Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/T7K-_NJzl-5cXReL7cqDFTwtdno.roa
File: T7K-_NJzl-5cXReL7cqDFTwtdno.roa (raw, json)
Hash identifier: QanS+UJxS+czQT7rMRBAgsEMAOv7JYAX7TD3BpUlkIs=
Subject key identifier: 4F:B2:BE:FC:D2:73:97:EE:5C:5D:17:8B:ED:CA:83:15:3C:2D:76:7A
Certificate issuer: /CN=bcc95830e715555b53bf8e4948ad43f696c5ebb7
Certificate serial: 024A5FA7
Authority key identifier: BC:C9:58:30:E7:15:55:5B:53:BF:8E:49:48:AD:43:F6:96:C5:EB:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMlYMOcVVVtTv45JSK1D9pbF67c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/T7K-_NJzl-5cXReL7cqDFTwtdno.roa
Signing time: Wed 16 Mar 2022 21:02:31 +0000
ROA not before: Wed 16 Mar 2022 21:02:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12329
IP address blocks: 185.249.170.0/24 maxlen: 24
185.249.171.0/24 maxlen: 24
185.249.169.0/24 maxlen: 24
81.173.6.0/24 maxlen: 24
185.249.168.0/24 maxlen: 24
185.249.168.0/22 maxlen: 24
156.67.59.0/24 maxlen: 24
212.23.131.0/24 maxlen: 24
212.23.132.0/24 maxlen: 24
212.23.130.0/24 maxlen: 24
212.23.128.0/24 maxlen: 24
212.23.128.0/19 maxlen: 24
212.23.129.0/24 maxlen: 24
212.23.133.0/24 maxlen: 24
212.23.134.0/24 maxlen: 24
212.23.138.0/24 maxlen: 24
212.23.139.0/24 maxlen: 24
212.23.136.0/24 maxlen: 24
212.23.137.0/24 maxlen: 24
212.23.135.0/24 maxlen: 24
62.221.232.0/21 maxlen: 24
62.221.240.0/21 maxlen: 24
2001:7d8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38428583 (0x24a5fa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc95830e715555b53bf8e4948ad43f696c5ebb7
Validity
Not Before: Mar 16 21:02:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fb2befcd27397ee5c5d178bedca83153c2d767a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:16:d6:4b:2c:1d:40:02:36:f6:a5:b5:47:29:
b3:ac:94:db:7f:ba:f3:ed:3c:23:13:8e:c8:d2:e0:
6b:d0:98:5f:07:57:f8:e3:44:e4:19:a6:97:63:73:
88:65:74:33:9f:6b:0b:56:1a:b3:49:1a:6c:3f:e1:
31:f8:00:c5:31:30:2d:00:66:66:3a:61:ba:19:66:
2d:80:7c:c7:bc:cf:8b:f3:93:18:87:1e:e2:b7:53:
6c:47:e4:f3:42:00:c5:ac:62:a8:e1:fe:e0:d5:96:
eb:2a:2d:a9:85:64:aa:df:1b:7f:51:2d:8a:ec:cd:
b5:3d:72:8e:b4:34:d1:80:69:47:7d:5a:02:86:ed:
eb:1f:cd:23:8e:ff:73:7a:9e:f5:99:df:2c:cc:04:
1f:e2:61:e3:08:15:fc:5a:ea:76:6a:22:e9:c8:b7:
11:b7:7c:78:6d:3a:b2:5d:13:4e:12:00:65:01:d2:
f8:77:65:b3:ae:6a:a7:b0:9b:16:51:32:f7:74:23:
ac:41:d8:dc:a9:85:80:f4:ba:8f:2f:44:70:fd:b1:
d4:d1:98:0e:aa:9f:c7:5b:53:30:92:6c:ea:cf:33:
95:61:c4:95:4c:47:dd:e6:bc:f8:66:b9:e9:4a:e6:
7d:62:be:ea:73:b0:15:3f:bb:6b:c1:68:2a:e3:db:
1d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B2:BE:FC:D2:73:97:EE:5C:5D:17:8B:ED:CA:83:15:3C:2D:76:7A
X509v3 Authority Key Identifier:
keyid:BC:C9:58:30:E7:15:55:5B:53:BF:8E:49:48:AD:43:F6:96:C5:EB:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMlYMOcVVVtTv45JSK1D9pbF67c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/T7K-_NJzl-5cXReL7cqDFTwtdno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1f333e-d863-4939-b004-60003a1f4e23/1/vMlYMOcVVVtTv45JSK1D9pbF67c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.232.0-62.221.247.255
