Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/2XZQDWpT_JY5KkNaoVOUqBw6nOc.roa
File: 2XZQDWpT_JY5KkNaoVOUqBw6nOc.roa (raw, json)
Hash identifier: H+Quk5Ini/WA2277UNf3OF4SvNetSePqG8L1AB7XDY8=
Subject key identifier: D9:76:50:0D:6A:53:FC:96:39:2A:43:5A:A1:53:94:A8:1C:3A:9C:E7
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 018CC7956CE0D712EEBBD84B9B03D6B52213
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/2XZQDWpT_JY5KkNaoVOUqBw6nOc.roa
Signing time: Tue 02 Jan 2024 00:31:47 +0000
ROA not before: Tue 02 Jan 2024 00:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212271
IP address blocks: 152.89.169.0/24 maxlen: 24
152.89.168.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:6c:e0:d7:12:ee:bb:d8:4b:9b:03:d6:b5:22:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 00:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d976500d6a53fc96392a435aa15394a81c3a9ce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9a:5e:09:9f:28:3d:b9:18:6c:e8:5c:3c:b7:
49:58:3f:24:93:4a:70:cc:7b:0d:c7:d3:dc:4e:a4:
89:c6:0b:bf:7b:94:b4:f7:3f:ea:b4:f0:0d:77:dd:
2b:42:3d:24:38:f3:34:57:1d:e3:1a:c1:46:dd:6c:
5c:a3:7d:b3:0c:47:40:69:2e:e3:dc:09:6d:07:c7:
d6:44:9e:ac:6e:1e:17:d3:8f:7f:39:66:b4:69:8d:
0b:7b:4c:61:b0:31:60:02:a7:d6:ee:ca:3f:d2:08:
20:30:a1:70:92:87:59:2f:8d:b4:1f:09:9c:11:bc:
08:c9:bd:bb:ad:5a:4e:ec:0c:8c:e0:30:42:f1:4d:
43:bb:13:41:c7:8a:b0:3e:e3:38:06:71:9d:d0:86:
5c:47:7e:79:61:c9:99:0e:29:0a:58:89:fe:6e:e2:
af:61:33:bf:56:52:36:f1:a1:46:1c:da:27:ad:07:
1f:f2:fa:00:0f:8d:b3:a2:d4:d2:a2:26:cc:c7:85:
1f:f5:d7:7a:3f:1a:b8:8d:93:51:f1:49:2d:c9:50:
8c:b1:43:a7:26:8f:d0:b6:53:32:05:ae:42:ad:8d:
f6:e7:a6:49:48:7a:65:8d:27:6e:a3:f8:f6:f2:fa:
ed:86:69:cc:95:a4:a5:4b:98:c6:6c:04:ef:75:77:
8f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:76:50:0D:6A:53:FC:96:39:2A:43:5A:A1:53:94:A8:1C:3A:9C:E7
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/2XZQDWpT_JY5KkNaoVOUqBw6nOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:e1:ef:b2:5c:85:f2:0a:11:3b:7b:06:63:39:d6:29:4a:a9:
93:6d:9f:b8:04:18:46:d9:ab:5b:51:63:63:b6:87:1f:45:30:
34:7f:f7:dc:ec:c7:e7:3a:3b:65:8a:f4:3f:20:e2:e9:f2:fa:
1d:f1:5d:7b:a7:97:06:2a:36:0a:7a:55:ac:0a:a3:9f:bc:0d:
79:b3:55:6c:fe:8d:d3:00:9b:ed:03:c4:5f:95:8b:4a:ce:ae:
20:67:f8:86:cf:26:e3:54:d0:d5:66:44:48:d2:1c:f0:73:c9:
7d:2e:41:16:64:58:d4:1e:c6:b5:8e:7b:10:b4:75:08:90:8d:
4b:bb:2a:c4:32:7c:2a:9d:c0:37:07:d0:9f:fd:a6:58:14:69:
7c:eb:08:b4:e1:ff:1e:55:48:ec:76:a1:a3:b4:37:b0:fe:fc:
d9:20:8c:d4:44:3a:3a:9a:fa:43:a6:b7:2d:7e:02:ca:29:b7:
d1:71:76:83:d5:52:59:d2:65:92:39:f3:cd:6b:83:b1:af:44:
5e:70:1d:c1:04:5f:0d:bd:34:26:77:0e:87:ed:36:38:2d:bb:
f8:f3:ec:8a:b2:78:fb:00:1a:fe:be:a0:f0:55:6e:44:48:c0:
d7:d6:5d:6d:0c:f7:a1:df:66:0a:84:c6:db:20:09:44:59:87:
94:8c:6d:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlWzg1xLuu9hLmwPWtSITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwMTAyMDAzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc2NTAwZDZhNTNmYzk2MzkyYTQzNWFhMTUzOTRhODFjM2E5Y2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvppeCZ8oPbkYbOhcPLdJWD8kk0pw
zHsNx9PcTqSJxgu/e5S09z/qtPANd90rQj0kOPM0Vx3jGsFG3Wxco32zDEdAaS7j
3AltB8fWRJ6sbh4X049/OWa0aY0Le0xhsDFgAqfW7so/0gggMKFwkodZL420Hwmc
EbwIyb27rVpO7AyM4DBC8U1DuxNBx4qwPuM4BnGd0IZcR355YcmZDikKWIn+buKv
YTO/VlI28aFGHNonrQcf8voAD42zotTSoibMx4Uf9dd6Pxq4jZNR8UktyVCMsUOn
Jo/QtlMyBa5CrY3256ZJSHpljSduo/j28vrthmnMlaSlS5jGbATvdXePCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNl2UA1qU/yWOSpDWqFTlKgcOpznMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvMlhaUURXcFRfSlk1S2tOYW9WT1VxQnc2bk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFmoMA0G
CSqGSIb3DQEBCwUAA4IBAQAb4e+yXIXyChE7ewZjOdYpSqmTbZ+4BBhG2atbUWNj
tocfRTA0f/fc7MfnOjtlivQ/IOLp8vod8V17p5cGKjYKelWsCqOfvA15s1Vs/o3T
AJvtA8RflYtKzq4gZ/iGzybjVNDVZkRI0hzwc8l9LkEWZFjUHsa1jnsQtHUIkI1L
uyrEMnwqncA3B9Cf/aZYFGl86wi04f8eVUjsdqGjtDew/vzZIIzURDo6mvpDprct
fgLKKbfRcXaD1VJZ0mWSOfPNa4Oxr0RecB3BBF8NvTQmdw6H7TY4Lbv48+yKsnj7
ABr+vqDwVW5ESMDX1l1tDPeh32YKhMbbIAlEWYeUjG2P
-----END CERTIFICATE-----
Generated at Fri Sep 27 18:06:08 2024 by rpki-client on console.sobornost.net