Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/g8uQqZZeZFWSJqLO4NqU2o0WN9E.roa
File: g8uQqZZeZFWSJqLO4NqU2o0WN9E.roa (raw, json)
Hash identifier: hOJG2v62DavA4e/Tjg/nNJiFqDtCI7ikbrPJo2hKmjk=
Subject key identifier: 83:CB:90:A9:96:5E:64:55:92:26:A2:CE:E0:DA:94:DA:8D:16:37:D1
Certificate issuer: /CN=dfb8d9140502c9e035305189bf658234db14f54c
Certificate serial: 01916A903B2080FE4FB2F71B4CD9DCB6F584
Authority key identifier: DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/g8uQqZZeZFWSJqLO4NqU2o0WN9E.roa
Signing time: Mon 19 Aug 2024 12:15:22 +0000
ROA not before: Mon 19 Aug 2024 12:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212175
IP address blocks: 79.135.120.0/23 maxlen: 24
185.225.9.0/24 maxlen: 24
194.110.239.0/24 maxlen: 24
212.104.134.0/23 maxlen: 24
212.104.138.0/23 maxlen: 24
213.254.166.0/23 maxlen: 24
213.254.168.0/23 maxlen: 24
2a10:9e80::/29 maxlen: 64
2a12:df40::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6a:90:3b:20:80:fe:4f:b2:f7:1b:4c:d9:dc:b6:f5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8d9140502c9e035305189bf658234db14f54c
Validity
Not Before: Aug 19 12:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83cb90a9965e64559226a2cee0da94da8d1637d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ac:23:71:f3:95:22:e5:67:29:a3:1d:c5:08:
78:a5:f5:e7:0f:99:b1:72:90:1f:ef:23:3e:2f:a0:
91:3e:9a:76:16:8f:7a:83:63:f6:c8:91:71:68:ac:
69:ba:b5:c5:6a:5e:04:c2:71:a4:4f:52:09:45:56:
a3:7d:1f:e2:9d:6e:9c:b7:c6:e7:e6:96:f7:d1:25:
88:79:a4:90:12:eb:76:f7:42:b7:d8:85:47:4e:ec:
1d:48:61:50:ee:40:42:32:2d:15:f9:db:00:2d:1a:
aa:2c:e5:1b:ae:cd:20:c1:63:ce:9f:bb:a5:be:23:
ae:cc:66:0f:0b:d4:06:d7:d2:db:63:86:b7:f1:5b:
61:6e:2b:0e:b4:f7:42:04:6f:df:99:b2:76:3c:c6:
f8:06:f3:fb:f6:8f:6f:b9:9f:f1:07:ed:83:1a:1d:
9d:74:cd:c4:8c:1f:ba:c2:1f:a8:72:a0:48:c9:bf:
d1:b9:c4:f7:86:b8:64:15:87:b5:e4:db:de:2b:1a:
5b:a2:d2:8f:3d:d9:62:71:e4:9f:f1:ed:7f:30:49:
b2:69:e3:20:b3:18:2c:0e:dc:92:74:e8:1c:4b:a1:
73:82:41:38:8d:1b:d1:06:79:c5:12:bd:31:e5:29:
6d:5f:c8:bd:16:a6:23:88:3c:b0:2a:9d:16:a6:81:
9a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CB:90:A9:96:5E:64:55:92:26:A2:CE:E0:DA:94:DA:8D:16:37:D1
X509v3 Authority Key Identifier:
keyid:DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/g8uQqZZeZFWSJqLO4NqU2o0WN9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.120.0/23
185.225.9.0/24
194.110.239.0/24
212.104.134.0/23
212.104.138.0/23
213.254.166.0-213.254.169.255
IPv6:
2a10:9e80::/29
