Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/NY4KxZ8vyUr1Ch65ld8eEFbAMdM.roa
File: NY4KxZ8vyUr1Ch65ld8eEFbAMdM.roa (raw, json)
Hash identifier: VXfVuP+JLWGSDG2vsj0O903ywTcVoraAGy0Oa7pVdzs=
Subject key identifier: 35:8E:0A:C5:9F:2F:C9:4A:F5:0A:1E:B9:95:DF:1E:10:56:C0:31:D3
Certificate issuer: /CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78
Certificate serial: 018D7EB7D7B703AEDE20F4A1BE7C0514D88D
Authority key identifier: B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/NY4KxZ8vyUr1Ch65ld8eEFbAMdM.roa
Signing time: Tue 06 Feb 2024 13:59:53 +0000
ROA not before: Tue 06 Feb 2024 13:59:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210197
IP address blocks: 85.204.38.0/24 maxlen: 24
2a13:f400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:b7:d7:b7:03:ae:de:20:f4:a1:be:7c:05:14:d8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78
Validity
Not Before: Feb 6 13:59:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=358e0ac59f2fc94af50a1eb995df1e1056c031d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b9:f1:7e:af:ce:5a:91:fd:4a:71:2b:32:0e:
8e:77:3a:2c:a2:9f:c7:a3:29:17:bc:2e:5b:af:6d:
5b:d2:98:76:4b:c0:77:ea:da:ed:cf:6d:21:4a:ff:
c3:23:e6:ce:04:bc:94:c0:15:e2:70:e2:34:21:bb:
cd:c8:f6:f2:c9:5b:05:12:b3:c1:0b:11:92:be:83:
27:da:a4:99:15:73:e2:10:e3:e0:a3:0f:46:af:79:
b4:7a:91:1d:cb:09:bf:ee:fb:5e:8c:2c:6d:ef:06:
66:61:b2:4f:97:76:6a:e9:87:76:9f:2c:c7:b9:ae:
dd:fd:00:32:b8:b7:aa:16:26:d5:13:e2:e0:81:bb:
b8:00:5f:18:a2:5d:4c:73:76:8a:a3:c8:a1:bf:21:
22:d9:5a:69:d6:20:d9:90:78:0e:2e:41:b0:75:9f:
24:bf:3a:f3:3c:65:a7:05:97:8d:f3:84:7c:85:37:
06:fd:91:f4:c3:ff:eb:3e:63:82:f1:14:2f:fb:9b:
34:b9:92:08:07:aa:60:ad:a1:90:40:53:65:7f:26:
6c:4b:36:ba:31:ee:1e:46:55:9e:c6:34:6a:7a:e5:
d0:25:68:3f:91:bc:8f:4f:f0:ac:cc:a1:f9:15:35:
63:cc:0b:aa:5c:ae:8f:2f:4a:06:a9:aa:76:b1:d4:
64:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8E:0A:C5:9F:2F:C9:4A:F5:0A:1E:B9:95:DF:1E:10:56:C0:31:D3
X509v3 Authority Key Identifier:
keyid:B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/NY4KxZ8vyUr1Ch65ld8eEFbAMdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.38.0/24
IPv6:
2a13:f400::/29
Signature Algorithm: sha256WithRSAEncryption
43:b7:7c:b3:46:6c:18:01:1c:5c:04:77:e7:65:8d:3a:3d:06:
f3:a4:05:b7:75:39:a3:7b:96:78:c3:da:c6:42:26:a0:de:b7:
05:d9:bf:03:16:9d:5a:48:63:55:0a:11:d0:31:63:e7:8e:51:
e6:10:22:ad:1d:17:f5:12:c3:db:e8:8b:46:3a:c9:65:9a:b4:
60:36:cc:72:c8:37:9d:c0:43:de:32:d0:41:ff:69:a5:5b:97:
64:ee:ee:02:72:64:89:62:ab:62:59:50:1e:6f:75:29:a0:1b:
83:b7:9c:86:67:09:89:a4:bc:b3:18:17:61:d5:6c:13:cf:51:
d0:4d:95:0c:b0:1c:9a:4c:52:c8:03:e9:bc:2b:bd:29:86:f9:
69:03:48:61:f1:22:ad:26:1c:f3:21:fb:ec:79:35:7b:ed:dd:
4a:a6:f3:9a:f2:d6:92:bc:a1:7d:33:60:e7:1b:50:42:0a:3e:
b6:3a:4c:83:37:33:c7:32:ac:8b:ec:68:4e:19:5f:57:24:e1:
e1:bc:c9:d1:79:7b:07:5c:96:4f:3f:83:de:49:ca:52:b3:7f:
a5:58:da:3c:55:c7:fd:42:7a:0c:4a:7e:a9:88:bb:70:66:74:
ef:e4:2e:46:2d:37:70:d5:3a:e2:1c:24:a4:13:67:53:53:aa:
09:25:89:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1+t9e3A67eIPShvnwFFNiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGRkZjZmMDMzMzFjZDc3M2M3ZTdhYmIxNTQyOWJhOGQy
MGJkNzgwHhcNMjQwMjA2MTM1OTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThlMGFjNTlmMmZjOTRhZjUwYTFlYjk5NWRmMWUxMDU2YzAzMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLnxfq/OWpH9SnErMg6Odzosop/H
oykXvC5br21b0ph2S8B36trtz20hSv/DI+bOBLyUwBXicOI0IbvNyPbyyVsFErPB
CxGSvoMn2qSZFXPiEOPgow9Gr3m0epEdywm/7vtejCxt7wZmYbJPl3Zq6Yd2nyzH
ua7d/QAyuLeqFibVE+Lggbu4AF8Yol1Mc3aKo8ihvyEi2Vpp1iDZkHgOLkGwdZ8k
vzrzPGWnBZeN84R8hTcG/ZH0w//rPmOC8RQv+5s0uZIIB6pgraGQQFNlfyZsSza6
Me4eRlWexjRqeuXQJWg/kbyPT/CszKH5FTVjzAuqXK6PL0oGqap2sdRkTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDWOCsWfL8lK9QoeuZXfHhBWwDHTMB8GA1UdIwQY
MBaAFLVN328DMxzXc8fnq7FUKbqNIL14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQt
ODQwMjZiYzg1MmYwLzEvTlk0S3haOHZ5VXIxQ2g2NWxkOGVFRmJBTWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQtODQwMjZiYzg1MmYw
LzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAVcwmMA0E
AgACMAcDBQMqE/QAMA0GCSqGSIb3DQEBCwUAA4IBAQBDt3yzRmwYARxcBHfnZY06
PQbzpAW3dTmje5Z4w9rGQiag3rcF2b8DFp1aSGNVChHQMWPnjlHmECKtHRf1EsPb
6ItGOsllmrRgNsxyyDedwEPeMtBB/2mlW5dk7u4CcmSJYqtiWVAeb3UpoBuDt5yG
ZwmJpLyzGBdh1WwTz1HQTZUMsByaTFLIA+m8K70phvlpA0hh8SKtJhzzIfvseTV7
7d1KpvOa8taSvKF9M2DnG1BCCj62OkyDNzPHMqyL7GhOGV9XJOHhvMnReXsHXJZP
P4PeScpSs3+lWNo8Vcf9QnoMSn6piLtwZnTv5C5GLTdw1TriHCSkE2dTU6oJJYkT
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:21:49 2024 by rpki-client on console.sobornost.net