Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/MIiHSvDprFFovFG0HPxBPItWWEU.roa
File: MIiHSvDprFFovFG0HPxBPItWWEU.roa (raw, json)
Hash identifier: ZHAb1bFdnuHWg+PylUlDK1Ju7Ti/rSboUdEtNH0vKAU=
Subject key identifier: 30:88:87:4A:F0:E9:AC:51:68:BC:51:B4:1C:FC:41:3C:8B:56:58:45
Certificate issuer: /CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Certificate serial: 01942368C419FC4F268CE1BBCD9C55EE1123
Authority key identifier: 39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/MIiHSvDprFFovFG0HPxBPItWWEU.roa
Signing time: Wed 01 Jan 2025 19:47:35 +0000
ROA not before: Wed 01 Jan 2025 19:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34285
IP address blocks: 185.197.244.0/22 maxlen: 22
217.12.16.0/24 maxlen: 24
217.12.17.0/24 maxlen: 24
217.12.18.0/24 maxlen: 24
217.12.19.0/24 maxlen: 24
217.12.20.0/22 maxlen: 22
217.12.20.0/23 maxlen: 23
217.12.22.0/23 maxlen: 23
217.12.24.0/22 maxlen: 22
217.12.24.0/24 maxlen: 24
217.12.25.0/24 maxlen: 24
217.12.26.0/24 maxlen: 24
217.12.27.0/24 maxlen: 24
217.12.28.0/22 maxlen: 22
217.12.28.0/24 maxlen: 24
217.12.29.0/24 maxlen: 24
217.12.30.0/24 maxlen: 24
217.12.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:c4:19:fc:4f:26:8c:e1:bb:cd:9c:55:ee:11:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Validity
Not Before: Jan 1 19:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3088874af0e9ac5168bc51b41cfc413c8b565845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:87:32:4e:cc:8c:fa:6a:94:96:f1:be:45:c6:
f1:60:16:9f:c8:49:ac:82:d5:9c:c3:0c:9d:b5:d7:
96:9a:80:c8:38:20:f9:4b:e8:da:ac:bc:c8:47:c8:
8d:dc:42:18:5d:5d:16:12:1b:f7:17:38:19:ac:5c:
79:e7:d2:4c:dc:4b:b4:05:ff:d2:cd:5f:81:d9:86:
5e:3d:52:33:1d:53:51:0b:db:c7:31:36:0e:f6:9f:
d3:b5:ad:df:fb:cb:62:f3:54:8c:c1:e0:66:39:a5:
aa:d8:85:87:1d:97:df:8f:02:57:3a:be:2a:a7:b3:
79:93:6b:40:ba:6e:75:5e:5a:c5:d8:40:7f:fc:8b:
31:70:da:c7:42:00:ff:3c:ee:fc:a1:64:3d:ec:9a:
cb:b5:4c:45:71:b7:6d:13:85:da:5a:2e:b4:94:e5:
49:07:22:03:98:aa:a3:39:e8:2a:a6:7c:67:61:f0:
d5:37:be:05:de:ea:d6:8c:2f:65:02:4b:2d:02:a0:
00:79:23:6f:45:9c:c2:c8:d7:52:f3:3a:ca:89:f8:
dd:d3:b5:b0:f8:76:ef:7f:e0:95:db:37:63:d1:92:
ea:34:60:50:6a:81:5d:f1:83:cf:c2:23:06:09:15:
80:e6:ee:c3:a9:2a:31:b0:6f:14:f7:b4:d3:42:d3:
bb:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:88:87:4A:F0:E9:AC:51:68:BC:51:B4:1C:FC:41:3C:8B:56:58:45
X509v3 Authority Key Identifier:
keyid:39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/MIiHSvDprFFovFG0HPxBPItWWEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.244.0/22
