Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/nD3QcLao_jKCJisGcGdJYnQt1wQ.roa
File: nD3QcLao_jKCJisGcGdJYnQt1wQ.roa (raw, json)
Hash identifier: mJ++Fzrpu7GSEkgAaOpsUrCuSctj44gGH9N+CBFG6T8=
Subject key identifier: 9C:3D:D0:70:B6:A8:FE:32:82:26:2B:06:70:67:49:62:74:2D:D7:04
Certificate issuer: /CN=0497cd8ed86fc8346dd93c9204f76bc3b92a4cfe
Certificate serial: 0183600E10CB11AF70F8CFA9B02A022547E7
Authority key identifier: 04:97:CD:8E:D8:6F:C8:34:6D:D9:3C:92:04:F7:6B:C3:B9:2A:4C:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BJfNjthvyDRt2TySBPdrw7kqTP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/nD3QcLao_jKCJisGcGdJYnQt1wQ.roa
Signing time: Wed 21 Sep 2022 12:37:58 +0000
ROA not before: Wed 21 Sep 2022 12:37:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.4.33.0/24 maxlen: 24
185.4.32.0/22 maxlen: 24
185.4.32.0/24 maxlen: 24
185.4.35.0/24 maxlen: 24
185.4.34.0/24 maxlen: 24
185.239.160.0/22 maxlen: 24
2a02:5fc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:0e:10:cb:11:af:70:f8:cf:a9:b0:2a:02:25:47:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0497cd8ed86fc8346dd93c9204f76bc3b92a4cfe
Validity
Not Before: Sep 21 12:37:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c3dd070b6a8fe3282262b0670674962742dd704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:33:03:53:06:8a:66:24:21:ab:19:95:9f:
24:4b:86:3d:1e:41:7e:2d:7e:89:25:a5:b3:6d:08:
a8:4f:47:d5:62:cf:ac:72:ea:10:3d:21:76:a5:01:
b2:93:07:94:8b:d3:24:86:1e:aa:76:6d:3b:4a:7b:
38:ac:c1:83:50:cc:3f:8d:90:2d:14:b9:ea:1c:61:
0b:d8:76:4a:a4:2a:be:29:e9:6e:d1:74:9d:c8:da:
28:37:c6:b4:6a:d6:1d:ed:4a:85:d6:e9:64:31:8b:
b4:a1:f0:2a:a6:5f:21:94:20:d2:60:78:4c:02:67:
37:98:08:13:cf:31:39:f0:71:23:ab:95:22:6e:26:
71:c3:8a:81:0f:3f:cc:d5:0b:d5:71:f7:fb:8a:14:
ea:bd:f8:26:ad:24:56:98:27:5b:c7:15:59:f9:b7:
54:2e:01:5a:cf:c9:25:ea:3f:03:cc:49:c7:06:7e:
38:23:14:fb:11:f3:00:e0:5a:35:12:34:70:7f:a3:
5b:4b:c3:cc:05:0f:9d:7a:d9:a0:90:15:7d:1a:12:
de:07:12:8b:32:c0:b7:ed:f2:89:54:49:3e:f1:6a:
93:00:47:a1:79:29:6f:b2:a2:5f:8b:5c:ab:d5:71:
8e:bb:aa:8f:71:29:c4:2e:3f:62:ee:6b:05:d6:21:
ac:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3D:D0:70:B6:A8:FE:32:82:26:2B:06:70:67:49:62:74:2D:D7:04
X509v3 Authority Key Identifier:
keyid:04:97:CD:8E:D8:6F:C8:34:6D:D9:3C:92:04:F7:6B:C3:B9:2A:4C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BJfNjthvyDRt2TySBPdrw7kqTP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/nD3QcLao_jKCJisGcGdJYnQt1wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/cb7e34-46a3-4e82-9318-3c66266dc3b0/1/BJfNjthvyDRt2TySBPdrw7kqTP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.32.0/22
