Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/ZJxQtDhyLa-327fPr32ytdhM878.roa
File: ZJxQtDhyLa-327fPr32ytdhM878.roa (raw, json)
Hash identifier: B60yj6HO22mWg1P4kE4KTYQn17GydbGi07sFsqjjMh0=
Subject key identifier: 64:9C:50:B4:38:72:2D:AF:B7:DB:B7:CF:AF:7D:B2:B5:D8:4C:F3:BF
Certificate issuer: /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial: 0193873C359B9026D81FA29735348111C93C
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/ZJxQtDhyLa-327fPr32ytdhM878.roa
Signing time: Mon 02 Dec 2024 11:58:10 +0000
ROA not before: Mon 02 Dec 2024 11:58:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198668
IP address blocks: 176.119.192.0/24 maxlen: 24
185.87.140.0/22 maxlen: 22
185.243.172.0/22 maxlen: 22
2a05:aa00::/29 maxlen: 29
2a0d:1880::/29 maxlen: 29
2a0f:fec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:3c:35:9b:90:26:d8:1f:a2:97:35:34:81:11:c9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
Validity
Not Before: Dec 2 11:58:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=649c50b438722dafb7dbb7cfaf7db2b5d84cf3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8e:57:e2:eb:35:e5:b2:38:89:f1:56:92:ce:
bd:6f:df:0a:ad:80:28:7a:36:1b:1f:1b:b7:f5:ac:
9a:ff:75:1d:f4:32:31:3e:4e:8d:49:f4:ca:47:12:
4b:01:ab:48:ae:00:ad:a7:79:a8:ba:29:77:8b:a7:
98:7e:43:f9:07:12:1e:5f:07:a5:74:2f:94:f5:c5:
ef:68:c8:73:28:17:14:80:d7:24:8e:36:fd:fc:58:
0e:18:53:29:a5:c1:ad:f5:96:32:8a:30:b9:d6:85:
7c:20:bc:64:d7:fb:07:05:63:39:ae:fe:63:19:dd:
12:3d:f1:88:75:a7:71:cf:f6:fe:d0:c2:c6:5a:cb:
98:49:e7:25:7d:5d:45:d5:4d:32:f3:e5:2f:89:40:
4a:ac:10:a4:c9:7c:7d:28:ce:89:5d:33:1c:fe:9e:
84:2c:24:be:0d:1c:a9:4e:49:d7:e2:d9:53:cb:6b:
a4:67:c5:75:c7:a7:d7:6e:2d:53:e5:2a:4f:35:fa:
3b:6b:c6:88:8d:49:1c:b3:2e:5b:69:a3:e4:44:d2:
44:28:25:4e:22:57:5d:de:9a:fa:30:c0:e1:8f:2f:
20:cd:4c:8e:91:d6:cc:25:01:42:90:bf:0b:3b:e6:
53:06:66:7b:d6:8b:24:5e:96:ae:2f:6b:de:1c:a5:
25:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9C:50:B4:38:72:2D:AF:B7:DB:B7:CF:AF:7D:B2:B5:D8:4C:F3:BF
X509v3 Authority Key Identifier:
keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/ZJxQtDhyLa-327fPr32ytdhM878.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.192.0/24
185.87.140.0/22
185.243.172.0/22
IPv6:
2a05:aa00::/29
2a0d:1880::/29
2a0f:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
98:c6:dd:b7:9a:ae:08:ca:3b:0d:da:25:49:03:55:0b:70:cd:
65:df:b1:9e:68:d0:f2:2c:d2:6e:8f:ad:c6:95:f7:ba:f0:ac:
72:c2:1c:cc:0c:ff:06:ac:28:08:cf:57:ef:9d:41:ac:0d:f4:
f8:61:68:af:71:c4:cb:ad:15:dd:5e:78:78:ad:49:f2:0a:5a:
a3:f0:8e:b8:9b:93:db:67:38:c7:b9:80:c6:a5:2b:fb:f1:25:
5c:62:b0:55:4b:f3:f9:c7:ea:c5:e1:06:55:c9:61:97:17:4a:
36:75:21:74:02:6c:28:ef:3b:f0:bf:20:7d:41:cb:94:d4:75:
38:1d:b0:7f:1f:01:dc:39:72:9f:0a:29:b9:03:ab:1f:d4:dc:
ac:1d:f6:ee:26:fe:f6:27:8f:9f:a7:1c:ee:b7:c5:58:d7:14:
c1:89:82:cb:1c:66:fd:27:fb:1f:0a:dd:ae:a1:a5:80:c6:eb:
06:9b:f6:c6:fb:5f:46:c6:6b:8a:98:df:68:f5:2a:dd:ab:da:
b4:95:52:52:8c:89:b3:0b:44:ac:fd:ca:bd:7b:89:2f:3d:a1:
9e:38:8b:7c:44:cf:00:30:95:a2:6c:3a:7d:79:36:0c:d0:88:
4f:cc:98:56:8d:ae:07:b2:2c:69:a7:0e:b8:ac:d9:a3:2d:d9:
41:07:d6:fd
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZOHPDWbkCbYH6KXNTSBEck8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjQxMjAyMTE1ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDljNTBiNDM4NzIyZGFmYjdkYmI3Y2ZhZjdkYjJiNWQ4NGNmM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I5X4us15bI4ifFWks69b98KrYAo
ejYbHxu39aya/3Ud9DIxPk6NSfTKRxJLAatIrgCtp3mouil3i6eYfkP5BxIeXwel
dC+U9cXvaMhzKBcUgNckjjb9/FgOGFMppcGt9ZYyijC51oV8ILxk1/sHBWM5rv5j
Gd0SPfGIdadxz/b+0MLGWsuYSeclfV1F1U0y8+UviUBKrBCkyXx9KM6JXTMc/p6E
LCS+DRypTknX4tlTy2ukZ8V1x6fXbi1T5SpPNfo7a8aIjUkcsy5baaPkRNJEKCVO
Ildd3pr6MMDhjy8gzUyOkdbMJQFCkL8LO+ZTBmZ71oskXpauL2veHKUlvQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGScULQ4ci2vt9u3z699srXYTPO/MB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xL1pKeFF0RGh5TGEtMzI3ZlByMzJ5dGRoTTg3OC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSAYIKwYBBQUHAQcBAf8EOTA3MBgEAgABMBIDBACwd8AD
BAK5V4wDBAK586wwGwQCAAIwFQMFAyoFqgADBQMqDRiAAwUDKg/+wDANBgkqhkiG
9w0BAQsFAAOCAQEAmMbdt5quCMo7DdolSQNVC3DNZd+xnmjQ8izSbo+txpX3uvCs
csIczAz/BqwoCM9X751BrA30+GFor3HEy60V3V54eK1J8gpao/COuJuT22c4x7mA
xqUr+/ElXGKwVUvz+cfqxeEGVclhlxdKNnUhdAJsKO878L8gfUHLlNR1OB2wfx8B
3DlynwopuQOrH9TcrB327ib+9iePn6cc7rfFWNcUwYmCyxxm/Sf7HwrdrqGlgMbr
Bpv2xvtfRsZripjfaPUq3avatJVSUoyJswtErP3KvXuJLz2hnjiLfETPADCVomw6
fXk2DNCIT8yYVo2uB7IsaacOuKzZoy3ZQQfW/Q==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:49 2024 by rpki-client on console.sobornost.net