217.12.16.0/20
Signature Algorithm: sha256WithRSAEncryption
2e:21:66:e4:a1:ae:9c:79:7f:0e:22:7f:9b:6d:d6:28:b5:78:
29:b7:75:11:df:b9:f8:c8:35:e5:5a:0d:77:d8:fe:7f:83:0d:
aa:f9:b9:a5:ed:69:00:51:c4:6a:a6:18:ee:f3:f4:90:48:84:
11:0b:5f:61:eb:bd:39:72:8d:91:c8:63:9a:38:cf:59:89:cd:
03:b6:53:5d:ed:81:8a:db:0b:2e:fc:48:51:ab:53:64:4c:30:
d5:23:12:77:44:13:17:51:16:3a:47:da:79:ae:93:d7:cf:21:
6d:94:30:73:7b:8d:3d:6b:2f:18:2e:8e:b5:61:09:66:ea:74:
78:8e:05:de:7b:5c:d8:f6:59:ec:9f:fc:f3:19:e5:6b:22:c5:
7f:73:14:a1:31:a4:f3:c8:02:45:8b:2d:90:b7:6c:55:89:bb:
a4:64:a9:80:0c:7c:72:57:08:cb:e2:b2:e4:b1:2c:07:eb:97:
92:c3:6f:90:a2:fb:25:ee:83:f7:14:1d:ee:27:c6:93:e2:8f:
0b:2e:6d:04:e4:90:8c:e3:04:eb:90:0a:47:8a:7b:c8:9f:6c:
5b:89:f2:d3:43:c0:2a:50:1f:36:e1:e8:31:81:a4:de:b9:17:
0c:6d:9a:dc:57:5e:a1:d2:7e:7a:6e:48:d6:af:68:67:72:dc:
85:73:2a:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaMQZ/E8mjOG7zZxV7hEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzlmOTJiODI1Y2UxMTA5MDNjMzFkNTIyYjBmNTBjYWZk
NzRhNmYwHhcNMjUwMTAxMTk0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDg4ODc0YWYwZTlhYzUxNjhiYzUxYjQxY2ZjNDEzYzhiNTY1ODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4cyTsyM+mqUlvG+RcbxYBafyEms
gtWcwwydtdeWmoDIOCD5S+jarLzIR8iN3EIYXV0WEhv3FzgZrFx559JM3Eu0Bf/S
zV+B2YZePVIzHVNRC9vHMTYO9p/Tta3f+8ti81SMweBmOaWq2IWHHZffjwJXOr4q
p7N5k2tAum51XlrF2EB//IsxcNrHQgD/PO78oWQ97JrLtUxFcbdtE4XaWi60lOVJ
ByIDmKqjOegqpnxnYfDVN74F3urWjC9lAkstAqAAeSNvRZzCyNdS8zrKifjd07Ww
+Hbvf+CV2zdj0ZLqNGBQaoFd8YPPwiMGCRWA5u7DqSoxsG8U97TTQtO7IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDCIh0rw6axRaLxRtBz8QTyLVlhFMB8GA1UdIwQY
MBaAFDk5+SuCXOEQkDwx1SKw9Qyv10pvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMt
OWZjMzY0MTFhY2NjLzEvTUlpSFN2RHByRkZvdkZHMEhQeEJQSXRXV0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMtOWZjMzY0MTFhY2Nj
LzEvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucX0AwQE
2QwQMA0GCSqGSIb3DQEBCwUAA4IBAQAuIWbkoa6ceX8OIn+bbdYotXgpt3UR37n4
yDXlWg132P5/gw2q+bml7WkAUcRqphju8/SQSIQRC19h6705co2RyGOaOM9Zic0D
tlNd7YGK2wsu/EhRq1NkTDDVIxJ3RBMXURY6R9p5rpPXzyFtlDBze409ay8YLo61
YQlm6nR4jgXee1zY9lnsn/zzGeVrIsV/cxShMaTzyAJFiy2Qt2xVibukZKmADHxy
VwjL4rLksSwH65eSw2+Qovsl7oP3FB3uJ8aT4o8LLm0E5JCM4wTrkApHinvIn2xb
ifLTQ8AqUB824egxgaTeuRcMbZrcV16h0n56bkjWr2hnctyFcyqY
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:33 2025 by rpki-client on console.sobornost.net