Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/kzYI8JFciW2IrVSTXdnTmYJvU5Q.roa
File: kzYI8JFciW2IrVSTXdnTmYJvU5Q.roa (raw, json)
Hash identifier: 5ECqvN1viBb8EiBxfFsHpigeDZV6TT0NcvfZztOdVI8=
Subject key identifier: 93:36:08:F0:91:5C:89:6D:88:AD:54:93:5D:D9:D3:99:82:6F:53:94
Certificate issuer: /CN=bd9c80cbe5d57972345f5fa5eba35c86889e55ca
Certificate serial: 018CC801587F4C19FFE2FFAC7A23F52B3745
Authority key identifier: BD:9C:80:CB:E5:D5:79:72:34:5F:5F:A5:EB:A3:5C:86:88:9E:55:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZyAy-XVeXI0X1-l66NchoieVco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/kzYI8JFciW2IrVSTXdnTmYJvU5Q.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61006
IP address blocks: 185.39.200.0/22 maxlen: 22
37.252.112.0/21 maxlen: 21
2a00:d740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:58:7f:4c:19:ff:e2:ff:ac:7a:23:f5:2b:37:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd9c80cbe5d57972345f5fa5eba35c86889e55ca
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=933608f0915c896d88ad54935dd9d399826f5394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a1:9c:80:c0:f3:b5:42:ba:43:31:3b:9e:ba:
c3:ae:e4:d6:ce:fe:6b:d6:e6:ca:17:48:f8:1f:3c:
c2:ae:a3:56:8c:2d:62:1e:ad:1e:7d:37:6e:26:c9:
66:64:4d:d2:22:3b:1e:95:d1:cf:58:57:71:40:df:
58:d6:64:c2:23:ef:08:b6:e0:d8:1c:10:2f:b2:03:
3e:31:a5:cb:be:c9:88:72:c7:3a:39:64:d9:63:e8:
d5:4e:27:37:57:1e:30:bb:fd:48:e3:0f:07:83:63:
48:28:0f:ad:3e:07:47:61:55:95:dd:9f:5d:61:5e:
89:89:13:43:c9:6f:16:14:ef:fd:c5:f5:ef:72:d1:
d6:c2:09:6f:bf:9b:4c:87:c7:b9:eb:0d:55:9f:6e:
d0:86:46:2e:83:fa:d4:b4:94:63:32:33:4e:0a:95:
66:a1:dc:79:ce:e1:00:e8:58:83:9b:16:49:c0:9f:
7c:3d:cd:de:c7:c5:fb:b3:42:50:eb:c6:fe:f7:d1:
eb:d7:bc:c9:73:92:9d:a3:8e:b7:ae:ca:8a:e9:43:
52:9b:90:39:d3:92:65:8e:3a:f1:cf:62:0c:6d:4b:
be:29:7e:31:e2:c4:fb:a8:4e:16:f9:de:07:9b:91:
f4:eb:f0:0f:fc:f7:63:c8:72:86:ff:fa:c9:6e:5f:
c4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:36:08:F0:91:5C:89:6D:88:AD:54:93:5D:D9:D3:99:82:6F:53:94
X509v3 Authority Key Identifier:
keyid:BD:9C:80:CB:E5:D5:79:72:34:5F:5F:A5:EB:A3:5C:86:88:9E:55:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZyAy-XVeXI0X1-l66NchoieVco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/kzYI8JFciW2IrVSTXdnTmYJvU5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/bdcbc4-63b7-4ae5-8684-60e7e45399e6/1/vZyAy-XVeXI0X1-l66NchoieVco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.112.0/21
185.39.200.0/22
IPv6:
2a00:d740::/29
Signature Algorithm: sha256WithRSAEncryption
