Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ff5826-0ce7-4986-adca-68d34bfd2a29/1/Z-H1QrnZX8q8oKN4a1iiOo6FHsA.roa
File: Z-H1QrnZX8q8oKN4a1iiOo6FHsA.roa (raw, json)
Hash identifier: Tjy+WzMFSprGRZk26utDLil2690a7nwA0b1yNy5hUH4=
Subject key identifier: 67:E1:F5:42:B9:D9:5F:CA:BC:A0:A3:78:6B:58:A2:3A:8E:85:1E:C0
Certificate issuer: /CN=9bd384806e036f78e5703d9fcec52675c4740d3a
Certificate serial: 01856B4A5064EC27B0D78EE87992CCB62D7C
Authority key identifier: 9B:D3:84:80:6E:03:6F:78:E5:70:3D:9F:CE:C5:26:75:C4:74:0D:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9OEgG4Db3jlcD2fzsUmdcR0DTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ff5826-0ce7-4986-adca-68d34bfd2a29/1/Z-H1QrnZX8q8oKN4a1iiOo6FHsA.roa
Signing time: Sun 01 Jan 2023 03:05:10 +0000
ROA not before: Sun 01 Jan 2023 03:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198682
IP address blocks: 193.176.64.0/22 maxlen: 24
109.205.0.0/21 maxlen: 24
109.71.136.0/21 maxlen: 24
185.71.148.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
45.88.140.0/22 maxlen: 24
2a00:1f10::/32 maxlen: 32
2a0b:f1c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:50:64:ec:27:b0:d7:8e:e8:79:92:cc:b6:2d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd384806e036f78e5703d9fcec52675c4740d3a
Validity
Not Before: Jan 1 03:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67e1f542b9d95fcabca0a3786b58a23a8e851ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:6c:e9:b5:52:99:66:0e:69:bf:fe:a3:73:
2c:4a:35:b3:58:0e:54:0c:c7:03:ae:91:d9:76:83:
51:25:3b:45:4a:df:69:77:e8:a0:30:09:15:fc:7f:
6c:1d:4a:6a:03:50:09:a4:f1:88:91:cd:a2:d2:0b:
5c:17:40:40:95:db:6c:65:91:f8:9f:51:08:53:f6:
70:cc:ef:0c:e0:a1:29:ee:ef:78:7e:d6:c2:75:6d:
37:df:79:47:4f:25:aa:6b:3d:d8:35:66:96:74:1a:
4b:9e:a4:8b:4d:10:a9:08:a0:9e:bc:84:89:59:66:
e9:da:ce:b0:73:7c:41:9c:71:88:78:80:33:6d:c5:
89:c8:dd:38:90:0c:90:2c:84:83:ca:5d:c9:74:35:
30:c2:c5:f3:4b:33:e5:d2:dc:ef:95:11:43:db:58:
99:f1:79:53:fc:3f:11:e1:db:ff:83:03:3c:85:d6:
5c:bc:25:f5:4f:a2:a0:64:fa:31:c3:b4:e2:8f:1f:
4a:6a:71:b9:6c:f8:de:ca:21:33:e6:0a:5b:95:33:
84:5e:13:98:9d:12:dc:53:32:32:c0:9f:b2:d2:6a:
e6:92:53:ab:89:96:99:15:7c:e9:04:40:d2:1b:c8:
1e:0d:00:83:f5:2f:6b:ab:60:06:7d:16:83:c3:66:
18:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E1:F5:42:B9:D9:5F:CA:BC:A0:A3:78:6B:58:A2:3A:8E:85:1E:C0
X509v3 Authority Key Identifier:
keyid:9B:D3:84:80:6E:03:6F:78:E5:70:3D:9F:CE:C5:26:75:C4:74:0D:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9OEgG4Db3jlcD2fzsUmdcR0DTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ff5826-0ce7-4986-adca-68d34bfd2a29/1/Z-H1QrnZX8q8oKN4a1iiOo6FHsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ff5826-0ce7-4986-adca-68d34bfd2a29/1/m9OEgG4Db3jlcD2fzsUmdcR0DTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.140.0/22
