Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NOrGL5JYvzs-3qnW-xCIOpWNdWc.roa
File: NOrGL5JYvzs-3qnW-xCIOpWNdWc.roa (raw, json)
Hash identifier: AFP4Uy307tmi2+31sJYtc+Hr6gyhi4ca4NRFh18uBLw=
Subject key identifier: 34:EA:C6:2F:92:58:BF:3B:3E:DE:A9:D6:FB:10:88:3A:95:8D:75:67
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 01936E43FE1B4F0D364031851942124B0B37
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NOrGL5JYvzs-3qnW-xCIOpWNdWc.roa
Signing time: Wed 27 Nov 2024 15:36:09 +0000
ROA not before: Wed 27 Nov 2024 15:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 88.84.64.0/19 maxlen: 24
95.142.0.0/20 maxlen: 24
185.117.176.0/22 maxlen: 24
217.15.32.0/20 maxlen: 24
217.149.144.0/20 maxlen: 24
2a02:2068::/29 maxlen: 48
2a02:206a::/32 maxlen: 32
2a02:206b::/32 maxlen: 32
2a02:206d::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:43:fe:1b:4f:0d:36:40:31:85:19:42:12:4b:0b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Nov 27 15:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34eac62f9258bf3b3edea9d6fb10883a958d7567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:25:e8:42:43:2f:83:d8:f4:8a:23:bf:5d:
2e:04:ea:c9:44:4c:ae:6f:0c:82:17:9c:a4:6b:09:
48:f9:11:17:d8:85:08:67:72:41:d8:80:6a:5f:c2:
ac:e7:e8:d6:65:63:95:bb:92:20:b7:ea:02:be:3f:
ba:78:66:1f:3b:de:54:30:e5:cb:2d:28:ec:60:04:
30:04:b2:a5:3e:9b:89:a5:6f:6c:13:34:2c:e3:b4:
1d:31:1a:2c:8d:05:7a:a3:d9:1b:7b:b3:6d:b5:80:
c5:7b:1d:d8:a0:fb:a5:bf:35:86:06:ba:92:f4:2f:
79:24:0a:c2:6c:68:e5:af:73:f6:0c:34:92:3a:39:
63:a3:c6:ce:d6:ec:c1:b2:83:99:b1:5f:02:d2:7c:
40:6e:1a:99:d6:8e:0b:b5:83:6b:e7:9a:5a:15:ca:
5c:61:d0:0c:c1:f2:b0:5a:f4:d2:8f:ee:9a:14:f5:
18:0a:ff:52:60:9d:78:c1:1b:94:6e:3e:28:f2:de:
b2:be:2e:86:4f:63:d3:47:03:4c:20:a1:63:08:d9:
5c:fc:bd:a0:ba:35:cd:fa:f3:1c:ad:db:59:fa:ec:
93:99:4b:15:48:6b:09:db:97:96:1f:57:a6:23:ed:
28:85:76:0f:d5:ee:fc:13:86:36:23:2d:ec:c7:df:
e9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EA:C6:2F:92:58:BF:3B:3E:DE:A9:D6:FB:10:88:3A:95:8D:75:67
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NOrGL5JYvzs-3qnW-xCIOpWNdWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.64.0/19
95.142.0.0/20
185.117.176.0/22
217.15.32.0/20
217.149.144.0/20
IPv6:
2a02:2068::/29
Signature Algorithm: sha256WithRSAEncryption
7d:16:e0:02:40:61:47:cc:82:72:ce:8a:ae:51:60:d5:76:37:
15:1e:16:3e:ed:7f:26:e7:cc:f0:7f:61:00:d7:fc:0e:46:8f:
95:c1:df:e2:44:f4:1b:ab:6d:13:ca:3e:26:41:7e:33:b2:d7:
a3:5c:b0:32:e6:63:b6:e0:aa:c0:9c:75:99:83:64:a4:20:cd:
b9:77:87:21:e3:80:df:47:02:00:a2:54:33:80:89:55:c4:d5:
92:cc:f5:93:39:96:53:f8:14:8f:bb:fc:31:d9:7c:7e:c6:98:
24:02:e3:8c:be:9e:73:d7:a2:43:4a:24:3c:a5:4e:79:66:2e:
2c:c9:2e:61:08:d9:1c:40:8d:ba:3c:f0:30:7c:92:94:da:c8:
96:86:a9:79:8f:42:58:03:2d:9e:32:81:fd:0e:a1:0b:fb:2c:
d3:0e:19:9b:a3:10:ff:ac:5b:dc:e7:49:fe:5e:e8:57:c5:e0:
f7:4c:3e:bd:6d:60:ee:fd:18:f7:7d:da:95:64:d0:d3:bc:49:
4b:1d:f1:a9:a7:c3:e9:b8:e3:fc:95:93:98:d7:83:3e:5a:98:
94:af:27:22:ba:c1:83:e7:d9:a8:48:e5:96:a2:f4:ae:97:37:
bb:90:f6:79:b7:c5:a5:7a:01:3c:0e:67:8c:68:16:38:7b:54:
02:bc:56:af
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZNuQ/4bTw02QDGFGUISSws3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjQxMTI3MTUzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGVhYzYyZjkyNThiZjNiM2VkZWE5ZDZmYjEwODgzYTk1OGQ3NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrMl6EJDL4PY9Iojv10uBOrJREyu
bwyCF5ykawlI+REX2IUIZ3JB2IBqX8Ks5+jWZWOVu5Igt+oCvj+6eGYfO95UMOXL
LSjsYAQwBLKlPpuJpW9sEzQs47QdMRosjQV6o9kbe7NttYDFex3YoPulvzWGBrqS
9C95JArCbGjlr3P2DDSSOjljo8bO1uzBsoOZsV8C0nxAbhqZ1o4LtYNr55paFcpc
YdAMwfKwWvTSj+6aFPUYCv9SYJ14wRuUbj4o8t6yvi6GT2PTRwNMIKFjCNlc/L2g
ujXN+vMcrdtZ+uyTmUsVSGsJ25eWH1emI+0ohXYP1e78E4Y2Iy3sx9/pwwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDTqxi+SWL87Pt6p1vsQiDqVjXVnMB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvTk9yR0w1Sll2enMtM3FuVy14Q0lPcFdOZFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFWFRAAwQE
X44AAwQCuXWwAwQE2Q8gAwQE2ZWQMA0EAgACMAcDBQMqAiBoMA0GCSqGSIb3DQEB
CwUAA4IBAQB9FuACQGFHzIJyzoquUWDVdjcVHhY+7X8m58zwf2EA1/wORo+Vwd/i
RPQbq20Tyj4mQX4zstejXLAy5mO24KrAnHWZg2SkIM25d4ch44DfRwIAolQzgIlV
xNWSzPWTOZZT+BSPu/wx2Xx+xpgkAuOMvp5z16JDSiQ8pU55Zi4syS5hCNkcQI26
PPAwfJKU2siWhql5j0JYAy2eMoH9DqEL+yzTDhmboxD/rFvc50n+XuhXxeD3TD69
bWDu/Rj3fdqVZNDTvElLHfGpp8PpuOP8lZOY14M+WpiUryciusGD59moSOWWovSu
lze7kPZ5t8WlegE8DmeMaBY4e1QCvFav
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:16 2024 by rpki-client on console.sobornost.net