99:18:2c:99:69:00:c0:18:31:12:65:a7:0c:1c:20:be:24:3a:
55:eb:45:d2:18:04:80:9b:cf:67:92:32:0f:fd:36:23:89:39:
85:3c:88:d0:b9:0d:4d:8f:49:c7:a4:81:88:b4:b6:b5:02:37:
66:fe:f2:93:ce:f8:e9:b2:c6:ba:1d:d0:6c:96:db:4b:da:f9:
4b:89:09:f4:4f:18:55:3c:e5:00:a0:4d:97:96:04:14:d1:6d:
23:d7:da:b5:bd:13:3e:04:16:fa:b5:b9:42:b8:c8:e6:6f:d0:
f7:a2:b7:92:dd:ee:72:6d:a0:65:27:f2:b5:19:66:ee:29:6b:
eb:43:50:c9:43:4b:6e:1a:50:73:2b:37:c1:25:dd:11:ac:d5:
e2:bd:c6:18:c2:4c:d1:7b:5c:e3:27:2b:ff:91:00:5f:4e:84:
93:76:26:af:91:ee:9e:73:04:1b:d4:f2:1b:6d:82:a8:64:11:
a4:15:03:08:a5:85:90:1f:9e:92:0b:5c:ca:16:15:03:b4:ce:
97:19:e9:ae:57:5f:22:71:9e:a2:ce:9f:b6:be:c7:0c:41:c2:
ea:0c:61:8d:f0:89:50:74:ae:96:ad:d5:59:0d:6e:41:e1:43:
23:b8:85:00:9d:d7:0b:9e:e7:e4:53:c0:48:2c:c3:fd:99:ce:
c5:bf:f7:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAVh/TBn/4v+seiP1KzdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOWM4MGNiZTVkNTc5NzIzNDVmNWZhNWViYTM1Yzg2ODg5
ZTU1Y2EwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM2MDhmMDkxNWM4OTZkODhhZDU0OTM1ZGQ5ZDM5OTgyNmY1Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKGcgMDztUK6QzE7nrrDruTWzv5r
1ubKF0j4HzzCrqNWjC1iHq0efTduJslmZE3SIjseldHPWFdxQN9Y1mTCI+8ItuDY
HBAvsgM+MaXLvsmIcsc6OWTZY+jVTic3Vx4wu/1I4w8Hg2NIKA+tPgdHYVWV3Z9d
YV6JiRNDyW8WFO/9xfXvctHWwglvv5tMh8e56w1Vn27QhkYug/rUtJRjMjNOCpVm
odx5zuEA6FiDmxZJwJ98Pc3ex8X7s0JQ68b+99Hr17zJc5Kdo463rsqK6UNSm5A5
05Jljjrxz2IMbUu+KX4x4sT7qE4W+d4Hm5H06/AP/PdjyHKG//rJbl/EWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJM2CPCRXIltiK1Uk13Z05mCb1OUMB8GA1UdIwQY
MBaAFL2cgMvl1XlyNF9fpeujXIaInlXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlp5QXktWFZlWEkwWDEtbDY2TmNob2llVmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9iZGNiYzQtNjNiNy00YWU1LTg2ODQt
NjBlN2U0NTM5OWU2LzEva3pZSThKRmNpVzJJclZTVFhkblRtWUp2VTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9iZGNiYzQtNjNiNy00YWU1LTg2ODQtNjBlN2U0NTM5OWU2
LzEvdlp5QXktWFZlWEkwWDEtbDY2TmNob2llVmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJfxwAwQC
uSfIMA0EAgACMAcDBQMqANdAMA0GCSqGSIb3DQEBCwUAA4IBAQCZGCyZaQDAGDES
ZacMHCC+JDpV60XSGASAm89nkjIP/TYjiTmFPIjQuQ1Nj0nHpIGItLa1Ajdm/vKT
zvjpssa6HdBslttL2vlLiQn0TxhVPOUAoE2XlgQU0W0j19q1vRM+BBb6tblCuMjm
b9D3oreS3e5ybaBlJ/K1GWbuKWvrQ1DJQ0tuGlBzKzfBJd0RrNXivcYYwkzRe1zj
Jyv/kQBfToSTdiavke6ecwQb1PIbbYKoZBGkFQMIpYWQH56SC1zKFhUDtM6XGemu
V18icZ6izp+2vscMQcLqDGGN8IlQdK6WrdVZDW5B4UMjuIUAndcLnufkU8BILMP9
mc7Fv/fM
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:25 2024 by rpki-client on console.sobornost.net