Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/Z3FtI7ScgAENVPsVPBZ36eCH83I.roa
File: Z3FtI7ScgAENVPsVPBZ36eCH83I.roa (raw, json)
Hash identifier: NNIJB78E5sJfXNIqKga6vVLdVPQ6mpT/oU5L/kE9t20=
Subject key identifier: 67:71:6D:23:B4:9C:80:01:0D:54:FB:15:3C:16:77:E9:E0:87:F3:72
Certificate issuer: /CN=8751759bb92cba5520536945ed1b3fa5ad151b65
Certificate serial: 018CC56E0438FD0D07EBD6C76D8BA0501378
Authority key identifier: 87:51:75:9B:B9:2C:BA:55:20:53:69:45:ED:1B:3F:A5:AD:15:1B:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1F1m7ksulUgU2lF7Rs_pa0VG2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/Z3FtI7ScgAENVPsVPBZ36eCH83I.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57653
IP address blocks: 109.69.232.0/24 maxlen: 24
109.69.232.0/21 maxlen: 21
109.69.233.0/24 maxlen: 24
109.69.239.0/24 maxlen: 24
109.69.238.0/24 maxlen: 24
109.69.234.0/24 maxlen: 24
109.69.235.0/24 maxlen: 24
109.69.237.0/24 maxlen: 24
109.69.236.0/24 maxlen: 24
185.191.85.0/24 maxlen: 24
185.191.84.0/22 maxlen: 22
185.191.84.0/24 maxlen: 24
185.191.87.0/24 maxlen: 24
185.191.86.0/24 maxlen: 24
94.156.96.0/24 maxlen: 24
2a00:1ba8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:04:38:fd:0d:07:eb:d6:c7:6d:8b:a0:50:13:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8751759bb92cba5520536945ed1b3fa5ad151b65
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67716d23b49c80010d54fb153c1677e9e087f372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:85:e4:3c:1e:e4:94:73:ee:0e:97:da:13:76:
2c:ed:14:e2:3a:e3:e3:be:26:26:79:ae:dc:84:1d:
0f:e4:b5:0a:52:92:d2:7a:8f:f9:69:d4:d7:55:60:
fe:ff:e2:3c:d1:58:e5:92:57:d7:fa:ef:85:fd:1d:
d8:c8:b2:c7:c7:2d:11:bd:01:b4:ea:6a:d3:ec:de:
a0:a6:4b:1c:48:ea:8f:be:fa:df:60:e9:93:1f:a0:
52:f5:2a:eb:0c:d2:3f:04:23:70:99:8f:9a:70:10:
e5:fd:52:e4:97:00:d4:5b:d7:5f:14:96:bc:df:b7:
78:f5:4f:a8:f7:52:e6:59:02:04:9f:e5:c8:4b:9d:
fe:6f:6b:9c:3e:9c:00:3d:40:33:31:74:cc:c8:54:
f6:6b:04:5e:ce:0b:25:f9:40:1f:bf:99:85:eb:95:
2c:57:6c:71:55:02:d4:d9:d0:e0:b5:01:4f:fa:23:
0f:79:d4:22:7d:24:9f:a9:30:7f:d7:36:8b:51:18:
f3:5c:b9:db:e3:4c:14:35:cd:ea:53:81:24:e9:5c:
29:f9:27:8c:00:ae:03:80:ff:68:98:84:f0:52:24:
40:37:0c:3a:57:14:b8:de:20:90:3d:d1:72:27:8d:
4c:81:db:1d:00:b3:88:7a:d0:47:a9:7f:1c:a1:07:
07:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:71:6D:23:B4:9C:80:01:0D:54:FB:15:3C:16:77:E9:E0:87:F3:72
X509v3 Authority Key Identifier:
keyid:87:51:75:9B:B9:2C:BA:55:20:53:69:45:ED:1B:3F:A5:AD:15:1B:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1F1m7ksulUgU2lF7Rs_pa0VG2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/Z3FtI7ScgAENVPsVPBZ36eCH83I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/862525-f63f-4653-a3a6-e89f51ca6840/1/h1F1m7ksulUgU2lF7Rs_pa0VG2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.96.0/24
