Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/K-8t8KIFBFrkYZ7l3hIkv4x2y6c.roa
File: K-8t8KIFBFrkYZ7l3hIkv4x2y6c.roa (raw, json)
Hash identifier: RXwwKo472DWJmnuHnuD0qWHXiSczAJmVDurXhY9xkmM=
Subject key identifier: 2B:EF:2D:F0:A2:05:04:5A:E4:61:9E:E5:DE:12:24:BF:8C:76:CB:A7
Certificate issuer: /CN=764f8daadf1d775d59d1502b573901b875513b56
Certificate serial: 01856D11D487DD9B808FC468CADCDEA1C25E
Authority key identifier: 76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/K-8t8KIFBFrkYZ7l3hIkv4x2y6c.roa
Signing time: Sun 01 Jan 2023 11:22:43 +0000
ROA not before: Sun 01 Jan 2023 11:22:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28964
IP address blocks: 178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.160.0/23 maxlen: 24
178.254.162.0/24 maxlen: 24
5.172.32.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
89.23.94.0/23 maxlen: 23
109.111.242.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
89.23.72.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:11:d4:87:dd:9b:80:8f:c4:68:ca:dc:de:a1:c2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764f8daadf1d775d59d1502b573901b875513b56
Validity
Not Before: Jan 1 11:22:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bef2df0a205045ae4619ee5de1224bf8c76cba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7b:9c:89:4f:8c:69:c3:78:ad:b5:3b:30:48:
c6:67:c4:35:3a:ae:49:ab:55:31:04:a5:5f:d5:62:
f7:41:e3:bc:9d:4b:89:6e:4b:2d:9e:e2:3c:89:d7:
c4:c3:12:89:b2:61:5f:33:a1:ce:15:f2:b2:55:42:
5d:34:6b:1f:ad:2f:cd:0d:91:67:a0:6f:b8:8e:48:
97:c5:e6:d9:2a:f3:64:53:61:b5:ac:e0:ef:b6:71:
b8:2b:57:2c:45:bd:25:f6:0b:74:df:fd:94:ba:0b:
68:b6:ca:40:ea:2e:0e:43:a0:fe:be:95:b1:a0:a8:
c8:18:bc:41:b2:c1:a1:bc:cc:b3:99:5f:02:66:3d:
24:7f:e3:8a:85:f0:90:43:e5:56:de:ec:3e:4d:38:
6e:9e:42:99:b8:6a:40:ba:81:b0:a1:7b:78:73:0c:
cb:ce:9d:da:38:3d:e8:c9:cd:d4:3c:c1:99:cc:69:
ea:fb:f7:95:cb:93:fd:d6:30:c8:40:29:e0:d8:49:
64:d3:e4:5d:fe:3f:cf:27:fc:a3:f7:ac:46:ca:97:
3e:4f:70:2d:c8:9d:60:cb:c8:2a:ff:1d:96:08:5d:
a9:4d:98:c2:d4:e9:f6:f4:ad:c7:9f:8c:72:70:56:
c2:5f:ee:bd:8c:79:a8:73:9d:bb:ba:08:7d:8a:02:
d8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:EF:2D:F0:A2:05:04:5A:E4:61:9E:E5:DE:12:24:BF:8C:76:CB:A7
X509v3 Authority Key Identifier:
keyid:76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/K-8t8KIFBFrkYZ7l3hIkv4x2y6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.66.0/23
89.23.72.0/23
89.23.94.0/23
109.111.241.0-109.111.242.255
109.111.247.0/24
109.111.249.0/24
109.111.251.0/24
109.111.255.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.182.0/24
