Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/Mi3s3H7UT5LKyjMQKJGgffHW6lM.roa
File: Mi3s3H7UT5LKyjMQKJGgffHW6lM.roa (raw, json)
Hash identifier: buiykNj7cjalOrAQtMQdq2pfMDM1wEPgPBq019BIfFY=
Subject key identifier: 32:2D:EC:DC:7E:D4:4F:92:CA:CA:33:10:28:91:A0:7D:F1:D6:EA:53
Certificate issuer: /CN=6f108bd5addfabf151d9079e3d3d341269666fa7
Certificate serial: 019194384B1C857BDFECB187222106FE003D
Authority key identifier: 6F:10:8B:D5:AD:DF:AB:F1:51:D9:07:9E:3D:3D:34:12:69:66:6F:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxCL1a3fq_FR2QeePT00Emlmb6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/Mi3s3H7UT5LKyjMQKJGgffHW6lM.roa
Signing time: Tue 27 Aug 2024 14:23:22 +0000
ROA not before: Tue 27 Aug 2024 14:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215217
IP address blocks: 89.34.124.0/23 maxlen: 24
89.150.55.0/24 maxlen: 24
2a0f:ac81::/32 maxlen: 32
2a0f:ac84::/32 maxlen: 32
2a0f:ac85::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:38:4b:1c:85:7b:df:ec:b1:87:22:21:06:fe:00:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f108bd5addfabf151d9079e3d3d341269666fa7
Validity
Not Before: Aug 27 14:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=322decdc7ed44f92caca33102891a07df1d6ea53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3e:60:1b:5e:a7:b8:e3:57:49:71:cf:56:91:
0a:3b:39:83:e7:04:aa:4c:1f:09:42:7b:b0:c1:5f:
f5:89:66:28:3d:25:f9:6b:16:be:16:06:d0:73:06:
59:84:8c:62:b0:c0:d2:b8:c4:16:e2:0b:be:da:65:
9a:23:97:5f:be:d0:61:36:40:89:c6:02:35:c4:20:
3b:07:d3:20:50:3d:c8:3f:90:ec:b6:94:d9:12:7e:
92:5d:62:18:3e:57:8a:c3:da:19:17:31:8e:a4:6f:
48:64:18:af:85:ea:1b:10:03:dd:ca:0a:be:20:cc:
e0:29:4f:ec:54:40:f8:f9:2a:b9:ae:00:42:de:52:
fb:ce:07:a3:3d:b6:2f:82:04:b4:36:e8:dc:9e:64:
80:c2:b3:71:fe:e7:9d:63:e7:05:82:52:ce:37:33:
41:15:c5:58:40:ab:98:71:c5:08:f2:95:1e:4d:82:
4b:95:1f:c7:3d:4f:3c:24:23:ed:74:9a:d9:e5:24:
b5:eb:85:9a:a8:96:f6:c8:f6:e3:0b:c0:bf:06:0c:
0c:7d:78:8f:25:2d:c2:34:ed:4a:4b:e8:9f:74:b2:
cd:e9:dd:03:06:6b:fb:e2:eb:1c:a9:77:a4:e0:88:
36:19:2e:75:cc:fa:75:c5:e6:50:57:94:a0:31:0d:
85:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:2D:EC:DC:7E:D4:4F:92:CA:CA:33:10:28:91:A0:7D:F1:D6:EA:53
X509v3 Authority Key Identifier:
keyid:6F:10:8B:D5:AD:DF:AB:F1:51:D9:07:9E:3D:3D:34:12:69:66:6F:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxCL1a3fq_FR2QeePT00Emlmb6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/Mi3s3H7UT5LKyjMQKJGgffHW6lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/bxCL1a3fq_FR2QeePT00Emlmb6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.124.0/23
89.150.55.0/24
IPv6:
2a0f:ac81::/32
