Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/dfDzloRPKRyAHrXX1JsD9Zb_vcA.roa
File: dfDzloRPKRyAHrXX1JsD9Zb_vcA.roa (raw, json)
Hash identifier: 0vn2qrU/tEWVHi9257WFsndeHOUAYGBbEJ7gicRLot0=
Subject key identifier: 75:F0:F3:96:84:4F:29:1C:80:1E:B5:D7:D4:9B:03:F5:96:FF:BD:C0
Certificate issuer: /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial: 018CC72764CC63C061732E5A1E67C2141AA2
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/dfDzloRPKRyAHrXX1JsD9Zb_vcA.roa
Signing time: Mon 01 Jan 2024 22:31:36 +0000
ROA not before: Mon 01 Jan 2024 22:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197133
IP address blocks: 217.114.200.0/21 maxlen: 24
217.114.207.0/24 maxlen: 24
194.143.132.0/23 maxlen: 24
193.202.121.0/24 maxlen: 24
185.32.102.0/24 maxlen: 24
178.248.208.0/21 maxlen: 24
185.32.100.0/23 maxlen: 24
178.251.248.0/21 maxlen: 24
194.69.194.0/23 maxlen: 24
185.114.128.0/22 maxlen: 24
91.197.136.0/22 maxlen: 24
2a02:1740::/32 maxlen: 48
2a03:d280::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:64:cc:63:c0:61:73:2e:5a:1e:67:c2:14:1a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Validity
Not Before: Jan 1 22:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75f0f396844f291c801eb5d7d49b03f596ffbdc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3b:6c:40:70:04:82:a0:dc:e6:81:53:64:68:
f8:8e:67:a4:6b:5a:8a:2c:2a:b6:ab:76:1e:d2:49:
e7:ec:28:d4:cd:24:b7:52:53:c8:52:1e:78:19:0f:
35:dc:a7:1d:54:49:a4:44:cb:88:d7:41:2d:75:e2:
a2:58:ae:cd:82:6f:fd:ae:ac:c4:2e:73:b0:15:91:
6d:6a:49:0e:12:38:af:be:b9:0f:13:d3:79:25:32:
8a:3b:62:fb:96:ef:f1:f8:51:9c:bc:08:8c:4b:bf:
60:57:50:05:29:e9:88:9a:79:e4:4b:63:b3:11:01:
2e:40:19:ac:23:75:f5:eb:43:fb:70:ea:72:7b:d5:
61:22:55:2c:d0:2f:17:70:54:52:db:b9:8d:c4:54:
be:8a:bf:43:a1:31:53:89:e2:ed:14:c6:63:34:1a:
a9:ca:4f:22:b3:07:8f:75:46:b5:12:36:ca:df:e9:
8c:81:38:14:7f:ab:bd:6b:dc:b0:40:2d:5f:d1:c1:
d1:cf:e2:18:fe:44:3c:65:62:35:69:55:82:e7:f1:
44:44:78:4a:60:c0:25:49:95:e2:60:0f:8e:a3:af:
69:f5:13:43:1e:7d:af:0b:3f:9e:54:92:b5:1d:24:
b0:31:e4:9f:6a:57:91:7f:19:c8:16:59:29:d1:62:
ef:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F0:F3:96:84:4F:29:1C:80:1E:B5:D7:D4:9B:03:F5:96:FF:BD:C0
X509v3 Authority Key Identifier:
keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/dfDzloRPKRyAHrXX1JsD9Zb_vcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.136.0/22
178.248.208.0/21
178.251.248.0/21
185.32.100.0-185.32.102.255
185.114.128.0/22
193.202.121.0/24
194.69.194.0/23
194.143.132.0/23
217.114.200.0/21
