Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/K3GzIf6o48MKpy2TZCt4pjDNg70.roa
File: K3GzIf6o48MKpy2TZCt4pjDNg70.roa (raw, json)
Hash identifier: z1C/SnU/Dku3ojSJpAt8gchqiBybxvBypUXjd0lQT4U=
Subject key identifier: 2B:71:B3:21:FE:A8:E3:C3:0A:A7:2D:93:64:2B:78:A6:30:CD:83:BD
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 0193CEDE4F97E5EA5200F9FC0175712D2B79
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/K3GzIf6o48MKpy2TZCt4pjDNg70.roa
Signing time: Mon 16 Dec 2024 09:48:16 +0000
ROA not before: Mon 16 Dec 2024 09:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12874
IP address blocks: 37.153.135.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
89.39.200.0/23 maxlen: 23
89.40.142.0/23 maxlen: 23
89.43.192.0/24 maxlen: 24
185.36.72.0/22 maxlen: 22
188.215.94.0/24 maxlen: 24
193.169.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:de:4f:97:e5:ea:52:00:f9:fc:01:75:71:2d:2b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Dec 16 09:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b71b321fea8e3c30aa72d93642b78a630cd83bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3a:e0:9d:08:a3:be:2e:60:d8:29:94:af:d5:
fd:74:a8:b5:aa:e8:cb:73:23:b5:81:b9:b7:f5:cc:
5f:e9:18:2d:e4:e6:56:3c:50:97:7c:e7:0d:c9:e5:
bc:bc:bc:9a:22:bb:a9:05:9a:b8:39:a7:18:6c:a3:
20:9b:85:c1:4b:10:23:9f:18:2f:5d:bd:1f:66:e7:
2e:90:df:18:84:02:69:c1:90:23:56:08:f9:29:f6:
e2:9e:b5:e0:fb:5f:15:39:80:7a:26:45:88:82:ee:
19:bd:36:79:15:1f:81:a7:30:cd:48:16:25:39:24:
0c:35:b7:92:4c:8e:41:d7:6f:b6:56:7f:30:e7:37:
a7:5a:70:39:6b:26:ad:8e:15:5a:ab:68:9d:b9:e0:
23:a9:6f:14:10:57:11:50:53:5b:1e:46:62:f1:f1:
f2:2d:dc:7a:9a:03:5a:da:ee:aa:00:11:6a:60:67:
b8:14:83:ef:ac:51:4c:f2:0e:12:02:28:d0:c9:a5:
a8:96:e9:b2:32:8c:57:ff:63:dd:ea:ec:44:b4:cc:
10:27:b1:ce:9a:b1:10:f8:e0:17:0b:9a:e9:4d:a8:
36:77:7d:23:b6:13:08:f7:b0:06:ff:2e:da:b9:d4:
a2:0b:27:33:90:bf:19:1e:b0:74:2f:2b:11:f9:9e:
ff:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:71:B3:21:FE:A8:E3:C3:0A:A7:2D:93:64:2B:78:A6:30:CD:83:BD
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/K3GzIf6o48MKpy2TZCt4pjDNg70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.135.0/24
86.107.110.0/24
89.39.200.0/23
89.40.142.0/23
89.43.192.0/24
185.36.72.0/22
188.215.94.0/24
193.169.20.0/24
Signature Algorithm: sha256WithRSAEncryption
41:40:db:81:5b:b6:35:77:92:07:29:79:85:25:84:c8:1b:31:
56:ef:36:09:02:ca:77:b7:ba:b9:b0:34:ce:47:b0:a3:47:3e:
81:9c:78:a4:8b:ae:3a:34:b3:d0:6c:be:cf:f8:fa:3c:82:5d:
d4:eb:24:b9:9c:9d:9b:44:1a:59:8e:1e:8e:37:62:e5:f0:f1:
b4:2d:f5:f2:2b:28:15:4b:d8:86:0b:fb:e4:cf:38:60:7f:5c:
2b:1a:34:bf:d0:17:cb:c7:bc:87:35:cc:2d:31:68:b8:95:68:
42:91:d9:04:72:6b:8a:1a:41:9b:c3:b8:8e:59:ee:9b:61:9f:
09:e9:5b:25:c2:26:15:db:12:1e:61:eb:46:14:ff:21:b9:00:
d6:e5:84:8c:48:dd:db:1e:42:7b:98:31:3e:4a:70:21:8c:76:
0a:90:cd:ec:1a:1b:07:f9:72:03:a6:e1:6e:c3:62:c5:05:1e:
82:7a:0c:64:87:f5:6b:5e:27:40:34:fa:69:95:91:3a:0d:9f:
1d:9d:1b:60:2f:04:44:84:ad:9f:d2:93:27:be:0b:92:17:e9:
27:c5:c2:91:9b:7e:55:cf:4c:5d:3f:54:e9:42:d5:9c:20:a5:
f4:7b:1f:a6:bc:9f:36:71:67:99:00:09:fb:74:71:49:15:2c:
d7:84:13:0e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZPO3k+X5epSAPn8AXVxLSt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjQxMjE2MDk0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjcxYjMyMWZlYThlM2MzMGFhNzJkOTM2NDJiNzhhNjMwY2Q4M2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTrgnQijvi5g2CmUr9X9dKi1qujL
cyO1gbm39cxf6Rgt5OZWPFCXfOcNyeW8vLyaIrupBZq4OacYbKMgm4XBSxAjnxgv
Xb0fZucukN8YhAJpwZAjVgj5KfbinrXg+18VOYB6JkWIgu4ZvTZ5FR+BpzDNSBYl
OSQMNbeSTI5B12+2Vn8w5zenWnA5ayatjhVaq2idueAjqW8UEFcRUFNbHkZi8fHy
Ldx6mgNa2u6qABFqYGe4FIPvrFFM8g4SAijQyaWolumyMoxX/2Pd6uxEtMwQJ7HO
mrEQ+OAXC5rpTag2d30jthMI97AG/y7audSiCyczkL8ZHrB0LysR+Z7/ZwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCtxsyH+qOPDCqctk2QreKYwzYO9MB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvSzNHeklmNm80OE1LcHkyVFpDdDRwakROZzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJZmHAwQA
VmtuAwQBWSfIAwQBWSiOAwQAWSvAAwQCuSRIAwQAvNdeAwQAwakUMA0GCSqGSIb3
DQEBCwUAA4IBAQBBQNuBW7Y1d5IHKXmFJYTIGzFW7zYJAsp3t7q5sDTOR7CjRz6B
nHiki646NLPQbL7P+Po8gl3U6yS5nJ2bRBpZjh6ON2Ll8PG0LfXyKygVS9iGC/vk
zzhgf1wrGjS/0BfLx7yHNcwtMWi4lWhCkdkEcmuKGkGbw7iOWe6bYZ8J6VslwiYV
2xIeYetGFP8huQDW5YSMSN3bHkJ7mDE+SnAhjHYKkM3sGhsH+XIDpuFuw2LFBR6C
egxkh/VrXidANPpplZE6DZ8dnRtgLwREhK2f0pMnvguSF+knxcKRm35Vz0xdP1Tp
QtWcIKX0ex+mvJ82cWeZAAn7dHFJFSzXhBMO
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:00 2024 by rpki-client on console.sobornost.net