Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/901c48-0f36-4f8d-9bad-274499e1bc0b/1/RU3gkenhKxOBPeo2VlnldwTtnuo.roa
File: RU3gkenhKxOBPeo2VlnldwTtnuo.roa (raw, json)
Hash identifier: U3rKCI/OCxti2ucebSccXvJn51NCnJ7bQ0Nph9VjjFs=
Subject key identifier: 45:4D:E0:91:E9:E1:2B:13:81:3D:EA:36:56:59:E5:77:04:ED:9E:EA
Certificate issuer: /CN=7dd2b8a1960344e1f60bb1eb4038b33562b8ea1c
Certificate serial: 01849F532278B6D254EDA041E7E1263B26E5
Authority key identifier: 7D:D2:B8:A1:96:03:44:E1:F6:0B:B1:EB:40:38:B3:35:62:B8:EA:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fdK4oZYDROH2C7HrQDizNWK46hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/901c48-0f36-4f8d-9bad-274499e1bc0b/1/RU3gkenhKxOBPeo2VlnldwTtnuo.roa
Signing time: Tue 22 Nov 2022 12:32:16 +0000
ROA not before: Tue 22 Nov 2022 12:32:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199652
IP address blocks: 185.249.24.0/24 maxlen: 24
185.249.27.0/24 maxlen: 24
185.249.25.0/24 maxlen: 24
185.249.26.0/24 maxlen: 24
185.91.228.0/24 maxlen: 24
185.91.231.0/24 maxlen: 24
185.91.229.0/24 maxlen: 24
185.91.230.0/24 maxlen: 24
185.6.4.0/24 maxlen: 24
185.6.6.0/24 maxlen: 24
185.6.7.0/24 maxlen: 24
185.6.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:53:22:78:b6:d2:54:ed:a0:41:e7:e1:26:3b:26:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dd2b8a1960344e1f60bb1eb4038b33562b8ea1c
Validity
Not Before: Nov 22 12:32:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=454de091e9e12b13813dea365659e57704ed9eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:21:32:08:59:14:e4:48:90:58:e3:79:34:d9:
af:31:cc:5b:47:8b:04:fa:70:b8:65:83:45:e1:98:
96:e4:90:15:68:06:6b:b1:be:cd:ea:b5:4b:dc:8e:
a0:e6:a4:76:f8:78:59:10:2f:af:bb:a4:97:82:4e:
f9:26:85:3a:21:11:79:da:75:16:30:46:85:23:65:
2c:c6:b2:66:65:cc:a0:08:c7:8d:73:b6:b4:37:e5:
ef:e8:43:6b:81:f8:74:76:89:6f:65:f9:70:c9:81:
4e:e0:0d:4a:8f:34:4c:b7:1e:37:0a:0c:81:22:11:
ea:b5:15:7f:fc:78:95:e5:eb:24:80:a3:ae:cb:e6:
05:8b:43:e8:e8:fb:7e:45:75:8b:db:ef:c6:ca:37:
5d:78:6e:2e:34:d9:71:4e:ed:09:44:77:b4:47:4b:
8b:30:36:a9:a7:3c:ae:19:c2:8a:0d:50:34:6e:11:
c6:e8:6b:4d:34:12:b5:ce:90:0d:e4:4d:a8:9c:92:
0c:c4:c1:c2:8f:4a:5b:fc:62:f9:02:0e:b8:ae:9c:
af:ea:61:32:a1:6e:58:f1:ce:70:39:c9:2b:44:33:
d6:52:a8:77:08:34:a2:e9:cd:c3:a7:0a:7b:c1:d1:
80:a2:72:c9:b5:e2:22:25:29:68:a2:cc:97:f0:5d:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4D:E0:91:E9:E1:2B:13:81:3D:EA:36:56:59:E5:77:04:ED:9E:EA
X509v3 Authority Key Identifier:
keyid:7D:D2:B8:A1:96:03:44:E1:F6:0B:B1:EB:40:38:B3:35:62:B8:EA:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fdK4oZYDROH2C7HrQDizNWK46hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/901c48-0f36-4f8d-9bad-274499e1bc0b/1/RU3gkenhKxOBPeo2VlnldwTtnuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/901c48-0f36-4f8d-9bad-274499e1bc0b/1/fdK4oZYDROH2C7HrQDizNWK46hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.4.0/22