109.69.232.0/21
185.191.84.0/22
IPv6:
2a00:1ba8::/32
Signature Algorithm: sha256WithRSAEncryption
a4:b8:ee:57:c0:6f:43:34:34:d7:d4:92:2e:36:6a:1d:a4:4a:
fc:82:0a:21:75:9b:fa:c4:02:f9:b1:29:03:b7:ad:39:d3:a8:
e7:d1:35:fa:40:39:18:a3:86:b2:5b:53:d4:b4:6f:a0:ff:ed:
7b:f3:a9:41:6b:22:95:46:7c:4b:13:a9:5b:d8:b3:e4:0a:fe:
26:dd:0d:38:c5:3c:26:69:40:19:81:ed:51:4e:d3:a1:33:dc:
04:4e:06:63:b4:5a:a1:44:df:b3:1b:65:df:10:bd:23:c9:8f:
bc:ad:65:7a:c9:cf:84:5c:20:9c:79:77:12:06:a7:6b:81:03:
6e:ca:6d:19:a3:df:6a:df:a0:40:2d:f6:39:f4:1c:d4:25:3f:
41:62:6c:e8:91:6c:a0:87:87:93:4f:28:d1:c7:14:54:20:8f:
52:84:bb:e3:4b:70:2a:b1:df:83:ea:c1:4d:81:7c:a8:31:a8:
74:48:ba:f6:7c:d9:b4:f0:d9:09:fe:36:b2:2a:5d:62:95:99:
2a:a5:71:ff:5a:da:84:68:7e:47:e8:d6:ac:a6:de:af:a5:7b:
90:2e:e1:53:89:f5:7e:9b:01:d6:b4:79:d0:51:b8:b6:69:55:
33:88:c6:94:27:46:a7:fb:42:d2:c6:27:56:f1:ef:52:60:64:
30:2d:af:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbgQ4/Q0H69bHbYugUBN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NTE3NTliYjkyY2JhNTUyMDUzNjk0NWVkMWIzZmE1YWQx
NTFiNjUwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzcxNmQyM2I0OWM4MDAxMGQ1NGZiMTUzYzE2NzdlOWUwODdmMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoXkPB7klHPuDpfaE3Ys7RTiOuPj
viYmea7chB0P5LUKUpLSeo/5adTXVWD+/+I80VjlklfX+u+F/R3YyLLHxy0RvQG0
6mrT7N6gpkscSOqPvvrfYOmTH6BS9SrrDNI/BCNwmY+acBDl/VLklwDUW9dfFJa8
37d49U+o91LmWQIEn+XIS53+b2ucPpwAPUAzMXTMyFT2awRezgsl+UAfv5mF65Us
V2xxVQLU2dDgtQFP+iMPedQifSSfqTB/1zaLURjzXLnb40wUNc3qU4Ek6Vwp+SeM
AK4DgP9omITwUiRANww6VxS43iCQPdFyJ41MgdsdALOIetBHqX8coQcH6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGdxbSO0nIABDVT7FTwWd+ngh/NyMB8GA1UdIwQY
MBaAFIdRdZu5LLpVIFNpRe0bP6WtFRtlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDFGMW03a3N1bFVnVTJsRjdSc19wYTBWRzJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84NjI1MjUtZjYzZi00NjUzLWEzYTYt
ZTg5ZjUxY2E2ODQwLzEvWjNGdEk3U2NnQUVOVlBzVlBCWjM2ZUNIODNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84NjI1MjUtZjYzZi00NjUzLWEzYTYtZTg5ZjUxY2E2ODQw
LzEvaDFGMW03a3N1bFVnVTJsRjdSc19wYTBWRzJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXpxgAwQD
bUXoAwQCub9UMA0EAgACMAcDBQAqABuoMA0GCSqGSIb3DQEBCwUAA4IBAQCkuO5X
wG9DNDTX1JIuNmodpEr8ggohdZv6xAL5sSkDt60506jn0TX6QDkYo4ayW1PUtG+g
/+1786lBayKVRnxLE6lb2LPkCv4m3Q04xTwmaUAZge1RTtOhM9wETgZjtFqhRN+z
G2XfEL0jyY+8rWV6yc+EXCCceXcSBqdrgQNuym0Zo99q36BALfY59BzUJT9BYmzo
kWygh4eTTyjRxxRUII9ShLvjS3Aqsd+D6sFNgXyoMah0SLr2fNm08NkJ/jayKl1i
lZkqpXH/WtqEaH5H6Naspt6vpXuQLuFTifV+mwHWtHnQUbi2aVUziMaUJ0an+0LS
xidW8e9SYGQwLa/c
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:45:40 2024 by rpki-client on console.sobornost.net