Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/Ce7ljThpHdAMaWcqsRas2YZgxKk.roa
File: Ce7ljThpHdAMaWcqsRas2YZgxKk.roa (raw, json)
Hash identifier: kZ4Xs/5SrzRSnhTeBQveJwatA8eA/b3zTP6XYNXAl8w=
Subject key identifier: 09:EE:E5:8D:38:69:1D:D0:0C:69:67:2A:B1:16:AC:D9:86:60:C4:A9
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 019127924B384C7864FF8A1084A6BC7B039C
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/Ce7ljThpHdAMaWcqsRas2YZgxKk.roa
Signing time: Tue 06 Aug 2024 12:03:04 +0000
ROA not before: Tue 06 Aug 2024 12:03:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:92:4b:38:4c:78:64:ff:8a:10:84:a6:bc:7b:03:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Aug 6 12:03:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09eee58d38691dd00c69672ab116acd98660c4a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c8:4d:66:d5:3f:0e:14:7e:f0:7b:75:42:d3:
8b:62:2f:0f:3d:30:7b:b6:59:4f:a3:df:ae:23:ab:
42:dd:89:93:26:29:c6:9b:28:fc:bc:52:b6:5a:d1:
cc:10:de:3b:f6:93:a2:c3:9a:a4:09:b5:35:f2:23:
dd:ea:c1:2b:db:14:33:84:4d:77:fa:4d:3b:bc:89:
15:97:96:1a:47:d1:00:3c:1d:00:64:5a:cd:bf:6d:
88:1d:b8:57:db:db:e4:b8:fe:cc:e6:fe:81:64:3e:
72:19:dc:40:66:1e:f8:7c:af:4e:f7:23:23:f1:d6:
fb:ba:74:20:99:a6:81:8e:11:5e:34:7a:77:19:13:
05:94:69:fb:59:dc:db:77:9c:5b:a9:88:50:78:f7:
f3:e9:7b:07:39:24:21:9f:bd:ef:46:a8:36:ba:8e:
9e:cf:fe:b9:58:bc:5e:45:76:e3:48:91:2b:6a:e9:
ff:45:62:61:61:db:c6:ac:fe:a6:fd:87:a3:77:d3:
68:94:fe:2f:1d:03:4d:73:25:fc:ec:06:55:c2:05:
1a:45:cc:f1:c7:b1:b5:40:32:8f:df:57:de:e7:20:
4c:05:e7:8b:ea:07:2f:6e:84:5c:7b:11:91:66:24:
05:ec:88:4f:96:40:4c:d5:26:e3:58:79:a5:8c:40:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EE:E5:8D:38:69:1D:D0:0C:69:67:2A:B1:16:AC:D9:86:60:C4:A9
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/Ce7ljThpHdAMaWcqsRas2YZgxKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
185.165.170.0/23
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
60:cb:76:6b:8e:c8:cf:c0:50:16:d8:c9:ff:dd:5b:98:ef:de:
b3:a1:29:07:1d:45:65:d4:a9:9c:9b:05:38:4a:df:61:30:79:
40:be:a6:eb:68:e8:37:2f:19:8a:fa:ae:5b:d7:47:2e:95:3b:
12:e9:bd:34:b7:fa:60:2f:54:0a:f6:fc:05:94:1b:b1:44:82:
29:48:c5:69:15:c7:11:52:97:77:e9:05:e0:25:8c:a1:9e:44:
04:40:15:03:6c:6b:0d:03:ff:d0:5c:46:39:f7:a0:82:62:cb:
0d:80:1f:93:82:3b:ec:6f:45:af:6b:39:a8:05:70:55:45:f2:
27:59:d3:b4:34:8c:14:2b:32:c5:b8:67:01:c2:67:6d:12:4b:
ab:d9:ca:52:01:52:99:6c:d8:0a:e0:0c:56:15:d4:de:49:99:
aa:0d:c8:bf:f7:61:3a:c4:c1:bf:01:cb:33:ed:4a:c9:0d:c9:
44:f5:5e:a7:50:a6:e7:ce:97:66:18:70:f5:18:c2:32:a1:35:
5a:b1:52:22:d3:ef:87:ed:26:10:65:a4:bd:93:ba:3b:f8:2d:
df:97:8e:0c:f9:38:ef:8f:2d:26:8c:46:02:c0:9a:ee:56:c2:
eb:d1:66:99:32:6b:43:c1:bb:c5:bc:3b:e8:7f:5f:4b:0f:ce:
2d:14:ec:74
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZEnkks4THhk/4oQhKa8ewOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjQwODA2MTIwMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVlZTU4ZDM4NjkxZGQwMGM2OTY3MmFiMTE2YWNkOTg2NjBjNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4chNZtU/DhR+8Ht1QtOLYi8PPTB7
tllPo9+uI6tC3YmTJinGmyj8vFK2WtHMEN479pOiw5qkCbU18iPd6sEr2xQzhE13
+k07vIkVl5YaR9EAPB0AZFrNv22IHbhX29vkuP7M5v6BZD5yGdxAZh74fK9O9yMj
8db7unQgmaaBjhFeNHp3GRMFlGn7Wdzbd5xbqYhQePfz6XsHOSQhn73vRqg2uo6e
z/65WLxeRXbjSJEraun/RWJhYdvGrP6m/Yejd9NolP4vHQNNcyX87AZVwgUaRczx
x7G1QDKP31fe5yBMBeeL6gcvboRcexGRZiQF7IhPlkBM1SbjWHmljEBEAwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAnu5Y04aR3QDGlnKrEWrNmGYMSpMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvQ2U3bGpUaHBIZEFNYVdjcXNSYXMyWVpneEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjASBAIAATAMAwQAJZxEAwQB
uaWqMCAEAgACMBowDwMEACoGFwMHACoGFwAABAMHACoGFwABADANBgkqhkiG9w0B
AQsFAAOCAQEAYMt2a47Iz8BQFtjJ/91bmO/es6EpBx1FZdSpnJsFOErfYTB5QL6m
62joNy8ZivquW9dHLpU7Eum9NLf6YC9UCvb8BZQbsUSCKUjFaRXHEVKXd+kF4CWM
oZ5EBEAVA2xrDQP/0FxGOfeggmLLDYAfk4I77G9Fr2s5qAVwVUXyJ1nTtDSMFCsy
xbhnAcJnbRJLq9nKUgFSmWzYCuAMVhXU3kmZqg3Iv/dhOsTBvwHLM+1KyQ3JRPVe
p1Cm586XZhhw9RjCMqE1WrFSItPvh+0mEGWkvZO6O/gt35eODPk4748tJoxGAsCa
7lbC69FmmTJrQ8G7xbw76H9fSw/OLRTsdA==
-----END CERTIFICATE-----
Generated at Wed Sep 11 06:12:06 2024 by rpki-client on console.sobornost.net