Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/3pS2ZkFJotR5-BVsTtvwkJ0KByI.roa
File: 3pS2ZkFJotR5-BVsTtvwkJ0KByI.roa (raw, json)
Hash identifier: dAUVOifbfmQRz+iYq/PEpYnetnBKiS0iof1s/O3g+CU=
Subject key identifier: DE:94:B6:66:41:49:A2:D4:79:F8:15:6C:4E:DB:F0:90:9D:0A:07:22
Certificate issuer: /CN=73e373fee780eeab2a90422d0ad514e084a8d611
Certificate serial: 0193AFCB6429A140686DC319818B789AEF5D
Authority key identifier: 73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/3pS2ZkFJotR5-BVsTtvwkJ0KByI.roa
Signing time: Tue 10 Dec 2024 08:59:22 +0000
ROA not before: Tue 10 Dec 2024 08:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200994
IP address blocks: 185.89.120.0/22 maxlen: 24
185.93.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:cb:64:29:a1:40:68:6d:c3:19:81:8b:78:9a:ef:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e373fee780eeab2a90422d0ad514e084a8d611
Validity
Not Before: Dec 10 08:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de94b6664149a2d479f8156c4edbf0909d0a0722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cf:19:42:f5:ba:f9:4c:55:4b:5d:d8:5b:67:
14:14:ec:77:fe:4d:e7:66:32:e9:d6:1c:30:c4:f0:
70:58:ea:fc:05:c2:aa:9f:b8:7c:42:ac:57:65:62:
73:3f:7f:be:f9:5e:07:85:3a:5b:e5:71:cd:6f:6d:
33:88:5c:53:a3:fb:2c:47:5f:4c:e6:81:6b:a8:9c:
76:f5:a4:be:5e:9c:6d:ab:38:4c:a6:8a:43:45:1f:
f5:60:a3:34:07:24:8d:91:47:f9:d5:66:8f:98:d6:
10:12:46:48:db:64:7f:95:3f:36:12:18:b0:19:be:
f7:34:44:89:74:16:dc:2b:26:5d:01:79:a5:69:5f:
49:e9:1f:f9:16:68:9e:4b:22:62:dc:cb:08:80:5b:
76:89:b2:5e:05:04:29:5c:88:36:2c:e6:bf:80:a3:
2f:a8:48:85:c7:cd:46:97:84:b4:c7:2c:f4:4c:93:
67:38:27:f8:98:b2:e0:04:d7:f7:2b:47:a8:39:20:
b3:cd:14:87:54:6c:44:13:d4:2c:9e:8c:e0:12:16:
eb:5c:23:5c:a3:4a:20:28:01:ab:a9:c1:08:3f:cd:
9a:d7:b6:79:2b:06:aa:ec:e0:89:e7:cb:08:88:fd:
eb:5d:89:cb:db:92:fa:b2:91:dd:c9:94:7e:39:0e:
d8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:94:B6:66:41:49:A2:D4:79:F8:15:6C:4E:DB:F0:90:9D:0A:07:22
X509v3 Authority Key Identifier:
keyid:73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/3pS2ZkFJotR5-BVsTtvwkJ0KByI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.120.0/22
185.93.5.0/24
Signature Algorithm: sha256WithRSAEncryption
21:4b:d2:09:b1:8b:24:64:de:ed:ce:6b:51:44:71:e1:e1:d0:
8e:ae:df:15:37:c4:d6:ad:6d:0b:b2:d2:b9:be:f2:b0:62:dc:
8d:f6:bb:2c:e3:28:65:3c:c4:59:7e:9f:12:ec:f2:03:50:42:
bd:19:8c:11:5e:fd:18:b4:f7:a5:4d:89:4b:82:5f:be:39:38:
26:40:12:5d:60:43:ef:96:36:6d:6f:cb:8c:f1:de:68:37:39:
ac:a4:77:39:57:0c:ad:11:ec:35:47:95:ad:f5:87:cc:f1:47:
84:31:03:4c:0f:dc:48:c7:3e:3e:2c:c5:52:fc:cb:97:32:be:
f0:2f:73:37:67:f9:b2:49:c4:24:74:07:c1:94:b8:b5:34:45:
5e:df:4b:cf:79:91:e2:46:f9:29:42:56:3e:b7:99:c0:72:85:
59:d3:3d:86:07:45:4a:db:d6:13:c3:28:29:d3:64:68:f5:25:
74:08:e2:7b:13:4a:1b:3e:14:0e:85:5f:5e:c0:eb:3d:51:83:
43:ca:bb:59:08:61:61:fe:67:b1:f8:a5:e9:10:c7:80:48:cb:
30:d8:e5:40:99:6e:15:ac:56:45:0c:02:52:94:19:e9:ed:1c:
ff:54:7d:4d:1b:6b:b8:a3:52:be:45:e0:7c:92:61:50:1a:d3:
e6:7d:a8:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOvy2QpoUBobcMZgYt4mu9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTM3M2ZlZTc4MGVlYWIyYTkwNDIyZDBhZDUxNGUwODRh
OGQ2MTEwHhcNMjQxMjEwMDg1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTk0YjY2NjQxNDlhMmQ0NzlmODE1NmM0ZWRiZjA5MDlkMGEwNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr88ZQvW6+UxVS13YW2cUFOx3/k3n
ZjLp1hwwxPBwWOr8BcKqn7h8QqxXZWJzP3+++V4HhTpb5XHNb20ziFxTo/ssR19M
5oFrqJx29aS+XpxtqzhMpopDRR/1YKM0BySNkUf51WaPmNYQEkZI22R/lT82Ehiw
Gb73NESJdBbcKyZdAXmlaV9J6R/5FmieSyJi3MsIgFt2ibJeBQQpXIg2LOa/gKMv
qEiFx81Gl4S0xyz0TJNnOCf4mLLgBNf3K0eoOSCzzRSHVGxEE9QsnozgEhbrXCNc
o0ogKAGrqcEIP82a17Z5Kwaq7OCJ58sIiP3rXYnL25L6spHdyZR+OQ7Y1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6UtmZBSaLUefgVbE7b8JCdCgciMB8GA1UdIwQY
MBaAFHPjc/7ngO6rKpBCLQrVFOCEqNYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTIt
MDQxZmQ0YzZmZmQ0LzEvM3BTMlprRkpvdFI1LUJWc1R0dndrSjBLQnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTItMDQxZmQ0YzZmZmQ0
LzEvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVl4AwQA
uV0FMA0GCSqGSIb3DQEBCwUAA4IBAQAhS9IJsYskZN7tzmtRRHHh4dCOrt8VN8TW
rW0LstK5vvKwYtyN9rss4yhlPMRZfp8S7PIDUEK9GYwRXv0YtPelTYlLgl++OTgm
QBJdYEPvljZtb8uM8d5oNzmspHc5VwytEew1R5Wt9YfM8UeEMQNMD9xIxz4+LMVS
/MuXMr7wL3M3Z/myScQkdAfBlLi1NEVe30vPeZHiRvkpQlY+t5nAcoVZ0z2GB0VK
29YTwygp02Ro9SV0COJ7E0obPhQOhV9ewOs9UYNDyrtZCGFh/mex+KXpEMeASMsw
2OVAmW4VrFZFDAJSlBnp7Rz/VH1NG2u4o1K+ReB8kmFQGtPmfah6
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:17 2024 by rpki-client on console.sobornost.net