Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/DuxpZXhhsXstSUgERcEk8V1vYZc.roa
File: DuxpZXhhsXstSUgERcEk8V1vYZc.roa (raw, json)
Hash identifier: Z70dxQEjQleFKTIfQHXjmsYm61J3nwkjTx9GAXjlIyQ=
Subject key identifier: 0E:EC:69:65:78:61:B1:7B:2D:49:48:04:45:C1:24:F1:5D:6F:61:97
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 01941F8C7399F51E57890BA2D675CF20075F
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/DuxpZXhhsXstSUgERcEk8V1vYZc.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 31.200.248.0/21 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.24.0/22 maxlen: 24
62.76.88.0/22 maxlen: 24
62.76.100.0/22 maxlen: 24
62.76.112.0/22 maxlen: 24
89.248.236.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.85.0/24 maxlen: 24
91.107.86.0/23 maxlen: 24
91.107.86.0/24 maxlen: 24
91.227.34.0/23 maxlen: 24
185.40.28.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
185.111.216.0/23 maxlen: 24
185.111.218.0/24 maxlen: 24
185.111.219.0/24 maxlen: 24
185.126.92.0/22 maxlen: 24
212.8.232.0/22 maxlen: 24
217.199.209.0/24 maxlen: 24
2a03:220::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:73:99:f5:1e:57:89:0b:a2:d6:75:cf:20:07:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eec69657861b17b2d49480445c124f15d6f6197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:37:4f:ec:bd:1d:b8:5f:73:41:03:3e:d3:1f:
6d:1b:70:5b:68:6a:79:97:1c:99:1f:c4:cc:ca:c8:
24:3c:d8:0d:e8:2b:0b:28:33:44:4a:a2:65:d1:48:
d7:c9:e7:74:12:30:d7:12:91:36:f9:d4:ad:a7:b8:
47:72:cb:6c:27:31:13:8e:7a:4a:b8:b4:b5:3f:94:
91:6b:c9:3f:28:20:88:f5:60:a5:bc:db:2b:41:d6:
b9:e3:ec:a5:3e:cc:ff:86:22:ed:f8:f8:c8:36:8f:
5e:7e:82:94:f3:df:b0:f5:e7:6d:da:5a:fa:6c:5b:
fb:7c:bd:a8:89:68:ae:f2:50:da:7f:2e:61:c6:44:
02:1e:ff:a9:1c:14:64:95:52:e3:0d:9f:1f:12:d8:
df:dc:59:1a:87:2c:e9:fa:4c:68:e4:ba:25:19:8a:
d1:41:78:15:6f:46:72:dc:47:dd:f3:f1:74:4f:36:
fa:2f:63:81:a3:f6:5f:51:f2:d0:59:04:2b:83:84:
a4:06:54:fd:ae:23:46:71:cb:c7:74:c7:2d:81:dc:
18:a7:f0:a3:0e:c1:4a:64:5f:d6:3f:77:cf:1a:21:
4c:85:ff:8c:f3:b1:02:53:9c:b3:cb:6d:41:8e:be:
0d:04:ff:36:1b:75:7f:f3:87:ec:a5:b6:43:bc:2e:
35:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:EC:69:65:78:61:B1:7B:2D:49:48:04:45:C1:24:F1:5D:6F:61:97
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/DuxpZXhhsXstSUgERcEk8V1vYZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
217.199.209.0/24
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
56:0e:c0:a8:6a:07:4c:3f:35:ab:42:02:3e:a5:c1:aa:af:a9:
61:8b:9b:a6:5d:55:63:a1:c4:5f:0e:5e:e8:36:54:0e:f5:74:
72:ea:75:95:e9:91:02:5f:69:4e:75:a0:34:29:3c:d2:34:ad:
c4:d0:fc:52:d6:9a:49:d2:bf:1a:77:47:a0:0a:29:78:f3:1c:
bd:07:d3:07:f3:74:1f:1f:77:6f:f8:69:f6:e0:b1:eb:15:c0:
5b:24:be:c5:f0:6c:2f:0d:f9:21:11:a9:4e:e4:d8:f6:c1:17:
d8:9b:94:91:5b:c5:e3:3b:ec:fb:dd:fe:cc:04:86:40:d4:e0:
11:1e:74:dc:c7:ad:31:40:b7:1b:54:94:da:12:0b:77:e8:ff:
25:50:80:38:ed:54:cd:f1:b3:0d:15:40:f0:b7:fc:58:6f:c2:
f6:01:d7:60:c0:02:b3:e2:6a:30:ce:fd:fe:71:62:5b:2d:1e:
1f:27:9d:d8:19:dd:af:53:66:de:0d:d4:22:e3:73:3f:68:23:
31:50:41:55:cd:dd:8e:55:ca:cc:06:ce:d5:3c:ed:8b:89:b2:
8a:19:68:b9:a9:79:75:28:db:b9:d8:a3:68:6f:12:a5:bb:3e:
4b:b7:03:e3:c8:9e:2e:00:69:89:0e:62:0c:bc:68:7b:1a:63:
01:7b:83:d6
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZQfjHOZ9R5XiQui1nXPIAdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWVjNjk2NTc4NjFiMTdiMmQ0OTQ4MDQ0NWMxMjRmMTVkNmY2MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTdP7L0duF9zQQM+0x9tG3BbaGp5
lxyZH8TMysgkPNgN6CsLKDNESqJl0UjXyed0EjDXEpE2+dStp7hHcstsJzETjnpK
uLS1P5SRa8k/KCCI9WClvNsrQda54+ylPsz/hiLt+PjINo9efoKU89+w9edt2lr6
bFv7fL2oiWiu8lDafy5hxkQCHv+pHBRklVLjDZ8fEtjf3Fkahyzp+kxo5LolGYrR
QXgVb0Zy3Efd8/F0Tzb6L2OBo/ZfUfLQWQQrg4SkBlT9riNGccvHdMctgdwYp/Cj
DsFKZF/WP3fPGiFMhf+M87ECU5yzy21Bjr4NBP82G3V/84fspbZDvC41XwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFA7saWV4YbF7LUlIBEXBJPFdb2GXMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvRHV4cFpYaGhzWHN0U1VnRVJjRWs4VjF2WVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAx/I+AME
Ai4V/AMEAj5MGAMEAj5MWAMEAj5MZAMEAj5McAMEAFn47AMEAltrVAMEAVvjIgME
ArkoHAMEALk+ZwMEArlv2AMEArl+XAMEAtQI6AMEANnH0TANBAIAAjAHAwUAKgMC
IDANBgkqhkiG9w0BAQsFAAOCAQEAVg7AqGoHTD81q0ICPqXBqq+pYYubpl1VY6HE
Xw5e6DZUDvV0cup1lemRAl9pTnWgNCk80jStxND8UtaaSdK/GndHoAopePMcvQfT
B/N0Hx93b/hp9uCx6xXAWyS+xfBsLw35IRGpTuTY9sEX2JuUkVvF4zvs+93+zASG
QNTgER503MetMUC3G1SU2hILd+j/JVCAOO1UzfGzDRVA8Lf8WG/C9gHXYMACs+Jq
MM79/nFiWy0eHyed2Bndr1Nm3g3UIuNzP2gjMVBBVc3djlXKzAbO1Tzti4myihlo
ual5dSjbudijaG8Spbs+S7cD48ieLgBpiQ5iDLxoexpjAXuD1g==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:04 2025 by rpki-client on console.sobornost.net