2a12:df40::/29
Signature Algorithm: sha256WithRSAEncryption
20:66:62:a1:c3:60:56:9d:5f:c3:cc:32:5e:1b:e2:d5:8f:c9:
d0:eb:9c:5a:d1:03:f2:64:ed:2f:50:6c:ae:8d:c6:13:e8:a1:
b0:f2:f1:93:06:c0:0c:48:a1:fb:eb:00:b1:34:fe:7b:5c:fa:
33:ce:d7:57:c7:15:23:20:32:d8:e4:7a:9e:e6:b6:21:49:21:
42:53:7a:70:90:31:c7:fb:49:7e:00:8e:bd:fe:a6:23:0d:fb:
0a:1e:05:23:2f:d2:bb:0f:97:92:a0:9e:3c:fc:0a:c5:89:50:
ff:be:48:17:8b:b5:e3:68:d7:4d:b8:bd:33:8a:50:d5:4e:c2:
2c:13:13:11:73:c7:05:94:97:03:38:fb:be:23:65:05:81:29:
ac:38:32:37:08:32:fd:3f:2f:e5:fd:d2:49:41:00:5b:b3:b6:
7e:9b:ad:c2:bd:a0:c6:20:aa:4e:fb:08:9d:4f:00:11:94:63:
1f:a8:83:c2:f5:1f:d7:95:e9:1e:b8:f4:f3:ac:31:15:cd:20:
c1:7e:45:06:72:ae:13:08:46:e9:93:f6:bc:c6:be:2e:05:15:
87:b0:c8:d2:7c:15:85:13:54:14:57:47:9b:e5:b6:5b:b1:28:
a8:0b:4d:12:bb:9e:f1:29:a8:78:c6:43:74:6b:42:31:bc:13:
a7:90:9b:5a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZFqkDsggP5PsvcbTNnctvWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhkOTE0MDUwMmM5ZTAzNTMwNTE4OWJmNjU4MjM0ZGIx
NGY1NGMwHhcNMjQwODE5MTIxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2NiOTBhOTk2NWU2NDU1OTIyNmEyY2VlMGRhOTRkYThkMTYzN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6wjcfOVIuVnKaMdxQh4pfXnD5mx
cpAf7yM+L6CRPpp2Fo96g2P2yJFxaKxpurXFal4EwnGkT1IJRVajfR/inW6ct8bn
5pb30SWIeaSQEut290K32IVHTuwdSGFQ7kBCMi0V+dsALRqqLOUbrs0gwWPOn7ul
viOuzGYPC9QG19LbY4a38VthbisOtPdCBG/fmbJ2PMb4BvP79o9vuZ/xB+2DGh2d
dM3EjB+6wh+ocqBIyb/RucT3hrhkFYe15NveKxpbotKPPdliceSf8e1/MEmyaeMg
sxgsDtySdOgcS6FzgkE4jRvRBnnFEr0x5SltX8i9FqYjiDywKp0WpoGaeQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIPLkKmWXmRVkiaizuDalNqNFjfRMB8GA1UdIwQY
MBaAFN+42RQFAsngNTBRib9lgjTbFPVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgt
NDFlNzNjMWViYWUxLzEvZzh1UXFaWmVaRldTSnFMTzROcVUybzBXTjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgtNDFlNzNjMWViYWUx
LzEvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsAwQBT4d4AwQA
ueEJAwQAwm7vAwQB1GiGAwQB1GiKMAwDBAHV/qYDBAHV/qgwFAQCAAIwDgMFAyoQ
noADBQMqEt9AMA0GCSqGSIb3DQEBCwUAA4IBAQAgZmKhw2BWnV/DzDJeG+LVj8nQ
65xa0QPyZO0vUGyujcYT6KGw8vGTBsAMSKH76wCxNP57XPozztdXxxUjIDLY5Hqe
5rYhSSFCU3pwkDHH+0l+AI69/qYjDfsKHgUjL9K7D5eSoJ48/ArFiVD/vkgXi7Xj
aNdNuL0zilDVTsIsExMRc8cFlJcDOPu+I2UFgSmsODI3CDL9Py/l/dJJQQBbs7Z+
m63CvaDGIKpO+widTwARlGMfqIPC9R/XlekeuPTzrDEVzSDBfkUGcq4TCEbpk/a8
xr4uBRWHsMjSfBWFE1QUV0eb5bZbsSioC00Su57xKah4xkN0a0IxvBOnkJta
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:07 2024 by rpki-client on console.sobornost.net