Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/AeHvX5NgfmriuySYyd7WFedbro8.roa
File: AeHvX5NgfmriuySYyd7WFedbro8.roa (raw, json)
Hash identifier: 8VqNZ6BTJohaxXvQ/A7KNiVIHezXe7aGsaDXTvjgLSs=
Subject key identifier: 01:E1:EF:5F:93:60:7E:6A:E2:BB:24:98:C9:DE:D6:15:E7:5B:AE:8F
Certificate issuer: /CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Certificate serial: 01929A583AD037F6B6AEF59E315DEBC6968F
Authority key identifier: 85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/AeHvX5NgfmriuySYyd7WFedbro8.roa
Signing time: Thu 17 Oct 2024 11:58:46 +0000
ROA not before: Thu 17 Oct 2024 11:58:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204119
IP address blocks: 84.38.64.0/21 maxlen: 21
84.38.78.0/23 maxlen: 24
2a00:5080::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:58:3a:d0:37:f6:b6:ae:f5:9e:31:5d:eb:c6:96:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Validity
Not Before: Oct 17 11:58:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01e1ef5f93607e6ae2bb2498c9ded615e75bae8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:cc:2b:66:8c:9d:24:6e:a6:0a:ae:10:64:
b1:ff:1e:a2:d2:4b:6b:2d:9a:b5:d9:35:8e:a4:ab:
69:51:40:24:ee:81:34:7c:4c:de:6e:0c:9f:74:9b:
f5:d2:8e:e3:8a:db:e2:87:9b:3c:23:ab:c2:ab:dd:
c2:d6:df:ae:8b:9a:74:b6:72:17:b1:c9:fa:00:b6:
d7:e6:7b:5e:d5:03:a8:a8:60:9e:e2:de:54:84:a4:
24:68:69:b4:5e:9e:74:40:02:11:cc:d3:6b:b7:e0:
f0:c4:51:c5:d2:f4:33:56:b6:2d:52:ed:cd:ab:60:
a1:78:b4:e9:0f:a7:46:c0:a7:41:35:7c:1b:48:d1:
8f:d1:4c:40:5a:6c:f9:a2:49:38:a0:d8:7b:a1:00:
4e:cc:29:e2:5b:04:ba:ce:81:82:a3:64:9a:99:01:
51:ce:77:3b:40:4d:86:59:47:fe:2e:cf:cd:45:3a:
9f:2d:ea:3f:f5:54:d0:d8:dc:ae:c6:49:39:a3:7a:
02:0d:b8:0a:6b:77:a6:ef:2a:42:d5:46:da:1d:4f:
82:67:b3:21:40:a7:8b:75:92:7d:d4:85:7f:15:a4:
85:09:90:e4:f5:d8:3f:4c:f9:d7:a6:89:d1:bb:0c:
5f:99:8f:1a:3a:42:d8:1c:91:5c:05:75:05:a6:70:
93:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E1:EF:5F:93:60:7E:6A:E2:BB:24:98:C9:DE:D6:15:E7:5B:AE:8F
X509v3 Authority Key Identifier:
keyid:85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/AeHvX5NgfmriuySYyd7WFedbro8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.64.0/21
84.38.78.0/23
IPv6:
2a00:5080::/32
Signature Algorithm: sha256WithRSAEncryption
c0:67:09:88:35:d0:ed:c3:71:ab:a6:a7:36:9a:55:03:72:d9:
3a:98:81:dd:f0:0b:7c:08:99:e8:ff:43:2a:5e:96:89:f3:ac:
53:8f:23:3f:65:bd:bf:98:63:07:c2:3d:c5:28:a0:51:1c:c6:
d9:cc:30:a8:67:eb:c1:07:f9:8f:34:3f:3e:39:2a:b6:35:04:
e6:ea:cb:aa:5b:11:00:33:af:d9:15:ae:23:64:1c:39:50:8a:
a5:7d:96:93:0a:a5:18:42:67:41:42:ec:0e:b4:16:6e:15:a5:
32:fe:41:41:6f:45:31:fa:4c:0c:2a:2b:49:86:c8:19:c5:56:
7d:9f:4c:7b:f4:1e:32:1a:9e:e7:a6:ca:68:19:a1:4d:9b:16:
2d:11:96:46:6a:1c:97:ce:a6:26:e5:e7:2a:58:c0:61:56:81:
2a:51:cf:51:9e:20:98:67:e4:4d:59:f6:7e:de:4f:55:ff:d8:
6e:cc:b2:50:50:17:98:c2:b5:3f:a2:41:4f:49:d0:55:b2:02:
72:61:02:51:86:db:38:94:cf:cc:03:f7:88:c5:b6:3e:64:c8:
d2:09:66:67:1a:db:ac:ec:5a:de:ac:c5:08:19:59:1d:f8:0f:
78:5f:66:ad:3c:f2:93:d8:79:df:6c:5f:4b:63:d1:b8:18:a4:
cd:94:29:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZKaWDrQN/a2rvWeMV3rxpaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzM1MjVkNjhiNjExMTY1NjRlMTZlMWRkNGU1NmNiMDM1
YzljODUwHhcNMjQxMDE3MTE1ODQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWUxZWY1ZjkzNjA3ZTZhZTJiYjI0OThjOWRlZDYxNWU3NWJhZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfLMK2aMnSRupgquEGSx/x6i0ktr
LZq12TWOpKtpUUAk7oE0fEzebgyfdJv10o7jitvih5s8I6vCq93C1t+ui5p0tnIX
scn6ALbX5nte1QOoqGCe4t5UhKQkaGm0Xp50QAIRzNNrt+DwxFHF0vQzVrYtUu3N
q2CheLTpD6dGwKdBNXwbSNGP0UxAWmz5okk4oNh7oQBOzCniWwS6zoGCo2SamQFR
znc7QE2GWUf+Ls/NRTqfLeo/9VTQ2Nyuxkk5o3oCDbgKa3em7ypC1UbaHU+CZ7Mh
QKeLdZJ91IV/FaSFCZDk9dg/TPnXponRuwxfmY8aOkLYHJFcBXUFpnCTeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAHh71+TYH5q4rskmMne1hXnW66PMB8GA1UdIwQY
MBaAFIXDUl1othEWVk4W4d1OVssDXJyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDkt
Njk0ZGJmYWRkYjhmLzEvQWVIdlg1TmdmbXJpdXlTWXlkN1dGZWRicm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDktNjk0ZGJmYWRkYjhm
LzEvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVCZAAwQB
VCZOMA0EAgACMAcDBQAqAFCAMA0GCSqGSIb3DQEBCwUAA4IBAQDAZwmINdDtw3Gr
pqc2mlUDctk6mIHd8At8CJno/0MqXpaJ86xTjyM/Zb2/mGMHwj3FKKBRHMbZzDCo
Z+vBB/mPND8+OSq2NQTm6suqWxEAM6/ZFa4jZBw5UIqlfZaTCqUYQmdBQuwOtBZu
FaUy/kFBb0Ux+kwMKitJhsgZxVZ9n0x79B4yGp7npspoGaFNmxYtEZZGahyXzqYm
5ecqWMBhVoEqUc9RniCYZ+RNWfZ+3k9V/9huzLJQUBeYwrU/okFPSdBVsgJyYQJR
hts4lM/MA/eIxbY+ZMjSCWZnGtus7FrerMUIGVkd+A94X2atPPKT2HnfbF9LY9G4
GKTNlCna
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:05:55 2024 by rpki-client on console.sobornost.net