Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/xaGg0XHQiaq-jS1Q23zgSri4bp0.roa
File: xaGg0XHQiaq-jS1Q23zgSri4bp0.roa (raw, json)
Hash identifier: m/YSNi3nOlLGYJHyn38ygs1l8OJnt4w3LNGkvyubCU4=
Subject key identifier: C5:A1:A0:D1:71:D0:89:AA:BE:8D:2D:50:DB:7C:E0:4A:B8:B8:6E:9D
Certificate issuer: /CN=769dc32be17d9e4decd4fb7beee275e5783ea891
Certificate serial: 018FE3DA4C877C7450D6669BBFE72208126F
Authority key identifier: 76:9D:C3:2B:E1:7D:9E:4D:EC:D4:FB:7B:EE:E2:75:E5:78:3E:A8:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dp3DK-F9nk3s1Pt77uJ15Xg-qJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/xaGg0XHQiaq-jS1Q23zgSri4bp0.roa
Signing time: Tue 04 Jun 2024 15:24:45 +0000
ROA not before: Tue 04 Jun 2024 15:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205457
IP address blocks: 185.216.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:da:4c:87:7c:74:50:d6:66:9b:bf:e7:22:08:12:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=769dc32be17d9e4decd4fb7beee275e5783ea891
Validity
Not Before: Jun 4 15:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5a1a0d171d089aabe8d2d50db7ce04ab8b86e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:44:4e:10:83:30:b4:67:ae:76:bb:da:f3:dd:
ff:ff:ad:0e:00:0d:15:5d:40:bd:79:c5:31:d1:1c:
fb:ba:05:64:e2:52:aa:e6:8e:3f:df:a7:b9:2a:df:
27:c0:89:b7:93:2b:3f:80:4d:ae:cc:fe:44:fa:8e:
ef:47:08:2d:59:ec:01:38:8d:56:c0:c7:7e:4f:81:
d1:6f:0b:4e:d5:78:d5:0e:67:fc:89:96:9a:82:d2:
29:aa:8b:f4:85:eb:c4:95:be:f0:f0:e7:50:d9:68:
0e:d3:3e:c0:59:44:bc:dc:83:ae:f2:ee:5f:2f:3b:
07:5f:4d:19:ba:d1:b9:06:a6:ff:b0:84:21:a2:2a:
bc:ab:2b:c6:cc:87:97:e2:96:51:14:4c:46:f7:07:
13:d6:80:4c:db:e0:ab:5d:12:9f:68:3a:df:09:15:
a7:b5:4c:cb:a9:86:37:42:6c:e3:e6:3b:27:65:f3:
1c:13:7e:70:f0:17:fb:18:ba:ac:31:92:3f:45:9b:
21:b5:47:b8:fb:b0:6d:e3:24:da:86:f9:8a:da:7e:
f7:f6:32:d1:95:cf:33:57:49:c7:a3:99:6e:ba:58:
22:07:54:43:4c:76:81:f9:a9:14:e7:52:4d:53:7f:
a0:ac:0d:88:d0:76:48:d9:bc:8e:66:87:a1:4d:64:
3c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A1:A0:D1:71:D0:89:AA:BE:8D:2D:50:DB:7C:E0:4A:B8:B8:6E:9D
X509v3 Authority Key Identifier:
keyid:76:9D:C3:2B:E1:7D:9E:4D:EC:D4:FB:7B:EE:E2:75:E5:78:3E:A8:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dp3DK-F9nk3s1Pt77uJ15Xg-qJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/xaGg0XHQiaq-jS1Q23zgSri4bp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1b950f-9a3e-407f-98bf-305a6e75a389/1/dp3DK-F9nk3s1Pt77uJ15Xg-qJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.128.0/22
