Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ddc9a1-5892-44d1-b490-267da91fbff8/1/avSpiYR_KHFXPXxvpvzWvBW-GBc.roa
File: avSpiYR_KHFXPXxvpvzWvBW-GBc.roa (raw, json)
Hash identifier: zH2RTs47ZDTk9wEXuhIyE/up4Z2O45fmhimiVp1t+Jc=
Subject key identifier: 6A:F4:A9:89:84:7F:28:71:57:3D:7C:6F:A6:FC:D6:BC:15:BE:18:17
Certificate issuer: /CN=c30aef396394ea5950dc7956ab1bf491364622a4
Certificate serial: 018CC56E3E1DA247F98689265E9362DB8A31
Authority key identifier: C3:0A:EF:39:63:94:EA:59:50:DC:79:56:AB:1B:F4:91:36:46:22:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wwrvOWOU6llQ3HlWqxv0kTZGIqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ddc9a1-5892-44d1-b490-267da91fbff8/1/avSpiYR_KHFXPXxvpvzWvBW-GBc.roa
Signing time: Mon 01 Jan 2024 14:29:45 +0000
ROA not before: Mon 01 Jan 2024 14:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12496
IP address blocks: 93.89.128.0/20 maxlen: 20
91.135.0.0/20 maxlen: 20
217.144.80.0/20 maxlen: 20
212.69.32.0/19 maxlen: 19
2a02:390::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3e:1d:a2:47:f9:86:89:26:5e:93:62:db:8a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c30aef396394ea5950dc7956ab1bf491364622a4
Validity
Not Before: Jan 1 14:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6af4a989847f2871573d7c6fa6fcd6bc15be1817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:dc:a1:b7:52:f7:2e:2b:5e:de:fd:c1:dc:0d:
28:8a:5f:b9:6d:d4:a3:a5:e5:86:a6:18:e0:f3:a4:
d1:94:d9:70:a3:45:e1:76:b8:3b:a6:4c:aa:d8:f0:
2a:19:39:7b:54:7c:ff:f2:e5:b4:ee:c4:16:12:a1:
a5:dc:a4:f8:9b:8f:7b:c7:c0:47:89:0f:db:b2:ce:
2b:fe:28:a4:0d:a0:69:a9:c0:97:50:ac:7e:69:c9:
e1:6b:18:a3:6e:4c:36:60:02:98:ce:8e:d5:4f:f5:
64:02:2b:b8:1a:09:e2:90:54:a0:6d:3a:62:a8:f3:
c0:e6:a9:39:23:b4:72:92:6c:4d:13:4d:8d:d3:b2:
99:b1:e2:49:3b:20:9a:f7:82:62:57:f3:06:44:19:
3f:ca:ef:23:f8:00:7b:37:f5:5d:db:85:00:e1:76:
f8:c5:07:cb:e8:43:c4:3a:48:15:99:51:9e:d4:aa:
1f:bb:e6:06:f0:28:1e:80:0a:18:36:95:84:05:a2:
fc:c6:df:15:f9:22:96:1f:51:6f:39:83:9b:a2:86:
e8:4a:1d:d2:4a:c2:c0:c0:2f:9a:9b:cd:64:20:70:
ee:06:11:e1:88:2c:6e:c5:ff:7c:56:55:d9:4a:34:
3a:cb:14:55:24:0d:1f:70:5d:3d:4a:58:36:d8:08:
a6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F4:A9:89:84:7F:28:71:57:3D:7C:6F:A6:FC:D6:BC:15:BE:18:17
X509v3 Authority Key Identifier:
keyid:C3:0A:EF:39:63:94:EA:59:50:DC:79:56:AB:1B:F4:91:36:46:22:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wwrvOWOU6llQ3HlWqxv0kTZGIqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ddc9a1-5892-44d1-b490-267da91fbff8/1/avSpiYR_KHFXPXxvpvzWvBW-GBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ddc9a1-5892-44d1-b490-267da91fbff8/1/wwrvOWOU6llQ3HlWqxv0kTZGIqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.0.0/20
