Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/9Dz0wFYg2IeTHGC3ZveuCuNKDek.roa
File: 9Dz0wFYg2IeTHGC3ZveuCuNKDek.roa (raw, json)
Hash identifier: tH08B63RZXdV3qNGkaNSgi0jWGL2qf54VN22deD7NXg=
Subject key identifier: F4:3C:F4:C0:56:20:D8:87:93:1C:60:B7:66:F7:AE:0A:E3:4A:0D:E9
Certificate issuer: /CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Certificate serial: 0193300E651575399FA3E362F807EF1C08F5
Authority key identifier: C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/9Dz0wFYg2IeTHGC3ZveuCuNKDek.roa
Signing time: Fri 15 Nov 2024 13:41:09 +0000
ROA not before: Fri 15 Nov 2024 13:41:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50910
IP address blocks: 80.85.209.0/24 maxlen: 24
80.85.210.0/23 maxlen: 23
80.85.212.0/22 maxlen: 22
80.85.212.0/24 maxlen: 24
80.85.213.0/24 maxlen: 24
80.85.214.0/23 maxlen: 23
80.85.216.0/21 maxlen: 21
80.85.216.0/22 maxlen: 22
80.85.219.0/24 maxlen: 24
80.85.220.0/23 maxlen: 23
80.85.222.0/24 maxlen: 24
80.85.223.0/24 maxlen: 24
109.232.152.0/21 maxlen: 21
109.232.152.0/22 maxlen: 22
109.232.152.0/24 maxlen: 24
109.232.153.0/24 maxlen: 24
109.232.154.0/24 maxlen: 24
109.232.155.0/24 maxlen: 24
109.232.156.0/23 maxlen: 23
109.232.158.0/24 maxlen: 24
109.232.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:0e:65:15:75:39:9f:a3:e3:62:f8:07:ef:1c:08:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Validity
Not Before: Nov 15 13:41:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f43cf4c05620d887931c60b766f7ae0ae34a0de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:63:63:b7:de:7b:23:4c:b4:0f:51:52:25:
24:ca:5a:93:79:9b:7b:2c:59:d6:05:f4:dd:08:aa:
00:ba:d4:1e:2b:92:77:16:50:67:65:eb:12:90:d4:
e6:43:9b:42:fd:8c:21:b7:25:12:85:f5:e6:50:5d:
ff:1b:1e:20:23:22:43:e2:93:01:d4:66:c4:13:e2:
78:0f:0b:6a:16:07:48:1d:5e:8a:b2:7b:ed:ad:67:
1e:9c:da:bb:9c:f7:bd:24:35:3e:dd:8c:1d:06:cb:
22:21:21:ee:aa:a0:32:c4:b1:46:6f:d2:70:79:05:
e2:07:48:40:db:54:eb:ee:b0:7e:46:5d:56:df:03:
66:c9:2c:6c:b1:3c:f3:08:c2:88:ff:b2:89:3f:3e:
e7:a3:ad:3a:d6:cd:07:ad:3f:74:08:c1:73:8e:f3:
64:b4:34:46:14:e6:b1:22:52:74:45:ab:8a:cd:18:
9b:bd:3c:2a:24:76:a3:2e:fb:b3:0f:94:fa:40:09:
f2:8f:c4:05:95:6e:a3:c2:ed:4d:c9:dc:a2:dc:43:
45:d3:6d:f5:c2:fd:03:77:f2:c8:ff:1f:da:73:df:
e1:94:f9:a4:6c:46:60:6d:4c:61:30:b6:39:86:f6:
7a:ec:d4:97:f2:e3:c0:ea:f7:be:52:f1:e6:e3:8e:
de:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:3C:F4:C0:56:20:D8:87:93:1C:60:B7:66:F7:AE:0A:E3:4A:0D:E9
X509v3 Authority Key Identifier:
keyid:C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/9Dz0wFYg2IeTHGC3ZveuCuNKDek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.209.0-80.85.223.255
