Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/cbff8f-0fcb-487d-8115-de7590f3f6b8/1/ipzkP8Z0CGJ4H4m54lKisBEcE4M.roa
File: ipzkP8Z0CGJ4H4m54lKisBEcE4M.roa (raw, json)
Hash identifier: +RSG0oVAEpQ440mqdL63e4fnBnhtqMQeXzJxXDxqn38=
Subject key identifier: 8A:9C:E4:3F:C6:74:08:62:78:1F:89:B9:E2:52:A2:B0:11:1C:13:83
Certificate issuer: /CN=88e882bf964f7092c43cdcf7550de9562c26a028
Certificate serial: 0193D5C9097CF84978C077BF8182E32079C5
Authority key identifier: 88:E8:82:BF:96:4F:70:92:C4:3C:DC:F7:55:0D:E9:56:2C:26:A0:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOiCv5ZPcJLEPNz3VQ3pViwmoCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/cbff8f-0fcb-487d-8115-de7590f3f6b8/1/ipzkP8Z0CGJ4H4m54lKisBEcE4M.roa
Signing time: Tue 17 Dec 2024 18:02:22 +0000
ROA not before: Tue 17 Dec 2024 18:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 212.85.56.0/21 maxlen: 24
217.18.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d5:c9:09:7c:f8:49:78:c0:77:bf:81:82:e3:20:79:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88e882bf964f7092c43cdcf7550de9562c26a028
Validity
Not Before: Dec 17 18:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a9ce43fc6740862781f89b9e252a2b0111c1383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:98:75:f1:55:a4:5c:0b:e6:1f:22:ee:7c:68:
e2:40:1e:b8:17:43:07:ae:0c:a7:f7:c4:fb:71:99:
76:4d:9d:16:7f:a7:d7:d8:de:7a:99:38:a7:78:f4:
7d:72:2f:c9:77:00:6d:d6:33:f1:21:fa:90:5b:62:
1b:80:0e:68:a0:7c:10:33:1e:28:cc:d8:09:33:8d:
5e:ad:c5:71:55:f1:7b:02:8c:6e:7d:30:6d:fa:89:
9a:dd:fd:14:11:92:d8:45:e0:51:17:76:c8:20:fb:
13:6c:ee:2a:2a:9f:8b:a3:68:09:8f:fb:06:b5:04:
38:df:b8:aa:8e:ed:f5:30:3a:fd:19:44:3e:53:d0:
4d:a6:37:71:c0:07:b0:22:e7:58:94:ce:52:b5:80:
b4:19:43:71:e1:ea:e8:94:4c:90:21:ba:0c:a9:b6:
cc:fd:19:76:86:8f:b4:9e:23:97:87:4d:f1:4f:4d:
ba:c2:0e:fe:71:3a:a8:a1:bd:b0:8f:99:cb:cb:d6:
c2:1c:34:e8:71:8e:b7:1a:d6:24:2c:72:80:3f:13:
e7:6a:92:0a:e7:67:f5:b5:98:27:80:f9:90:8b:73:
05:32:10:41:cb:a0:fa:57:83:cc:04:0a:30:c1:6a:
fc:9a:b0:fc:86:f3:45:b7:56:12:11:ff:99:d1:fd:
8b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9C:E4:3F:C6:74:08:62:78:1F:89:B9:E2:52:A2:B0:11:1C:13:83
X509v3 Authority Key Identifier:
keyid:88:E8:82:BF:96:4F:70:92:C4:3C:DC:F7:55:0D:E9:56:2C:26:A0:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOiCv5ZPcJLEPNz3VQ3pViwmoCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/cbff8f-0fcb-487d-8115-de7590f3f6b8/1/ipzkP8Z0CGJ4H4m54lKisBEcE4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/cbff8f-0fcb-487d-8115-de7590f3f6b8/1/iOiCv5ZPcJLEPNz3VQ3pViwmoCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.85.56.0/21
