Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/OZm9I35T8-bTS-3VpDcf57CWUo8.roa
File: OZm9I35T8-bTS-3VpDcf57CWUo8.roa (raw, json)
Hash identifier: VocyfAkBTN1bez+t1CaS3fbS5+OJZ50lknSUI6xs/k4=
Subject key identifier: 39:99:BD:23:7E:53:F3:E6:D3:4B:ED:D5:A4:37:1F:E7:B0:96:52:8F
Certificate issuer: /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial: 01857095043CF878BC72D399ED2991C45206
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/OZm9I35T8-bTS-3VpDcf57CWUo8.roa
Signing time: Mon 02 Jan 2023 03:44:52 +0000
ROA not before: Mon 02 Jan 2023 03:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213296
IP address blocks: 194.28.156.0/24 maxlen: 25
194.28.158.0/24 maxlen: 25
194.104.4.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
194.104.5.0/24 maxlen: 25
194.104.6.0/24 maxlen: 25
212.69.134.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:04:3c:f8:78:bc:72:d3:99:ed:29:91:c4:52:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Validity
Not Before: Jan 2 03:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3999bd237e53f3e6d34bedd5a4371fe7b096528f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2a:1b:05:c7:ca:35:c7:4c:5e:2d:bd:08:b5:
0b:55:ed:61:71:5a:51:e2:39:d1:69:1e:e6:2c:1c:
87:b6:a7:3e:8f:b5:ee:af:da:2a:89:d7:b0:a8:ca:
4c:d9:b4:6f:7a:90:bb:e7:ab:bc:d1:74:f4:40:d9:
64:f3:1a:5c:e0:7f:41:04:92:db:20:30:99:53:3b:
06:44:ec:a0:49:bc:e0:cf:49:49:bd:8f:c8:7e:af:
53:16:10:ab:3a:15:7d:e9:d5:22:05:45:95:c0:d1:
de:8b:14:10:62:8b:1f:77:de:4c:a3:bd:f4:33:dc:
fc:11:1c:63:87:75:4b:a7:b0:71:e6:24:ec:cf:96:
12:92:bd:1f:5c:33:6e:a6:0d:87:2c:80:25:ca:7a:
33:af:08:17:40:09:b8:99:e4:c8:d0:25:e9:58:42:
8a:29:64:91:b3:41:d2:32:54:2e:98:17:f4:06:19:
46:f9:ab:bf:5e:8b:94:b8:c3:62:ff:9d:8f:09:7b:
4f:5e:06:82:e5:bd:e6:d5:e6:d6:85:1f:1d:ba:f0:
93:cb:69:3f:8c:8e:bd:2d:79:b3:1e:ea:27:ac:4b:
4b:30:b2:22:88:b7:3b:3f:6a:55:e7:39:5e:48:62:
fc:4b:87:1c:3a:04:0a:2a:9a:aa:63:0d:13:f4:db:
b4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:99:BD:23:7E:53:F3:E6:D3:4B:ED:D5:A4:37:1F:E7:B0:96:52:8F
X509v3 Authority Key Identifier:
keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/OZm9I35T8-bTS-3VpDcf57CWUo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
4b:ee:ad:d5:40:75:be:48:6b:8a:43:fb:cc:e5:09:93:9d:fb:
3b:9b:11:95:c6:6e:1e:fc:ee:cf:63:85:41:eb:7a:60:df:40:
a5:b8:e6:49:75:86:ed:1d:e8:d8:ba:13:fb:22:ac:3b:99:5f:
cf:54:c7:a4:13:de:72:52:30:68:e7:fa:8d:8f:e4:e4:53:40:
93:c6:4a:ae:de:2d:6f:93:a6:e3:12:23:2c:e5:2b:a6:92:c3:
db:3c:f4:fc:34:ff:c2:59:34:fd:5b:03:74:48:f1:f6:6b:e5:
0a:12:db:c7:fa:ce:bf:1e:ef:38:21:6a:ec:80:72:9e:af:2f:
6e:40:a2:77:bb:45:ba:29:50:7f:6c:9f:22:9f:24:76:70:28:
e0:ac:07:3c:d7:fe:32:ee:7f:f6:b7:7b:96:68:0e:7f:40:f9:
5e:cb:f4:29:11:a0:29:8e:9d:42:dc:46:78:09:02:4b:e0:fe:
cb:3e:a5:db:bb:99:c3:17:d0:a3:23:8b:cd:6e:f0:81:f3:28:
3b:3d:19:94:65:ea:74:91:b5:93:b0:0e:ea:76:1d:0c:5f:88:
28:de:25:fb:46:25:ae:5c:99:16:c7:87:28:e2:0b:71:c3:01:
8c:cd:81:b4:4a:50:2a:7d:cf:64:ef:72:65:47:da:fd:ff:2c:
54:16:6b:c3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwlQQ8+Hi8ctOZ7SmRxFIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiN2QyYzlhZDM2ZDlmODgxZmE4MWZkNDc1Mzg3ZmI4NzBi
NWI0ZmIwHhcNMjMwMTAyMDM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTk5YmQyMzdlNTNmM2U2ZDM0YmVkZDVhNDM3MWZlN2IwOTY1MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCobBcfKNcdMXi29CLULVe1hcVpR
4jnRaR7mLByHtqc+j7Xur9oqidewqMpM2bRvepC756u80XT0QNlk8xpc4H9BBJLb
IDCZUzsGROygSbzgz0lJvY/Ifq9TFhCrOhV96dUiBUWVwNHeixQQYosfd95Mo730
M9z8ERxjh3VLp7Bx5iTsz5YSkr0fXDNupg2HLIAlynozrwgXQAm4meTI0CXpWEKK
KWSRs0HSMlQumBf0BhlG+au/XouUuMNi/52PCXtPXgaC5b3m1ebWhR8duvCTy2k/
jI69LXmzHuonrEtLMLIiiLc7P2pV5zleSGL8S4ccOgQKKpqqYw0T9Nu0jQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDmZvSN+U/Pm00vt1aQ3H+ewllKPMB8GA1UdIwQY
MBaAFEt9LJrTbZ+IH6gf1HU4f7hwtbT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYt
ZjcxYzQzZGFhNTliLzEvT1ptOUkzNVQ4LWJUUy0zVnBEY2Y1N0NXVW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYtZjcxYzQzZGFhNTli
LzEvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEAS+6t1UB1vkhrikP7zOUJk537O5sRlcZuHvzuz2OFQet6YN9ApbjmSXWG7R3o
2LoT+yKsO5lfz1THpBPeclIwaOf6jY/k5FNAk8ZKrt4tb5Om4xIjLOUrppLD2zz0
/DT/wlk0/VsDdEjx9mvlChLbx/rOvx7vOCFq7IBynq8vbkCid7tFuilQf2yfIp8k
dnAo4KwHPNf+Mu5/9rd7lmgOf0D5Xsv0KRGgKY6dQtxGeAkCS+D+yz6l27uZwxfQ
oyOLzW7wgfMoOz0ZlGXqdJG1k7AO6nYdDF+IKN4l+0YlrlyZFseHKOILccMBjM2B
tEpQKn3PZO9yZUfa/f8sVBZrww==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:41 2023 by rpki-client on console.sobornost.net