185.239.160.0/22
IPv6:
2a02:5fc0::/48
Signature Algorithm: sha256WithRSAEncryption
6a:81:40:bb:64:61:be:cb:2a:c1:56:ef:9b:56:74:56:36:7c:
b5:9c:27:2d:d7:ad:43:85:b3:cc:eb:81:95:fa:5c:08:3c:c8:
eb:fa:80:ee:8a:77:d7:b6:7a:5a:b7:ed:81:47:8c:f0:a9:02:
b7:10:0c:bb:05:74:8b:4a:45:ee:8d:fd:6c:21:52:73:3b:a0:
4b:fc:06:4c:2e:7f:72:03:55:0d:9e:ef:bc:33:f3:bd:3f:d9:
45:a8:40:13:b4:d5:93:f6:47:c3:ae:49:07:15:cb:16:0b:40:
16:44:ec:8e:17:62:f9:b7:a5:c5:61:2c:f1:fd:64:ec:b2:ac:
9e:0f:72:22:59:f8:60:c9:8a:61:82:1b:5d:93:ba:c3:d0:5e:
d1:e4:53:3d:c3:92:6b:ad:46:3d:d2:d0:19:c2:0a:96:3d:e3:
a5:20:9f:0b:7b:d8:88:f5:13:41:d6:e6:0b:57:3a:12:dd:11:
f2:d6:b3:ef:23:33:d4:5b:60:23:3c:10:ad:18:dc:f9:33:dd:
66:a8:82:66:b1:0f:91:fb:a2:8b:74:8d:50:b5:c5:e3:ac:d7:
62:86:f6:fc:c7:cc:1e:9f:a2:f1:07:04:b6:a4:b7:fc:ec:1e:
05:71:4c:a2:0b:92:9b:2c:da:ef:7a:93:fd:3c:a7:87:fd:49:
ac:70:77:25
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYNgDhDLEa9w+M+psCoCJUfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OTdjZDhlZDg2ZmM4MzQ2ZGQ5M2M5MjA0Zjc2YmMzYjky
YTRjZmUwHhcNMjIwOTIxMTIzNzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNkZDA3MGI2YThmZTMyODIyNjJiMDY3MDY3NDk2Mjc0MmRkNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE0zA1MGimYkIasZlZ8kS4Y9HkF+
LX6JJaWzbQioT0fVYs+scuoQPSF2pQGykweUi9Mkhh6qdm07Sns4rMGDUMw/jZAt
FLnqHGEL2HZKpCq+Kelu0XSdyNooN8a0atYd7UqF1ulkMYu0ofAqpl8hlCDSYHhM
Amc3mAgTzzE58HEjq5UibiZxw4qBDz/M1QvVcff7ihTqvfgmrSRWmCdbxxVZ+bdU
LgFaz8kl6j8DzEnHBn44IxT7EfMA4Fo1EjRwf6NbS8PMBQ+detmgkBV9GhLeBxKL
MsC37fKJVEk+8WqTAEeheSlvsqJfi1yr1XGOu6qPcSnELj9i7msF1iGsrwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJw90HC2qP4ygiYrBnBnSWJ0LdcEMB8GA1UdIwQY
MBaAFASXzY7Yb8g0bdk8kgT3a8O5Kkz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkpmTmp0aHZ5RFJ0MlR5U0JQZHJ3N2txVFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9jYjdlMzQtNDZhMy00ZTgyLTkzMTgt
M2M2NjI2NmRjM2IwLzEvbkQzUWNMYW9faktDSmlzR2NHZEpZblF0MXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9jYjdlMzQtNDZhMy00ZTgyLTkzMTgtM2M2NjI2NmRjM2Iw
LzEvQkpmTmp0aHZ5RFJ0MlR5U0JQZHJ3N2txVFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuQQgAwQC
ue+gMA8EAgACMAkDBwAqAl/AAAAwDQYJKoZIhvcNAQELBQADggEBAGqBQLtkYb7L
KsFW75tWdFY2fLWcJy3XrUOFs8zrgZX6XAg8yOv6gO6Kd9e2elq37YFHjPCpArcQ
DLsFdItKRe6N/WwhUnM7oEv8Bkwuf3IDVQ2e77wz870/2UWoQBO01ZP2R8OuSQcV
yxYLQBZE7I4XYvm3pcVhLPH9ZOyyrJ4PciJZ+GDJimGCG12TusPQXtHkUz3Dkmut
Rj3S0BnCCpY946Ugnwt72Ij1E0HW5gtXOhLdEfLWs+8jM9RbYCM8EK0Y3Pkz3Wao
gmaxD5H7oot0jVC1xeOs12KG9vzHzB6fovEHBLakt/zsHgVxTKILkpss2u96k/08
p4f9SaxwdyU=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:19 2023 by rpki-client on console.sobornost.net