Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/KFR2M2kBm0oTFQpvKwq61OJTjK4.roa
File: KFR2M2kBm0oTFQpvKwq61OJTjK4.roa (raw, json)
Hash identifier: v/WOS5cizAKeF01Jd8ddv4bLbidZRI4y6lpyAGy8cLQ=
Subject key identifier: 28:54:76:33:69:01:9B:4A:13:15:0A:6F:2B:0A:BA:D4:E2:53:8C:AE
Certificate issuer: /CN=6f3c5408b2f67233f60d63f749ac483eb66ae7c8
Certificate serial: 018CC94D1F670C3381A192AEABBA5C6B9AAD
Authority key identifier: 6F:3C:54:08:B2:F6:72:33:F6:0D:63:F7:49:AC:48:3E:B6:6A:E7:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzxUCLL2cjP2DWP3SaxIPrZq58g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/KFR2M2kBm0oTFQpvKwq61OJTjK4.roa
Signing time: Tue 02 Jan 2024 08:32:03 +0000
ROA not before: Tue 02 Jan 2024 08:32:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198672
IP address blocks: 37.230.32.0/21 maxlen: 21
37.230.32.0/24 maxlen: 24
37.230.35.0/24 maxlen: 24
37.230.33.0/24 maxlen: 24
185.59.129.0/24 maxlen: 24
185.59.128.0/22 maxlen: 22
185.59.128.0/24 maxlen: 24
185.59.131.0/24 maxlen: 24
185.59.130.0/24 maxlen: 24
2a00:baa0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:1f:67:0c:33:81:a1:92:ae:ab:ba:5c:6b:9a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3c5408b2f67233f60d63f749ac483eb66ae7c8
Validity
Not Before: Jan 2 08:32:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2854763369019b4a13150a6f2b0abad4e2538cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:61:e8:25:da:b5:87:3b:07:f5:92:cf:4f:1b:
4f:e7:4a:f8:68:fa:74:ae:a4:bb:0c:3a:33:7a:7a:
98:35:cf:01:1a:0d:3b:20:5d:f6:78:4c:d9:81:f0:
59:92:c7:6b:f1:fe:09:84:f2:e5:dc:c4:03:36:dc:
6e:ec:50:a0:e1:e9:6f:30:bc:d8:6c:15:80:c5:b9:
c7:98:db:f9:5f:bb:b0:47:30:c0:21:d3:8e:c3:52:
15:2d:1e:c6:d1:5e:0d:41:c2:d0:77:c4:22:61:64:
da:e0:38:a0:f1:e4:06:70:57:da:3e:a3:29:3c:d3:
0a:57:fb:c0:0c:f7:ce:48:7f:0e:b4:96:08:0c:74:
23:d7:f6:ad:c7:6e:9b:af:ab:c4:63:f5:9c:56:9a:
0d:b4:71:7d:ee:cb:78:d7:53:b5:f7:af:a7:ed:4d:
b6:b8:4a:fa:4b:db:f9:ee:79:64:6a:e3:5d:45:8c:
66:22:c1:30:f4:2e:05:7e:28:0a:b6:c5:c8:77:0e:
38:41:69:89:e9:a8:d9:09:37:5c:65:8a:38:a8:2a:
89:70:81:b5:6e:83:f8:59:03:44:f2:7a:6e:91:2c:
1c:d4:86:a7:8b:a1:0a:22:3d:5f:9f:e5:09:3f:99:
79:c6:f0:a8:9f:b8:e0:09:16:1a:9e:fc:c5:0a:9f:
51:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:54:76:33:69:01:9B:4A:13:15:0A:6F:2B:0A:BA:D4:E2:53:8C:AE
X509v3 Authority Key Identifier:
keyid:6F:3C:54:08:B2:F6:72:33:F6:0D:63:F7:49:AC:48:3E:B6:6A:E7:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzxUCLL2cjP2DWP3SaxIPrZq58g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/KFR2M2kBm0oTFQpvKwq61OJTjK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/964848-1028-4d22-9345-18f34a7dbdd9/1/bzxUCLL2cjP2DWP3SaxIPrZq58g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.32.0/21
