Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/2doR9-MO4wK49WTGPaal1XZoyf0.roa
File: 2doR9-MO4wK49WTGPaal1XZoyf0.roa (raw, json)
Hash identifier: lqe5S4+/aIbdForHg0Yw9BcvQURwR/wQG1XTzYUxDbU=
Subject key identifier: D9:DA:11:F7:E3:0E:E3:02:B8:F5:64:C6:3D:A6:A5:D5:76:68:C9:FD
Certificate issuer: /CN=cd01cda0302b813eb145579ad81f5ed7d29c0209
Certificate serial: 018CC5DCD67A24A799D124B347400B16F0AB
Authority key identifier: CD:01:CD:A0:30:2B:81:3E:B1:45:57:9A:D8:1F:5E:D7:D2:9C:02:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQHNoDArgT6xRVea2B9e19KcAgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/2doR9-MO4wK49WTGPaal1XZoyf0.roa
Signing time: Mon 01 Jan 2024 16:30:33 +0000
ROA not before: Mon 01 Jan 2024 16:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57124
IP address blocks: 185.117.76.0/22 maxlen: 22
141.105.144.0/21 maxlen: 21
2a01:8980::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d6:7a:24:a7:99:d1:24:b3:47:40:0b:16:f0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd01cda0302b813eb145579ad81f5ed7d29c0209
Validity
Not Before: Jan 1 16:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9da11f7e30ee302b8f564c63da6a5d57668c9fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d2:00:96:cc:7a:7d:bd:87:eb:06:79:2a:4a:
1d:07:bd:48:6d:89:8c:54:e2:24:00:05:8e:68:e6:
0f:20:30:80:96:9b:fa:08:97:6a:39:29:c8:95:83:
ac:60:a5:9b:b2:40:97:ea:ab:21:7a:8e:0a:b7:e6:
b7:17:42:b5:95:50:7c:1f:1e:b3:96:3c:39:54:4e:
59:f7:a6:b6:01:62:1a:e7:4d:10:de:de:e4:bd:9c:
19:1e:9f:2c:39:a9:2e:59:a6:f4:f6:da:ae:5e:58:
4e:df:e3:4a:31:8e:40:45:10:14:8e:34:50:64:26:
0d:a1:6c:4b:ab:fc:0c:44:e4:5a:36:3b:d3:41:1c:
96:54:29:b9:e2:79:e3:be:56:43:44:ac:cb:82:ea:
b6:48:b2:8e:0d:c0:f2:c7:be:e4:1f:50:c5:b2:95:
2c:ca:5a:a3:38:70:9a:95:68:bb:c0:b5:25:97:97:
65:2c:25:86:66:d2:dd:99:8c:83:30:d5:a2:9d:3b:
80:c5:66:7d:c6:7b:1e:f5:51:ad:64:7c:5c:2d:32:
e9:39:56:e2:1a:94:35:54:90:91:62:3a:86:23:68:
49:79:47:8f:11:d4:3e:f9:89:4f:3e:47:3e:8c:ab:
98:7d:f7:f6:a7:b7:8c:0e:95:85:c4:f9:7a:62:ea:
7c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DA:11:F7:E3:0E:E3:02:B8:F5:64:C6:3D:A6:A5:D5:76:68:C9:FD
X509v3 Authority Key Identifier:
keyid:CD:01:CD:A0:30:2B:81:3E:B1:45:57:9A:D8:1F:5E:D7:D2:9C:02:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQHNoDArgT6xRVea2B9e19KcAgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/2doR9-MO4wK49WTGPaal1XZoyf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/zQHNoDArgT6xRVea2B9e19KcAgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.144.0/21
185.117.76.0/22
IPv6:
2a01:8980::/32
