Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/KukufkPwS0vjWABPG3QzfJKud2E.roa
File: KukufkPwS0vjWABPG3QzfJKud2E.roa (raw, json)
Hash identifier: 3ciQqaHfpfeosDMAQJf159Haw2u5/PwLz7cISkVjxps=
Subject key identifier: 2A:E9:2E:7E:43:F0:4B:4B:E3:58:00:4F:1B:74:33:7C:92:AE:77:61
Certificate issuer: /CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Certificate serial: 0191550691B873E08C4CBA2A043076B75417
Authority key identifier: DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/KukufkPwS0vjWABPG3QzfJKud2E.roa
Signing time: Thu 15 Aug 2024 07:52:59 +0000
ROA not before: Thu 15 Aug 2024 07:52:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205747
IP address blocks: 91.212.77.0/24 maxlen: 24
185.188.196.0/22 maxlen: 24
2a0b:d080::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:06:91:b8:73:e0:8c:4c:ba:2a:04:30:76:b7:54:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Validity
Not Before: Aug 15 07:52:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ae92e7e43f04b4be358004f1b74337c92ae7761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e4:23:a4:5c:a8:34:b1:36:ec:35:19:b3:29:
95:29:b8:d2:64:b3:f5:36:ce:d0:ac:70:e4:c5:33:
4d:33:32:44:81:9e:5d:97:8d:e8:02:46:51:c9:0c:
ef:cd:17:e3:70:77:60:69:04:fc:0b:08:5f:75:c9:
72:e4:9e:95:0f:a5:51:9e:bc:93:44:bb:85:d5:dd:
c9:57:ac:e8:7e:1a:94:85:d4:40:6e:14:41:7c:5e:
3f:e0:aa:3a:ea:7f:04:42:48:37:c8:80:f7:89:fa:
96:fc:66:d0:d0:18:db:b8:ab:c9:72:5b:a7:88:f2:
07:5e:ce:37:27:d7:2a:e4:e5:8c:ad:89:f2:52:96:
32:ff:ed:87:f7:ba:65:b7:2a:fb:eb:e4:37:7c:c1:
84:ce:23:bb:1b:74:6a:7f:d6:81:71:c7:f8:b6:d3:
50:f1:30:61:23:13:be:e9:79:97:84:07:c1:85:bf:
d1:d3:c4:27:bc:e5:58:28:c6:29:62:f2:05:7b:81:
fc:8c:14:bf:21:5b:e9:30:db:0e:ed:f6:4b:c0:12:
cc:71:77:db:25:fb:3e:d0:5f:fc:51:3e:ab:32:f2:
a6:a5:6d:12:ce:83:25:54:2c:49:ce:60:a7:b7:12:
69:d9:2e:2d:7f:ce:48:3e:d7:4f:cb:53:33:a2:eb:
3c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E9:2E:7E:43:F0:4B:4B:E3:58:00:4F:1B:74:33:7C:92:AE:77:61
X509v3 Authority Key Identifier:
keyid:DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/KukufkPwS0vjWABPG3QzfJKud2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.77.0/24
185.188.196.0/22
IPv6:
2a0b:d080::/32
Signature Algorithm: sha256WithRSAEncryption
48:9f:a4:27:18:58:b1:0b:17:ff:a1:98:10:0e:7b:32:2f:7a:
b5:c6:eb:f1:88:d6:0e:65:b9:fc:df:c6:e3:ca:5f:5b:0a:cb:
5e:7f:7b:d7:88:05:be:6a:b2:19:e8:b2:ab:18:59:de:b7:f1:
ea:28:fc:15:ba:93:b2:3a:b4:74:25:02:12:f4:62:4d:a4:ae:
82:db:90:98:98:e7:f4:43:e5:d9:9e:22:7a:76:4d:6c:14:c0:
ae:ce:69:0a:65:ea:f4:d8:be:23:6b:19:71:2d:81:5b:c7:50:
27:9e:7c:4c:0a:ca:ed:70:4a:6a:a4:3a:6a:05:b1:ee:45:a3:
50:10:d3:8e:d1:bb:48:18:c3:e2:b1:b1:66:b2:39:17:d6:e7:
a0:ba:6e:a6:63:b7:2d:bd:6f:21:99:38:8b:df:8c:ae:63:30:
8c:fe:6c:ae:e4:df:23:f8:38:d3:82:fd:0c:3e:cf:d8:ec:dc:
cb:bf:cf:79:a4:31:89:c4:5f:63:77:3c:8b:bd:72:e0:3d:15:
d7:7d:41:58:c2:04:ab:a7:df:d7:de:36:6d:ed:49:52:b0:b4:
cd:1b:f3:0a:40:cc:f8:1f:1e:ef:45:3b:0e:41:8a:82:4b:de:
a1:eb:96:cf:6a:7a:8b:fd:0a:c7:eb:de:03:fe:47:ac:57:5c:
ba:22:89:e2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFVBpG4c+CMTLoqBDB2t1QXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODA0YzljOGE0MzM5N2QxNjc3OWFhOTM0ZjcwNjczODhm
YzdkN2MwHhcNMjQwODE1MDc1MjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU5MmU3ZTQzZjA0YjRiZTM1ODAwNGYxYjc0MzM3YzkyYWU3NzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+QjpFyoNLE27DUZsymVKbjSZLP1
Ns7QrHDkxTNNMzJEgZ5dl43oAkZRyQzvzRfjcHdgaQT8Cwhfdcly5J6VD6VRnryT
RLuF1d3JV6zofhqUhdRAbhRBfF4/4Ko66n8EQkg3yID3ifqW/GbQ0BjbuKvJclun
iPIHXs43J9cq5OWMrYnyUpYy/+2H97pltyr76+Q3fMGEziO7G3Rqf9aBccf4ttNQ
8TBhIxO+6XmXhAfBhb/R08QnvOVYKMYpYvIFe4H8jBS/IVvpMNsO7fZLwBLMcXfb
Jfs+0F/8UT6rMvKmpW0SzoMlVCxJzmCntxJp2S4tf85IPtdPy1Mzous8ewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCrpLn5D8EtL41gATxt0M3ySrndhMB8GA1UdIwQY
MBaAFN6ATJyKQzl9FneaqTT3BnOI/H18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTIt
YWY0ZTUyNDFiZjIwLzEvS3VrdWZrUHdTMHZqV0FCUEczUXpmSkt1ZDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85NjI1NGMtZmMwZS00ZjU4LTk1ZTItYWY0ZTUyNDFiZjIw
LzEvM29CTW5JcERPWDBXZDVxcE5QY0djNGo4Zlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9RNAwQC
ubzEMA0EAgACMAcDBQAqC9CAMA0GCSqGSIb3DQEBCwUAA4IBAQBIn6QnGFixCxf/
oZgQDnsyL3q1xuvxiNYOZbn838bjyl9bCstef3vXiAW+arIZ6LKrGFnet/HqKPwV
upOyOrR0JQIS9GJNpK6C25CYmOf0Q+XZniJ6dk1sFMCuzmkKZer02L4jaxlxLYFb
x1AnnnxMCsrtcEpqpDpqBbHuRaNQENOO0btIGMPisbFmsjkX1uegum6mY7ctvW8h
mTiL34yuYzCM/myu5N8j+DjTgv0MPs/Y7NzLv895pDGJxF9jdzyLvXLgPRXXfUFY
wgSrp9/X3jZt7UlSsLTNG/MKQMz4Hx7vRTsOQYqCS96h65bPanqL/QrH694D/kes
V1y6Ioni
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:05:20 2024 by rpki-client on console.sobornost.net