IPv6:
2a02:1740::/32
2a03:d280::/32
Signature Algorithm: sha256WithRSAEncryption
a8:49:23:b1:67:0e:16:f2:8e:a5:14:5e:5c:d5:24:6a:f3:a7:
5e:c6:09:a3:46:86:c8:5f:d9:32:f2:3f:56:a2:9b:f7:9e:a9:
c8:d9:a4:65:95:38:c1:99:18:59:23:3f:8e:21:09:6b:66:9c:
07:0d:f2:17:de:89:f0:ff:71:ce:e0:ac:50:6d:18:9e:61:58:
80:41:94:81:0d:c8:a9:1b:95:01:66:63:bf:7a:47:a8:ac:d3:
d3:1b:0a:74:f8:49:9e:29:3f:ff:16:0a:8b:e3:d1:2c:c9:fe:
d8:b5:8e:ed:0d:ea:59:88:5f:e1:ba:98:c5:cc:0c:5d:10:9b:
f6:e8:4f:ea:19:2b:67:88:61:95:af:1a:af:5c:58:39:08:37:
7b:4f:f3:98:3a:f7:fe:9b:4e:f5:89:7c:00:f2:f5:9c:f7:54:
55:aa:0a:f7:5d:3b:73:f2:78:90:c0:ca:4e:cd:fc:8b:86:af:
8c:fa:a2:66:80:63:77:9f:2e:88:b3:6f:1b:12:37:10:77:85:
bf:97:d0:17:bc:bd:73:93:cd:66:25:33:f0:84:76:23:dc:cb:
35:c6:4f:16:fc:17:f5:cf:8b:17:8f:5e:e0:06:0c:c3:a7:23:
84:de:9e:ae:29:7f:62:9e:23:fb:88:2b:9b:a0:f5:02:4b:5f:
cc:98:ca:5b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzHJ2TMY8Bhcy5aHmfCFBqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIwNzZkMTY3MDJjN2RiZWE5NzJlMjk3MmVmNTc2YTFm
MmM4NzMwHhcNMjQwMTAxMjIzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWYwZjM5Njg0NGYyOTFjODAxZWI1ZDdkNDliMDNmNTk2ZmZiZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ztsQHAEgqDc5oFTZGj4jmeka1qK
LCq2q3Ye0knn7CjUzSS3UlPIUh54GQ813KcdVEmkRMuI10EtdeKiWK7Ngm/9rqzE
LnOwFZFtakkOEjivvrkPE9N5JTKKO2L7lu/x+FGcvAiMS79gV1AFKemImnnkS2Oz
EQEuQBmsI3X160P7cOpye9VhIlUs0C8XcFRS27mNxFS+ir9DoTFTieLtFMZjNBqp
yk8iswePdUa1EjbK3+mMgTgUf6u9a9ywQC1f0cHRz+IY/kQ8ZWI1aVWC5/FERHhK
YMAlSZXiYA+Oo69p9RNDHn2vCz+eVJK1HSSwMeSfaleRfxnIFlkp0WLvxwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHXw85aETykcgB6119SbA/WW/73AMB8GA1UdIwQY
MBaAFMHrB20WcCx9vqly4pcu9Xah8shzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMt
NmMzMmE2YWIxZWYyLzEvZGZEemxvUlBLUnlBSHJYWDFKc0Q5WmJfdmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMtNmMzMmE2YWIxZWYy
LzEvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCW8WIAwQD
svjQAwQDsvv4MAwDBAK5IGQDBAC5IGYDBAK5coADBADBynkDBAHCRcIDBAHCj4QD
BAPZcsgwFAQCAAIwDgMFACoCF0ADBQAqA9KAMA0GCSqGSIb3DQEBCwUAA4IBAQCo
SSOxZw4W8o6lFF5c1SRq86dexgmjRobIX9ky8j9Wopv3nqnI2aRllTjBmRhZIz+O
IQlrZpwHDfIX3onw/3HO4KxQbRieYViAQZSBDcipG5UBZmO/ekeorNPTGwp0+Eme
KT//FgqL49Esyf7YtY7tDepZiF/hupjFzAxdEJv26E/qGStniGGVrxqvXFg5CDd7
T/OYOvf+m071iXwA8vWc91RVqgr3XTtz8niQwMpOzfyLhq+M+qJmgGN3ny6Is28b
EjcQd4W/l9AXvL1zk81mJTPwhHYj3Ms1xk8W/Bf1z4sXj17gBgzDpyOE3p6uKX9i
niP7iCuboPUCS1/MmMpb
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:46 2024 by rpki-client on console.sobornost.net