Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/CO9gD-aghDBCq93ATfVV-XtYUxA.roa
File: CO9gD-aghDBCq93ATfVV-XtYUxA.roa (raw, json)
Hash identifier: kYqbTVVIWT2+LUZ3ojODs7apWud2JrEaAMDJKMf/8K4=
Subject key identifier: 08:EF:60:0F:E6:A0:84:30:42:AB:DD:C0:4D:F5:55:F9:7B:58:53:10
Certificate issuer: /CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Certificate serial: 019128FDC290F1E1EACC290B4C9A5ADA64E9
Authority key identifier: D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/CO9gD-aghDBCq93ATfVV-XtYUxA.roa
Signing time: Tue 06 Aug 2024 18:40:04 +0000
ROA not before: Tue 06 Aug 2024 18:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203448
IP address blocks: 185.134.172.0/22 maxlen: 24
2a0d:40c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:28:fd:c2:90:f1:e1:ea:cc:29:0b:4c:9a:5a:da:64:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d689cb71891c6d94bd9e6f14f16e7e37c2c728bf
Validity
Not Before: Aug 6 18:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08ef600fe6a0843042abddc04df555f97b585310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d8:df:0a:f5:95:09:5c:07:c8:2a:f8:66:0d:
13:7c:db:24:4a:4e:74:78:bf:1d:4f:3e:3d:d0:12:
14:0f:d0:d2:12:95:38:04:e5:74:31:e1:d6:b4:f5:
dc:84:97:d8:24:6d:ee:18:e7:00:6d:8d:4a:02:5c:
7e:52:a8:14:2e:2f:b5:b2:b7:73:2b:6e:bd:49:51:
fd:5a:51:e1:45:cf:e3:7c:55:91:9f:2c:7b:1b:58:
6a:c4:30:87:69:a5:d2:7c:4e:c0:03:79:f9:ba:57:
10:fc:fc:bc:7c:d1:ef:9f:d3:98:8b:cc:b4:b3:62:
05:6f:93:f3:c1:9e:13:c3:9c:a9:9d:6c:3d:de:7f:
06:81:da:01:de:cb:b7:b9:74:a1:a3:d4:f3:2b:8c:
50:41:13:72:fd:52:b9:2d:e5:a6:74:eb:e4:9c:a9:
5a:fe:d5:25:b7:cf:8e:da:dd:36:4c:21:2c:29:b9:
fe:1e:db:a5:9d:0e:e4:ed:4f:b9:66:c2:14:af:41:
65:c0:ed:21:76:b5:46:9a:a1:41:16:65:59:b4:f0:
89:9a:1d:fe:0f:48:18:a7:76:d9:0a:fd:9a:cf:d3:
44:38:1c:c0:ec:52:63:8e:46:7f:30:b4:3e:5c:5d:
33:7c:46:e4:4f:6d:da:94:0b:a2:a6:73:2e:00:51:
26:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EF:60:0F:E6:A0:84:30:42:AB:DD:C0:4D:F5:55:F9:7B:58:53:10
X509v3 Authority Key Identifier:
keyid:D6:89:CB:71:89:1C:6D:94:BD:9E:6F:14:F1:6E:7E:37:C2:C7:28:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1onLcYkcbZS9nm8U8W5-N8LHKL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/CO9gD-aghDBCq93ATfVV-XtYUxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0df28d-924d-4b4e-94b8-824ffc6942f4/1/1onLcYkcbZS9nm8U8W5-N8LHKL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.172.0/22
IPv6:
