Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/Z8Od0yd8PtNqiuw1kAqwVpN9464.roa
File: Z8Od0yd8PtNqiuw1kAqwVpN9464.roa (raw, json)
Hash identifier: 5gTUWJOmPQP3WkaRTCMkBkM1icBG77kvhsAja2n3GUM=
Subject key identifier: 67:C3:9D:D3:27:7C:3E:D3:6A:8A:EC:35:90:0A:B0:56:93:7D:E3:AE
Certificate issuer: /CN=a2e3c4ec7b36112fce521f5bef2873c7b4cc88d1
Certificate serial: 018CC8DF329A0F2A41468286F0491A0DDD18
Authority key identifier: A2:E3:C4:EC:7B:36:11:2F:CE:52:1F:5B:EF:28:73:C7:B4:CC:88:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/Z8Od0yd8PtNqiuw1kAqwVpN9464.roa
Signing time: Tue 02 Jan 2024 06:31:59 +0000
ROA not before: Tue 02 Jan 2024 06:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200750
IP address blocks: 194.180.108.0/23 maxlen: 23
91.227.63.0/24 maxlen: 24
91.227.64.0/22 maxlen: 22
194.180.170.0/23 maxlen: 23
2a0f:4640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:32:9a:0f:2a:41:46:82:86:f0:49:1a:0d:dd:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2e3c4ec7b36112fce521f5bef2873c7b4cc88d1
Validity
Not Before: Jan 2 06:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c39dd3277c3ed36a8aec35900ab056937de3ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:6a:85:6e:dc:b4:09:bb:ce:ad:ce:b1:b2:
f2:94:68:62:f5:e0:12:5e:6a:62:35:90:e8:aa:cf:
1d:a5:70:a9:f1:05:a9:0f:0c:a1:16:b3:ec:2b:85:
bd:cc:e9:ab:0d:d8:c7:9e:b0:93:45:97:87:97:ce:
04:7f:24:3c:31:c2:9d:e3:cd:c9:f7:c1:13:48:c6:
7b:1c:db:28:e2:38:be:6e:e6:fd:67:ad:7d:31:64:
57:a1:00:89:5d:dd:bc:b3:94:5f:ce:72:2a:ec:8d:
80:6d:2c:38:08:3c:58:6a:94:83:51:27:6c:36:dc:
10:e8:c0:1f:a7:8f:70:5e:13:4a:4d:db:c2:43:0e:
a5:19:be:ac:e2:1e:43:3e:8a:ad:40:83:f5:f8:7f:
05:fc:fc:21:60:c2:73:f0:e1:ac:48:54:69:58:1e:
84:29:77:cd:43:bb:3d:68:8a:7b:cf:a9:b8:33:c2:
6f:75:a3:f7:ee:1e:d9:21:03:18:d0:dc:c9:5f:93:
c4:66:5a:e8:7b:5f:46:da:cd:27:8d:02:66:76:f5:
71:cc:d1:fe:db:92:0a:1a:b7:c2:d2:51:c1:0d:e5:
65:18:5f:13:55:24:7e:8e:bc:8f:25:c1:a9:d7:70:
4b:6d:8e:07:45:94:ac:e6:08:db:68:fc:6f:75:66:
1d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C3:9D:D3:27:7C:3E:D3:6A:8A:EC:35:90:0A:B0:56:93:7D:E3:AE
X509v3 Authority Key Identifier:
keyid:A2:E3:C4:EC:7B:36:11:2F:CE:52:1F:5B:EF:28:73:C7:B4:CC:88:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/Z8Od0yd8PtNqiuw1kAqwVpN9464.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/f40387-2d84-4062-bec6-da513cc69839/1/ouPE7Hs2ES_OUh9b7yhzx7TMiNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.63.0-91.227.67.255
194.180.108.0/23
194.180.170.0/23
IPv6:
2a0f:4640::/29
Signature Algorithm: sha256WithRSAEncryption