185.59.128.0/22
IPv6:
2a00:baa0::/32
Signature Algorithm: sha256WithRSAEncryption
57:b3:a3:5e:b1:ae:5f:e8:72:2c:1e:df:ff:15:04:b1:d2:43:
97:7c:f6:61:34:0e:2d:ce:45:44:41:e2:69:6b:c8:4a:37:ac:
b0:1d:94:5a:12:da:da:5e:31:ef:06:f1:43:1a:51:45:0c:b7:
77:da:0e:86:94:29:50:84:fb:87:a8:67:f1:39:d6:e6:62:43:
08:e3:d6:5b:6c:cf:8a:b7:c7:97:40:22:bd:26:d3:27:88:c9:
7f:30:d9:a2:ca:44:b4:be:eb:ae:54:9d:a6:d2:3d:a1:bb:38:
da:75:78:8c:f2:e5:f3:2f:39:6c:bd:48:f3:29:52:b6:f5:9f:
8a:16:77:8d:d3:3d:79:54:fd:1f:38:3b:a4:55:cf:1c:54:7d:
0f:a8:2a:6b:bd:78:7c:86:17:eb:8d:9e:3d:86:bd:c1:11:35:
47:ff:bc:43:4c:91:37:39:89:2c:8e:cb:50:5e:27:75:a4:11:
56:df:17:41:5b:e6:45:64:70:af:7b:e4:b6:7c:11:c7:98:11:
5c:6d:02:14:66:aa:25:a9:89:77:da:d1:77:11:e4:48:9b:a2:
10:51:bd:58:b8:fe:56:75:33:54:ac:27:ca:b2:24:ab:4e:17:
3f:13:03:d6:04:36:f6:82:86:bd:e5:aa:a0:09:34:e3:26:c9:
ff:0a:84:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTR9nDDOBoZKuq7pca5qtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmM2M1NDA4YjJmNjcyMzNmNjBkNjNmNzQ5YWM0ODNlYjY2
YWU3YzgwHhcNMjQwMTAyMDgzMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU0NzYzMzY5MDE5YjRhMTMxNTBhNmYyYjBhYmFkNGUyNTM4Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmHoJdq1hzsH9ZLPTxtP50r4aPp0
rqS7DDozenqYNc8BGg07IF32eEzZgfBZksdr8f4JhPLl3MQDNtxu7FCg4elvMLzY
bBWAxbnHmNv5X7uwRzDAIdOOw1IVLR7G0V4NQcLQd8QiYWTa4Dig8eQGcFfaPqMp
PNMKV/vADPfOSH8OtJYIDHQj1/atx26br6vEY/WcVpoNtHF97st411O196+n7U22
uEr6S9v57nlkauNdRYxmIsEw9C4FfigKtsXIdw44QWmJ6ajZCTdcZYo4qCqJcIG1
boP4WQNE8npukSwc1Iani6EKIj1fn+UJP5l5xvCon7jgCRYanvzFCp9RjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFChUdjNpAZtKExUKbysKutTiU4yuMB8GA1UdIwQY
MBaAFG88VAiy9nIz9g1j90msSD62aufIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnp4VUNMTDJjalAyRFdQM1NheElQclpxNThnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85NjQ4NDgtMTAyOC00ZDIyLTkzNDUt
MThmMzRhN2RiZGQ5LzEvS0ZSMk0ya0JtMG9URlFwdkt3cTYxT0pUaks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85NjQ4NDgtMTAyOC00ZDIyLTkzNDUtMThmMzRhN2RiZGQ5
LzEvYnp4VUNMTDJjalAyRFdQM1NheElQclpxNThnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJeYgAwQC
uTuAMA0EAgACMAcDBQAqALqgMA0GCSqGSIb3DQEBCwUAA4IBAQBXs6Nesa5f6HIs
Ht//FQSx0kOXfPZhNA4tzkVEQeJpa8hKN6ywHZRaEtraXjHvBvFDGlFFDLd32g6G
lClQhPuHqGfxOdbmYkMI49ZbbM+Kt8eXQCK9JtMniMl/MNmiykS0vuuuVJ2m0j2h
uzjadXiM8uXzLzlsvUjzKVK29Z+KFneN0z15VP0fODukVc8cVH0PqCprvXh8hhfr
jZ49hr3BETVH/7xDTJE3OYksjstQXid1pBFW3xdBW+ZFZHCve+S2fBHHmBFcbQIU
ZqolqYl32tF3EeRIm6IQUb1YuP5WdTNUrCfKsiSrThc/EwPWBDb2goa95aqgCTTj
Jsn/CoQ0
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:07 2024 by rpki-client on console.sobornost.net