109.232.152.0/21
Signature Algorithm: sha256WithRSAEncryption
43:2b:3c:74:7b:fb:b5:62:ec:34:91:dd:f5:2b:5c:35:4d:e3:
f1:ac:49:87:92:49:d7:b2:73:d6:fd:ae:bb:e9:1b:c1:42:c1:
49:a5:d8:95:74:34:27:bd:dd:fd:27:bf:86:8f:c9:7c:bb:6d:
cd:84:8c:9a:51:c4:1a:87:7c:01:93:ee:ef:cd:10:36:b0:61:
b0:81:22:6f:6b:42:6f:2c:51:67:fb:0a:8d:8f:7f:d9:d0:e1:
a6:10:bf:ee:a3:10:99:be:ce:1d:06:d7:48:b4:0e:e4:89:f0:
7d:2e:7c:3c:da:80:f7:39:53:42:ad:94:05:ab:93:43:56:74:
32:f1:dd:94:01:0e:e2:cb:1f:82:52:cd:e9:9c:4c:16:56:c6:
66:90:b2:8b:5b:f7:63:86:b8:70:42:a3:ec:76:ac:8b:63:54:
39:ff:34:3b:a1:ea:43:74:94:66:70:7f:7d:e8:b3:69:6d:24:
74:8a:61:e9:03:c6:a2:92:4b:7e:49:c9:da:9b:ca:f6:a9:ef:
6a:a4:2b:87:c5:47:77:56:4a:91:d7:3d:e2:fd:35:e2:9f:93:
27:7a:e6:ec:cb:78:f4:6d:5d:6d:3c:47:f7:fd:28:82:0f:4c:
81:6f:48:cf:5c:36:ad:de:72:98:87:72:53:b3:f1:22:a1:4e:
01:7d:06:b8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZMwDmUVdTmfo+Ni+AfvHAj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjQzNTFlMGE0OTVjMjZlZmRjNmU0MTVmMGJiMTg5ZmJi
ZDZlZGYwHhcNMjQxMTE1MTM0MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDNjZjRjMDU2MjBkODg3OTMxYzYwYjc2NmY3YWUwYWUzNGEwZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGJjY7feeyNMtA9RUiUkylqTeZt7
LFnWBfTdCKoAutQeK5J3FlBnZesSkNTmQ5tC/YwhtyUShfXmUF3/Gx4gIyJD4pMB
1GbEE+J4DwtqFgdIHV6KsnvtrWcenNq7nPe9JDU+3YwdBssiISHuqqAyxLFGb9Jw
eQXiB0hA21Tr7rB+Rl1W3wNmySxssTzzCMKI/7KJPz7no6061s0HrT90CMFzjvNk
tDRGFOaxIlJ0RauKzRibvTwqJHajLvuzD5T6QAnyj8QFlW6jwu1Nydyi3ENF0231
wv0Dd/LI/x/ac9/hlPmkbEZgbUxhMLY5hvZ67NSX8uPA6ve+UvHm447ewwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPQ89MBWINiHkxxgt2b3rgrjSg3pMB8GA1UdIwQY
MBaAFMO0NR4KSVwm79xuQV8LsYn7vW7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdRMUhncEpYQ2J2M0c1Qlh3dXhpZnU5YnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zN2UzNjMtODRkMS00NzBlLTk2YTIt
MGVmMWNhYzc0MThkLzEvOUR6MHdGWWcySWVUSEdDM1p2ZXVDdU5LRGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zN2UzNjMtODRkMS00NzBlLTk2YTItMGVmMWNhYzc0MThk
LzEvdzdRMUhncEpYQ2J2M0c1Qlh3dXhpZnU5YnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABQVdED
BAVQVcADBANt6JgwDQYJKoZIhvcNAQELBQADggEBAEMrPHR7+7Vi7DSR3fUrXDVN
4/GsSYeSSdeyc9b9rrvpG8FCwUml2JV0NCe93f0nv4aPyXy7bc2EjJpRxBqHfAGT
7u/NEDawYbCBIm9rQm8sUWf7Co2Pf9nQ4aYQv+6jEJm+zh0G10i0DuSJ8H0ufDza
gPc5U0KtlAWrk0NWdDLx3ZQBDuLLH4JSzemcTBZWxmaQsotb92OGuHBCo+x2rItj
VDn/NDuh6kN0lGZwf33os2ltJHSKYekDxqKSS35Jydqbyvap72qkK4fFR3dWSpHX
PeL9NeKfkyd65uzLePRtXW08R/f9KIIPTIFvSM9cNq3ecpiHclOz8SKhTgF9Brg=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:40 2024 by rpki-client on console.sobornost.net