Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/cQY2Ga8xLKi3rsdpPaTC9jxAmW8.roa
File: cQY2Ga8xLKi3rsdpPaTC9jxAmW8.roa (raw, json)
Hash identifier: 02A4+mxNx7tPKoVPi9omuqyzU7739XeuRZ08Y7Z3s5k=
Subject key identifier: 71:06:36:19:AF:31:2C:A8:B7:AE:C7:69:3D:A4:C2:F6:3C:40:99:6F
Certificate issuer: /CN=208f8bf8d012a25cccee2106803d7064320ed0f0
Certificate serial: 0193CF07C385FC0B79071774D95FE2DC44F0
Authority key identifier: 20:8F:8B:F8:D0:12:A2:5C:CC:EE:21:06:80:3D:70:64:32:0E:D0:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/II-L-NASolzM7iEGgD1wZDIO0PA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/cQY2Ga8xLKi3rsdpPaTC9jxAmW8.roa
Signing time: Mon 16 Dec 2024 10:33:32 +0000
ROA not before: Mon 16 Dec 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.184.172.0/23 maxlen: 23
185.184.174.0/23 maxlen: 23
185.191.252.0/23 maxlen: 23
185.191.254.0/23 maxlen: 23
185.236.244.0/24 maxlen: 24
185.236.245.0/24 maxlen: 24
185.236.246.0/24 maxlen: 24
185.236.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:07:c3:85:fc:0b:79:07:17:74:d9:5f:e2:dc:44:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=208f8bf8d012a25cccee2106803d7064320ed0f0
Validity
Not Before: Dec 16 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71063619af312ca8b7aec7693da4c2f63c40996f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dd:75:eb:56:52:ea:ce:36:b1:b2:95:17:14:
bb:06:6f:8d:8b:0d:79:de:97:c6:69:b5:e1:ea:e4:
7c:b8:29:51:01:be:6c:19:98:d7:ac:19:fc:39:7e:
ba:8e:a1:70:dc:ad:6d:18:39:cb:29:59:42:ba:79:
62:93:2c:cd:a1:63:5f:9c:95:d5:68:8a:ec:9c:ad:
a2:d7:3b:c7:d1:c2:72:d5:9e:80:d0:30:8e:fb:bb:
34:d6:2c:ec:c9:5e:0c:7c:1b:4c:37:ba:6f:46:44:
b8:03:8c:16:8f:fa:a9:b7:fe:0b:d9:b9:61:92:83:
80:95:aa:e3:42:4a:59:66:61:57:ef:b8:93:25:90:
f8:6b:87:f6:01:55:38:f8:f2:bf:e8:8c:0a:f8:47:
8c:55:2d:0f:11:08:7f:ef:11:c5:7f:70:0a:ea:75:
40:20:a3:db:df:6a:e0:ab:f3:7c:49:e8:bd:23:bf:
fc:a8:d0:bd:04:81:1d:09:35:60:ce:cd:4e:58:1c:
83:fc:16:d5:33:30:2e:cc:4b:2d:30:41:9d:08:16:
05:f3:b3:c9:84:4a:72:85:0e:0c:11:9d:78:36:a0:
24:87:5f:ac:3c:e7:81:92:ae:36:bd:5f:ed:6a:16:
de:9a:a8:78:36:ef:77:b7:5d:1a:cf:50:3a:8a:bb:
d0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:06:36:19:AF:31:2C:A8:B7:AE:C7:69:3D:A4:C2:F6:3C:40:99:6F
X509v3 Authority Key Identifier:
keyid:20:8F:8B:F8:D0:12:A2:5C:CC:EE:21:06:80:3D:70:64:32:0E:D0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/II-L-NASolzM7iEGgD1wZDIO0PA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/cQY2Ga8xLKi3rsdpPaTC9jxAmW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/II-L-NASolzM7iEGgD1wZDIO0PA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.172.0/22
