Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/DdbKHClXPaTrPoO4LKrNu8pRmZE.roa
File: DdbKHClXPaTrPoO4LKrNu8pRmZE.roa (raw, json)
Hash identifier: 4tuBD3cJXqHIZUjSdRwBJSi5gLCuD1NraBD3hkjlvR8=
Subject key identifier: 0D:D6:CA:1C:29:57:3D:A4:EB:3E:83:B8:2C:AA:CD:BB:CA:51:99:91
Certificate issuer: /CN=303aae37bf3ebf95f14bad8647d3d58ef6e783b2
Certificate serial: 0194221FB8C8FB95C5E2E21D834DC2E55172
Authority key identifier: 30:3A:AE:37:BF:3E:BF:95:F1:4B:AD:86:47:D3:D5:8E:F6:E7:83:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDquN78-v5XxS62GR9PVjvbng7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/DdbKHClXPaTrPoO4LKrNu8pRmZE.roa
Signing time: Wed 01 Jan 2025 13:48:11 +0000
ROA not before: Wed 01 Jan 2025 13:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49463
IP address blocks: 5.179.120.0/21 maxlen: 24
31.216.16.0/20 maxlen: 24
46.21.112.0/20 maxlen: 24
46.21.112.0/24 maxlen: 24
46.21.114.0/24 maxlen: 24
46.21.116.0/24 maxlen: 24
46.21.127.0/24 maxlen: 24
185.7.160.0/22 maxlen: 24
2a02:27d0::/32 maxlen: 48
2a02:27d0:1671::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b8:c8:fb:95:c5:e2:e2:1d:83:4d:c2:e5:51:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=303aae37bf3ebf95f14bad8647d3d58ef6e783b2
Validity
Not Before: Jan 1 13:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dd6ca1c29573da4eb3e83b82caacdbbca519991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f0:45:51:99:3a:c5:11:d2:da:cb:3f:6a:d4:
ff:df:6d:d8:e1:a9:c2:a3:8e:53:57:a2:56:d2:38:
34:25:0c:eb:0f:bd:d9:8d:35:0d:92:8a:ae:68:a5:
e5:ef:dd:aa:ea:c3:ae:0c:58:4a:d9:11:f7:48:2e:
73:c0:99:55:6c:1a:73:81:09:8e:81:95:b7:e1:26:
c7:48:28:00:25:3a:77:ea:03:d6:22:5f:e5:4b:47:
11:e1:e7:c9:48:ce:5b:23:2c:37:5b:eb:09:6d:34:
1a:cf:73:97:13:17:96:d6:e7:85:1b:2a:96:49:10:
ab:e6:b9:16:fa:e9:fd:93:fd:10:3b:5a:83:e1:f3:
7e:90:79:3b:31:15:ce:90:cf:c8:f5:df:a5:fb:05:
f4:2c:91:4e:a6:cb:c4:4e:bc:12:c5:ea:1a:c9:42:
39:69:ed:af:5c:c8:59:ef:a4:92:21:78:8a:90:82:
64:d9:47:3e:5b:94:2d:3b:51:b8:c2:02:93:ad:30:
04:0a:07:c9:6e:5c:f0:16:59:43:ea:3d:46:2b:13:
27:0b:8a:63:10:4b:41:bb:b3:74:74:24:0e:be:67:
cb:4c:3c:48:4f:d0:a6:d1:b7:23:fb:9f:16:4b:b5:
3d:69:90:fe:00:2a:f1:66:6b:26:3a:66:81:8b:74:
85:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D6:CA:1C:29:57:3D:A4:EB:3E:83:B8:2C:AA:CD:BB:CA:51:99:91
X509v3 Authority Key Identifier:
keyid:30:3A:AE:37:BF:3E:BF:95:F1:4B:AD:86:47:D3:D5:8E:F6:E7:83:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDquN78-v5XxS62GR9PVjvbng7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/DdbKHClXPaTrPoO4LKrNu8pRmZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3bd7d2-2415-431c-b97d-d85853688b43/1/MDquN78-v5XxS62GR9PVjvbng7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.120.0/21
