74:88:b8:83:cd:5e:5b:5c:bf:84:95:fd:52:90:10:68:df:
59:41:4f:a9:0d:8c:eb:d6:29:73:81:40:dc:bf:c4:37:5b:ac:
12:f3:ee:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJStuIVTXxLb9SefR5MHygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDY0MDViZmNjNzgwNjZjNTE5MmNiM2ViZTcyYzQ0M2M1
NTcyODgwHhcNMjQwMTAyMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVlNWMzOTM2NjVkYTU3NmI2NzAyOTc1YmFjY2UyYzRlMWI0MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMiePuuQgsi4rooDS9KcDaXHJzXo
1LPZCGr90mhuyKhOLZ5tZfzm2GVg92TL6vKmx3kcYVB/RWswpVs30VHt8N2yk4eQ
n7R8XesvrNLyfODvarKROh6mx1UUz1icxHTTWIJvZCcgY7EQXOfluK3Vz4ya7mMc
3ElPJE1FStKK6B5UjAvPRZBxwKI+1k0Ssco8IHFoTdIgStGQtmRoWayD5GQTDHms
LdGiNNIpegf8AMYM8dMAFvbXkOyu5w2QRcaCeDR27vqLjevOypLtuuFvdQ6OmwDF
WqtvBb42aCNM2QRiBmn3W+YpLzq6UiogFcFtEcK7fQuUow0zS13dH3BznwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDuXDk2ZdpXa2cCl1uszixOG0KoMB8GA1UdIwQY
MBaAFIhGQFv8x4BmxRkss+vnLEQ8VXKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVaQVdfekhnR2JGR1N5ejYtY3NSRHhWY29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85MDczYmEtODhlMi00YTQ1LTlkYWYt
NWEwYTFkMGFjNThjLzEvWU81Y09UWmwybGRyWndLWFc2ek9MRTRiUXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85MDczYmEtODhlMi00YTQ1LTlkYWYtNWEwYTFkMGFjNThj
LzEvaUVaQVdfekhnR2JGR1N5ejYtY3NSRHhWY29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUS2MA0E
AgACMAcDBQMqE4sAMA0GCSqGSIb3DQEBCwUAA4IBAQCt/AYO15NLBEGi9WqgIoh1
5jZoNHHHQyak+27WsSKxat9mDl5ShuZ8E2eugKuqPfXw3kN9RK+YAMH7sTr/7QvW
I6OF5o0Amv3OqXWidkl3yhELX/yMaUWrJL6SkyAK/zzgNRH7PGzLddCFjHGsrz3x
ZqQrPWbmun86NX0DWHm/XaIqpWLRMI9lV92B+FnsIfW6dPXvwln/c6u9ejkHg2Hr
cC21UGFbKvB52ClxWKPdUUJn4me3/dsI3dDil2h1GY137U29uN4Va7ceokPScBAK
blXoGl6W5aXBdIi4g81eW1y/hJX9UpAQaN9ZQU+pDYzr1ilzgUDcv8Q3W6wS8+7a
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:25 2024 by rpki-client on console.sobornost.net