Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/kZw6AaYpkUafE86lFigeLFlT3DM.roa
File: kZw6AaYpkUafE86lFigeLFlT3DM.roa (raw, json)
Hash identifier: vk9Oiab+57D4DsSjmxCS1cfnV5CKtDXKlV6QuOmZJPM=
Subject key identifier: 91:9C:3A:01:A6:29:91:46:9F:13:CE:A5:16:28:1E:2C:59:53:DC:33
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 01938CD32C92F5A2B0D42D4B1697A3AE6787
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/kZw6AaYpkUafE86lFigeLFlT3DM.roa
Signing time: Tue 03 Dec 2024 14:01:09 +0000
ROA not before: Tue 03 Dec 2024 14:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57353
IP address blocks: 176.97.202.0/24 maxlen: 24
185.81.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:d3:2c:92:f5:a2:b0:d4:2d:4b:16:97:a3:ae:67:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Dec 3 14:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=919c3a01a62991469f13cea516281e2c5953dc33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:35:b5:76:89:27:bf:75:c1:51:1e:17:4b:e2:
a3:fa:a5:35:42:da:e0:56:d3:a2:6e:04:c1:7a:3d:
91:da:86:bc:ee:22:67:08:c3:67:18:82:2e:8f:64:
b7:32:f6:98:1c:f4:c7:79:94:87:93:c5:f5:51:4b:
53:e2:da:17:2d:5e:ce:00:94:7b:be:12:31:dc:fd:
19:c1:2b:81:79:40:70:08:a7:8c:c8:7d:cc:a8:8a:
6f:1c:58:e5:56:ed:bf:35:b8:37:e0:d7:76:e4:1e:
ec:a9:e4:ca:18:c3:78:42:07:ba:52:44:db:01:25:
b9:de:4a:88:b1:a4:cd:dc:05:de:9d:96:f1:7d:8a:
ab:53:3f:a3:9f:64:c7:88:6d:ca:00:2a:97:df:c4:
59:12:e7:24:fe:e2:6e:f1:32:16:fe:00:3a:ab:be:
1d:b8:3f:7e:b4:cd:33:ab:da:74:1e:8a:de:4a:0f:
71:54:b2:fe:98:bd:f6:c9:de:3f:d1:8c:fb:3f:f0:
e0:f1:fe:05:2b:14:f1:b4:64:d7:3e:ce:72:47:f7:
bd:1a:7a:fe:cb:09:01:cc:29:c7:c2:7b:c0:eb:ae:
d2:04:21:8a:f6:41:33:a2:0b:a5:69:b5:a9:2b:22:
26:6a:31:6d:25:25:4c:63:c6:50:48:b0:0a:f9:81:
7b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9C:3A:01:A6:29:91:46:9F:13:CE:A5:16:28:1E:2C:59:53:DC:33
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/kZw6AaYpkUafE86lFigeLFlT3DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.202.0/24
185.81.69.0/24
Signature Algorithm: sha256WithRSAEncryption
15:db:16:62:a9:e0:b9:97:9b:84:52:bf:40:7b:62:a7:26:81:
0a:fb:be:6a:37:25:96:fd:6c:54:bc:96:8e:d1:78:cf:95:b6:
a1:c7:2d:e9:f2:ba:db:26:73:94:8e:96:53:b7:e0:76:3a:0e:
95:29:90:89:1c:b6:cd:58:c8:83:8e:17:8d:c5:dc:de:76:eb:
f7:e5:da:b2:b0:3e:5c:31:d8:ff:69:f4:64:0a:ba:91:d0:34:
7e:c1:65:11:69:2e:8b:6b:88:f7:46:de:eb:8a:e9:65:7d:f0:
05:90:cb:11:64:a9:bc:55:12:51:48:c7:54:52:59:da:af:83:
04:19:da:44:e8:d2:f8:50:0f:76:31:cd:09:bc:50:02:91:d6:
34:99:6f:b6:c1:6b:4b:b1:ad:12:f0:04:f1:bf:9d:8b:9a:9c:
18:79:40:12:aa:19:9b:16:93:86:fd:49:ce:f9:58:42:e8:86:
9a:c1:9a:b5:a6:6d:bd:21:6c:27:01:a5:08:00:75:61:1d:07:
7d:66:1a:09:c9:78:81:33:e0:8c:6f:35:d1:00:b8:05:c8:46:
c5:90:f9:50:62:9d:d7:7d:36:1c:88:3d:73:95:00:d4:eb:64:
dd:7a:46:b9:0e:36:bc:a0:49:ae:e2:f8:f0:95:b0:cb:b9:46:
71:85:03:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOM0yyS9aKw1C1LFpejrmeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjQxMjAzMTQwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTljM2EwMWE2Mjk5MTQ2OWYxM2NlYTUxNjI4MWUyYzU5NTNkYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTW1doknv3XBUR4XS+Kj+qU1Qtrg
VtOibgTBej2R2oa87iJnCMNnGIIuj2S3MvaYHPTHeZSHk8X1UUtT4toXLV7OAJR7
vhIx3P0ZwSuBeUBwCKeMyH3MqIpvHFjlVu2/Nbg34Nd25B7sqeTKGMN4Qge6UkTb
ASW53kqIsaTN3AXenZbxfYqrUz+jn2THiG3KACqX38RZEuck/uJu8TIW/gA6q74d
uD9+tM0zq9p0HoreSg9xVLL+mL32yd4/0Yz7P/Dg8f4FKxTxtGTXPs5yR/e9Gnr+
ywkBzCnHwnvA667SBCGK9kEzogulabWpKyImajFtJSVMY8ZQSLAK+YF7TwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGcOgGmKZFGnxPOpRYoHixZU9wzMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEva1p3NkFhWXBrVWFmRTg2bEZpZ2VMRmxUM0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsGHKAwQA
uVFFMA0GCSqGSIb3DQEBCwUAA4IBAQAV2xZiqeC5l5uEUr9Ae2KnJoEK+75qNyWW
/WxUvJaO0XjPlbahxy3p8rrbJnOUjpZTt+B2Og6VKZCJHLbNWMiDjheNxdzeduv3
5dqysD5cMdj/afRkCrqR0DR+wWURaS6La4j3Rt7riullffAFkMsRZKm8VRJRSMdU
Ulnar4MEGdpE6NL4UA92Mc0JvFACkdY0mW+2wWtLsa0S8ATxv52LmpwYeUASqhmb
FpOG/UnO+VhC6IaawZq1pm29IWwnAaUIAHVhHQd9ZhoJyXiBM+CMbzXRALgFyEbF
kPlQYp3XfTYciD1zlQDU62Tdeka5Dja8oEmu4vjwlbDLuUZxhQPt
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:17 2024 by rpki-client on console.sobornost.net