185.191.252.0/22
185.236.244.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:4c:ef:3b:b9:8c:c9:66:bd:91:ac:38:12:20:d3:fe:a5:bf:
c7:4c:20:05:ad:bd:ee:6f:04:41:1e:00:32:e5:4a:5e:d0:94:
40:f2:f8:59:c5:2e:81:52:a8:f8:a7:77:14:9c:a4:7d:6d:2c:
81:10:2e:37:a7:d9:fc:67:13:7f:fd:71:d0:14:4e:6e:d6:ff:
71:ce:bb:5e:a2:ee:59:b3:65:47:3a:b5:50:7c:2a:ef:83:73:
43:19:94:e5:67:74:b1:0e:29:54:c9:6a:42:ad:aa:7b:42:e2:
00:2a:44:91:83:5f:84:e4:b6:d9:70:fe:d4:ea:72:00:be:e9:
c6:71:5c:1b:23:f4:79:32:23:f3:1c:91:ba:28:68:eb:f0:67:
fb:66:45:05:5e:df:ac:1d:45:1d:79:db:17:a9:b7:b7:ca:0b:
0c:28:0a:83:d7:ad:a9:87:c2:f5:9e:e8:65:fa:43:5a:37:c8:
37:f1:c4:5b:c8:42:75:67:fa:2c:43:66:39:3b:63:45:b6:be:
4b:2a:23:de:25:21:78:45:ef:e8:e8:70:56:ba:f4:23:f2:76:
fd:25:1c:56:cb:db:04:08:54:44:39:58:f0:7b:73:1f:15:ff:
a8:46:81:0b:f4:9d:a8:b5:40:f1:08:b4:79:db:5b:bf:5f:16:
31:5c:0d:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPPB8OF/At5Bxd02V/i3ETwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOGY4YmY4ZDAxMmEyNWNjY2VlMjEwNjgwM2Q3MDY0MzIw
ZWQwZjAwHhcNMjQxMjE2MTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA2MzYxOWFmMzEyY2E4YjdhZWM3NjkzZGE0YzJmNjNjNDA5OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN1161ZS6s42sbKVFxS7Bm+Niw15
3pfGabXh6uR8uClRAb5sGZjXrBn8OX66jqFw3K1tGDnLKVlCunlikyzNoWNfnJXV
aIrsnK2i1zvH0cJy1Z6A0DCO+7s01izsyV4MfBtMN7pvRkS4A4wWj/qpt/4L2blh
koOAlarjQkpZZmFX77iTJZD4a4f2AVU4+PK/6IwK+EeMVS0PEQh/7xHFf3AK6nVA
IKPb32rgq/N8Sei9I7/8qNC9BIEdCTVgzs1OWByD/BbVMzAuzEstMEGdCBYF87PJ
hEpyhQ4MEZ14NqAkh1+sPOeBkq42vV/tahbemqh4Nu93t10az1A6irvQQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHEGNhmvMSyot67HaT2kwvY8QJlvMB8GA1UdIwQY
MBaAFCCPi/jQEqJczO4hBoA9cGQyDtDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUktTC1OQVNvbHpNN2lFR2dEMXdaRElPMFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wZWY1OGEtNTY2Zi00OGJjLWI3ZGEt
ODA1NWVjMTBmZjBhLzEvY1FZMkdhOHhMS2kzcnNkcFBhVEM5anhBbVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wZWY1OGEtNTY2Zi00OGJjLWI3ZGEtODA1NWVjMTBmZjBh
LzEvSUktTC1OQVNvbHpNN2lFR2dEMXdaRElPMFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCubisAwQC
ub/8AwQCuez0MA0GCSqGSIb3DQEBCwUAA4IBAQBNTO87uYzJZr2RrDgSINP+pb/H
TCAFrb3ubwRBHgAy5Upe0JRA8vhZxS6BUqj4p3cUnKR9bSyBEC43p9n8ZxN//XHQ
FE5u1v9xzrteou5Zs2VHOrVQfCrvg3NDGZTlZ3SxDilUyWpCrap7QuIAKkSRg1+E
5LbZcP7U6nIAvunGcVwbI/R5MiPzHJG6KGjr8Gf7ZkUFXt+sHUUdedsXqbe3ygsM
KAqD162ph8L1nuhl+kNaN8g38cRbyEJ1Z/osQ2Y5O2NFtr5LKiPeJSF4Re/o6HBW
uvQj8nb9JRxWy9sECFREOVjwe3MfFf+oRoEL9J2otUDxCLR521u/XxYxXA3/
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:30 2024 by rpki-client on console.sobornost.net