Signature Algorithm: sha256WithRSAEncryption
31:f9:19:9f:61:84:9f:e4:c0:d1:c0:0d:52:d4:33:e9:8e:4c:
82:e6:8b:4c:d1:51:18:b5:a6:c8:e8:26:00:59:85:8e:80:4e:
cc:62:85:cb:92:57:cc:ff:83:3d:49:28:31:9a:c5:d4:07:7b:
c1:5a:ab:bd:5e:11:ee:07:61:5d:41:dc:3f:ee:5d:40:15:5b:
aa:d8:14:27:e7:9a:c3:77:f6:29:af:1b:d2:24:aa:55:c8:47:
27:2e:9e:c9:ba:c0:20:6d:b9:61:28:4a:6f:37:f6:7f:bf:cf:
5f:67:a6:76:be:a0:6d:ab:8d:33:0c:1a:e3:53:c1:c7:73:68:
e7:0e:bf:09:2c:0f:7e:1b:ef:a5:4c:8c:f5:0e:1c:cb:1f:65:
93:3a:25:b0:9a:25:14:64:fe:4d:f1:0f:f1:68:38:d2:70:bb:
08:9d:36:53:24:7c:e2:46:38:b1:c1:d0:da:45:8e:2c:3c:35:
1b:d3:ce:f7:c9:b0:0c:ec:31:16:64:24:a4:42:51:19:5b:0b:
19:88:4e:8c:af:61:99:53:5d:93:41:62:1b:ae:cd:b2:6c:31:
5f:8b:ea:70:02:b1:33:3b:64:30:63:0f:34:92:e5:8e:89:32:
a0:18:53:c1:3a:f2:78:c1:17:3e:1f:ec:34:3d:fa:47:58:ae:
0b:fd:07:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/j2kyHfHRQ1mabv+ciCBJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OWRjMzJiZTE3ZDllNGRlY2Q0ZmI3YmVlZTI3NWU1Nzgz
ZWE4OTEwHhcNMjQwNjA0MTUyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWExYTBkMTcxZDA4OWFhYmU4ZDJkNTBkYjdjZTA0YWI4Yjg2ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kROEIMwtGeudrva893//60OAA0V
XUC9ecUx0Rz7ugVk4lKq5o4/36e5Kt8nwIm3kys/gE2uzP5E+o7vRwgtWewBOI1W
wMd+T4HRbwtO1XjVDmf8iZaagtIpqov0hevElb7w8OdQ2WgO0z7AWUS83IOu8u5f
LzsHX00ZutG5Bqb/sIQhoiq8qyvGzIeX4pZRFExG9wcT1oBM2+CrXRKfaDrfCRWn
tUzLqYY3Qmzj5jsnZfMcE35w8Bf7GLqsMZI/RZshtUe4+7Bt4yTahvmK2n739jLR
lc8zV0nHo5luulgiB1RDTHaB+akU51JNU3+grA2I0HZI2byOZoehTWQ8QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWhoNFx0Imqvo0tUNt84Eq4uG6dMB8GA1UdIwQY
MBaAFHadwyvhfZ5N7NT7e+7ideV4PqiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHAzREstRjluazNzMVB0Nzd1SjE1WGctcUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xYjk1MGYtOWEzZS00MDdmLTk4YmYt
MzA1YTZlNzVhMzg5LzEveGFHZzBYSFFpYXEtalMxUTIzemdTcmk0YnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xYjk1MGYtOWEzZS00MDdmLTk4YmYtMzA1YTZlNzVhMzg5
LzEvZHAzREstRjluazNzMVB0Nzd1SjE1WGctcUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudiAMA0G
CSqGSIb3DQEBCwUAA4IBAQAx+RmfYYSf5MDRwA1S1DPpjkyC5otM0VEYtabI6CYA
WYWOgE7MYoXLklfM/4M9SSgxmsXUB3vBWqu9XhHuB2FdQdw/7l1AFVuq2BQn55rD
d/YprxvSJKpVyEcnLp7JusAgbblhKEpvN/Z/v89fZ6Z2vqBtq40zDBrjU8HHc2jn
Dr8JLA9+G++lTIz1DhzLH2WTOiWwmiUUZP5N8Q/xaDjScLsInTZTJHziRjixwdDa
RY4sPDUb0873ybAM7DEWZCSkQlEZWwsZiE6Mr2GZU12TQWIbrs2ybDFfi+pwArEz
O2QwYw80kuWOiTKgGFPBOvJ4wRc+H+w0PfpHWK4L/Qc9
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:22:13 2024 by rpki-client on console.sobornost.net