Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/nX4LwhiDfzitZ2LqJmB1zUU2GHI.roa
File: nX4LwhiDfzitZ2LqJmB1zUU2GHI.roa (raw, json)
Hash identifier: ShCZHzfgjJDa0SEalao0Wh4/BlLA/ciZobArezKY6Fc=
Subject key identifier: 9D:7E:0B:C2:18:83:7F:38:AD:67:62:EA:26:60:75:CD:45:36:18:72
Certificate issuer: /CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Certificate serial: 018BF62A7D68619A2021DCA4EB5E80C37896
Authority key identifier: 3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/nX4LwhiDfzitZ2LqJmB1zUU2GHI.roa
Signing time: Wed 22 Nov 2023 08:34:21 +0000
ROA not before: Wed 22 Nov 2023 08:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 185.10.112.0/22 maxlen: 24
178.20.144.0/21 maxlen: 24
88.85.224.0/19 maxlen: 24
62.204.48.0/24 maxlen: 24
46.235.88.0/21 maxlen: 24
212.12.160.0/19 maxlen: 24
176.241.184.0/21 maxlen: 24
2a00:1560::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:2a:7d:68:61:9a:20:21:dc:a4:eb:5e:80:c3:78:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Validity
Not Before: Nov 22 08:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d7e0bc218837f38ad6762ea266075cd45361872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d8:74:ae:0f:f5:d8:36:40:9a:97:29:bb:78:
8a:ba:8c:58:0a:16:69:2b:cf:5a:e1:8a:a4:5b:13:
45:18:3d:51:5c:07:f4:ed:a3:95:d0:df:0b:b1:57:
c7:3f:de:f1:67:a3:10:ff:11:b7:8f:8f:7f:90:6a:
48:8d:c1:b2:e7:8e:c8:b1:d4:21:9b:91:cd:06:b1:
fc:20:28:cc:57:24:ea:7c:cd:11:b6:01:25:60:4b:
17:47:d6:f4:57:0a:38:5a:85:f5:a8:4b:ce:9e:b7:
3b:7e:10:3e:64:60:7b:ab:34:b1:0a:d1:4d:2c:f6:
2c:fe:50:92:34:10:0a:94:19:56:47:3b:95:21:de:
b9:76:6a:63:1d:d8:bc:ff:e3:45:47:8f:72:df:3a:
e2:30:1d:55:bc:44:fc:9c:cc:06:00:00:1e:3f:17:
37:3b:51:57:97:99:f0:0d:d8:e5:2f:7d:6c:a0:e3:
af:9d:9f:4f:14:af:da:11:2b:d8:b5:de:1d:f8:9a:
f4:99:0f:81:e6:45:7b:c9:e7:a5:1d:ae:33:6b:3f:
98:67:bd:27:f7:7e:9f:96:59:c5:39:0e:d6:17:05:
33:2d:52:66:26:93:90:59:29:35:d7:45:04:8f:61:
93:93:04:d3:e2:f8:11:c7:65:9b:e9:32:0e:46:03:
6e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7E:0B:C2:18:83:7F:38:AD:67:62:EA:26:60:75:CD:45:36:18:72
X509v3 Authority Key Identifier:
keyid:3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/nX4LwhiDfzitZ2LqJmB1zUU2GHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/OxFYOsoegFn9MeJn6DAtDC_gCNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
88.85.224.0/19
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
212.12.160.0/19
IPv6:
2a00:1560::/32