Signature Algorithm: sha256WithRSAEncryption
13:40:74:fe:ac:0b:92:25:ea:e4:1e:08:11:74:66:3d:af:de:
ac:9e:9c:3c:a3:87:b5:e6:33:46:14:e8:fd:59:d8:07:d7:37:
bb:06:ba:21:5a:8c:73:35:7b:23:f3:a1:9b:e3:ec:30:18:fa:
23:b9:fb:71:f5:50:f1:ac:d3:7d:cd:5f:f2:8e:40:f0:b8:fe:
a8:f3:f6:98:e4:78:5b:a9:bd:67:27:68:76:74:be:b9:0c:3e:
5a:a4:a5:48:aa:81:85:3d:6c:24:26:b4:cf:91:dc:03:16:90:
99:de:ef:af:7a:26:c8:e9:7e:49:85:1d:3e:76:c9:04:1d:a2:
5b:39:73:5a:90:b0:f7:6e:6f:0c:3b:e1:c0:15:cf:e5:d0:79:
ae:20:54:cf:ee:9f:bf:56:e3:a4:d0:a5:d8:bb:ed:a4:9d:ee:
c6:3e:f7:74:b4:f5:30:ea:89:24:08:52:38:ef:7f:9f:c8:c1:
60:df:1b:c9:99:86:27:2d:51:6f:8a:3d:e1:08:09:aa:74:0d:
b3:a9:20:d6:d6:86:01:14:56:1e:13:44:25:c8:a8:bd:95:b2:
8b:ef:09:f0:7c:2d:2a:da:b0:7f:8e:7d:5e:b4:e9:f9:42:8d:
e3:a3:98:5b:2d:0b:f4:07:84:65:bd:43:ff:90:f4:cb:3a:b0:
6a:92:a9:c8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3NZ6JKeZ0SSzR0ALFvCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDFjZGEwMzAyYjgxM2ViMTQ1NTc5YWQ4MWY1ZWQ3ZDI5
YzAyMDkwHhcNMjQwMTAxMTYzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRhMTFmN2UzMGVlMzAyYjhmNTY0YzYzZGE2YTVkNTc2NjhjOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNIAlsx6fb2H6wZ5KkodB71IbYmM
VOIkAAWOaOYPIDCAlpv6CJdqOSnIlYOsYKWbskCX6qsheo4Kt+a3F0K1lVB8Hx6z
ljw5VE5Z96a2AWIa500Q3t7kvZwZHp8sOakuWab09tquXlhO3+NKMY5ARRAUjjRQ
ZCYNoWxLq/wMRORaNjvTQRyWVCm54nnjvlZDRKzLguq2SLKODcDyx77kH1DFspUs
ylqjOHCalWi7wLUll5dlLCWGZtLdmYyDMNWinTuAxWZ9xnse9VGtZHxcLTLpOVbi
GpQ1VJCRYjqGI2hJeUePEdQ++YlPPkc+jKuYfff2p7eMDpWFxPl6Yup8gwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNnaEffjDuMCuPVkxj2mpdV2aMn9MB8GA1UdIwQY
MBaAFM0BzaAwK4E+sUVXmtgfXtfSnAIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFITm9EQXJnVDZ4UlZlYTJCOWUxOUtjQWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zZTM0ODMtMTg0NS00NDJkLWE1OWEt
ZGQ3MjU1MGQ3OGFjLzEvMmRvUjktTU80d0s0OVdUR1BhYWwxWFpveWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zZTM0ODMtMTg0NS00NDJkLWE1OWEtZGQ3MjU1MGQ3OGFj
LzEvelFITm9EQXJnVDZ4UlZlYTJCOWUxOUtjQWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDjWmQAwQC
uXVMMA0EAgACMAcDBQAqAYmAMA0GCSqGSIb3DQEBCwUAA4IBAQATQHT+rAuSJerk
HggRdGY9r96snpw8o4e15jNGFOj9WdgH1ze7BrohWoxzNXsj86Gb4+wwGPojuftx
9VDxrNN9zV/yjkDwuP6o8/aY5Hhbqb1nJ2h2dL65DD5apKVIqoGFPWwkJrTPkdwD
FpCZ3u+veibI6X5JhR0+dskEHaJbOXNakLD3bm8MO+HAFc/l0HmuIFTP7p+/VuOk
0KXYu+2kne7GPvd0tPUw6okkCFI473+fyMFg3xvJmYYnLVFvij3hCAmqdA2zqSDW
1oYBFFYeE0QlyKi9lbKL7wnwfC0q2rB/jn1etOn5Qo3jo5hbLQv0B4RlvUP/kPTL
OrBqkqnI
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:57 2024 by rpki-client on console.sobornost.net