185.91.228.0/22
185.249.24.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:57:48:16:9e:81:df:43:b7:8d:25:8a:ba:99:3f:62:dd:7b:
63:f7:f0:21:88:7d:4c:aa:d6:aa:b2:c7:47:05:a7:e7:0b:d9:
d9:f4:27:46:8c:02:5c:79:7a:53:2e:47:07:17:d2:75:70:5d:
2e:ca:b1:4d:d1:06:35:a5:44:d5:7d:fe:bf:75:a8:ae:9a:66:
cc:dc:0d:13:2a:8a:65:ea:ee:36:fb:9b:c3:c9:74:5b:13:71:
4b:3b:13:17:c5:a8:19:87:9c:75:c6:85:b1:8d:1a:35:ed:7f:
fb:0d:c4:dd:d9:ff:21:23:36:41:ba:75:7e:50:3c:d1:db:ce:
a2:5b:52:34:21:a8:6f:bb:fc:5a:5a:83:3f:a4:08:b1:b4:fc:
50:63:6a:a3:2e:42:1c:d8:48:e8:21:fc:77:43:5e:cf:f1:c8:
52:fd:97:08:51:54:c8:75:39:8c:53:b7:2e:8d:31:dd:e2:2e:
ee:6c:a4:65:ac:0c:e8:3e:9a:fe:4c:ef:18:69:dc:86:74:97:
db:99:ef:ee:00:a6:fa:ea:56:7e:cc:8d:a3:cc:87:92:0f:5b:
9c:f9:e6:f3:fe:59:7b:ca:63:24:99:e1:83:ef:c5:e6:44:5f:
a3:ae:42:01:55:bd:68:74:66:aa:fe:fe:f3:0d:a8:f8:e5:9a:
7b:0f:1c:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSfUyJ4ttJU7aBB5+EmOyblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZDJiOGExOTYwMzQ0ZTFmNjBiYjFlYjQwMzhiMzM1NjJi
OGVhMWMwHhcNMjIxMTIyMTIzMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRkZTA5MWU5ZTEyYjEzODEzZGVhMzY1NjU5ZTU3NzA0ZWQ5ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiEyCFkU5EiQWON5NNmvMcxbR4sE
+nC4ZYNF4ZiW5JAVaAZrsb7N6rVL3I6g5qR2+HhZEC+vu6SXgk75JoU6IRF52nUW
MEaFI2UsxrJmZcygCMeNc7a0N+Xv6ENrgfh0dolvZflwyYFO4A1KjzRMtx43CgyB
IhHqtRV//HiV5eskgKOuy+YFi0Po6Pt+RXWL2+/GyjddeG4uNNlxTu0JRHe0R0uL
MDappzyuGcKKDVA0bhHG6GtNNBK1zpAN5E2onJIMxMHCj0pb/GL5Ag64rpyv6mEy
oW5Y8c5wOckrRDPWUqh3CDSi6c3Dpwp7wdGAonLJteIiJSloosyX8F1ojQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEVN4JHp4SsTgT3qNlZZ5XcE7Z7qMB8GA1UdIwQY
MBaAFH3SuKGWA0Th9gux60A4szViuOocMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmRLNG9aWURST0gyQzdIclFEaXpOV0s0Nmh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85MDFjNDgtMGYzNi00ZjhkLTliYWQt
Mjc0NDk5ZTFiYzBiLzEvUlUzZ2tlbmhLeE9CUGVvMlZsbmxkd1R0bnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85MDFjNDgtMGYzNi00ZjhkLTliYWQtMjc0NDk5ZTFiYzBi
LzEvZmRLNG9aWURST0gyQzdIclFEaXpOV0s0Nmh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQYEAwQC
uVvkAwQCufkYMA0GCSqGSIb3DQEBCwUAA4IBAQBPV0gWnoHfQ7eNJYq6mT9i3Xtj
9/AhiH1MqtaqssdHBafnC9nZ9CdGjAJceXpTLkcHF9J1cF0uyrFN0QY1pUTVff6/
daiummbM3A0TKopl6u42+5vDyXRbE3FLOxMXxagZh5x1xoWxjRo17X/7DcTd2f8h
IzZBunV+UDzR286iW1I0Iahvu/xaWoM/pAixtPxQY2qjLkIc2EjoIfx3Q17P8chS
/ZcIUVTIdTmMU7cujTHd4i7ubKRlrAzoPpr+TO8YadyGdJfbme/uAKb66lZ+zI2j
zIeSD1uc+ebz/ll7ymMkmeGD78XmRF+jrkIBVb1odGaq/v7zDaj45Zp7Dxxy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org