Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/ZfLmOsrxA1noc5XFjHXD-3_SXU0.roa
File: ZfLmOsrxA1noc5XFjHXD-3_SXU0.roa (raw, json)
Hash identifier: U7LSizhaTQv42EKFegG29DkZyOQdrFez5AXhbBOHrT8=
Subject key identifier: 65:F2:E6:3A:CA:F1:03:59:E8:73:95:C5:8C:75:C3:FB:7F:D2:5D:4D
Certificate issuer: /CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Certificate serial: 018D7906A6FE659A2725B5E4772174958397
Authority key identifier: C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/ZfLmOsrxA1noc5XFjHXD-3_SXU0.roa
Signing time: Mon 05 Feb 2024 11:28:15 +0000
ROA not before: Mon 05 Feb 2024 11:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209828
IP address blocks: 178.255.218.0/24 maxlen: 24
185.203.67.0/24 maxlen: 24
193.163.88.0/24 maxlen: 24
194.69.162.0/24 maxlen: 24
2a0c:ae80::/29 maxlen: 29
2a10:7cc0::/29 maxlen: 29
2a11:1ec0::/29 maxlen: 29
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:06:a6:fe:65:9a:27:25:b5:e4:77:21:74:95:83:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Validity
Not Before: Feb 5 11:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65f2e63acaf10359e87395c58c75c3fb7fd25d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9e:1b:0e:b4:d1:0a:5d:27:84:5a:36:44:ac:
4f:c3:11:62:8d:f7:c9:c2:1f:ef:d2:d6:96:1c:1d:
93:dc:bd:45:f7:9c:b7:ed:53:80:d5:8a:33:a8:a6:
64:71:0f:b5:bd:d5:5a:43:f2:91:d6:73:5e:36:35:
b5:c2:8b:a6:85:01:27:ad:3b:1b:48:7d:e0:77:40:
ff:8f:25:e7:81:c8:10:e2:af:58:df:df:26:80:f3:
02:2f:bc:fa:aa:72:ac:25:81:86:7f:61:ad:ed:72:
99:59:fc:7d:59:6d:44:45:5f:58:3d:3e:ce:de:9b:
a5:72:ce:a4:1d:03:99:bb:0f:4c:85:05:4e:0b:21:
f5:da:6e:cc:6f:13:d1:43:c8:45:fc:89:f8:8e:83:
e6:7d:dd:38:73:50:76:ed:76:a0:f9:c7:fb:4b:7b:
11:53:c8:57:01:64:43:c5:03:11:7b:c4:6c:d2:56:
84:87:3b:34:e1:83:0a:90:b4:a3:97:e7:55:2f:e5:
7e:3c:8a:06:b6:a3:cb:e9:8e:1b:32:61:23:40:41:
ea:71:9f:e6:4d:45:8f:15:45:ba:1c:30:0c:f7:10:
dc:f1:ca:9a:c5:02:38:ba:04:17:fa:0c:61:8b:67:
df:4c:30:be:24:75:e8:82:93:0f:58:47:9b:c2:5e:
41:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F2:E6:3A:CA:F1:03:59:E8:73:95:C5:8C:75:C3:FB:7F:D2:5D:4D
X509v3 Authority Key Identifier:
keyid:C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/ZfLmOsrxA1noc5XFjHXD-3_SXU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/wnRsy35zqcww7wTt188WzB2UaJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.218.0/24
185.203.67.0/24
193.163.88.0/24
194.69.162.0/24
IPv6:
2a0c:ae80::/29
2a10:7cc0::/29
