Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/1-tXtQJ8M9B_wjdVCuvqi8yhVeig.roa
File: 1-tXtQJ8M9B_wjdVCuvqi8yhVeig.roa (raw, json)
Hash identifier: AOzpY1RKy7UmPnBo4JGs+5BFID0QMs6SgbPXvOfxiMI=
Subject key identifier: FA:D5:ED:40:9F:0C:F4:1F:F0:8D:D5:42:BA:FA:A2:F3:28:55:7A:28
Certificate issuer: /CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Certificate serial: 018CC56ED83932EFDD712554FEC17E5212A3
Authority key identifier: C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/1-tXtQJ8M9B_wjdVCuvqi8yhVeig.roa
Signing time: Mon 01 Jan 2024 14:30:25 +0000
ROA not before: Mon 01 Jan 2024 14:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197014
IP address blocks: 185.36.216.0/22 maxlen: 24
194.247.26.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d8:39:32:ef:dd:71:25:54:fe:c1:7e:52:12:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9470ae418eeddd6b39dae9e7a177a19c7799c41
Validity
Not Before: Jan 1 14:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad5ed409f0cf41ff08dd542bafaa2f328557a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1e:c7:42:03:ea:0e:a1:cf:7a:32:22:03:6f:
b6:64:f0:5d:2e:f3:57:aa:2a:8f:05:74:28:d1:56:
bb:5f:1f:e8:a1:05:4f:19:d7:4a:10:53:40:70:47:
4e:ed:be:d8:95:42:16:65:57:63:02:5f:7e:0d:ae:
ab:81:07:dd:9d:44:b7:33:66:76:bf:c3:04:3a:a6:
2c:dd:8c:82:66:d1:9f:81:6a:bf:29:2f:f1:4d:8c:
c6:aa:49:d1:9b:cc:4d:9d:3a:71:62:d4:71:8c:e0:
2d:5b:0a:56:a9:a1:90:40:c7:ac:37:9f:94:6b:26:
c4:4d:ea:4c:51:cc:ff:ea:db:52:fd:26:54:55:7f:
71:bf:ad:3a:7b:fd:13:f7:d6:a8:f7:53:ff:6a:18:
77:0a:b3:4c:34:ff:c9:21:ee:a6:57:f3:0b:c2:ee:
31:da:fa:34:c7:29:8c:2f:61:1f:3b:d2:b1:41:82:
83:4a:fd:35:44:00:a6:c1:5f:3e:ce:7c:f4:7d:2e:
02:35:29:80:c0:14:db:09:8e:fc:9d:d6:28:94:0b:
99:c2:33:ac:d9:e8:3a:1e:66:af:d5:ae:77:aa:09:
0b:d4:95:97:ad:ef:4b:fe:0d:26:4b:3b:4b:1a:53:
6b:29:1d:8b:fa:0f:6c:c8:4e:2e:df:a7:26:c1:bb:
d6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D5:ED:40:9F:0C:F4:1F:F0:8D:D5:42:BA:FA:A2:F3:28:55:7A:28
X509v3 Authority Key Identifier:
keyid:C9:47:0A:E4:18:EE:DD:D6:B3:9D:AE:9E:7A:17:7A:19:C7:79:9C:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUcK5Bju3dazna6eehd6Gcd5nEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/1-tXtQJ8M9B_wjdVCuvqi8yhVeig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce022d-d8db-4459-be1c-b091215d5e4d/1/yUcK5Bju3dazna6eehd6Gcd5nEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.216.0/22
194.247.26.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:04:e0:88:38:3e:7a:36:13:45:dc:db:0a:69:d0:41:dc:12:
96:9b:d1:d9:a4:76:e2:47:a1:5a:b0:10:89:91:cf:80:eb:d6:
f2:56:6c:ac:aa:50:f6:6b:5b:18:10:f5:9b:53:2e:f2:8f:c5:
d2:ee:95:28:02:e5:f6:54:8e:fc:0d:ca:cf:99:26:a8:d4:cd:
a7:eb:47:b6:95:bc:4d:6f:7e:9f:01:1b:c0:79:36:0e:c5:99:
05:b3:34:3e:8f:cc:eb:f0:f8:4e:9d:80:e3:c9:5e:a6:c5:d3:
07:cf:51:ee:d1:15:ae:aa:1f:60:2c:35:46:d9:80:76:fb:31:
ed:d7:6e:0d:56:56:b3:ad:6d:e0:09:3f:3c:28:66:74:7b:4d:
bd:81:30:95:eb:f8:b9:6d:3f:ac:6c:c1:92:b8:a0:65:2a:0f:
ff:7a:ef:f8:d2:79:74:38:0a:86:12:72:a4:1b:de:6e:77:b7:
5f:df:77:a3:40:8b:55:ea:08:2a:72:ca:7e:dd:10:ed:32:aa:
23:a0:52:c3:f0:74:7f:86:2b:4b:f8:ec:b0:f3:b4:dd:2c:63:
f0:a7:9d:f7:5a:ae:a8:ad:99:e5:24:4a:2d:6f:1d:e5:61:b9:
70:e7:3b:8e:d7:b8:19:d4:16:df:b5:48:a7:ee:ca:8c:83:6e:
75:21:8d:a0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzFbtg5Mu/dcSVU/sF+UhKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDcwYWU0MThlZWRkZDZiMzlkYWU5ZTdhMTc3YTE5Yzc3
OTljNDEwHhcNMjQwMTAxMTQzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ1ZWQ0MDlmMGNmNDFmZjA4ZGQ1NDJiYWZhYTJmMzI4NTU3YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh7HQgPqDqHPejIiA2+2ZPBdLvNX
qiqPBXQo0Va7Xx/ooQVPGddKEFNAcEdO7b7YlUIWZVdjAl9+Da6rgQfdnUS3M2Z2
v8MEOqYs3YyCZtGfgWq/KS/xTYzGqknRm8xNnTpxYtRxjOAtWwpWqaGQQMesN5+U
aybETepMUcz/6ttS/SZUVX9xv606e/0T99ao91P/ahh3CrNMNP/JIe6mV/MLwu4x
2vo0xymML2EfO9KxQYKDSv01RACmwV8+znz0fS4CNSmAwBTbCY78ndYolAuZwjOs
2eg6Hmav1a53qgkL1JWXre9L/g0mSztLGlNrKR2L+g9syE4u36cmwbvWqQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPrV7UCfDPQf8I3VQrr6ovMoVXooMB8GA1UdIwQY
MBaAFMlHCuQY7t3Ws52unnoXehnHeZxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVVjSzVCanUzZGF6bmE2ZWVoZDZHY2Q1bkVFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTAyMmQtZDhkYi00NDU5LWJlMWMt
YjA5MTIxNWQ1ZTRkLzEvMS10WHRRSjhNOUJfd2pkVkN1dnFpOHloVmVpZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWEvY2UwMjJkLWQ4ZGItNDQ1OS1iZTFjLWIwOTEyMTVkNWU0
ZC8xL3lVY0s1Qmp1M2Rhem5hNmVlaGQ2R2NkNW5FRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkk2AME
AcL3GjANBgkqhkiG9w0BAQsFAAOCAQEAOwTgiDg+ejYTRdzbCmnQQdwSlpvR2aR2
4kehWrAQiZHPgOvW8lZsrKpQ9mtbGBD1m1Mu8o/F0u6VKALl9lSO/A3Kz5kmqNTN
p+tHtpW8TW9+nwEbwHk2DsWZBbM0Po/M6/D4Tp2A48lepsXTB89R7tEVrqofYCw1
RtmAdvsx7dduDVZWs61t4Ak/PChmdHtNvYEwlev4uW0/rGzBkrigZSoP/3rv+NJ5
dDgKhhJypBvebne3X993o0CLVeoIKnLKft0Q7TKqI6BSw/B0f4YrS/jssPO03Sxj
8Ked91quqK2Z5SRKLW8d5WG5cOc7jte4GdQW37VIp+7KjINudSGNoA==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:44 2024 by rpki-client on console.sobornost.net