185.157.45.0-185.157.47.255
Signature Algorithm: sha256WithRSAEncryption
9c:58:e2:24:1e:ac:b0:44:60:c8:9b:cb:03:dd:1e:59:6e:24:
c1:18:9d:9a:3e:80:6a:50:46:91:c2:9c:5d:5c:ce:d7:ad:e8:
a5:89:94:76:97:b0:06:9b:eb:55:61:b2:ef:6c:9f:34:a7:a3:
fd:6d:91:31:d9:e8:c8:0f:f7:70:23:e2:97:42:94:87:52:05:
95:15:7c:bd:83:37:3c:7f:4e:27:43:3b:45:f7:b1:0e:59:4e:
b0:95:07:a6:74:1f:52:c9:10:31:d1:92:69:75:72:48:c2:0b:
7b:38:84:f4:d3:f0:db:cb:3c:3e:5e:a8:2a:30:f5:52:92:e4:
90:df:4d:a2:66:98:ce:36:0b:cf:4b:32:19:e0:57:84:b5:86:
c1:11:4c:49:4b:c5:44:c3:c3:b8:e5:c7:36:33:ef:d4:8c:48:
03:83:d9:e6:ee:20:25:da:cf:b9:03:ef:7d:df:76:cf:39:43:
41:27:cb:fc:c0:63:1f:c8:96:f9:46:24:2a:64:85:8b:a7:74:
90:d9:bb:66:7d:3b:5d:7c:1d:e0:4a:07:09:17:34:9b:c4:d5:
01:25:37:8a:b5:87:1c:86:b8:27:6f:da:78:4e:0a:dd:dc:f9:
0c:ac:d5:7f:55:81:b5:0b:0f:d0:6f:3f:72:75:e4:4d:a7:d4:
70:9c:1d:ac
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYVtEdSH3ZuAj8RoytzeocJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NGY4ZGFhZGYxZDc3NWQ1OWQxNTAyYjU3MzkwMWI4NzU1
MTNiNTYwHhcNMjMwMTAxMTEyMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmVmMmRmMGEyMDUwNDVhZTQ2MTllZTVkZTEyMjRiZjhjNzZjYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXuciU+MacN4rbU7MEjGZ8Q1Oq5J
q1UxBKVf1WL3QeO8nUuJbkstnuI8idfEwxKJsmFfM6HOFfKyVUJdNGsfrS/NDZFn
oG+4jkiXxebZKvNkU2G1rODvtnG4K1csRb0l9gt03/2UugtotspA6i4OQ6D+vpWx
oKjIGLxBssGhvMyzmV8CZj0kf+OKhfCQQ+VW3uw+TThunkKZuGpAuoGwoXt4cwzL
zp3aOD3oyc3UPMGZzGnq+/eVy5P91jDIQCng2Elk0+Rd/j/PJ/yj96xGypc+T3At
yJ1gy8gq/x2WCF2pTZjC1On29K3Hn4xycFbCX+69jHmoc527ugh9igLY9QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFCvvLfCiBQRa5GGe5d4SJL+MdsunMB8GA1UdIwQY
MBaAFHZPjarfHXddWdFQK1c5Abh1UTtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODIt
YmZiMmI4ODE1ZTQ5LzEvSy04dDhLSUZCRnJrWVo3bDNoSWt2NHgyeTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODItYmZiMmI4ODE1ZTQ5
LzEvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
rCADBABZF0ADBAFZF0IDBAFZF0gDBAFZF14wDAMEAG1v8QMEAG1v8gMEAG1v9wME
AG1v+QMEAG1v+wMEAG1v/zAMAwQFsv6gAwQAsv6iAwQAsv6kAwQBsv6mMAwDBACy
/q0DBACy/q4DBACy/rIDBACy/rYwDAMEALmdLQMEBLmdIDANBgkqhkiG9w0BAQsF
AAOCAQEAnFjiJB6ssERgyJvLA90eWW4kwRidmj6AalBGkcKcXVzO163opYmUdpew
BpvrVWGy72yfNKej/W2RMdnoyA/3cCPil0KUh1IFlRV8vYM3PH9OJ0M7RfexDllO
sJUHpnQfUskQMdGSaXVySMILeziE9NPw28s8Pl6oKjD1UpLkkN9NomaYzjYLz0sy
GeBXhLWGwRFMSUvFRMPDuOXHNjPv1IxIA4PZ5u4gJdrPuQPvfd92zzlDQSfL/MBj
H8iW+UYkKmSFi6d0kNm7Zn07XXwd4EoHCRc0m8TVASU3irWHHIa4J2/aeE4K3dz5
DKzVf1WBtQsP0G8/cnXkTafUcJwdrA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:35 2023 by rpki-client on console.sobornost.net