2a0d:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:ba:09:80:19:5a:37:28:a9:9f:1e:46:b7:cd:9b:28:c3:55:
bd:cf:75:fb:67:00:f6:a7:81:79:94:00:f3:3d:24:b1:81:b9:
7b:53:b0:5b:3b:a1:7a:b2:5d:ac:04:8e:27:3f:98:9c:0b:58:
9b:1f:47:9d:95:43:17:21:67:22:a3:06:a6:da:7d:10:5e:5c:
68:ea:0a:27:f9:02:39:ce:ad:f6:e8:03:62:62:4b:9e:3c:eb:
29:1a:e6:64:33:68:e5:cc:cd:cf:86:1c:cc:bc:d1:e7:ef:b1:
15:bd:b6:35:d1:85:c6:42:13:5d:bc:4d:e5:bc:57:55:f7:6d:
1f:8e:7c:9b:f3:6b:a4:e6:57:0b:d8:6d:1b:e4:17:4b:7e:3d:
97:06:72:12:62:eb:15:71:14:49:b8:f3:ad:da:46:e8:4b:5f:
55:68:07:97:19:ba:3b:b7:d9:44:ef:ac:9b:ae:08:23:5b:22:
49:d6:49:a9:7e:7f:23:be:c4:4d:e1:36:50:83:54:d9:09:1a:
8d:3a:c5:fd:b8:95:c1:20:48:f4:b8:57:14:52:e4:d8:86:ff:
f4:3f:15:31:ba:cc:42:d3:fe:d8:32:7b:15:94:2f:16:6a:e1:
b0:40:6f:5c:90:ea:f4:8b:ef:40:da:8b:10:51:ef:d9:f6:d0:
14:66:fb:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZEo/cKQ8eHqzCkLTJpa2mTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODljYjcxODkxYzZkOTRiZDllNmYxNGYxNmU3ZTM3YzJj
NzI4YmYwHhcNMjQwODA2MTg0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVmNjAwZmU2YTA4NDMwNDJhYmRkYzA0ZGY1NTVmOTdiNTg1MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtjfCvWVCVwHyCr4Zg0TfNskSk50
eL8dTz490BIUD9DSEpU4BOV0MeHWtPXchJfYJG3uGOcAbY1KAlx+UqgULi+1srdz
K269SVH9WlHhRc/jfFWRnyx7G1hqxDCHaaXSfE7AA3n5ulcQ/Py8fNHvn9OYi8y0
s2IFb5PzwZ4Tw5ypnWw93n8GgdoB3su3uXSho9TzK4xQQRNy/VK5LeWmdOvknKla
/tUlt8+O2t02TCEsKbn+HtulnQ7k7U+5ZsIUr0FlwO0hdrVGmqFBFmVZtPCJmh3+
D0gYp3bZCv2az9NEOBzA7FJjjkZ/MLQ+XF0zfEbkT23alAuipnMuAFEm7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjvYA/moIQwQqvdwE31Vfl7WFMQMB8GA1UdIwQY
MBaAFNaJy3GJHG2UvZ5vFPFufjfCxyi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0Yjgt
ODI0ZmZjNjk0MmY0LzEvQ085Z0QtYWdoREJDcTkzQVRmVlYtWHRZVXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wZGYyOGQtOTI0ZC00YjRlLTk0YjgtODI0ZmZjNjk0MmY0
LzEvMW9uTGNZa2NiWlM5bm04VThXNS1OOExIS0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYasMA0E
AgACMAcDBQAqDUDAMA0GCSqGSIb3DQEBCwUAA4IBAQAPugmAGVo3KKmfHka3zZso
w1W9z3X7ZwD2p4F5lADzPSSxgbl7U7BbO6F6sl2sBI4nP5icC1ibH0edlUMXIWci
owam2n0QXlxo6gon+QI5zq326ANiYkuePOspGuZkM2jlzM3PhhzMvNHn77EVvbY1
0YXGQhNdvE3lvFdV920fjnyb82uk5lcL2G0b5BdLfj2XBnISYusVcRRJuPOt2kbo
S19VaAeXGbo7t9lE76ybrggjWyJJ1kmpfn8jvsRN4TZQg1TZCRqNOsX9uJXBIEj0
uFcUUuTYhv/0PxUxusxC0/7YMnsVlC8WauGwQG9ckOr0i+9A2osQUe/Z9tAUZvsn
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:22:27 2024 by rpki-client on console.sobornost.net