Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/TULtX9XUOz7DHDTMoHm2qgTfuy8.roa
File: TULtX9XUOz7DHDTMoHm2qgTfuy8.roa (raw, json)
Hash identifier: Cc2kwegMTcMzWAW6fb5eyW2KnEJW0XHUSzUIeNNtFU8=
Subject key identifier: 4D:42:ED:5F:D5:D4:3B:3E:C3:1C:34:CC:A0:79:B6:AA:04:DF:BB:2F
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 0190AB86C4A8FB46F400413542150B525F0F
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/TULtX9XUOz7DHDTMoHm2qgTfuy8.roa
Signing time: Sat 13 Jul 2024 09:57:34 +0000
ROA not before: Sat 13 Jul 2024 09:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210776
IP address blocks: 85.222.238.0/24 maxlen: 24
85.222.239.0/24 maxlen: 24
89.255.205.0/24 maxlen: 24
185.242.220.0/24 maxlen: 24
185.242.221.0/24 maxlen: 24
185.242.222.0/24 maxlen: 24
185.242.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ab:86:c4:a8:fb:46:f4:00:41:35:42:15:0b:52:5f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jul 13 09:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d42ed5fd5d43b3ec31c34cca079b6aa04dfbb2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9e:9e:8a:2d:73:97:73:87:4a:18:54:0e:94:
87:6e:cc:70:2d:32:83:9b:fc:78:c2:21:e9:cf:3e:
c3:af:ff:1c:37:17:27:46:3e:52:4a:87:00:2e:73:
f9:52:8f:e8:9d:f8:f6:30:1b:3d:13:b0:7a:67:28:
81:d9:b6:d8:8c:38:02:03:d1:2b:76:af:91:c2:39:
65:49:ff:6c:91:aa:4e:1d:22:4d:68:d1:6d:32:cf:
af:2f:68:c2:e3:a8:69:89:8d:a0:e3:18:92:f6:79:
6d:79:3d:25:de:cf:4a:ce:50:53:66:24:f3:6f:c5:
2e:b5:f6:70:35:56:a2:f8:99:0d:05:53:6e:bb:e1:
1a:62:bc:d3:0a:52:92:a8:81:92:4f:cb:1f:b8:ef:
90:d9:8f:14:91:e7:a8:f0:5a:c1:11:03:29:05:4a:
f8:ec:c6:f4:e7:25:bd:47:4c:a7:14:6d:bb:44:49:
2b:7d:6e:32:b5:ad:eb:6a:0f:cb:05:ac:37:47:aa:
e1:98:d6:2e:18:2a:87:b7:1b:59:8c:29:fb:70:8d:
c5:62:50:17:78:bd:60:0e:89:fa:a4:e5:56:79:45:
33:59:24:17:85:5d:8a:8a:b6:93:d6:3d:b4:61:a6:
c4:fc:8c:1d:15:5b:55:31:5e:68:83:c7:ab:ff:6c:
42:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:42:ED:5F:D5:D4:3B:3E:C3:1C:34:CC:A0:79:B6:AA:04:DF:BB:2F
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/TULtX9XUOz7DHDTMoHm2qgTfuy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.238.0/23
89.255.205.0/24
185.242.220.0/22
Signature Algorithm: sha256WithRSAEncryption
69:20:e9:c5:ad:3c:fb:04:9c:64:e8:b2:98:22:06:f7:bd:0c:
7c:71:9e:ad:f8:d3:f6:d8:52:60:00:20:78:4c:5e:be:4d:eb:
b8:5e:15:36:9b:ef:6a:6c:c7:13:cb:1f:1f:ae:95:40:a2:cc:
e2:75:55:d1:36:d5:34:bd:a6:be:7c:fd:6b:00:ef:50:05:9c:
ef:b6:31:6d:a2:70:0a:fa:7f:8c:b1:d5:07:9e:8b:41:42:93:
d9:1a:d9:6a:4d:56:9c:fb:52:e0:40:ff:9e:28:8c:b6:04:a9:
22:46:c5:63:c1:c1:3c:0e:9b:2f:e2:e0:49:7e:6f:ec:1f:46:
f5:d9:65:71:40:78:e0:73:03:68:ce:6b:4f:34:ae:de:3a:87:
b0:7e:56:c9:d3:b6:ba:4d:d8:b9:61:eb:eb:6b:ac:d5:e4:8b:
b9:5b:f7:5c:3d:c1:b4:b9:25:30:bc:cd:7a:f9:5f:14:3e:0d:
4e:93:9c:b8:01:91:11:37:28:26:d4:fd:54:64:c3:5a:b3:77:
2d:99:f2:fc:ad:67:47:04:2f:40:68:33:9c:85:20:f0:6f:23:
13:45:b3:74:58:05:26:e7:e1:fd:ef:60:e3:1e:bb:04:18:e0:
ea:1e:11:a0:b7:64:1a:3d:66:2a:df:92:8b:52:a8:05:22:aa:
29:c0:1f:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCrhsSo+0b0AEE1QhULUl8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjQwNzEzMDk1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQyZWQ1ZmQ1ZDQzYjNlYzMxYzM0Y2NhMDc5YjZhYTA0ZGZiYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn56eii1zl3OHShhUDpSHbsxwLTKD
m/x4wiHpzz7Dr/8cNxcnRj5SSocALnP5Uo/onfj2MBs9E7B6ZyiB2bbYjDgCA9Er
dq+RwjllSf9skapOHSJNaNFtMs+vL2jC46hpiY2g4xiS9nlteT0l3s9KzlBTZiTz
b8UutfZwNVai+JkNBVNuu+EaYrzTClKSqIGST8sfuO+Q2Y8Ukeeo8FrBEQMpBUr4
7Mb05yW9R0ynFG27REkrfW4yta3rag/LBaw3R6rhmNYuGCqHtxtZjCn7cI3FYlAX
eL1gDon6pOVWeUUzWSQXhV2KiraT1j20YabE/IwdFVtVMV5og8er/2xCpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE1C7V/V1Ds+wxw0zKB5tqoE37svMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvVFVMdFg5WFVPejdESERUTW9IbTJxZ1RmdXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVd7uAwQA
Wf/NAwQCufLcMA0GCSqGSIb3DQEBCwUAA4IBAQBpIOnFrTz7BJxk6LKYIgb3vQx8
cZ6t+NP22FJgACB4TF6+Teu4XhU2m+9qbMcTyx8frpVAoszidVXRNtU0vaa+fP1r
AO9QBZzvtjFtonAK+n+MsdUHnotBQpPZGtlqTVac+1LgQP+eKIy2BKkiRsVjwcE8
Dpsv4uBJfm/sH0b12WVxQHjgcwNozmtPNK7eOoewflbJ07a6Tdi5Yevra6zV5Iu5
W/dcPcG0uSUwvM16+V8UPg1Ok5y4AZERNygm1P1UZMNas3ctmfL8rWdHBC9AaDOc
hSDwbyMTRbN0WAUm5+H972DjHrsEGODqHhGgt2QaPWYq35KLUqgFIqopwB9M
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:14 2024 by rpki-client on console.sobornost.net