Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/KP4vp6zcCmQYIgy3ZDJMUrIki9o.roa
File: KP4vp6zcCmQYIgy3ZDJMUrIki9o.roa (raw, json)
Hash identifier: HwEGQnx/COFgWlcGaJoyFpBooJjRWDXofKC3dvFohs0=
Subject key identifier: 28:FE:2F:A7:AC:DC:0A:64:18:22:0C:B7:64:32:4C:52:B2:24:8B:DA
Certificate issuer: /CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Certificate serial: 01938D8788C1D3E7071501E9FC71B6E10122
Authority key identifier: 71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/KP4vp6zcCmQYIgy3ZDJMUrIki9o.roa
Signing time: Tue 03 Dec 2024 17:18:10 +0000
ROA not before: Tue 03 Dec 2024 17:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 37.114.64.0/21 maxlen: 24
78.152.128.0/19 maxlen: 24
185.147.228.0/22 maxlen: 24
2a00:b180::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:87:88:c1:d3:e7:07:15:01:e9:fc:71:b6:e1:01:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71601c0b8b13cc121017f6d25117ac1fd0664344
Validity
Not Before: Dec 3 17:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28fe2fa7acdc0a6418220cb764324c52b2248bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7e:20:05:42:c4:5a:2c:75:17:dc:85:3c:6f:
41:ea:bc:1a:ee:b2:dd:59:a3:98:a7:04:83:e6:6a:
54:73:24:3a:d5:10:e5:d2:a0:4a:dc:40:1e:6a:c0:
83:cc:e3:a2:61:ba:79:08:25:5e:a8:91:75:09:3a:
2f:ea:d8:18:1c:fa:92:0a:46:c4:c1:8a:08:79:dc:
f0:26:ef:2f:6c:b9:d5:50:a9:23:35:bc:37:64:cf:
26:f4:3a:49:4f:f2:f5:93:6b:3a:42:e6:c2:1d:85:
b1:be:d4:36:98:78:98:88:96:40:da:4b:cb:ce:a3:
ea:1f:71:f5:4b:7c:f0:ed:bf:49:6e:6f:86:b6:d2:
04:71:b0:95:90:c2:d7:c3:b5:1e:79:fd:4b:ba:cd:
34:b0:10:f8:67:e1:5a:20:77:13:3f:bb:cd:8f:2e:
bc:92:62:5d:2d:05:ff:a1:9c:1e:46:4e:2f:61:8a:
46:51:55:09:8f:62:68:da:8b:f2:1d:79:0a:fb:e0:
89:95:8a:25:3d:20:76:49:98:16:18:09:4d:7d:18:
2a:db:cb:93:f1:c0:90:35:d6:1c:91:5c:f6:af:6d:
72:86:eb:4f:8a:a1:bc:7a:82:00:f2:85:ec:47:89:
30:17:76:dd:f6:3a:d5:4e:70:f2:42:18:75:6c:c8:
f3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FE:2F:A7:AC:DC:0A:64:18:22:0C:B7:64:32:4C:52:B2:24:8B:DA
X509v3 Authority Key Identifier:
keyid:71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/KP4vp6zcCmQYIgy3ZDJMUrIki9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.64.0/21
78.152.128.0/19
185.147.228.0/22
IPv6:
2a00:b180::/32
Signature Algorithm: sha256WithRSAEncryption
a5:1e:ba:06:31:6f:ce:3c:d5:d4:f6:d7:a1:bc:b8:51:43:8f:
77:88:8b:dc:6f:ca:b5:9e:f4:a5:06:43:e7:5f:a2:cd:f1:4e:
37:34:8d:4d:f0:9f:2f:4d:af:9f:4b:a6:7f:18:ea:79:fd:a8:
70:68:a9:26:11:70:26:2a:56:3f:b4:8c:d9:49:ad:a1:10:d3:
07:f2:5c:1d:10:8e:59:6c:7a:4d:3a:c0:56:ac:13:f1:2f:98:
b0:42:1f:51:89:fa:07:8b:2a:15:df:67:4c:26:a2:67:d9:12:
41:31:ed:48:4c:42:c8:84:7a:e8:7a:16:d2:95:91:20:db:94:
b7:f4:d3:d8:3d:54:ca:42:13:a5:a8:08:8f:60:cd:9d:f9:20:
35:7f:f3:62:fd:57:62:28:52:18:ad:50:8a:be:49:a1:c0:a5:
a3:44:83:c6:6d:10:17:fd:2d:06:de:30:05:56:89:04:a5:5d:
18:ac:24:7d:69:e6:a0:22:20:da:a8:69:cd:d5:70:32:5f:65:
71:ef:c5:1a:40:06:19:31:c3:3b:ea:24:3c:4f:65:10:36:e1:
c2:a0:c2:68:28:6e:a5:30:e7:35:95:f1:49:13:57:70:03:5e:
26:7a:a7:70:7e:48:5a:52:87:a2:78:b2:c2:ea:b1:00:69:4d:
a0:d2:c5:1d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZONh4jB0+cHFQHp/HG24QEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNjAxYzBiOGIxM2NjMTIxMDE3ZjZkMjUxMTdhYzFmZDA2
NjQzNDQwHhcNMjQxMjAzMTcxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZlMmZhN2FjZGMwYTY0MTgyMjBjYjc2NDMyNGM1MmIyMjQ4YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH4gBULEWix1F9yFPG9B6rwa7rLd
WaOYpwSD5mpUcyQ61RDl0qBK3EAeasCDzOOiYbp5CCVeqJF1CTov6tgYHPqSCkbE
wYoIedzwJu8vbLnVUKkjNbw3ZM8m9DpJT/L1k2s6QubCHYWxvtQ2mHiYiJZA2kvL
zqPqH3H1S3zw7b9Jbm+GttIEcbCVkMLXw7Ueef1Lus00sBD4Z+FaIHcTP7vNjy68
kmJdLQX/oZweRk4vYYpGUVUJj2Jo2ovyHXkK++CJlYolPSB2SZgWGAlNfRgq28uT
8cCQNdYckVz2r21yhutPiqG8eoIA8oXsR4kwF3bd9jrVTnDyQhh1bMjzFwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCj+L6es3ApkGCIMt2QyTFKyJIvaMB8GA1UdIwQY
MBaAFHFgHAuLE8wSEBf20lEXrB/QZkNEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYt
NzZiMDMyNWMzYjA3LzEvS1A0dnA2emNDbVFZSWd5M1pESk1VcklraTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYtNzZiMDMyNWMzYjA3
LzEvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXJAAwQF
TpiAAwQCuZPkMA0EAgACMAcDBQAqALGAMA0GCSqGSIb3DQEBCwUAA4IBAQClHroG
MW/OPNXU9tehvLhRQ493iIvcb8q1nvSlBkPnX6LN8U43NI1N8J8vTa+fS6Z/GOp5
/ahwaKkmEXAmKlY/tIzZSa2hENMH8lwdEI5ZbHpNOsBWrBPxL5iwQh9RifoHiyoV
32dMJqJn2RJBMe1ITELIhHroehbSlZEg25S39NPYPVTKQhOlqAiPYM2d+SA1f/Ni
/VdiKFIYrVCKvkmhwKWjRIPGbRAX/S0G3jAFVokEpV0YrCR9aeagIiDaqGnN1XAy
X2Vx78UaQAYZMcM76iQ8T2UQNuHCoMJoKG6lMOc1lfFJE1dwA14meqdwfkhaUoei
eLLC6rEAaU2g0sUd
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:12 2024 by rpki-client on console.sobornost.net