Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/cKV9vmFXxkhZFeUZ8WmjyGJ7Oo4.roa
File: cKV9vmFXxkhZFeUZ8WmjyGJ7Oo4.roa (raw, json)
Hash identifier: V+y1OGsmoPqWSzwINIMCW0DKMoldeV9HVi2QevCiCiY=
Subject key identifier: 70:A5:7D:BE:61:57:C6:48:59:15:E5:19:F1:69:A3:C8:62:7B:3A:8E
Certificate issuer: /CN=019ad1824be546163b481fc49647a0508b226bf4
Certificate serial: 018CC49379F67F78A0338535277A8741B974
Authority key identifier: 01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/cKV9vmFXxkhZFeUZ8WmjyGJ7Oo4.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59865
IP address blocks: 185.232.112.0/22 maxlen: 24
185.240.168.0/22 maxlen: 22
89.255.219.0/24 maxlen: 24
89.255.216.0/21 maxlen: 24
89.255.223.0/24 maxlen: 24
89.255.221.0/24 maxlen: 24
89.255.222.0/24 maxlen: 24
89.255.220.0/24 maxlen: 24
185.68.172.0/22 maxlen: 22
2a03:2ca0:255::/48 maxlen: 48
2a03:2ca0:3135::/48 maxlen: 48
2a03:2ca0::/32 maxlen: 48
2a0c:8680::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:79:f6:7f:78:a0:33:85:35:27:7a:87:41:b9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=019ad1824be546163b481fc49647a0508b226bf4
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70a57dbe6157c6485915e519f169a3c8627b3a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4a:99:33:9b:d6:27:ba:57:e2:9a:2d:b5:bd:
a2:fb:80:d4:13:f3:96:34:97:ab:22:2c:01:a4:f9:
e7:18:55:47:5e:4a:e5:66:d9:37:12:6e:50:0b:54:
39:e7:b8:0a:2c:e3:1c:90:3b:9b:ec:ea:19:90:fe:
b9:85:bb:1e:1e:1e:33:97:75:aa:ed:09:ba:a4:d3:
eb:6f:6d:16:66:6c:d4:ca:90:f2:74:75:6f:e9:c4:
ca:2a:db:ca:e6:8b:5a:fa:a7:f8:f8:70:d5:9b:34:
08:70:cb:e6:2e:2c:20:d7:9a:c4:a6:cc:01:61:75:
0b:47:68:ef:c0:ca:5b:20:51:30:96:df:60:ca:f0:
38:a1:53:af:35:5c:e3:e7:6c:2a:1d:58:1c:e4:8d:
4e:eb:5d:f7:33:ac:3b:79:06:70:1c:fb:38:66:f6:
8d:a9:2f:38:73:80:17:d2:26:de:3f:42:5a:f5:88:
0e:81:e5:3c:23:e1:da:f0:0b:dd:9e:86:2f:c2:70:
25:97:08:8e:4b:18:6d:ef:12:81:2c:1c:fb:6a:e0:
3f:7c:eb:22:f2:b4:af:2c:23:1d:4a:83:e8:fe:03:
c1:03:90:66:63:d3:16:4a:b8:d9:74:14:1a:6a:b6:
c4:e0:81:6d:ca:2d:68:5f:66:36:23:52:88:49:ca:
e4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A5:7D:BE:61:57:C6:48:59:15:E5:19:F1:69:A3:C8:62:7B:3A:8E
X509v3 Authority Key Identifier:
keyid:01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/cKV9vmFXxkhZFeUZ8WmjyGJ7Oo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/AZrRgkvlRhY7SB_ElkegUIsia_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.216.0/21
185.68.172.0/22
185.232.112.0/22
