Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/FrjHBr6yfZ0iByP4cW7T3WaihRc.roa
File: FrjHBr6yfZ0iByP4cW7T3WaihRc.roa (raw, json)
Hash identifier: 5nTbRpGCRk6o9k+phNRv1ttWXj8wA+fHkuadarOH3ks=
Subject key identifier: 16:B8:C7:06:BE:B2:7D:9D:22:07:23:F8:71:6E:D3:DD:66:A2:85:17
Certificate issuer: /CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Certificate serial: 018CC8DF3E47C7DCE55DCAA55C2D0F85D213
Authority key identifier: 58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/FrjHBr6yfZ0iByP4cW7T3WaihRc.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16218
IP address blocks: 217.113.32.0/20 maxlen: 20
185.60.208.0/22 maxlen: 22
2a02:ea0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3e:47:c7:dc:e5:5d:ca:a5:5c:2d:0f:85:d2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2a356a5478155beaa8bc6256a86f6d5b3f73c
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16b8c706beb27d9d220723f8716ed3dd66a28517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b7:69:4c:70:79:1a:eb:c6:0d:65:a4:fd:87:
fd:fb:7b:45:45:96:5f:3d:84:5c:df:81:d8:c1:ac:
af:8a:41:31:13:cf:f1:55:67:26:65:71:e9:3b:de:
be:50:d6:a7:c9:02:35:7e:02:91:7b:9c:7b:e5:3f:
ca:98:8b:30:9c:7c:9d:9b:a9:9b:e2:63:07:a4:96:
44:5f:11:8f:c1:ee:ed:fb:b4:b9:bb:e6:0c:8c:83:
6b:cb:10:39:ea:c6:92:8d:f4:2f:f7:89:df:ba:36:
11:c2:7e:44:99:3b:0d:e1:5b:e2:da:c4:d7:58:95:
04:f0:90:17:94:36:a8:e2:67:b7:2c:30:0d:2e:62:
79:bc:aa:01:fa:a0:fb:72:90:91:b9:d5:7e:f5:f6:
50:e3:cf:6c:76:01:1c:b6:a3:67:f2:c2:e4:97:04:
e9:70:4e:5f:03:9f:2c:05:bb:57:0d:89:c9:2a:ce:
54:cf:ff:9a:df:9d:de:7f:0e:f8:8c:9d:e7:b5:1b:
2b:dc:68:11:a8:7a:d9:f1:6b:b5:62:ea:68:2f:1f:
21:2d:3c:28:a7:ad:69:d1:e8:06:b3:65:da:29:13:
4a:e9:20:17:c8:f0:e9:ba:0f:7b:18:38:8a:76:5e:
1b:4e:c1:ca:bc:b2:8b:0d:51:43:22:00:7e:ed:f0:
95:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B8:C7:06:BE:B2:7D:9D:22:07:23:F8:71:6E:D3:DD:66:A2:85:17
X509v3 Authority Key Identifier:
keyid:58:D2:A3:56:A5:47:81:55:BE:AA:8B:C6:25:6A:86:F6:D5:B3:F7:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNKjVqVHgVW-qovGJWqG9tWz9zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/FrjHBr6yfZ0iByP4cW7T3WaihRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5afc2-b04c-446d-9a04-9053054a5cab/1/WNKjVqVHgVW-qovGJWqG9tWz9zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.208.0/22
217.113.32.0/20
IPv6:
2a02:ea0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:f8:1e:6f:88:2e:bd:f5:4e:87:82:6b:c3:88:51:8d:78:0f:
30:9d:15:06:61:26:3c:0a:de:98:1f:e7:6f:af:86:06:37:4b:
ab:e3:f0:68:51:e6:cf:4d:5a:c4:c8:bd:a2:e7:3c:b5:e4:a6:
ae:e7:6b:70:2e:2b:7e:61:13:67:3f:0a:27:5b:ea:76:62:59:
b1:bf:d2:f2:cc:3f:5c:82:f4:0e:9d:57:71:3e:c9:36:45:92:
53:10:be:67:c8:4a:fe:fa:75:f6:43:af:26:31:1e:94:41:5f:
44:45:16:86:fe:a2:ab:92:61:9b:3d:91:7d:86:77:1e:99:f7:
2b:f1:41:60:1c:3e:02:cf:8c:e9:95:8f:5c:29:bc:d5:65:59:
65:79:f4:db:9f:19:e9:01:dd:fa:61:45:49:65:98:ac:94:9e:
7b:c3:2a:ec:15:aa:36:28:7b:40:c5:d8:ec:18:6e:c9:b3:df:
f5:b8:82:b1:3f:cb:f9:ec:9f:77:29:68:59:ed:52:da:d6:16:
0e:68:58:5d:d3:6d:18:e2:ec:64:c6:e5:ea:0d:de:7f:1a:de:
57:50:5f:27:4c:3c:f8:d5:68:ca:c0:d7:31:90:87:e6:69:f2:
c8:d1:62:1d:d2:f9:85:4d:ec:64:fd:95:85:7c:00:e8:1c:fd:
1c:df:8a:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3z5Hx9zlXcqlXC0PhdITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJhMzU2YTU0NzgxNTViZWFhOGJjNjI1NmE4NmY2ZDVi
M2Y3M2MwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmI4YzcwNmJlYjI3ZDlkMjIwNzIzZjg3MTZlZDNkZDY2YTI4NTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrdpTHB5GuvGDWWk/Yf9+3tFRZZf
PYRc34HYwayvikExE8/xVWcmZXHpO96+UNanyQI1fgKRe5x75T/KmIswnHydm6mb
4mMHpJZEXxGPwe7t+7S5u+YMjINryxA56saSjfQv94nfujYRwn5EmTsN4Vvi2sTX
WJUE8JAXlDao4me3LDANLmJ5vKoB+qD7cpCRudV+9fZQ489sdgEctqNn8sLklwTp
cE5fA58sBbtXDYnJKs5Uz/+a353efw74jJ3ntRsr3GgRqHrZ8Wu1YupoLx8hLTwo
p61p0egGs2XaKRNK6SAXyPDpug97GDiKdl4bTsHKvLKLDVFDIgB+7fCVTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBa4xwa+sn2dIgcj+HFu091mooUXMB8GA1UdIwQY
MBaAFFjSo1alR4FVvqqLxiVqhvbVs/c8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05LalZxVkhnVlctcW92R0pXcUc5dFd6OXp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNWFmYzItYjA0Yy00NDZkLTlhMDQt
OTA1MzA1NGE1Y2FiLzEvRnJqSEJyNnlmWjBpQnlQNGNXN1QzV2FpaFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNWFmYzItYjA0Yy00NDZkLTlhMDQtOTA1MzA1NGE1Y2Fi
LzEvV05LalZxVkhnVlctcW92R0pXcUc5dFd6OXp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTzQAwQE
2XEgMA0EAgACMAcDBQMqAg6gMA0GCSqGSIb3DQEBCwUAA4IBAQA7+B5viC699U6H
gmvDiFGNeA8wnRUGYSY8Ct6YH+dvr4YGN0ur4/BoUebPTVrEyL2i5zy15Kau52tw
Lit+YRNnPwonW+p2Ylmxv9LyzD9cgvQOnVdxPsk2RZJTEL5nyEr++nX2Q68mMR6U
QV9ERRaG/qKrkmGbPZF9hncemfcr8UFgHD4Cz4zplY9cKbzVZVllefTbnxnpAd36
YUVJZZislJ57wyrsFao2KHtAxdjsGG7Js9/1uIKxP8v57J93KWhZ7VLa1hYOaFhd
020Y4uxkxuXqDd5/Gt5XUF8nTDz41WjKwNcxkIfmafLI0WId0vmFTexk/ZWFfADo
HP0c34qV
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:30 2024 by rpki-client on console.sobornost.net