2a11:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:50:0c:06:41:b5:e0:d0:9f:01:f5:e0:26:68:71:05:2d:23:
50:20:10:10:19:20:e9:e9:87:2b:b1:7b:cd:9c:8e:fc:9f:94:
67:b9:73:e9:5c:e9:e4:c0:f0:49:cc:ee:b0:fb:c2:0d:76:a8:
2d:6c:62:9b:60:4e:fb:ac:f7:84:a1:e8:6d:f8:2e:20:f6:7d:
40:5b:58:2c:b6:4a:7e:ce:43:57:0a:a3:a8:37:04:e9:af:36:
c4:97:0c:81:94:6f:71:14:d9:33:6f:6a:a9:27:54:ea:3c:ef:
ad:b2:89:b2:14:16:d7:d9:e4:38:59:96:7c:18:a3:e8:ec:68:
9f:5d:88:0a:33:d5:75:a9:c6:cb:a4:fa:48:02:05:fa:8c:2d:
f1:29:e3:bb:68:f8:b4:cf:9b:b6:d3:54:f1:e1:45:a1:ba:c2:
11:af:ac:52:32:13:c2:21:00:77:3e:a5:73:7b:b5:4c:93:be:
b4:2f:41:ac:a3:33:d8:b4:aa:d7:78:4f:91:16:46:97:17:f7:
1f:7c:94:a1:5e:f3:f9:8c:76:5e:80:20:c0:a0:a5:e7:d0:af:
d8:69:6d:d3:dc:be:55:07:c1:f8:24:ce:1e:18:8c:18:50:04:
26:a2:ec:48:f4:2e:2a:41:e0:ca:1e:b1:80:72:78:ea:76:f8:
33:14:5d:8d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY15Bqb+ZZonJbXkdyF0lYOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzQ2Y2NiN2U3M2E5Y2MzMGVmMDRlZGQ3Y2YxNmNjMWQ5
NDY4OTQwHhcNMjQwMjA1MTEyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWYyZTYzYWNhZjEwMzU5ZTg3Mzk1YzU4Yzc1YzNmYjdmZDI1ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ4bDrTRCl0nhFo2RKxPwxFijffJ
wh/v0taWHB2T3L1F95y37VOA1YozqKZkcQ+1vdVaQ/KR1nNeNjW1woumhQEnrTsb
SH3gd0D/jyXngcgQ4q9Y398mgPMCL7z6qnKsJYGGf2Gt7XKZWfx9WW1ERV9YPT7O
3pulcs6kHQOZuw9MhQVOCyH12m7MbxPRQ8hF/In4joPmfd04c1B27Xag+cf7S3sR
U8hXAWRDxQMRe8Rs0laEhzs04YMKkLSjl+dVL+V+PIoGtqPL6Y4bMmEjQEHqcZ/m
TUWPFUW6HDAM9xDc8cqaxQI4ugQX+gxhi2ffTDC+JHXogpMPWEebwl5BOwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGXy5jrK8QNZ6HOVxYx1w/t/0l1NMB8GA1UdIwQY
MBaAFMJ0bMt+c6nMMO8E7dfPFswdlGiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2Et
OTNlOTE4ZDEwZWM1LzEvWmZMbU9zcnhBMW5vYzVYRmpIWEQtM19TWFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2EtOTNlOTE4ZDEwZWM1
LzEvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQAsv/aAwQA
uctDAwQAwaNYAwQAwkWiMBsEAgACMBUDBQMqDK6AAwUDKhB8wAMFAyoRHsAwDQYJ
KoZIhvcNAQELBQADggEBACxQDAZBteDQnwH14CZocQUtI1AgEBAZIOnphyuxe82c
jvyflGe5c+lc6eTA8EnM7rD7wg12qC1sYptgTvus94Sh6G34LiD2fUBbWCy2Sn7O
Q1cKo6g3BOmvNsSXDIGUb3EU2TNvaqknVOo8762yibIUFtfZ5DhZlnwYo+jsaJ9d
iAoz1XWpxsuk+kgCBfqMLfEp47to+LTPm7bTVPHhRaG6whGvrFIyE8IhAHc+pXN7
tUyTvrQvQayjM9i0qtd4T5EWRpcX9x98lKFe8/mMdl6AIMCgpefQr9hpbdPcvlUH
wfgkzh4YjBhQBCai7Ej0LipB4MoesYByeOp2+DMUXY0=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:06:34 2024 by rpki-client on console.sobornost.net