Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/3UHyx_liAspGN0B0m_j8BJDWaLI.roa
File: 3UHyx_liAspGN0B0m_j8BJDWaLI.roa (raw, json)
Hash identifier: JY4cQrY8JCdrtWv9298zWP81g3S3Kbp4kYbP7FMA2ow=
Subject key identifier: DD:41:F2:C7:F9:62:02:CA:46:37:40:74:9B:F8:FC:04:90:D6:68:B2
Certificate issuer: /CN=83876bfbb5ae8cfe116bb5f5f2864a116213aa4f
Certificate serial: 018CC801A4C4CB2BE1E91DABD4EBBE28A34D
Authority key identifier: 83:87:6B:FB:B5:AE:8C:FE:11:6B:B5:F5:F2:86:4A:11:62:13:AA:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g4dr-7WujP4Ra7X18oZKEWITqk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/3UHyx_liAspGN0B0m_j8BJDWaLI.roa
Signing time: Tue 02 Jan 2024 02:30:00 +0000
ROA not before: Tue 02 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207520
IP address blocks: 185.211.40.0/24 maxlen: 24
188.116.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a4:c4:cb:2b:e1:e9:1d:ab:d4:eb:be:28:a3:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83876bfbb5ae8cfe116bb5f5f2864a116213aa4f
Validity
Not Before: Jan 2 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd41f2c7f96202ca463740749bf8fc0490d668b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0d:35:8c:68:8a:a7:58:c8:d2:5b:91:f9:b7:
94:17:cc:09:b6:56:6e:85:23:e4:1e:5b:7b:0b:6b:
64:34:8e:c0:dc:e2:55:08:af:49:46:62:26:21:e9:
df:fe:ef:72:d8:fa:2d:77:d6:5d:b7:9f:ee:2d:68:
5f:b9:e4:7b:71:e4:92:d2:b9:39:b9:f3:fc:e8:32:
79:1d:f5:a7:b2:42:14:a7:aa:85:a3:7b:f9:38:a2:
f0:74:dc:34:8c:1d:98:ac:86:1c:dc:86:25:e0:7f:
49:69:72:a3:2a:12:66:92:c3:2f:30:3c:35:1a:a3:
fc:b8:d2:1d:df:3a:1c:0e:60:d2:bd:f3:3c:06:1e:
42:dd:68:79:b0:7e:0a:aa:a3:b1:b3:b2:93:7e:2f:
a5:e1:f0:50:cc:e9:2f:20:5f:31:d7:de:e2:33:16:
5f:7c:c9:90:56:8f:5a:e2:d2:32:32:28:c4:08:f3:
b6:cb:73:70:f3:84:a6:af:f3:19:b9:1b:0e:6d:62:
c8:5b:00:14:44:1f:70:dc:31:44:29:33:9b:65:8b:
f1:be:5f:da:d2:04:be:c6:23:d8:1a:4a:ea:af:08:
71:96:d6:51:5c:96:2d:95:14:77:e5:df:9d:f5:a5:
03:29:d2:04:cb:5a:91:63:af:45:4a:21:7d:ff:f2:
34:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:41:F2:C7:F9:62:02:CA:46:37:40:74:9B:F8:FC:04:90:D6:68:B2
X509v3 Authority Key Identifier:
keyid:83:87:6B:FB:B5:AE:8C:FE:11:6B:B5:F5:F2:86:4A:11:62:13:AA:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g4dr-7WujP4Ra7X18oZKEWITqk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/3UHyx_liAspGN0B0m_j8BJDWaLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/g4dr-7WujP4Ra7X18oZKEWITqk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.40.0/24
