Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/xUKzTAldUiT2bTiE85xbWgdz7uE.roa
File: xUKzTAldUiT2bTiE85xbWgdz7uE.roa (raw, json)
Hash identifier: epgxy7n2iCHUHT4jTdiOSkGMpDS2fK569X9zKRVIqXA=
Subject key identifier: C5:42:B3:4C:09:5D:52:24:F6:6D:38:84:F3:9C:5B:5A:07:73:EE:E1
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0192BE9C2492DD3E8831FD0D69B8E293FBCB
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/xUKzTAldUiT2bTiE85xbWgdz7uE.roa
Signing time: Thu 24 Oct 2024 12:59:16 +0000
ROA not before: Thu 24 Oct 2024 12:59:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15755
IP address blocks: 185.35.21.0/24 maxlen: 24
185.96.168.0/24 maxlen: 24
185.96.171.0/24 maxlen: 24
185.203.32.0/24 maxlen: 24
185.203.33.0/24 maxlen: 24
185.203.34.0/24 maxlen: 24
185.203.35.0/24 maxlen: 24
2a00:7300::/32 maxlen: 32
2a00:7300::/48 maxlen: 48
2a0a:e0c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:9c:24:92:dd:3e:88:31:fd:0d:69:b8:e2:93:fb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Oct 24 12:59:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c542b34c095d5224f66d3884f39c5b5a0773eee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f0:cf:d5:9d:79:a6:72:f8:b2:83:ca:19:38:
e9:6d:b3:2e:e0:57:21:f0:ab:82:a9:b0:a2:0f:5e:
21:3e:3d:f3:38:20:db:47:59:03:46:b7:c7:16:08:
59:b5:56:09:7d:e8:8b:dd:75:2b:e5:32:ae:cf:d3:
fd:46:d4:fb:e7:81:ae:2a:71:22:d4:d1:64:6e:f9:
9f:a1:6d:3c:f9:d4:ae:78:09:80:c4:be:ce:5d:15:
3b:d0:4d:51:f1:02:41:f8:b1:ae:1b:af:54:bc:39:
54:bd:f0:5e:b7:48:5f:1d:58:47:b2:eb:b9:ee:be:
1e:3f:38:9e:02:3f:22:81:14:df:ac:79:63:64:ee:
c7:10:42:2c:2e:46:ed:4a:80:9f:e0:95:eb:8b:9d:
9e:6d:4b:1b:40:7d:02:54:94:8e:1b:a7:2a:6f:15:
fe:10:a0:83:ab:39:d7:a2:3a:d0:da:14:8f:41:f4:
86:5f:4d:fc:ee:00:d8:ae:8c:29:9c:b1:50:63:49:
03:3b:f2:e9:42:19:d4:65:13:25:2e:52:78:61:fc:
ed:3b:a6:07:8f:c4:d6:5f:57:1b:45:23:ea:06:cb:
7d:db:46:d8:ca:6a:42:6c:20:a7:25:c0:47:f8:d1:
80:87:82:6e:1d:d9:79:0e:21:82:51:6f:23:ae:df:
1e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:42:B3:4C:09:5D:52:24:F6:6D:38:84:F3:9C:5B:5A:07:73:EE:E1
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/xUKzTAldUiT2bTiE85xbWgdz7uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.21.0/24
185.96.168.0/24
185.96.171.0/24
185.203.32.0/22
IPv6:
2a00:7300::/32
2a0a:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
49:8a:f6:34:4e:7b:19:7a:6a:bc:f2:8c:77:ca:58:b7:fd:5f:
2e:93:6b:9c:53:62:74:cb:22:10:42:28:c0:e8:7a:78:3d:8d:
4f:98:cb:16:d8:ae:18:ec:e9:65:1a:cb:db:23:b4:d2:7e:d0:
ef:ac:b2:8b:ec:d6:bc:82:45:7d:fe:77:eb:f9:8f:19:7b:0e:
e5:fb:d8:e3:f5:0a:66:2b:73:d8:40:38:e2:d9:e0:45:6d:98:
72:8b:7c:99:4b:24:55:43:47:17:7a:95:3a:38:f2:27:40:94:
9b:d6:32:6b:4b:31:41:33:9e:5f:92:8f:86:bd:98:10:a3:c3:
7d:b0:6c:92:e3:ab:7b:ab:97:0d:2a:3e:a4:f1:23:38:de:65:
f7:b4:e9:14:fe:bb:11:cf:7f:db:a6:13:5f:7a:75:6c:f9:ed:
73:d3:9e:e8:61:58:3c:2c:57:8f:03:d1:1f:49:88:cd:67:c0:
5c:e4:5b:90:e6:b9:e1:69:f2:b4:31:ea:65:96:db:36:54:ae:
59:ec:42:cd:ca:eb:91:3f:71:48:c1:d2:e3:b5:d1:e5:41:d8:
df:05:5a:3f:df:c7:38:67:4d:6e:0f:3a:a0:ed:38:41:1d:42:
72:ed:d1:52:ec:f2:06:10:87:91:62:37:e9:1b:9f:4d:27:3d:
4a:36:9d:0b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZK+nCSS3T6IMf0Nabjik/vLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjQxMDI0MTI1OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQyYjM0YzA5NWQ1MjI0ZjY2ZDM4ODRmMzljNWI1YTA3NzNlZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/DP1Z15pnL4soPKGTjpbbMu4Fch
8KuCqbCiD14hPj3zOCDbR1kDRrfHFghZtVYJfeiL3XUr5TKuz9P9RtT754GuKnEi
1NFkbvmfoW08+dSueAmAxL7OXRU70E1R8QJB+LGuG69UvDlUvfBet0hfHVhHsuu5
7r4ePzieAj8igRTfrHljZO7HEEIsLkbtSoCf4JXri52ebUsbQH0CVJSOG6cqbxX+
EKCDqznXojrQ2hSPQfSGX0387gDYrowpnLFQY0kDO/LpQhnUZRMlLlJ4YfztO6YH
j8TWX1cbRSPqBst920bYympCbCCnJcBH+NGAh4JuHdl5DiGCUW8jrt8eEQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMVCs0wJXVIk9m04hPOcW1oHc+7hMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEveFVLelRBbGRVaVQyYlRpRTg1eGJXZ2R6N3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAuSMVAwQA
uWCoAwQAuWCrAwQCucsgMBQEAgACMA4DBQAqAHMAAwUDKgrgwDANBgkqhkiG9w0B
AQsFAAOCAQEASYr2NE57GXpqvPKMd8pYt/1fLpNrnFNidMsiEEIowOh6eD2NT5jL
FtiuGOzpZRrL2yO00n7Q76yyi+zWvIJFff536/mPGXsO5fvY4/UKZitz2EA44tng
RW2Ycot8mUskVUNHF3qVOjjyJ0CUm9Yya0sxQTOeX5KPhr2YEKPDfbBskuOre6uX
DSo+pPEjON5l97TpFP67Ec9/26YTX3p1bPntc9Oe6GFYPCxXjwPRH0mIzWfAXORb
kOa54WnytDHqZZbbNlSuWexCzcrrkT9xSMHS47XR5UHY3wVaP9/HOGdNbg86oO04
QR1Ccu3RUuzyBhCHkWI36RufTSc9SjadCw==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:47 2024 by rpki-client on console.sobornost.net