Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/TRFdgjeKh36PyjkdcPmiaNrpKfU.roa
File: TRFdgjeKh36PyjkdcPmiaNrpKfU.roa (raw, json)
Hash identifier: 3SZbE1l4SHWgiFxpg8+SOWKRKUlmwbObrNTAFwVHGUc=
Subject key identifier: 4D:11:5D:82:37:8A:87:7E:8F:CA:39:1D:70:F9:A2:68:DA:E9:29:F5
Certificate issuer: /CN=34b419fa4a0a1605188318cdf4a2044992853b95
Certificate serial: 01936D98CBB07A860DE19DCFF4D597F416E1
Authority key identifier: 34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/TRFdgjeKh36PyjkdcPmiaNrpKfU.roa
Signing time: Wed 27 Nov 2024 12:29:10 +0000
ROA not before: Wed 27 Nov 2024 12:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34309
IP address blocks: 37.153.80.0/24 maxlen: 24
37.153.81.0/24 maxlen: 24
37.153.82.0/24 maxlen: 24
37.153.83.0/24 maxlen: 24
37.153.84.0/24 maxlen: 24
37.153.85.0/24 maxlen: 24
37.153.86.0/24 maxlen: 24
37.153.87.0/24 maxlen: 24
185.224.180.0/22 maxlen: 24
195.8.198.0/24 maxlen: 24
195.8.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:98:cb:b0:7a:86:0d:e1:9d:cf:f4:d5:97:f4:16:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b419fa4a0a1605188318cdf4a2044992853b95
Validity
Not Before: Nov 27 12:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d115d82378a877e8fca391d70f9a268dae929f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0f:c2:33:78:5d:68:df:80:08:76:22:1a:79:
e3:90:d1:ca:18:c6:fa:37:21:9f:16:48:b0:96:ac:
a4:38:05:96:ae:50:49:8b:49:d6:ce:f4:f4:cb:e5:
9a:25:68:eb:b1:7f:07:ef:38:ee:5b:1e:10:d8:5a:
89:95:2a:5b:bc:b4:19:d3:af:43:32:35:3e:b7:d3:
bf:d6:dd:5d:f3:c8:8e:e3:c2:4c:45:3a:d5:5b:a6:
71:77:96:14:27:91:22:1f:04:06:a1:fc:68:61:a3:
48:cc:2f:2a:ad:cc:3e:d2:2f:ef:98:15:23:26:a5:
74:4b:0b:b7:48:72:50:35:13:39:d1:b8:74:b0:e6:
2b:3f:4a:bd:67:36:f9:7e:91:f2:38:41:dc:f2:0b:
2d:23:f1:63:0a:47:5f:1f:9e:3e:0c:91:10:ab:74:
89:eb:30:8f:6f:20:e6:91:c3:d3:f5:48:d1:fe:c6:
ea:4c:43:9b:b8:ac:a6:99:72:bf:7d:2c:82:f6:d0:
43:4b:55:bb:2e:8f:4d:be:48:5c:e7:d8:d1:73:e5:
c7:dd:04:64:21:f0:e8:0a:12:2e:f5:55:9e:35:9d:
14:13:10:cd:38:b8:39:e2:14:f6:f3:f2:ed:95:fa:
bc:9c:03:69:86:b3:26:41:95:1a:d1:43:ec:00:2e:
29:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:11:5D:82:37:8A:87:7E:8F:CA:39:1D:70:F9:A2:68:DA:E9:29:F5
X509v3 Authority Key Identifier:
keyid:34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/TRFdgjeKh36PyjkdcPmiaNrpKfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.80.0/21
185.224.180.0/22
