Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/PZ3eoPM6MVE_SPtINXFn73iXOA0.roa
File: PZ3eoPM6MVE_SPtINXFn73iXOA0.roa (raw, json)
Hash identifier: 3c6ITDVmaIhFmVOd4H7h9eSk7GGrdsv3ckP61Dxlq64=
Subject key identifier: 3D:9D:DE:A0:F3:3A:31:51:3F:48:FB:48:35:71:67:EF:78:97:38:0D
Certificate issuer: /CN=380dd9e7355c72c751fff4f175dace7daa7b9cbf
Certificate serial: 0193876BD19C0A5691AB7915CDD60E5D8B12
Authority key identifier: 38:0D:D9:E7:35:5C:72:C7:51:FF:F4:F1:75:DA:CE:7D:AA:7B:9C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/PZ3eoPM6MVE_SPtINXFn73iXOA0.roa
Signing time: Mon 02 Dec 2024 12:50:10 +0000
ROA not before: Mon 02 Dec 2024 12:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30943
IP address blocks: 185.67.167.0/24 maxlen: 24
217.112.32.0/20 maxlen: 20
217.112.32.0/23 maxlen: 23
217.112.34.0/23 maxlen: 23
217.112.35.0/24 maxlen: 24
217.112.40.0/23 maxlen: 23
217.112.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:6b:d1:9c:0a:56:91:ab:79:15:cd:d6:0e:5d:8b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380dd9e7355c72c751fff4f175dace7daa7b9cbf
Validity
Not Before: Dec 2 12:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d9ddea0f33a31513f48fb48357167ef7897380d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fc:82:b8:83:c4:8c:15:ae:f7:61:51:d9:b7:
30:f8:bf:99:ca:f3:80:2c:4f:67:16:95:07:ba:2c:
7a:17:0b:43:e9:98:a8:c9:c1:1a:d8:8d:08:27:15:
21:e5:30:94:8c:09:d4:2a:df:9b:39:dc:72:bc:da:
e6:24:76:01:b7:0a:f2:01:96:89:0a:84:63:e6:82:
fd:38:a2:4b:4e:a1:31:00:ad:a8:2f:4d:ff:d3:d0:
1f:9e:67:b8:92:31:5e:82:25:d8:17:79:58:4a:71:
ca:f3:9f:0b:1b:da:47:46:28:94:51:40:d0:36:c4:
9c:4a:1d:1a:40:5f:14:3e:88:45:37:e5:f7:07:a8:
f0:ce:d8:88:50:77:11:4e:91:7f:b7:cd:f7:aa:df:
10:20:ff:46:e6:40:36:bc:7c:73:de:43:84:74:9d:
e6:33:a6:33:f5:75:57:e9:52:6e:23:5a:da:82:d3:
71:19:9e:57:7c:ee:8d:5a:fe:bb:a5:7a:b7:16:3f:
50:15:71:58:a9:70:14:ce:a8:5c:e5:6e:a0:b2:a5:
f6:ce:07:1d:9e:fd:09:e9:16:9a:bf:f0:5b:57:4e:
d3:80:bc:96:93:df:c1:00:33:08:ee:8b:bc:d6:35:
b7:35:2c:7e:e9:00:66:2c:e8:5b:37:0c:55:58:3b:
e6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9D:DE:A0:F3:3A:31:51:3F:48:FB:48:35:71:67:EF:78:97:38:0D
X509v3 Authority Key Identifier:
keyid:38:0D:D9:E7:35:5C:72:C7:51:FF:F4:F1:75:DA:CE:7D:AA:7B:9C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/PZ3eoPM6MVE_SPtINXFn73iXOA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/OA3Z5zVccsdR__TxddrOfap7nL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.167.0/24