31.216.16.0/20
46.21.112.0/20
185.7.160.0/22
IPv6:
2a02:27d0::/32
Signature Algorithm: sha256WithRSAEncryption
35:61:13:44:96:8f:42:f0:da:97:16:18:1e:85:55:5c:15:6c:
b5:97:c4:09:48:e8:e8:14:60:17:38:45:a7:ab:6e:5c:b3:02:
39:3b:d7:c3:c6:3a:8c:05:ea:77:85:65:60:05:df:c2:82:10:
b5:2e:57:02:4b:a1:0f:0c:4f:9d:6b:69:56:57:f4:0d:49:dd:
94:6d:28:df:7b:8b:fd:1b:43:0c:dd:49:43:fe:e6:b8:a1:4e:
ed:eb:0d:8c:22:e1:d9:83:c7:d7:3b:06:ae:80:3e:01:77:55:
63:a1:8c:52:f1:6b:a8:fd:9a:7f:f7:b2:5c:06:ce:85:bd:e4:
e8:5f:00:84:50:bc:fa:5b:3c:61:40:eb:df:57:72:7e:ef:09:
5b:1e:8c:ae:0e:f4:9f:2c:30:d6:4c:20:b1:14:62:e1:54:3d:
fe:d1:59:e6:30:cc:f8:5c:e1:8a:b4:22:46:f9:d0:70:72:4f:
0a:d5:a9:b9:ed:a1:d6:f9:ef:d8:88:03:96:64:92:d3:fb:dc:
a0:da:2c:c3:94:a1:81:b4:4a:67:22:9b:78:38:cd:7e:65:c9:
c8:6c:70:92:e8:d0:90:e8:eb:04:32:a4:e2:95:54:24:1d:ae:
aa:56:51:79:55:b6:f5:ea:b8:3e:94:34:dc:a3:e8:00:43:1e:
11:c9:68:e5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQiH7jI+5XF4uIdg03C5VFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwM2FhZTM3YmYzZWJmOTVmMTRiYWQ4NjQ3ZDNkNThlZjZl
NzgzYjIwHhcNMjUwMTAxMTM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ2Y2ExYzI5NTczZGE0ZWIzZTgzYjgyY2FhY2RiYmNhNTE5OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vBFUZk6xRHS2ss/atT/323Y4anC
o45TV6JW0jg0JQzrD73ZjTUNkoquaKXl792q6sOuDFhK2RH3SC5zwJlVbBpzgQmO
gZW34SbHSCgAJTp36gPWIl/lS0cR4efJSM5bIyw3W+sJbTQaz3OXExeW1ueFGyqW
SRCr5rkW+un9k/0QO1qD4fN+kHk7MRXOkM/I9d+l+wX0LJFOpsvETrwSxeoayUI5
ae2vXMhZ76SSIXiKkIJk2Uc+W5QtO1G4wgKTrTAECgfJblzwFllD6j1GKxMnC4pj
EEtBu7N0dCQOvmfLTDxIT9Cm0bcj+58WS7U9aZD+ACrxZmsmOmaBi3SFawIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA3WyhwpVz2k6z6DuCyqzbvKUZmRMB8GA1UdIwQY
MBaAFDA6rje/Pr+V8UuthkfT1Y7254OyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTURxdU43OC12NVh4UzYyR1I5UFZqdmJuZzdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYmQ3ZDItMjQxNS00MzFjLWI5N2Qt
ZDg1ODUzNjg4YjQzLzEvRGRiS0hDbFhQYVRyUG9PNExLck51OHBSbVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYmQ3ZDItMjQxNS00MzFjLWI5N2QtZDg1ODUzNjg4YjQz
LzEvTURxdU43OC12NVh4UzYyR1I5UFZqdmJuZzdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBbN4AwQE
H9gQAwQELhVwAwQCuQegMA0EAgACMAcDBQAqAifQMA0GCSqGSIb3DQEBCwUAA4IB
AQA1YRNElo9C8NqXFhgehVVcFWy1l8QJSOjoFGAXOEWnq25cswI5O9fDxjqMBep3
hWVgBd/CghC1LlcCS6EPDE+da2lWV/QNSd2UbSjfe4v9G0MM3UlD/ua4oU7t6w2M
IuHZg8fXOwaugD4Bd1VjoYxS8Wuo/Zp/97JcBs6FveToXwCEULz6WzxhQOvfV3J+
7wlbHoyuDvSfLDDWTCCxFGLhVD3+0VnmMMz4XOGKtCJG+dBwck8K1am57aHW+e/Y
iAOWZJLT+9yg2izDlKGBtEpnIpt4OM1+ZcnIbHCS6NCQ6OsEMqTilVQkHa6qVlF5
Vbb16rg+lDTco+gAQx4RyWjl
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:46:27 2025 by rpki-client on console.sobornost.net