Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/NL3Xu64pFYLf6u-FaRFNo1AIVWM.roa
File: NL3Xu64pFYLf6u-FaRFNo1AIVWM.roa (raw, json)
Hash identifier: RT5G9N/nR5aYi5HhuyD1BCsP8Omhx8Jb/Yxl6EB+mDg=
Subject key identifier: 34:BD:D7:BB:AE:29:15:82:DF:EA:EF:85:69:11:4D:A3:50:08:55:63
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01914B4159CE2B9943841E8B5B36CA8AA82B
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/NL3Xu64pFYLf6u-FaRFNo1AIVWM.roa
Signing time: Tue 13 Aug 2024 10:20:59 +0000
ROA not before: Tue 13 Aug 2024 10:20:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34444
IP address blocks: 84.22.64.0/19 maxlen: 19
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.73.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.85.0/24 maxlen: 24
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.240.0/21 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:41:59:ce:2b:99:43:84:1e:8b:5b:36:ca:8a:a8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Aug 13 10:20:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34bdd7bbae291582dfeaef8569114da350085563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0b:8a:19:ca:c6:b4:af:e1:cc:30:44:cf:0a:
37:0d:0f:00:a4:6d:c2:31:bd:01:93:7a:1e:64:59:
ba:17:49:46:fe:b6:f6:92:c7:7f:a2:a1:31:89:62:
eb:ad:ce:8c:ab:a3:7d:b6:e9:e1:b9:66:03:be:c1:
3f:58:a7:e1:9a:d0:f6:1f:05:45:d5:8c:6e:d7:ef:
29:29:d2:b9:a6:88:ea:d8:12:ef:42:77:bf:7d:59:
1d:d1:d1:03:c2:35:bb:27:91:23:cf:a8:53:ca:6c:
f9:f5:25:5d:19:02:c8:19:58:db:7a:49:f8:b1:51:
df:4f:4a:62:cf:7f:d3:be:d2:01:e6:e8:b7:88:f0:
3c:ea:39:5b:c6:1a:84:44:dd:97:fd:19:26:7a:5c:
bd:62:70:e9:9a:af:7f:2f:0e:9f:88:68:eb:73:09:
d9:3a:1f:d5:56:dc:21:f4:d8:de:27:6b:0b:11:bd:
f0:d1:0f:c1:08:84:4b:62:63:44:7b:62:77:c6:f8:
b5:02:80:c5:e8:29:f1:68:77:49:ee:c7:07:44:f5:
91:26:78:dc:a4:8e:a2:b1:68:8b:08:4f:61:b5:91:
ba:18:8a:02:58:7a:de:6a:48:b7:68:94:fd:39:8b:
a3:41:60:6b:ac:e9:1c:e9:fd:37:c6:0b:e4:26:c9:
6d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BD:D7:BB:AE:29:15:82:DF:EA:EF:85:69:11:4D:A3:50:08:55:63
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/NL3Xu64pFYLf6u-FaRFNo1AIVWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/19
213.180.225.0-213.180.226.255
213.180.228.0/23
213.180.240.0/21
Signature Algorithm: sha256WithRSAEncryption
52:73:8a:dc:5b:85:0e:38:8a:4d:0a:ed:67:bb:bd:13:2a:a3:
95:34:47:f2:4f:95:54:0f:1d:f3:db:de:b2:a5:61:73:6c:51:
a8:a9:17:42:17:36:5e:03:91:11:d9:b9:e1:d7:35:fa:a3:19:
70:0b:6e:e7:5b:41:0f:a6:72:56:ce:9c:56:da:9f:71:15:41:
ff:62:6a:49:f8:70:41:aa:3c:b5:8d:b0:a8:aa:48:8c:33:08:
e3:9b:4c:87:c0:cb:6d:eb:ba:33:71:34:a3:fe:88:0f:a4:5e:
62:d2:e6:d8:42:b7:34:90:48:c5:b4:44:2f:e1:2b:fd:8f:1b:
98:c4:74:8f:ae:90:57:d6:bf:b6:69:6b:c8:9d:0b:39:2c:dc:
b9:1b:af:f4:2e:1a:92:5e:e6:96:85:2e:bf:5f:0f:ff:61:57:
b1:bf:50:7b:8b:21:c8:3b:2a:57:04:d1:61:3c:e6:3e:72:bb:
5c:69:64:a7:92:d8:84:0b:9c:56:ca:87:0f:a4:42:de:f6:69:
4a:be:09:f9:ac:44:78:14:ae:6d:f4:5a:9b:03:aa:cf:ee:9b:
8a:43:99:47:54:64:fb:6b:ec:8a:47:1e:6c:f1:0a:00:64:75:
25:08:2c:3b:b4:6f:63:42:9b:2e:db:72:d7:83:ad:ed:bc:2e:
62:e4:b1:29
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZFLQVnOK5lDhB6LWzbKiqgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjQwODEzMTAyMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGJkZDdiYmFlMjkxNTgyZGZlYWVmODU2OTExNGRhMzUwMDg1NTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQuKGcrGtK/hzDBEzwo3DQ8ApG3C
Mb0Bk3oeZFm6F0lG/rb2ksd/oqExiWLrrc6Mq6N9tunhuWYDvsE/WKfhmtD2HwVF
1Yxu1+8pKdK5pojq2BLvQne/fVkd0dEDwjW7J5Ejz6hTymz59SVdGQLIGVjbekn4
sVHfT0piz3/TvtIB5ui3iPA86jlbxhqERN2X/Rkmely9YnDpmq9/Lw6fiGjrcwnZ
Oh/VVtwh9NjeJ2sLEb3w0Q/BCIRLYmNEe2J3xvi1AoDF6CnxaHdJ7scHRPWRJnjc
pI6isWiLCE9htZG6GIoCWHreaki3aJT9OYujQWBrrOkc6f03xgvkJsltSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDS917uuKRWC3+rvhWkRTaNQCFVjMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvTkwzWHU2NHBGWUxmNnUtRmFSRk5vMUFJVldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQFVBZAMAwD
BADVtOEDBADVtOIDBAHVtOQDBAPVtPAwDQYJKoZIhvcNAQELBQADggEBAFJzitxb
hQ44ik0K7We7vRMqo5U0R/JPlVQPHfPb3rKlYXNsUaipF0IXNl4DkRHZueHXNfqj
GXALbudbQQ+mclbOnFban3EVQf9iakn4cEGqPLWNsKiqSIwzCOObTIfAy23rujNx
NKP+iA+kXmLS5thCtzSQSMW0RC/hK/2PG5jEdI+ukFfWv7Zpa8idCzks3Lkbr/Qu
GpJe5paFLr9fD/9hV7G/UHuLIcg7KlcE0WE85j5yu1xpZKeS2IQLnFbKhw+kQt72
aUq+CfmsRHgUrm30WpsDqs/um4pDmUdUZPtr7IpHHmzxCgBkdSUILDu0b2NCmy7b
cteDre28LmLksSk=
-----END CERTIFICATE-----
Generated at Fri Aug 16 18:07:59 2024 by rpki-client on console.sobornost.net