217.112.32.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:2f:c3:ad:c9:78:9d:22:e8:21:c6:5f:c8:22:28:ac:7a:f5:
ae:14:4d:c5:f5:f5:fa:0c:79:8d:ef:8b:03:7f:b6:7d:89:e1:
73:28:18:e6:28:ba:3b:12:2a:55:07:7c:32:4e:36:f7:ed:39:
f9:6b:67:2c:7f:94:71:6b:f7:71:86:6e:d1:2f:6c:0c:56:ff:
36:2f:00:6c:84:5c:a3:f0:23:23:f1:b5:5e:c0:25:2a:20:6a:
09:5d:66:87:33:3d:98:2a:87:3e:40:dd:97:01:02:53:ad:9b:
f7:2a:63:a1:12:cd:02:a1:0a:f6:b1:eb:55:0e:83:52:9d:72:
a9:cd:e3:fe:e5:b6:b5:0c:91:ad:a9:16:9f:0f:49:bd:cf:ba:
1f:92:46:4a:e7:06:e4:76:40:e0:f6:29:6c:aa:1c:b7:96:57:
e4:01:da:b4:72:db:2d:19:39:5a:40:f8:b2:47:80:f8:05:f8:
01:f9:1b:1e:19:c0:31:ed:f5:58:4b:4e:77:fc:72:ab:ea:53:
30:08:69:20:0a:90:4a:d2:57:3e:c1:25:1e:82:af:c2:8e:0e:
c4:85:d8:64:48:f5:17:16:9b:12:a5:66:b6:42:c4:1c:09:9b:
dc:af:f8:8f:8c:c7:9d:50:87:8e:43:d4:f6:b6:76:91:27:4d:
2f:39:bc:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOHa9GcClaRq3kVzdYOXYsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGRkOWU3MzU1YzcyYzc1MWZmZjRmMTc1ZGFjZTdkYWE3
YjljYmYwHhcNMjQxMjAyMTI1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlkZGVhMGYzM2EzMTUxM2Y0OGZiNDgzNTcxNjdlZjc4OTczODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPyCuIPEjBWu92FR2bcw+L+ZyvOA
LE9nFpUHuix6FwtD6ZioycEa2I0IJxUh5TCUjAnUKt+bOdxyvNrmJHYBtwryAZaJ
CoRj5oL9OKJLTqExAK2oL03/09Afnme4kjFegiXYF3lYSnHK858LG9pHRiiUUUDQ
NsScSh0aQF8UPohFN+X3B6jwztiIUHcRTpF/t833qt8QIP9G5kA2vHxz3kOEdJ3m
M6Yz9XVX6VJuI1ragtNxGZ5XfO6NWv67pXq3Fj9QFXFYqXAUzqhc5W6gsqX2zgcd
nv0J6Raav/BbV07TgLyWk9/BADMI7ou81jW3NSx+6QBmLOhbNwxVWDvmrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2d3qDzOjFRP0j7SDVxZ+94lzgNMB8GA1UdIwQY
MBaAFDgN2ec1XHLHUf/08XXazn2qe5y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0EzWjV6VmNjc2RSX19UeGRkck9mYXA3bkw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iN2ZlYTItYTMyZC00YTVlLTk5ODIt
NTRiNGNhNTBkMjQ4LzEvUFozZW9QTTZNVkVfU1B0SU5YRm43M2lYT0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iN2ZlYTItYTMyZC00YTVlLTk5ODItNTRiNGNhNTBkMjQ4
LzEvT0EzWjV6VmNjc2RSX19UeGRkck9mYXA3bkw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUOnAwQE
2XAgMA0GCSqGSIb3DQEBCwUAA4IBAQC2L8OtyXidIughxl/IIiisevWuFE3F9fX6
DHmN74sDf7Z9ieFzKBjmKLo7EipVB3wyTjb37Tn5a2csf5Rxa/dxhm7RL2wMVv82
LwBshFyj8CMj8bVewCUqIGoJXWaHMz2YKoc+QN2XAQJTrZv3KmOhEs0CoQr2setV
DoNSnXKpzeP+5ba1DJGtqRafD0m9z7ofkkZK5wbkdkDg9ilsqhy3llfkAdq0ctst
GTlaQPiyR4D4BfgB+RseGcAx7fVYS053/HKr6lMwCGkgCpBK0lc+wSUegq/Cjg7E
hdhkSPUXFpsSpWa2QsQcCZvcr/iPjMedUIeOQ9T2tnaRJ00vObyl
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:23 2024 by rpki-client on console.sobornost.net