4c:11:17:8f:8b:1e:2e:78:92:3d:0a:b7:84:44:a6:ae:b1:71:
f8:36:36:13:0d:4f:26:76:9a:5a:6c:d0:ab:7c:6b:82:6e:76:
66:f2:eb:54:e0:24:5a:d4:32:42:1c:cf:a6:7f:84:1e:14:9d:
7d:4b:5b:16:62:29:fc:11:85:70:2d:9e:11:14:f4:e6:33:5a:
8b:0a:1a:e6:40:6a:ed:1f:0f:7e:ab:f6:03:ab:17:b6:c6:b6:
44:a7:b4:a3:5a:45:80:7a:c6:93:ba:db:fa:2c:7f:c6:c1:2d:
11:6c:1c:03:d7:51:93:b4:d5:09:07:03:a9:7b:f8:88:f2:bd:
b4:dd:6a:46:70:8e:7f:50:69:6c:34:ac:0b:16:1b:72:26:ed:
a2:44:6b:2f:83:3a:e9:2e:8d:72:25:35:cf:4d:33:fe:08:eb:
e3:c3:10:d1:49:24:8d:16:32:0a:2f:83:3f:42:db:61:b5:cd:
bd:36:bd:65:5f:54:45:65:82:fd:ad:1a:3d:f1:7a:de:5f:1a:
51:4b:f2:0a:13:e8:b6:54:fa:0e:54:86:55:e5:2d:a2:b2:cd:
90:15:f4:64:8c:1d:97:7e:73:c8:0f:37:ae:65:b9:d7:88:40:
a6:54:c7:5b:6d:62:32:bf:c7:91:91:62:01:4b:73:5d:cd:9c:
71:41:bd:2e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzI3zKaDypBRoKG8EkaDd0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZTNjNGVjN2IzNjExMmZjZTUyMWY1YmVmMjg3M2M3YjRj
Yzg4ZDEwHhcNMjQwMTAyMDYzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2MzOWRkMzI3N2MzZWQzNmE4YWVjMzU5MDBhYjA1NjkzN2RlM2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBJqhW7ctAm7zq3OsbLylGhi9eAS
XmpiNZDoqs8dpXCp8QWpDwyhFrPsK4W9zOmrDdjHnrCTRZeHl84EfyQ8McKd483J
98ETSMZ7HNso4ji+bub9Z619MWRXoQCJXd28s5RfznIq7I2AbSw4CDxYapSDUSds
NtwQ6MAfp49wXhNKTdvCQw6lGb6s4h5DPoqtQIP1+H8F/PwhYMJz8OGsSFRpWB6E
KXfNQ7s9aIp7z6m4M8JvdaP37h7ZIQMY0NzJX5PEZlroe19G2s0njQJmdvVxzNH+
25IKGrfC0lHBDeVlGF8TVSR+jryPJcGp13BLbY4HRZSs5gjbaPxvdWYdHwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGfDndMnfD7TaorsNZAKsFaTfeOuMB8GA1UdIwQY
MBaAFKLjxOx7NhEvzlIfW+8oc8e0zIjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3VQRTdIczJFU19PVWg5Yjd5aHp4N1RNaU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9mNDAzODctMmQ4NC00MDYyLWJlYzYt
ZGE1MTNjYzY5ODM5LzEvWjhPZDB5ZDhQdE5xaXV3MWtBcXdWcE45NDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9mNDAzODctMmQ4NC00MDYyLWJlYzYtZGE1MTNjYzY5ODM5
LzEvb3VQRTdIczJFU19PVWg5Yjd5aHp4N1RNaU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBABb4z8D
BAJb40ADBAHCtGwDBAHCtKowDQQCAAIwBwMFAyoPRkAwDQYJKoZIhvcNAQELBQAD
ggEBAEwRF4+LHi54kj0Kt4REpq6xcfg2NhMNTyZ2mlps0Kt8a4Judmby61TgJFrU
MkIcz6Z/hB4UnX1LWxZiKfwRhXAtnhEU9OYzWosKGuZAau0fD36r9gOrF7bGtkSn
tKNaRYB6xpO62/osf8bBLRFsHAPXUZO01QkHA6l7+IjyvbTdakZwjn9QaWw0rAsW
G3Im7aJEay+DOukujXIlNc9NM/4I6+PDENFJJI0WMgovgz9C22G1zb02vWVfVEVl
gv2tGj3xet5fGlFL8goT6LZU+g5UhlXlLaKyzZAV9GSMHZd+c8gPN65ludeIQKZU
x1ttYjK/x5GRYgFLc13NnHFBvS4=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:22 2024 by rpki-client on console.sobornost.net