Signature Algorithm: sha256WithRSAEncryption
6e:f0:2e:64:75:09:3d:71:f7:d0:4f:dd:d8:b6:70:9c:5c:11:
35:53:e7:56:b1:7e:1a:da:dd:fe:a1:b7:31:d9:20:6e:21:b1:
35:47:9b:78:16:0b:54:09:49:4a:b9:4c:ea:d1:df:1a:da:2f:
5d:b2:c4:c3:77:1a:6c:fa:e5:cd:07:a0:e7:85:19:ee:e9:13:
a3:00:36:b3:52:e7:f4:aa:d1:be:9c:6b:35:34:2e:19:be:00:
8f:55:e2:5c:62:ab:09:d6:ef:e6:61:8d:c6:73:2d:09:f2:c0:
a1:e8:97:c9:07:46:6b:7e:c6:21:fe:ef:22:3d:b5:42:9d:5c:
7e:49:dc:3d:eb:84:26:2d:ed:36:b0:a5:40:a7:c3:70:fa:37:
12:50:4d:4e:65:9a:f6:84:86:07:96:76:48:df:57:0c:b5:9a:
e4:36:c9:50:d7:1c:2f:19:9c:48:e7:9e:fe:7a:82:68:06:89:
ed:17:d8:30:fc:2e:cd:a5:0c:46:95:52:2a:6d:ba:8e:b3:bf:
74:b1:06:9a:2a:cf:bd:10:33:3e:46:50:12:45:7b:01:9c:69:
c3:d1:2b:70:29:fa:0a:96:33:26:9c:83:3e:09:16:3a:94:12:
2d:db:8c:d8:4a:71:99:2d:a8:ab:55:eb:e8:ef:54:3b:2b:d2:
fd:95:d0:f1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYv2Kn1oYZogIdyk616Aw3iWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTE1ODNhY2ExZTgwNTlmZDMxZTI2N2U4MzAyZDBjMmZl
MDA4ZDYwHhcNMjMxMTIyMDgzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdlMGJjMjE4ODM3ZjM4YWQ2NzYyZWEyNjYwNzVjZDQ1MzYxODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9h0rg/12DZAmpcpu3iKuoxYChZp
K89a4YqkWxNFGD1RXAf07aOV0N8LsVfHP97xZ6MQ/xG3j49/kGpIjcGy547IsdQh
m5HNBrH8ICjMVyTqfM0RtgElYEsXR9b0Vwo4WoX1qEvOnrc7fhA+ZGB7qzSxCtFN
LPYs/lCSNBAKlBlWRzuVId65dmpjHdi8/+NFR49y3zriMB1VvET8nMwGAAAePxc3
O1FXl5nwDdjlL31soOOvnZ9PFK/aESvYtd4d+Jr0mQ+B5kV7yeelHa4zaz+YZ70n
936fllnFOQ7WFwUzLVJmJpOQWSk110UEj2GTkwTT4vgRx2Wb6TIORgNuZQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJ1+C8IYg384rWdi6iZgdc1FNhhyMB8GA1UdIwQY
MBaAFDsRWDrKHoBZ/THiZ+gwLQwv4AjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEt
ZGNlMGQwYWU2NzAzLzEvblg0THdoaURmeml0WjJMcUptQjF6VVUyR0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEtZGNlMGQwYWU2NzAz
LzEvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLutYAwQA
PswwAwQFWFXgAwQDsPG4AwQDshSQAwQCuQpwAwQF1AygMA0EAgACMAcDBQAqABVg
MA0GCSqGSIb3DQEBCwUAA4IBAQBu8C5kdQk9cffQT93YtnCcXBE1U+dWsX4a2t3+
obcx2SBuIbE1R5t4FgtUCUlKuUzq0d8a2i9dssTDdxps+uXNB6DnhRnu6ROjADaz
Uuf0qtG+nGs1NC4ZvgCPVeJcYqsJ1u/mYY3Gcy0J8sCh6JfJB0ZrfsYh/u8iPbVC
nVx+Sdw964QmLe02sKVAp8Nw+jcSUE1OZZr2hIYHlnZI31cMtZrkNslQ1xwvGZxI
557+eoJoBontF9gw/C7NpQxGlVIqbbqOs790sQaaKs+9EDM+RlASRXsBnGnD0Stw
KfoKljMmnIM+CRY6lBIt24zYSnGZLairVevo71Q7K9L9ldDx
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:36 2023 by rpki-client on console.sobornost.net