Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/Ih0i2AasIenAr8-0nZ0NeGBfOas.roa
File: Ih0i2AasIenAr8-0nZ0NeGBfOas.roa (raw, json)
Hash identifier: dQpFcB11Tp1DO6WBqyAuV8H2VwHHEeLZyllPjnvVaXo=
Subject key identifier: 22:1D:22:D8:06:AC:21:E9:C0:AF:CF:B4:9D:9D:0D:78:60:5F:39:AB
Certificate issuer: /CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Certificate serial: 018F577FAEF62733F5819C643C8B5106D9E0
Authority key identifier: AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/Ih0i2AasIenAr8-0nZ0NeGBfOas.roa
Signing time: Wed 08 May 2024 09:18:56 +0000
ROA not before: Wed 08 May 2024 09:18:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 185.40.8.0/22 maxlen: 24
185.114.236.0/22 maxlen: 24
194.29.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:7f:ae:f6:27:33:f5:81:9c:64:3c:8b:51:06:d9:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Validity
Not Before: May 8 09:18:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=221d22d806ac21e9c0afcfb49d9d0d78605f39ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d3:db:b0:08:5f:9a:7f:be:7d:cf:f3:71:98:
c7:9f:b3:29:12:32:1a:af:d2:2d:f9:af:e6:0a:1a:
53:8d:29:43:11:0a:22:6f:db:99:e7:24:13:61:e9:
54:2d:cb:ae:ed:8f:e2:96:c8:33:65:9d:85:ae:51:
f9:d0:47:f0:54:85:1a:0e:cf:70:d5:8b:b3:63:25:
6e:4a:96:d2:e9:50:2d:fa:cc:7b:a9:40:21:79:f1:
49:23:5f:9f:b9:79:12:57:8a:02:35:70:05:7a:08:
e2:a9:14:1a:46:e7:30:5b:e4:9c:86:5b:cd:de:1f:
58:57:e0:79:76:69:28:4a:71:24:bb:b8:85:12:80:
74:62:2b:ac:48:59:f5:36:51:5f:d8:2b:81:a5:c6:
8b:c2:ff:f6:78:71:56:0f:e9:b9:c0:d8:55:83:7b:
56:dd:10:03:d5:be:d6:3d:b9:2d:25:5f:68:a3:af:
21:8d:85:13:9a:bf:24:54:e9:d9:8f:e7:f9:34:34:
01:33:9b:ae:da:fd:33:f3:be:f5:1a:a0:24:1f:5b:
fc:20:38:c1:2e:97:2f:e2:2d:f9:03:14:a7:4c:28:
68:fb:ce:a4:61:9f:96:17:f8:29:21:82:98:f4:27:
a3:64:6d:b1:38:91:44:1f:f8:d7:b0:30:a8:18:ee:
19:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:1D:22:D8:06:AC:21:E9:C0:AF:CF:B4:9D:9D:0D:78:60:5F:39:AB
X509v3 Authority Key Identifier:
keyid:AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/Ih0i2AasIenAr8-0nZ0NeGBfOas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.8.0/22
185.114.236.0/22
194.29.52.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:31:c7:8f:ac:00:5a:42:cd:9f:06:d1:97:82:5b:10:f7:ad:
cf:69:0f:3d:31:38:f3:90:b1:2b:15:12:86:54:94:a0:93:d8:
a5:bd:7d:38:e4:48:3f:9c:99:89:b9:2e:91:ba:86:11:d0:7b:
8d:36:3c:b7:47:ba:e8:b3:42:ef:33:36:32:b7:f3:b1:95:91:
79:0c:4d:b3:b8:30:7e:c4:b3:ef:2e:77:03:e6:69:75:55:88:
ec:83:84:89:52:29:69:e1:d0:e6:4b:34:1b:c7:c6:39:32:78:
4b:06:af:c4:bc:9f:9e:01:8d:01:5b:2d:5b:38:d4:da:56:4d:
40:50:12:d1:e7:5f:c1:4d:6c:5b:cd:4c:ef:0f:57:59:e4:3b:
07:1e:cf:f8:0f:76:e5:5d:a6:17:61:f1:02:14:e4:aa:b8:94:
1d:0d:b0:2a:58:d9:85:d7:46:a3:90:57:6a:db:c9:55:41:87:
79:e2:70:9e:27:b5:86:8f:41:ee:3a:25:31:c0:88:23:49:d9:
83:05:fe:6a:f1:86:c6:11:be:51:4b:b0:75:96:c7:c4:23:e9:
06:d8:0d:08:7b:d7:53:78:3d:0e:08:76:01:ee:d0:37:98:3c:
79:1b:a5:3b:17:63:ec:1a:d4:af:df:ef:59:92:0e:ba:d5:c7:
25:b1:ec:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9Xf672JzP1gZxkPItRBtngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWU4NmE3NmJkZGMxMjAzYTAyOWQzMTQ3NWQzZWJjNTdk
OTBhNDEwHhcNMjQwNTA4MDkxODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjFkMjJkODA2YWMyMWU5YzBhZmNmYjQ5ZDlkMGQ3ODYwNWYzOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NPbsAhfmn++fc/zcZjHn7MpEjIa
r9It+a/mChpTjSlDEQoib9uZ5yQTYelULcuu7Y/ilsgzZZ2FrlH50EfwVIUaDs9w
1YuzYyVuSpbS6VAt+sx7qUAhefFJI1+fuXkSV4oCNXAFegjiqRQaRucwW+SchlvN
3h9YV+B5dmkoSnEku7iFEoB0YiusSFn1NlFf2CuBpcaLwv/2eHFWD+m5wNhVg3tW
3RAD1b7WPbktJV9oo68hjYUTmr8kVOnZj+f5NDQBM5uu2v0z8771GqAkH1v8IDjB
Lpcv4i35AxSnTCho+86kYZ+WF/gpIYKY9CejZG2xOJFEH/jXsDCoGO4Z+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCIdItgGrCHpwK/PtJ2dDXhgXzmrMB8GA1UdIwQY
MBaAFKqehqdr3cEgOgKdMUddPrxX2QpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQt
MDNiMGVlYzdmZjI5LzEvSWgwaTJBYXNJZW5BcjgtMG5aME5lR0JmT2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQtMDNiMGVlYzdmZjI5
LzEvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuSgIAwQC
uXLsAwQAwh00MA0GCSqGSIb3DQEBCwUAA4IBAQBcMcePrABaQs2fBtGXglsQ963P
aQ89MTjzkLErFRKGVJSgk9ilvX045Eg/nJmJuS6RuoYR0HuNNjy3R7ros0LvMzYy
t/OxlZF5DE2zuDB+xLPvLncD5ml1VYjsg4SJUilp4dDmSzQbx8Y5MnhLBq/EvJ+e
AY0BWy1bONTaVk1AUBLR51/BTWxbzUzvD1dZ5DsHHs/4D3blXaYXYfECFOSquJQd
DbAqWNmF10ajkFdq28lVQYd54nCeJ7WGj0HuOiUxwIgjSdmDBf5q8YbGEb5RS7B1
lsfEI+kG2A0Ie9dTeD0OCHYB7tA3mDx5G6U7F2PsGtSv3+9Zkg661cclsexz
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:48:32 2024 by rpki-client on console.sobornost.net