195.8.198.0/23
Signature Algorithm: sha256WithRSAEncryption
80:8d:1a:21:a3:ff:c2:1b:03:93:fe:16:24:47:13:40:fe:ee:
ab:99:9d:51:57:79:fb:8b:10:c1:33:8d:80:93:90:b0:c8:bb:
e2:16:e5:ab:30:9e:64:91:ab:55:1d:5a:39:1f:16:ce:cd:e9:
2b:81:fe:20:64:5b:94:aa:30:6c:9a:7b:8b:1c:2b:29:fc:a1:
bc:f7:d9:8d:94:a2:91:28:8c:bd:50:ae:af:fb:a3:5f:db:22:
19:98:0b:e2:30:ce:9b:95:44:b0:40:89:9b:57:ba:c4:06:b6:
a2:3b:6e:1f:31:1c:47:fa:82:d0:f4:5b:ff:95:42:80:b7:34:
6f:50:0a:bc:bc:c7:79:85:ed:3a:cd:cc:69:ce:35:91:c8:b5:
4a:10:76:5f:5f:8c:c4:b2:d3:34:67:3a:2d:5e:fa:20:d8:b6:
f7:21:db:f0:8b:82:c3:c5:b3:6b:98:c3:4b:e0:0b:a5:59:84:
7d:10:12:fb:35:6a:21:bc:04:b9:89:59:f8:1f:69:59:64:c0:
a0:ee:65:2c:68:86:bf:25:db:fc:f9:56:de:67:0e:79:d2:24:
ff:47:39:6b:73:60:eb:8f:2c:14:88:64:4f:e5:27:d2:c1:fb:
aa:5e:ae:e6:5f:b9:2e:e4:2c:c3:74:1b:22:f4:27:47:64:ae:
93:9a:9f:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNtmMuweoYN4Z3P9NWX9BbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjQxOWZhNGEwYTE2MDUxODgzMThjZGY0YTIwNDQ5OTI4
NTNiOTUwHhcNMjQxMTI3MTIyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDExNWQ4MjM3OGE4NzdlOGZjYTM5MWQ3MGY5YTI2OGRhZTkyOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg/CM3hdaN+ACHYiGnnjkNHKGMb6
NyGfFkiwlqykOAWWrlBJi0nWzvT0y+WaJWjrsX8H7zjuWx4Q2FqJlSpbvLQZ069D
MjU+t9O/1t1d88iO48JMRTrVW6Zxd5YUJ5EiHwQGofxoYaNIzC8qrcw+0i/vmBUj
JqV0Swu3SHJQNRM50bh0sOYrP0q9Zzb5fpHyOEHc8gstI/FjCkdfH54+DJEQq3SJ
6zCPbyDmkcPT9UjR/sbqTEObuKymmXK/fSyC9tBDS1W7Lo9Nvkhc59jRc+XH3QRk
IfDoChIu9VWeNZ0UExDNOLg54hT28/Ltlfq8nANphrMmQZUa0UPsAC4prwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE0RXYI3iod+j8o5HXD5omja6Sn1MB8GA1UdIwQY
MBaAFDS0GfpKChYFGIMYzfSiBEmShTuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMt
ODc3NzU0NGM5Mjc1LzEvVFJGZGdqZUtoMzZQeWprZGNQbWlhTnJwS2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMtODc3NzU0NGM5Mjc1
LzEvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJZlQAwQC
ueC0AwQBwwjGMA0GCSqGSIb3DQEBCwUAA4IBAQCAjRoho//CGwOT/hYkRxNA/u6r
mZ1RV3n7ixDBM42Ak5CwyLviFuWrMJ5kkatVHVo5HxbOzekrgf4gZFuUqjBsmnuL
HCsp/KG899mNlKKRKIy9UK6v+6Nf2yIZmAviMM6blUSwQImbV7rEBraiO24fMRxH
+oLQ9Fv/lUKAtzRvUAq8vMd5he06zcxpzjWRyLVKEHZfX4zEstM0ZzotXvog2Lb3
Idvwi4LDxbNrmMNL4AulWYR9EBL7NWohvAS5iVn4H2lZZMCg7mUsaIa/Jdv8+Vbe
Zw550iT/Rzlrc2DrjywUiGRP5SfSwfuqXq7mX7ku5CzDdBsi9CdHZK6Tmp/m
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:11 2024 by rpki-client on console.sobornost.net