2a0f:ac84::/31
Signature Algorithm: sha256WithRSAEncryption
78:07:35:05:cd:e2:96:c5:01:a3:2a:6d:38:5c:3d:bf:44:0a:
66:26:76:0e:5a:3a:11:06:77:6c:77:d6:d5:3a:37:bc:b8:27:
32:36:33:b2:e0:52:18:4b:84:9e:a1:af:aa:21:b6:35:57:79:
53:f5:be:1f:56:65:88:2d:74:84:c8:6e:58:04:67:fe:20:85:
b0:b5:49:cd:79:06:99:e0:27:fe:94:cf:06:ca:c5:61:c2:39:
94:9f:d7:4f:62:11:9f:29:d2:5a:9d:09:07:23:9b:20:4d:69:
74:95:72:8f:35:68:98:38:e8:f0:f3:de:7d:2d:a0:ed:85:71:
76:90:16:c5:53:49:2e:cd:e1:4a:09:2e:80:d4:72:30:4e:25:
dc:10:c0:d9:db:c7:b6:49:11:4a:01:f1:43:c2:18:84:aa:cd:
be:5c:2b:5e:6b:62:9e:a5:e8:7e:b6:3b:11:e7:27:47:cd:bf:
14:e7:c4:77:28:69:a5:48:98:86:11:14:5c:6d:e2:3a:82:bd:
2b:c8:b6:29:20:da:01:88:fe:3e:27:da:26:85:01:d6:37:4a:
d3:2e:ac:8f:3a:aa:fc:13:75:94:40:c9:6b:94:d6:ac:a9:b1:
54:bb:22:a3:ad:0e:eb:6c:a0:46:c8:8f:64:2f:a5:1f:3b:21:
bb:21:d5:00
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZGUOEschXvf7LGHIiEG/gA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTA4YmQ1YWRkZmFiZjE1MWQ5MDc5ZTNkM2QzNDEyNjk2
NjZmYTcwHhcNMjQwODI3MTQyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjJkZWNkYzdlZDQ0ZjkyY2FjYTMzMTAyODkxYTA3ZGYxZDZlYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T5gG16nuONXSXHPVpEKOzmD5wSq
TB8JQnuwwV/1iWYoPSX5axa+FgbQcwZZhIxisMDSuMQW4gu+2mWaI5dfvtBhNkCJ
xgI1xCA7B9MgUD3IP5DstpTZEn6SXWIYPleKw9oZFzGOpG9IZBivheobEAPdygq+
IMzgKU/sVED4+Sq5rgBC3lL7zgejPbYvggS0NujcnmSAwrNx/uedY+cFglLONzNB
FcVYQKuYccUI8pUeTYJLlR/HPU88JCPtdJrZ5SS164WaqJb2yPbjC8C/BgwMfXiP
JS3CNO1KS+ifdLLN6d0DBmv74uscqXek4Ig2GS51zPp1xeZQV5SgMQ2FSQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDIt7Nx+1E+SysozECiRoH3x1upTMB8GA1UdIwQY
MBaAFG8Qi9Wt36vxUdkHnj09NBJpZm+nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhDTDFhM2ZxX0ZSMlFlZVBUMDBFbWxtYjZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9iN2I3ZmEtMTNkMC00ZmZjLTk4Nzgt
MDk3YjRkNmQ4MWU0LzEvTWkzczNIN1VUNUxLeWpNUUtKR2dmZkhXNmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9iN2I3ZmEtMTNkMC00ZmZjLTk4NzgtMDk3YjRkNmQ4MWU0
LzEvYnhDTDFhM2ZxX0ZSMlFlZVBUMDBFbWxtYjZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBWSJ8AwQA
WZY3MBQEAgACMA4DBQAqD6yBAwUBKg+shDANBgkqhkiG9w0BAQsFAAOCAQEAeAc1
Bc3ilsUBoyptOFw9v0QKZiZ2Dlo6EQZ3bHfW1To3vLgnMjYzsuBSGEuEnqGvqiG2
NVd5U/W+H1ZliC10hMhuWARn/iCFsLVJzXkGmeAn/pTPBsrFYcI5lJ/XT2IRnynS
Wp0JByObIE1pdJVyjzVomDjo8PPefS2g7YVxdpAWxVNJLs3hSgkugNRyME4l3BDA
2dvHtkkRSgHxQ8IYhKrNvlwrXmtinqXofrY7EecnR82/FOfEdyhppUiYhhEUXG3i
OoK9K8i2KSDaAYj+PifaJoUB1jdK0y6sjzqq/BN1lEDJa5TWrKmxVLsio60O62yg
RsiPZC+lHzshuyHVAA==
-----END CERTIFICATE-----
Generated at Thu Aug 29 18:19:23 2024 by rpki-client on console.sobornost.net