93.89.128.0/20
212.69.32.0/19
217.144.80.0/20
IPv6:
2a02:390::/32
Signature Algorithm: sha256WithRSAEncryption
5a:22:5a:e6:d3:10:b2:25:04:dc:6b:6f:79:73:e7:10:7f:27:
87:68:fe:49:c4:95:22:67:0d:fb:74:d4:71:8e:f2:22:17:b2:
27:f5:3f:e1:9c:c3:a5:6d:22:f2:f5:85:67:4c:dc:7d:bf:3c:
c4:9b:14:03:09:aa:7b:67:ea:dd:98:89:98:d4:5e:2d:7f:e2:
e5:10:8d:37:8c:91:0f:e0:a8:e0:5d:9c:f7:31:46:8c:b5:14:
fd:c5:85:77:73:d1:e6:8a:26:cf:62:fa:ed:77:0b:2f:37:c8:
f7:a5:e4:52:dc:a7:91:05:6f:e7:36:de:86:c2:86:ab:9f:ef:
ca:9b:79:0d:52:ff:09:7c:5b:12:a2:43:5b:47:0d:58:86:01:
7d:ec:cc:53:27:38:fd:b9:1b:bc:c0:95:4a:43:12:fe:6c:65:
3a:b1:4a:6e:00:e3:a2:dd:74:78:c9:6b:ed:18:09:79:9a:2d:
0b:f7:92:94:d2:65:b9:eb:d7:65:79:5e:8f:c4:77:02:04:f9:
37:66:e6:09:9f:83:2f:3c:54:16:77:8b:6b:29:0b:a8:aa:33:
36:ef:3d:c4:db:e0:47:ff:5b:7a:eb:70:ba:e9:a9:a3:82:0c:
f1:6c:a2:f0:6c:a1:ed:57:2a:24:d8:78:45:dd:8a:94:2a:4e:
32:31:11:c6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbj4dokf5hokmXpNi24oxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMGFlZjM5NjM5NGVhNTk1MGRjNzk1NmFiMWJmNDkxMzY0
NjIyYTQwHhcNMjQwMTAxMTQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY0YTk4OTg0N2YyODcxNTczZDdjNmZhNmZjZDZiYzE1YmUxODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdyht1L3Lite3v3B3A0oil+5bdSj
peWGphjg86TRlNlwo0Xhdrg7pkyq2PAqGTl7VHz/8uW07sQWEqGl3KT4m497x8BH
iQ/bss4r/iikDaBpqcCXUKx+acnhaxijbkw2YAKYzo7VT/VkAiu4GgnikFSgbTpi
qPPA5qk5I7RykmxNE02N07KZseJJOyCa94JiV/MGRBk/yu8j+AB7N/Vd24UA4Xb4
xQfL6EPEOkgVmVGe1Kofu+YG8CgegAoYNpWEBaL8xt8V+SKWH1FvOYObooboSh3S
SsLAwC+am81kIHDuBhHhiCxuxf98VlXZSjQ6yxRVJA0fcF09Slg22AimywIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGr0qYmEfyhxVz18b6b81rwVvhgXMB8GA1UdIwQY
MBaAFMMK7zljlOpZUNx5Vqsb9JE2RiKkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3dydk9XT1U2bGxRM0hsV3F4djBrVFpHSXFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZGM5YTEtNTg5Mi00NGQxLWI0OTAt
MjY3ZGE5MWZiZmY4LzEvYXZTcGlZUl9LSEZYUFh4dnB2eld2QlctR0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZGM5YTEtNTg5Mi00NGQxLWI0OTAtMjY3ZGE5MWZiZmY4
LzEvd3dydk9XT1U2bGxRM0hsV3F4djBrVFpHSXFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEW4cAAwQE
XVmAAwQF1EUgAwQE2ZBQMA0EAgACMAcDBQAqAgOQMA0GCSqGSIb3DQEBCwUAA4IB
AQBaIlrm0xCyJQTca295c+cQfyeHaP5JxJUiZw37dNRxjvIiF7In9T/hnMOlbSLy
9YVnTNx9vzzEmxQDCap7Z+rdmImY1F4tf+LlEI03jJEP4KjgXZz3MUaMtRT9xYV3
c9HmiibPYvrtdwsvN8j3peRS3KeRBW/nNt6Gwoarn+/Km3kNUv8JfFsSokNbRw1Y
hgF97MxTJzj9uRu8wJVKQxL+bGU6sUpuAOOi3XR4yWvtGAl5mi0L95KU0mW569dl
eV6PxHcCBPk3ZuYJn4MvPFQWd4trKQuoqjM27z3E2+BH/1t663C66amjggzxbKLw
bKHtVyok2HhF3YqUKk4yMRHG
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:54 2024 by rpki-client on console.sobornost.net