Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/jM23qVFCtaIVa_xwXy1cjS6AvqE.roa
File: jM23qVFCtaIVa_xwXy1cjS6AvqE.roa (raw, json)
Hash identifier: 9cAQpbwwhkEZm2L/kp6Rfso0CP0ILQeDHyLaAS8VYxw=
Subject key identifier: 8C:CD:B7:A9:51:42:B5:A2:15:6B:FC:70:5F:2D:5C:8D:2E:80:BE:A1
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0192047C0231AD288F9059C4E6842437BBFA
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/jM23qVFCtaIVa_xwXy1cjS6AvqE.roa
Signing time: Wed 18 Sep 2024 09:34:48 +0000
ROA not before: Wed 18 Sep 2024 09:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 212.68.172.0/22 maxlen: 22
212.68.172.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
212.68.176.0/22 maxlen: 22
212.68.176.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.180.0/22 maxlen: 22
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:7c:02:31:ad:28:8f:90:59:c4:e6:84:24:37:bb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Sep 18 09:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ccdb7a95142b5a2156bfc705f2d5c8d2e80bea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:f2:d2:45:ca:d2:b3:da:a2:dc:e2:96:9c:
7e:d9:0a:49:06:61:89:e8:26:ea:e3:d1:38:20:e3:
67:a9:b9:66:70:36:60:0f:18:94:66:76:4e:da:31:
7d:c0:b3:63:8a:b9:fa:e5:70:d9:df:16:a8:cc:45:
0f:45:82:ca:56:85:70:2b:92:60:6e:f4:a9:90:5a:
44:ad:f8:1a:0e:83:42:3f:23:a3:1c:c8:ac:86:ed:
d5:ad:6d:cd:67:f0:9d:a1:3f:60:c1:60:1e:74:87:
59:e1:04:fd:43:44:e8:85:08:1e:c2:33:25:a4:89:
df:0d:85:5e:d7:b0:3a:f5:1b:91:4d:42:ac:b2:5a:
09:6f:b2:ff:f5:86:9b:89:59:25:54:3d:63:44:44:
91:72:c1:40:3f:41:10:dc:f4:de:a6:bb:ac:8a:25:
3c:63:0b:8d:c3:cc:b1:68:d7:85:84:dc:24:2e:70:
32:ba:46:c1:4d:2b:a7:6c:87:c6:6d:33:f4:2f:63:
f3:67:18:88:08:b5:7c:8d:fc:c7:f6:bb:d7:4a:0e:
26:4d:09:68:91:1d:c1:06:8b:bd:5a:7f:42:fc:e1:
23:50:41:c1:28:53:4c:1b:b5:21:4a:e7:4a:db:ae:
65:32:c3:59:10:51:0e:11:01:19:ae:e6:97:ac:59:
36:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CD:B7:A9:51:42:B5:A2:15:6B:FC:70:5F:2D:5C:8D:2E:80:BE:A1
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/jM23qVFCtaIVa_xwXy1cjS6AvqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.172.0-212.68.183.255
Signature Algorithm: sha256WithRSAEncryption
22:98:fd:fc:2c:be:1b:ad:b8:2c:07:c0:16:29:77:d4:6c:81:
1f:d7:bd:54:eb:4a:5c:fe:34:a4:d5:5c:9b:b3:b4:b6:e3:2f:
09:4d:de:0c:d5:68:34:e0:b2:1d:61:b2:02:15:0d:ae:ad:3f:
c2:60:d3:d5:5b:64:0f:89:0d:44:13:6a:de:25:59:13:e8:2f:
b6:3e:e3:1a:fa:b8:99:b9:9f:b1:ff:5c:21:7e:0e:2c:55:e5:
6c:62:51:d1:3c:ee:d0:7b:58:6e:41:17:b2:20:f9:66:71:df:
e2:2e:ab:9a:96:cc:c3:d0:2e:46:d5:e8:89:8c:44:be:0e:9f:
93:0d:18:e2:5b:60:db:8c:fc:a3:db:89:2c:c2:8f:2e:14:3c:
5b:d1:d9:e7:a2:db:12:2e:2c:0c:3c:3e:35:b0:60:09:1c:77:
4f:2c:e0:ee:4d:42:e1:b5:69:7a:c9:08:0e:2e:50:a0:bd:c9:
da:74:80:46:3f:e2:ae:4b:c2:71:67:37:fa:a4:ff:fb:3b:b3:
4b:ea:92:a5:04:7b:3e:cf:b6:cd:61:6c:c8:d4:e1:c0:40:df:
33:c2:46:b3:11:eb:00:c9:4b:8e:49:4e:68:6d:88:50:3f:d2:
b1:1b:b5:1d:b3:7a:ce:e6:0c:97:04:23:09:4c:ba:ca:1a:1a:
3e:92:a7:d8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZIEfAIxrSiPkFnE5oQkN7v6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjQwOTE4MDkzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2NkYjdhOTUxNDJiNWEyMTU2YmZjNzA1ZjJkNWM4ZDJlODBiZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHTy0kXK0rPaotzilpx+2QpJBmGJ
6Cbq49E4IONnqblmcDZgDxiUZnZO2jF9wLNjirn65XDZ3xaozEUPRYLKVoVwK5Jg
bvSpkFpErfgaDoNCPyOjHMishu3VrW3NZ/CdoT9gwWAedIdZ4QT9Q0TohQgewjMl
pInfDYVe17A69RuRTUKssloJb7L/9YabiVklVD1jRESRcsFAP0EQ3PTeprusiiU8
YwuNw8yxaNeFhNwkLnAyukbBTSunbIfGbTP0L2PzZxiICLV8jfzH9rvXSg4mTQlo
kR3BBou9Wn9C/OEjUEHBKFNMG7UhSudK265lMsNZEFEOEQEZruaXrFk2AQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIzNt6lRQrWiFWv8cF8tXI0ugL6hMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvak0yM3FWRkN0YUlWYV94d1h5MWNqUzZBdnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALURKwD
BAPURLAwDQYJKoZIhvcNAQELBQADggEBACKY/fwsvhutuCwHwBYpd9RsgR/XvVTr
Slz+NKTVXJuztLbjLwlN3gzVaDTgsh1hsgIVDa6tP8Jg09VbZA+JDUQTat4lWRPo
L7Y+4xr6uJm5n7H/XCF+DixV5WxiUdE87tB7WG5BF7Ig+WZx3+Iuq5qWzMPQLkbV
6ImMRL4On5MNGOJbYNuM/KPbiSzCjy4UPFvR2eei2xIuLAw8PjWwYAkcd08s4O5N
QuG1aXrJCA4uUKC9ydp0gEY/4q5LwnFnN/qk//s7s0vqkqUEez7Pts1hbMjU4cBA
3zPCRrMR6wDJS45JTmhtiFA/0rEbtR2zes7mDJcEIwlMusoaGj6Sp9g=
-----END CERTIFICATE-----
Generated at Fri Sep 27 18:08:57 2024 by rpki-client on console.sobornost.net