81.173.6.0/24
156.67.59.0/24
185.249.168.0/22
212.23.128.0/19
IPv6:
2001:7d8::/32
Signature Algorithm: sha256WithRSAEncryption
45:13:3b:08:e4:98:50:69:27:88:af:e7:db:e9:aa:8f:42:11:
f3:a3:8b:5d:8d:98:bf:46:cb:d6:11:54:07:20:7c:de:a0:11:
ae:3a:11:a4:09:02:a5:66:fd:27:d2:94:a5:15:08:1c:64:5c:
e6:ad:10:d9:71:b7:d7:d3:c3:8e:09:a2:7a:ac:22:d7:5e:54:
4e:83:75:87:cb:2f:55:63:08:02:96:07:dd:2e:ab:46:f7:9f:
48:54:16:b2:ee:f7:8c:4c:36:8a:e7:60:8b:ac:5c:ca:a3:a0:
b4:a4:06:e2:78:4b:61:9f:75:3e:24:fc:f5:01:f6:cf:cc:7f:
2f:fb:e3:9e:ba:f8:82:4d:05:dd:ab:ab:98:12:14:d8:5c:71:
60:f5:a7:eb:48:98:7a:ad:d1:19:0d:05:70:b6:47:7f:20:bd:
50:ae:56:6b:9e:f1:58:b4:9d:e4:50:43:12:8c:fa:aa:36:06:
50:78:b2:4b:7a:b7:5c:3a:81:09:8b:d0:f1:3a:36:79:de:47:
b7:13:22:8c:ba:24:2f:1f:5c:c8:94:f6:f5:35:f5:ce:22:fb:
f5:11:db:31:ec:3a:fd:82:5f:6c:36:1b:52:0a:fc:b7:fc:0b:
49:87:73:82:79:e1:d0:62:1f:b7:c4:ee:98:e7:55:78:c1:98:
07:be:63:58
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEAkpfpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2M5NTgzMGU3MTU1NTViNTNiZjhlNDk0OGFkNDNmNjk2YzVlYmI3MB4XDTIyMDMx
NjIxMDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZiMmJlZmNkMjcz
OTdlZTVjNWQxNzhiZWRjYTgzMTUzYzJkNzY3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcW1kssHUACNvaltUcps6yU23+68+08IxOOyNLga9CYXwdX
+ONE5Bmml2NziGV0M59rC1Yas0kabD/hMfgAxTEwLQBmZjphuhlmLYB8x7zPi/OT
GIce4rdTbEfk80IAxaxiqOH+4NWW6yotqYVkqt8bf1EtiuzNtT1yjrQ00YBpR31a
Aobt6x/NI47/c3qe9ZnfLMwEH+Jh4wgV/Frqdmoi6ci3Ebd8eG06sl0TThIAZQHS
+Hdls65qp7CbFlEy93QjrEHY3KmFgPS6jy9EcP2x1NGYDqqfx1tTMJJs6s8zlWHE
lUxH3ea8+Ga56UrmfWK+6nOwFT+7a8FoKuPbHQMCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBRPsr780nOX7lxdF4vtyoMVPC12ejAfBgNVHSMEGDAWgBS8yVgw5xVVW1O/
jklIrUP2lsXrtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZNbFlNT2NWVlZ0VHY0NUpTSzFEOXBiRjY3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvMWYzMzNlLWQ4NjMtNDkzOS1iMDA0LTYwMDAzYTFmNGUyMy8x
L1Q3Sy1fTkp6bC01Y1hSZUw3Y3FERlR3dGRuby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
MWYzMzNlLWQ4NjMtNDkzOS1iMDA0LTYwMDAzYTFmNGUyMy8xL3ZNbFlNT2NWVlZ0
VHY0NUpTSzFEOXBiRjY3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJjAMAwQDPt3oAwQDPt3wAwQAUa0GAwQA
nEM7AwQCufmoAwQF1BeAMA0EAgACMAcDBQAgAQfYMA0GCSqGSIb3DQEBCwUAA4IB
AQBFEzsI5JhQaSeIr+fb6aqPQhHzo4tdjZi/RsvWEVQHIHzeoBGuOhGkCQKlZv0n
0pSlFQgcZFzmrRDZcbfX08OOCaJ6rCLXXlROg3WHyy9VYwgClgfdLqtG959IVBay
7veMTDaK52CLrFzKo6C0pAbieEthn3U+JPz1AfbPzH8v++OeuviCTQXdq6uYEhTY
XHFg9afrSJh6rdEZDQVwtkd/IL1QrlZrnvFYtJ3kUEMSjPqqNgZQeLJLerdcOoEJ
i9DxOjZ53ke3EyKMuiQvH1zIlPb1NfXOIvv1Edsx7Dr9gl9sNhtSCvy3/AtJh3OC
eeHQYh+3xO6Y51V4wZgHvmNY
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:23 2023 by rpki-client on console.sobornost.net