Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2T9QLYvTLpZKq2H4CIzxYQVhncU.roa
File: 2T9QLYvTLpZKq2H4CIzxYQVhncU.roa (raw, json)
Hash identifier: Ux9q/BlmKgvcuwKUeuxc4P9YgTTVkVtAPzz/SzHmwqI=
Subject key identifier: D9:3F:50:2D:8B:D3:2E:96:4A:AB:61:F8:08:8C:F1:61:05:61:9D:C5
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0193F25A80BA28CDEE1DAAE76FB0D6E504B7
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2T9QLYvTLpZKq2H4CIzxYQVhncU.roa
Signing time: Mon 23 Dec 2024 07:10:37 +0000
ROA not before: Mon 23 Dec 2024 07:10:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f2:5a:80:ba:28:cd:ee:1d:aa:e7:6f:b0:d6:e5:04:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Dec 23 07:10:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d93f502d8bd32e964aab61f8088cf16105619dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:86:eb:0c:95:eb:6c:65:d3:5d:57:e3:97:13:
0a:60:dc:67:01:fb:a1:63:4a:94:73:de:12:d8:46:
c2:09:2a:a7:a3:60:42:d9:26:92:49:7c:60:97:bc:
f1:4b:b8:c1:39:95:a4:23:01:8d:f7:9e:5d:4e:48:
64:39:a6:85:c5:ee:97:6e:09:39:82:24:e5:c1:a3:
c3:54:8a:44:aa:b9:cc:75:26:32:88:79:a8:fc:0c:
4b:53:1d:85:24:8b:70:17:bb:32:53:16:3b:dc:75:
e3:d5:c8:fd:12:84:4a:f5:6f:af:e1:b6:cf:1a:de:
bd:bc:a0:b5:29:15:fb:2f:92:8a:4d:37:c6:f8:31:
28:10:86:fa:2a:14:85:58:f8:b0:ba:3b:79:6f:90:
58:71:be:84:1b:e6:17:bc:6c:24:e6:50:0f:51:de:
2b:70:5c:20:0c:a3:b2:d6:8e:37:87:2c:88:01:88:
6d:cb:15:96:20:c1:04:5c:73:72:66:0f:6b:45:8c:
29:43:93:c0:fc:3d:e4:f3:50:14:66:45:25:af:47:
80:f7:6b:24:73:b8:46:41:fb:50:fa:87:d5:bc:a1:
fe:66:75:ac:44:10:b0:19:12:0b:c0:f3:ea:6a:23:
5e:20:68:fc:81:6b:ae:50:90:c6:88:f5:f8:70:1d:
51:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3F:50:2D:8B:D3:2E:96:4A:AB:61:F8:08:8C:F1:61:05:61:9D:C5
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2T9QLYvTLpZKq2H4CIzxYQVhncU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
34:61:a9:e8:17:51:af:5a:ff:a5:d6:be:13:56:c2:f3:e7:0b:
a0:b6:b7:a1:1c:53:9e:40:76:d1:d4:f2:ea:a5:3b:e7:9c:7d:
25:ab:8e:f6:1e:2e:30:46:b3:67:47:fe:92:08:ba:86:69:41:
dd:a7:08:33:94:46:fa:9c:f0:c3:e2:05:36:52:00:a6:19:c2:
6d:6c:21:09:2c:e5:ef:4d:3b:55:a6:39:98:73:0e:8f:60:e1:
49:a5:a0:5a:19:2f:a1:7f:1a:76:ec:af:07:b9:a8:6e:36:25:
33:fe:65:20:ae:b2:b7:7c:ce:ef:58:f8:88:44:a6:e8:18:3e:
f4:ec:1b:9a:e6:d1:68:42:ba:7f:23:62:43:cb:3d:f1:c6:60:
0d:de:d0:93:76:d4:47:d6:c9:bc:b7:a3:af:f3:0d:54:0e:7e:
12:31:89:b3:57:78:62:52:e4:69:14:19:c4:2e:9c:4e:72:22:
58:71:f1:ed:3c:23:fe:7f:51:89:e8:89:ac:d1:7a:b8:2f:48:
36:43:a9:c3:e7:49:98:38:5b:a9:87:fa:b3:3a:93:7d:ff:1a:
c0:05:c9:b9:3e:a1:52:8d:62:89:f9:2f:68:36:27:f8:1a:f6:
89:01:40:4b:4b:91:d2:a8:3b:5c:0e:7c:68:46:88:6f:bc:69:
ce:01:a5:17
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZPyWoC6KM3uHarnb7DW5QS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMjIzMDcxMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNmNTAyZDhiZDMyZTk2NGFhYjYxZjgwODhjZjE2MTA1NjE5ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsobrDJXrbGXTXVfjlxMKYNxnAfuh
Y0qUc94S2EbCCSqno2BC2SaSSXxgl7zxS7jBOZWkIwGN955dTkhkOaaFxe6Xbgk5
giTlwaPDVIpEqrnMdSYyiHmo/AxLUx2FJItwF7syUxY73HXj1cj9EoRK9W+v4bbP
Gt69vKC1KRX7L5KKTTfG+DEoEIb6KhSFWPiwujt5b5BYcb6EG+YXvGwk5lAPUd4r
cFwgDKOy1o43hyyIAYhtyxWWIMEEXHNyZg9rRYwpQ5PA/D3k81AUZkUlr0eA92sk
c7hGQftQ+ofVvKH+ZnWsRBCwGRILwPPqaiNeIGj8gWuuUJDGiPX4cB1RLwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNk/UC2L0y6WSqth+AiM8WEFYZ3FMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvMlQ5UUxZdlRMcFpLcTJINENJenhZUVZobmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEANGGp
6BdRr1r/pda+E1bC8+cLoLa3oRxTnkB20dTy6qU755x9JauO9h4uMEazZ0f+kgi6
hmlB3acIM5RG+pzww+IFNlIAphnCbWwhCSzl7007VaY5mHMOj2DhSaWgWhkvoX8a
duyvB7mobjYlM/5lIK6yt3zO71j4iESm6Bg+9OwbmubRaEK6fyNiQ8s98cZgDd7Q
k3bUR9bJvLejr/MNVA5+EjGJs1d4YlLkaRQZxC6cTnIiWHHx7Twj/n9RieiJrNF6
uC9INkOpw+dJmDhbqYf6szqTff8awAXJuT6hUo1iifkvaDYn+Br2iQFAS0uR0qg7
XA58aEaIb7xpzgGlFw==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:33 2024 by rpki-client on console.sobornost.net