217.18.80.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e1:e4:87:3c:2b:0e:f6:5c:41:95:fe:5e:ed:4f:67:00:41:
ec:84:76:a7:5a:8e:b9:49:0f:06:60:95:2c:7b:d4:33:56:85:
b6:c2:08:88:79:05:46:fc:de:ff:07:17:7c:d0:b3:c6:c8:c2:
16:b8:e7:37:f6:b6:d0:d4:37:d6:54:cd:d7:c0:0f:da:8e:ed:
ac:f7:d7:05:05:de:31:54:c1:c0:e2:57:7f:72:d4:64:3d:d8:
c7:44:83:83:c4:2f:fb:c3:b6:e1:2c:f0:90:06:69:27:70:25:
f3:b3:f1:09:63:f4:02:3b:85:81:ab:7c:d2:b9:a9:ad:fd:67:
ac:b7:b4:e6:33:d7:20:a5:e5:ef:36:25:c3:44:7c:42:18:91:
12:2e:98:f7:48:dd:6a:ae:83:c1:68:8c:25:2d:39:81:2d:e3:
cd:df:1e:52:46:6f:f9:01:80:29:48:ef:88:6e:f5:56:41:92:
c5:9d:59:ad:d2:f2:4e:77:ad:d1:3f:a0:ed:03:5f:1b:ad:17:
2f:1c:b8:ca:91:08:1a:ba:ad:8c:77:c5:9a:7d:53:dd:df:7c:
93:8c:c3:5f:72:b0:34:0c:64:6c:71:c8:1b:46:b8:6d:1e:c8:
12:61:6c:f6:35:e9:74:14:cc:df:08:81:dc:7c:38:75:f2:8c:
87:58:3b:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPVyQl8+El4wHe/gYLjIHnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTg4MmJmOTY0ZjcwOTJjNDNjZGNmNzU1MGRlOTU2MmMy
NmEwMjgwHhcNMjQxMjE3MTgwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTljZTQzZmM2NzQwODYyNzgxZjg5YjllMjUyYTJiMDExMWMxMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJh18VWkXAvmHyLufGjiQB64F0MH
rgyn98T7cZl2TZ0Wf6fX2N56mTinePR9ci/JdwBt1jPxIfqQW2IbgA5ooHwQMx4o
zNgJM41ercVxVfF7AoxufTBt+oma3f0UEZLYReBRF3bIIPsTbO4qKp+Lo2gJj/sG
tQQ437iqju31MDr9GUQ+U9BNpjdxwAewIudYlM5StYC0GUNx4erolEyQIboMqbbM
/Rl2ho+0niOXh03xT026wg7+cTqoob2wj5nLy9bCHDTocY63GtYkLHKAPxPnapIK
52f1tZgngPmQi3MFMhBBy6D6V4PMBAowwWr8mrD8hvNFt1YSEf+Z0f2LrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIqc5D/GdAhieB+JueJSorARHBODMB8GA1UdIwQY
MBaAFIjogr+WT3CSxDzc91UN6VYsJqAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9pQ3Y1WlBjSkxFUE56M1ZRM3BWaXdtb0NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jYmZmOGYtMGZjYi00ODdkLTgxMTUt
ZGU3NTkwZjNmNmI4LzEvaXB6a1A4WjBDR0o0SDRtNTRsS2lzQkVjRTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jYmZmOGYtMGZjYi00ODdkLTgxMTUtZGU3NTkwZjNmNmI4
LzEvaU9pQ3Y1WlBjSkxFUE56M1ZRM3BWaXdtb0NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD1FU4AwQA
2RJQMA0GCSqGSIb3DQEBCwUAA4IBAQBV4eSHPCsO9lxBlf5e7U9nAEHshHanWo65
SQ8GYJUse9QzVoW2wgiIeQVG/N7/Bxd80LPGyMIWuOc39rbQ1DfWVM3XwA/aju2s
99cFBd4xVMHA4ld/ctRkPdjHRIODxC/7w7bhLPCQBmkncCXzs/EJY/QCO4WBq3zS
uamt/West7TmM9cgpeXvNiXDRHxCGJESLpj3SN1qroPBaIwlLTmBLePN3x5SRm/5
AYApSO+IbvVWQZLFnVmt0vJOd63RP6DtA18brRcvHLjKkQgauq2Md8WafVPd33yT
jMNfcrA0DGRsccgbRrhtHsgSYWz2Nel0FMzfCIHcfDh18oyHWDv5
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:21 2024 by rpki-client on console.sobornost.net