Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/oiz-fKGl2t1vM8RlSa1UGgW1ctQ.roa
File: oiz-fKGl2t1vM8RlSa1UGgW1ctQ.roa (raw, json)
Hash identifier: MDWvRL1X3CjMI3AQxs+6qTMrNJAjGl7x+TugzYg26Ls=
Subject key identifier: A2:2C:FE:7C:A1:A5:DA:DD:6F:33:C4:65:49:AD:54:1A:05:B5:72:D4
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 01932A1A0AB5A30DD99A106F7B048A21C3B5
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/oiz-fKGl2t1vM8RlSa1UGgW1ctQ.roa
Signing time: Thu 14 Nov 2024 09:56:09 +0000
ROA not before: Thu 14 Nov 2024 09:56:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.144.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
163.76.128.0/20 maxlen: 24
163.76.144.0/20 maxlen: 24
163.76.160.0/20 maxlen: 24
163.76.176.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:1a:0a:b5:a3:0d:d9:9a:10:6f:7b:04:8a:21:c3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Nov 14 09:56:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a22cfe7ca1a5dadd6f33c46549ad541a05b572d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:4a:70:d1:12:96:55:21:a3:89:eb:5b:6b:
0d:e3:17:f9:49:03:7d:fe:1e:5d:4b:32:05:df:75:
f8:d0:e2:f4:25:87:ed:e2:cf:87:40:e8:8e:5a:1a:
5d:a1:4a:d9:a8:06:4c:56:79:e8:b8:84:10:23:04:
3f:d9:77:e1:0f:dd:19:4c:f3:79:d7:a6:0f:6c:8e:
a4:9e:53:ba:d4:1d:be:30:96:25:0f:39:95:bb:8f:
49:4b:37:ea:5a:26:a6:af:a0:2d:fc:1d:0f:04:3b:
f5:73:99:e1:97:ed:11:3e:57:28:6c:da:db:67:86:
c3:ab:a0:01:8b:32:f0:b5:80:34:fe:1b:d1:e7:0c:
53:70:a6:b3:95:84:75:b8:6a:bc:d0:55:82:d7:93:
e8:3c:42:0f:a7:90:ad:46:47:c7:cb:d9:7e:c7:c4:
e7:b0:ca:73:96:76:16:bb:1f:9d:24:2d:d2:0e:05:
c1:c5:46:4e:b7:97:a5:a9:89:77:bd:7b:3b:45:9a:
15:25:47:6b:71:c6:90:2f:7a:05:e0:e4:c5:ac:4e:
90:51:d1:a1:f6:1b:b7:c8:10:d4:e7:fc:4c:7a:a1:
b5:32:93:62:5a:c9:23:61:50:9f:64:08:18:06:8b:
b5:ed:a2:1b:06:83:13:22:c4:69:a1:34:78:f4:67:
8f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2C:FE:7C:A1:A5:DA:DD:6F:33:C4:65:49:AD:54:1A:05:B5:72:D4
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/oiz-fKGl2t1vM8RlSa1UGgW1ctQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0-145.224.223.255
163.76.128.0/18
Signature Algorithm: sha256WithRSAEncryption
3c:4c:0d:93:72:1d:21:4c:7c:6d:c7:1f:67:df:e5:f0:54:76:
dc:93:fc:a8:d6:94:51:7f:b0:5b:bd:95:de:29:2a:0c:76:ea:
10:5d:8f:26:33:bd:76:c7:2b:89:5a:d6:ee:07:cc:64:a3:93:
97:e3:37:7e:20:8e:08:69:4f:14:06:f5:b0:5c:43:76:53:52:
68:ab:a6:5c:c7:77:ce:1e:73:27:d7:d1:12:16:f6:70:41:f2:
a3:82:71:41:d3:26:22:9e:5a:0a:34:66:65:3a:12:94:86:1d:
f8:4c:ad:6f:1a:b9:95:ae:64:58:8a:e2:b3:a1:58:31:42:af:
4e:98:8f:93:82:1c:c6:07:47:77:3c:93:b8:6f:0e:88:e5:b2:
4e:82:0d:7f:83:ae:d6:11:8a:b8:79:8a:34:42:b8:03:87:69:
ae:8c:56:ae:8b:ae:36:4e:27:7b:63:02:09:af:54:c0:df:29:
27:9c:53:57:0e:b6:fa:94:39:35:ca:ba:de:d8:d5:d3:60:0c:
8f:4b:98:91:d0:62:a9:77:b0:5b:f5:1a:2b:6c:cf:0c:f1:bf:
75:51:ea:d8:d2:c7:08:d6:fc:65:69:83:74:fe:3b:49:5e:f0:
bb:5d:57:ca:aa:dd:11:d7:15:f5:00:d3:f9:d6:c0:1d:82:90:
68:38:a8:ec
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZMqGgq1ow3ZmhBvewSKIcO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjQxMTE0MDk1NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJjZmU3Y2ExYTVkYWRkNmYzM2M0NjU0OWFkNTQxYTA1YjU3MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmRKcNESllUho4nrW2sN4xf5SQN9
/h5dSzIF33X40OL0JYft4s+HQOiOWhpdoUrZqAZMVnnouIQQIwQ/2XfhD90ZTPN5
16YPbI6knlO61B2+MJYlDzmVu49JSzfqWiamr6At/B0PBDv1c5nhl+0RPlcobNrb
Z4bDq6ABizLwtYA0/hvR5wxTcKazlYR1uGq80FWC15PoPEIPp5CtRkfHy9l+x8Tn
sMpzlnYWux+dJC3SDgXBxUZOt5elqYl3vXs7RZoVJUdrccaQL3oF4OTFrE6QUdGh
9hu3yBDU5/xMeqG1MpNiWskjYVCfZAgYBou17aIbBoMTIsRpoTR49GePOQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKIs/nyhpdrdbzPEZUmtVBoFtXLUMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvb2l6LWZLR2wydDF2TThSbFNhMVVHZ1cxY3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAeR4IAD
BAWR4MADBAajTIAwDQYJKoZIhvcNAQELBQADggEBADxMDZNyHSFMfG3HH2ff5fBU
dtyT/KjWlFF/sFu9ld4pKgx26hBdjyYzvXbHK4la1u4HzGSjk5fjN34gjghpTxQG
9bBcQ3ZTUmirplzHd84ecyfX0RIW9nBB8qOCcUHTJiKeWgo0ZmU6EpSGHfhMrW8a
uZWuZFiK4rOhWDFCr06Yj5OCHMYHR3c8k7hvDojlsk6CDX+DrtYRirh5ijRCuAOH
aa6MVq6LrjZOJ3tjAgmvVMDfKSecU1cOtvqUOTXKut7Y1dNgDI9LmJHQYql3sFv1
Gitszwzxv3VR6tjSxwjW/GVpg3T+O0le8LtdV8qq3RHXFfUA0/nWwB2CkGg4qOw=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:00 2024 by rpki-client on console.sobornost.net