Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/yV8ddZfAPjZd8hhEBtsKhi64b8s.roa
File: yV8ddZfAPjZd8hhEBtsKhi64b8s.roa (raw, json)
Hash identifier: VKIHZUiYCLfkN8Z/8GA+x7+iKz14Yg4DmRfACSTHsUI=
Subject key identifier: C9:5F:1D:75:97:C0:3E:36:5D:F2:18:44:06:DB:0A:86:2E:B8:6F:CB
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 0193917B30C3ADCE9D27A4EB12C696B7D50A
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/yV8ddZfAPjZd8hhEBtsKhi64b8s.roa
Signing time: Wed 04 Dec 2024 11:43:09 +0000
ROA not before: Wed 04 Dec 2024 11:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205473
IP address blocks: 185.217.88.0/22 maxlen: 22
185.217.88.0/23 maxlen: 23
185.217.88.0/24 maxlen: 24
185.217.89.0/24 maxlen: 24
185.217.90.0/23 maxlen: 23
185.217.90.0/24 maxlen: 24
185.217.91.0/24 maxlen: 24
2a0b:c640::/32 maxlen: 32
2a0b:c641::/32 maxlen: 32
2a0b:c642::/32 maxlen: 32
2a0b:c643::/32 maxlen: 32
2a0b:c644::/32 maxlen: 32
2a0b:c645::/32 maxlen: 32
2a0b:c646::/32 maxlen: 32
2a0b:c647::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:7b:30:c3:ad:ce:9d:27:a4:eb:12:c6:96:b7:d5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Dec 4 11:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c95f1d7597c03e365df2184406db0a862eb86fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:11:59:d1:8f:a8:a4:39:ea:a4:6b:90:c0:1b:
4d:ec:4e:c1:26:4c:42:a2:27:18:e7:b9:83:84:ee:
ad:1e:19:0f:e4:f5:8d:5b:3e:a6:75:87:bc:cb:60:
8d:92:d9:50:9b:99:5c:dd:24:89:5f:38:af:36:25:
72:b4:01:ab:07:80:6c:b8:7d:43:a7:86:4f:49:10:
f7:af:86:49:a5:92:8d:19:a6:9c:97:5a:95:f1:0a:
d4:62:c1:82:9d:40:0b:98:68:19:2f:f0:92:b6:a3:
8e:11:ab:0e:6f:98:02:70:32:eb:64:d8:bb:a8:f0:
ea:3f:6a:b0:0c:c4:d5:2e:1d:1c:bf:40:4f:b9:f5:
a4:85:7f:3a:18:26:d7:36:08:f7:1f:16:88:03:ab:
22:4b:ce:af:31:de:6b:e1:ae:24:01:42:c9:df:44:
16:a3:0d:db:f7:e4:06:47:26:77:33:cd:91:62:9c:
c9:2b:a3:39:54:6d:d8:ec:cb:00:fd:bf:2e:b5:ae:
59:51:2a:44:44:91:7d:5f:72:38:c1:b5:18:b8:5b:
0e:07:08:96:62:2f:21:52:fe:c9:d0:5f:8e:d3:72:
8a:47:48:5c:a2:16:d3:30:e9:30:41:73:c9:7d:e1:
65:f7:ca:1e:09:9a:e5:48:b8:bc:5d:a1:73:e2:20:
66:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5F:1D:75:97:C0:3E:36:5D:F2:18:44:06:DB:0A:86:2E:B8:6F:CB
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/yV8ddZfAPjZd8hhEBtsKhi64b8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.88.0/22
IPv6:
2a0b:c640::/29
Signature Algorithm: sha256WithRSAEncryption
71:a1:ec:03:2b:82:fa:50:50:a4:7b:d3:af:cf:2d:95:b6:9b:
bf:08:af:0f:f1:95:9a:ca:5d:57:ea:ff:af:74:e7:81:dd:90:
b0:85:6f:2f:20:63:2f:92:dd:98:c5:93:17:f4:80:ba:63:5a:
1d:59:01:da:bc:ec:e3:5e:c8:62:94:cf:d7:c2:a3:a6:16:80:
96:9d:c2:81:f7:81:24:b8:90:7f:96:e0:a5:20:ad:86:fb:70:
65:31:a0:1e:44:04:8f:08:3a:e0:97:ad:55:c7:e1:6f:db:e7:
75:7f:86:30:5c:ef:2f:bb:49:89:90:e9:19:64:30:0c:59:29:
e1:8b:8a:a9:19:d7:93:06:e0:3c:7e:1d:d9:af:76:bd:b4:5c:
8a:5a:8c:bf:17:af:e6:cb:1a:2a:7a:36:ac:e5:da:65:7b:81:
c8:e9:a0:21:12:b3:a8:5d:99:4a:6b:b9:60:4b:0c:4e:1b:4d:
5f:d8:a3:ae:69:9e:29:9a:47:47:dd:2d:43:68:c0:98:1a:8f:
ce:32:2a:50:59:61:f0:c3:96:b7:2f:b7:d1:d4:ac:c4:8c:b3:
6e:c1:fa:41:28:42:95:2a:7a:17:2a:f3:fd:b3:ae:e9:49:ff:
44:35:fc:5d:dd:47:80:e6:55:ed:b7:49:4f:d0:df:c0:e2:24:
70:56:34:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZORezDDrc6dJ6TrEsaWt9UKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjQxMjA0MTE0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVmMWQ3NTk3YzAzZTM2NWRmMjE4NDQwNmRiMGE4NjJlYjg2ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxFZ0Y+opDnqpGuQwBtN7E7BJkxC
oicY57mDhO6tHhkP5PWNWz6mdYe8y2CNktlQm5lc3SSJXzivNiVytAGrB4BsuH1D
p4ZPSRD3r4ZJpZKNGaacl1qV8QrUYsGCnUALmGgZL/CStqOOEasOb5gCcDLrZNi7
qPDqP2qwDMTVLh0cv0BPufWkhX86GCbXNgj3HxaIA6siS86vMd5r4a4kAULJ30QW
ow3b9+QGRyZ3M82RYpzJK6M5VG3Y7MsA/b8uta5ZUSpERJF9X3I4wbUYuFsOBwiW
Yi8hUv7J0F+O03KKR0hcohbTMOkwQXPJfeFl98oeCZrlSLi8XaFz4iBmyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlfHXWXwD42XfIYRAbbCoYuuG/LMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEveVY4ZGRaZkFQalpkOGhoRUJ0c0toaTY0YjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudlYMA0E
AgACMAcDBQMqC8ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBxoewDK4L6UFCke9Ovzy2V
tpu/CK8P8ZWayl1X6v+vdOeB3ZCwhW8vIGMvkt2YxZMX9IC6Y1odWQHavOzjXshi
lM/XwqOmFoCWncKB94EkuJB/luClIK2G+3BlMaAeRASPCDrgl61Vx+Fv2+d1f4Yw
XO8vu0mJkOkZZDAMWSnhi4qpGdeTBuA8fh3Zr3a9tFyKWoy/F6/myxoqejas5dpl
e4HI6aAhErOoXZlKa7lgSwxOG01f2KOuaZ4pmkdH3S1DaMCYGo/OMipQWWHww5a3
L7fR1KzEjLNuwfpBKEKVKnoXKvP9s67pSf9ENfxd3UeA5lXtt0lP0N/A4iRwVjQ0
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:25 2024 by rpki-client on console.sobornost.net