109.71.136.0/21
109.205.0.0/21
185.71.148.0/22
185.220.72.0/22
185.230.96.0/22
193.176.64.0/22
IPv6:
2a00:1f10::/32
2a0b:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:bf:68:da:d9:0c:71:02:fe:f4:52:18:70:6b:19:a7:7a:ad:
c8:50:66:c4:d1:16:e7:4d:ab:d4:48:0c:af:63:b2:26:a1:ea:
e7:48:13:84:a3:54:0d:b6:83:e6:d1:93:dd:f6:f2:2a:88:00:
95:0f:52:c2:2c:0e:08:c7:8f:73:50:f1:45:23:32:6e:5e:ab:
a8:0d:8a:b6:98:c4:f5:6b:40:ee:6c:1b:75:f2:f1:a8:dd:00:
16:01:07:34:5c:00:1d:0b:64:3d:0b:2d:25:72:1e:74:c8:b2:
c6:03:49:8e:ca:a8:52:9d:d6:d6:d9:d8:f3:de:7a:6a:f5:15:
43:48:1d:e9:a6:78:08:06:ca:9c:ff:8a:a8:a4:d8:fc:0e:3e:
0d:26:aa:c4:52:9c:69:7e:cb:d6:2e:84:61:ad:f5:85:e3:21:
5b:42:06:8b:75:89:a4:d1:d7:3e:f5:ea:dc:da:ee:40:01:99:
a4:3a:90:fa:b4:5a:d4:eb:76:e7:76:87:0d:d2:73:6a:a1:74:
cd:b4:0f:9f:a5:99:d3:a4:62:e7:70:b4:ba:3c:9b:76:56:b0:
6e:5f:c9:13:7f:41:67:08:29:7d:1b:55:eb:99:00:fe:b8:6c:
05:b7:ad:c5:3f:49:d1:71:2f:f8:82:30:ca:42:c0:8d:42:f8:
3a:fd:7e:09
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVrSlBk7Cew147oeZLMti18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZDM4NDgwNmUwMzZmNzhlNTcwM2Q5ZmNlYzUyNjc1YzQ3
NDBkM2EwHhcNMjMwMTAxMDMwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UxZjU0MmI5ZDk1ZmNhYmNhMGEzNzg2YjU4YTIzYThlODUxZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIFs6bVSmWYOab/+o3MsSjWzWA5U
DMcDrpHZdoNRJTtFSt9pd+igMAkV/H9sHUpqA1AJpPGIkc2i0gtcF0BAldtsZZH4
n1EIU/ZwzO8M4KEp7u94ftbCdW0333lHTyWqaz3YNWaWdBpLnqSLTRCpCKCevISJ
WWbp2s6wc3xBnHGIeIAzbcWJyN04kAyQLISDyl3JdDUwwsXzSzPl0tzvlRFD21iZ
8XlT/D8R4dv/gwM8hdZcvCX1T6KgZPoxw7Tijx9KanG5bPjeyiEz5gpblTOEXhOY
nRLcUzIywJ+y0mrmklOriZaZFXzpBEDSG8geDQCD9S9rq2AGfRaDw2YY7QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGfh9UK52V/KvKCjeGtYojqOhR7AMB8GA1UdIwQY
MBaAFJvThIBuA2945XA9n87FJnXEdA06MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTlPRWdHNERiM2psY0QyZnpzVW1kY1IwRFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mZjU4MjYtMGNlNy00OTg2LWFkY2Et
NjhkMzRiZmQyYTI5LzEvWi1IMVFyblpYOHE4b0tONGExaWlPbzZGSHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mZjU4MjYtMGNlNy00OTg2LWFkY2EtNjhkMzRiZmQyYTI5
LzEvbTlPRWdHNERiM2psY0QyZnpzVW1kY1IwRFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLViMAwQD
bUeIAwQDbc0AAwQCuUeUAwQCudxIAwQCueZgAwQCwbBAMBQEAgACMA4DBQAqAB8Q
AwUAKgvxwDANBgkqhkiG9w0BAQsFAAOCAQEAfr9o2tkMcQL+9FIYcGsZp3qtyFBm
xNEW502r1EgMr2OyJqHq50gThKNUDbaD5tGT3fbyKogAlQ9SwiwOCMePc1DxRSMy
bl6rqA2KtpjE9WtA7mwbdfLxqN0AFgEHNFwAHQtkPQstJXIedMiyxgNJjsqoUp3W
1tnY8956avUVQ0gd6aZ4CAbKnP+KqKTY/A4+DSaqxFKcaX7L1i6EYa31heMhW0IG
i3WJpNHXPvXq3NruQAGZpDqQ+rRa1Ot253aHDdJzaqF0zbQPn6WZ06Ri53C0ujyb
dlawbl/JE39BZwgpfRtV65kA/rhsBbetxT9J0XEv+IIwykLAjUL4Ov1+CQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:00 2023 by rpki-client on console.sobornost.net