188.116.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:62:d7:81:5c:7d:d1:56:e4:74:51:56:96:cb:23:5a:bc:90:
9c:c7:2f:cc:ca:b8:96:dd:40:1e:70:8a:ec:a4:43:60:6e:dc:
96:64:9b:51:bc:fe:35:d5:f5:df:d8:d5:01:00:45:e6:aa:e5:
90:62:e1:6c:48:3c:7b:7e:ec:b8:5f:66:60:1a:af:6a:58:56:
f7:1c:24:09:51:2a:84:97:9b:ac:7c:c4:69:96:61:11:d2:45:
e8:27:1e:d7:70:bb:d9:76:b8:d8:58:56:4e:b4:fd:ac:d3:8d:
53:94:9d:98:b7:9f:13:04:f9:db:61:3f:25:46:45:43:fb:57:
ba:27:dd:ef:0a:07:e4:d5:42:ca:f4:e0:b6:d6:88:a3:19:05:
d1:3e:45:9e:95:30:1f:37:16:b7:1e:9f:01:40:e5:79:bb:29:
fd:30:1c:3b:2b:d4:b2:d3:0e:ae:20:06:0e:1f:c2:07:45:c8:
24:a0:79:bd:be:ad:94:5f:aa:1b:58:33:34:91:34:51:f4:db:
6d:c7:0b:2b:bf:27:e6:62:78:fb:dd:33:51:fd:ed:3a:0c:0a:
1c:d9:34:df:cd:89:b5:2f:4d:a1:a9:44:c0:19:58:87:ee:8d:
06:93:6c:76:1e:7c:68:fc:2d:b4:ad:c6:02:94:19:ba:79:0d:
6d:1e:f2:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAaTEyyvh6R2r1Ou+KKNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzODc2YmZiYjVhZThjZmUxMTZiYjVmNWYyODY0YTExNjIx
M2FhNGYwHhcNMjQwMTAyMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQxZjJjN2Y5NjIwMmNhNDYzNzQwNzQ5YmY4ZmMwNDkwZDY2OGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw01jGiKp1jI0luR+beUF8wJtlZu
hSPkHlt7C2tkNI7A3OJVCK9JRmImIenf/u9y2Potd9Zdt5/uLWhfueR7ceSS0rk5
ufP86DJ5HfWnskIUp6qFo3v5OKLwdNw0jB2YrIYc3IYl4H9JaXKjKhJmksMvMDw1
GqP8uNId3zocDmDSvfM8Bh5C3Wh5sH4KqqOxs7KTfi+l4fBQzOkvIF8x197iMxZf
fMmQVo9a4tIyMijECPO2y3Nw84Smr/MZuRsObWLIWwAURB9w3DFEKTObZYvxvl/a
0gS+xiPYGkrqrwhxltZRXJYtlRR35d+d9aUDKdIEy1qRY69FSiF9//I0NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN1B8sf5YgLKRjdAdJv4/ASQ1miyMB8GA1UdIwQY
MBaAFIOHa/u1roz+EWu19fKGShFiE6pPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzRkci03V3VqUDRSYTdYMThvWktFV0lUcWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80MmJkNWQtNGMzZS00M2Y0LWE4NTct
N2U3MDlhZjA1N2Q1LzEvM1VIeXhfbGlBc3BHTjBCMG1fajhCSkRXYUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80MmJkNWQtNGMzZS00M2Y0LWE4NTctN2U3MDlhZjA1N2Q1
LzEvZzRkci03V3VqUDRSYTdYMThvWktFV0lUcWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudMoAwQA
vHQpMA0GCSqGSIb3DQEBCwUAA4IBAQCeYteBXH3RVuR0UVaWyyNavJCcxy/MyriW
3UAecIrspENgbtyWZJtRvP411fXf2NUBAEXmquWQYuFsSDx7fuy4X2ZgGq9qWFb3
HCQJUSqEl5usfMRplmER0kXoJx7XcLvZdrjYWFZOtP2s041TlJ2Yt58TBPnbYT8l
RkVD+1e6J93vCgfk1ULK9OC21oijGQXRPkWelTAfNxa3Hp8BQOV5uyn9MBw7K9Sy
0w6uIAYOH8IHRcgkoHm9vq2UX6obWDM0kTRR9NttxwsrvyfmYnj73TNR/e06DAoc
2TTfzYm1L02hqUTAGViH7o0Gk2x2Hnxo/C20rcYClBm6eQ1tHvKQ
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:58 2024 by rpki-client on console.sobornost.net