185.240.168.0/22
IPv6:
2a03:2ca0::/32
2a0c:8680::/29
Signature Algorithm: sha256WithRSAEncryption
50:20:97:c8:b7:b9:6c:3d:b6:4e:59:17:8b:4a:0e:e3:91:eb:
de:ac:88:14:ec:bc:2d:04:ae:7c:1d:d8:48:2b:57:a7:f8:17:
ec:c7:ee:0c:0c:90:fa:5a:dd:96:cb:b9:ed:7c:69:fe:e8:b0:
52:81:7b:e5:08:4c:83:36:60:e2:84:d5:59:56:ac:84:e7:20:
34:e1:06:6e:bf:2c:98:f8:13:e1:ad:56:df:65:bb:97:ce:90:
c5:13:33:a0:31:be:e4:c1:08:f4:66:c1:63:92:8c:96:26:02:
10:04:c7:61:7a:9f:bf:fe:de:5e:23:4b:42:da:bf:2c:dd:65:
61:9a:e0:ba:1a:65:17:5d:1d:19:55:f0:49:b1:d0:5d:36:08:
d2:e5:4e:80:35:38:5a:0e:0a:82:e0:f1:a7:0f:2a:8b:9e:15:
51:50:02:d9:83:f2:14:4f:05:d8:15:36:b1:03:d0:e8:ce:67:
28:e5:80:ce:8f:b8:0d:3d:76:84:e2:82:01:92:e5:aa:56:22:
c4:fa:2e:b9:d4:da:75:7a:0f:12:92:20:0e:ec:13:17:2a:2b:
a8:9b:a4:93:13:d4:00:d2:8b:12:e3:36:15:e5:e9:ae:85:fc:
31:15:e9:ca:76:ce:32:a6:65:50:80:d2:69:af:a7:58:71:64:
1c:1b:91:3a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzEk3n2f3igM4U1J3qHQbl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOWFkMTgyNGJlNTQ2MTYzYjQ4MWZjNDk2NDdhMDUwOGIy
MjZiZjQwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE1N2RiZTYxNTdjNjQ4NTkxNWU1MTlmMTY5YTNjODYyN2IzYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkqZM5vWJ7pX4pottb2i+4DUE/OW
NJerIiwBpPnnGFVHXkrlZtk3Em5QC1Q557gKLOMckDub7OoZkP65hbseHh4zl3Wq
7Qm6pNPrb20WZmzUypDydHVv6cTKKtvK5ota+qf4+HDVmzQIcMvmLiwg15rEpswB
YXULR2jvwMpbIFEwlt9gyvA4oVOvNVzj52wqHVgc5I1O6133M6w7eQZwHPs4ZvaN
qS84c4AX0ibeP0Ja9YgOgeU8I+Ha8AvdnoYvwnAllwiOSxht7xKBLBz7auA/fOsi
8rSvLCMdSoPo/gPBA5BmY9MWSrjZdBQaarbE4IFtyi1oX2Y2I1KIScrk0QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHClfb5hV8ZIWRXlGfFpo8hiezqOMB8GA1UdIwQY
MBaAFAGa0YJL5UYWO0gfxJZHoFCLImv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMt
ZThlMTNiYjBlMDg0LzEvY0tWOXZtRlh4a2haRmVVWjhXbWp5R0o3T280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMtZThlMTNiYjBlMDg0
LzEvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDWf/YAwQC
uUSsAwQCuehwAwQCufCoMBQEAgACMA4DBQAqAyygAwUDKgyGgDANBgkqhkiG9w0B
AQsFAAOCAQEAUCCXyLe5bD22TlkXi0oO45Hr3qyIFOy8LQSufB3YSCtXp/gX7Mfu
DAyQ+lrdlsu57Xxp/uiwUoF75QhMgzZg4oTVWVashOcgNOEGbr8smPgT4a1W32W7
l86QxRMzoDG+5MEI9GbBY5KMliYCEATHYXqfv/7eXiNLQtq/LN1lYZrguhplF10d
GVXwSbHQXTYI0uVOgDU4Wg4KguDxpw8qi54VUVAC2YPyFE8F2BU2sQPQ6M5nKOWA
zo+4DT12hOKCAZLlqlYixPouudTadXoPEpIgDuwTFyorqJukkxPUANKLEuM2FeXp
roX8MRXpynbOMqZlUIDSaa+nWHFkHBuROg==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:02 2024 by rpki-client on console.sobornost.net