Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/c_ORZpR3ooKMGPfa0OmblOdGe1o.roa
File: c_ORZpR3ooKMGPfa0OmblOdGe1o.roa (raw, json)
Hash identifier: 7oPG5YhkzTFPq85armoAnIO4OPEMfyiq1TL/Uwm1q9g=
Subject key identifier: 73:F3:91:66:94:77:A2:82:8C:18:F7:DA:D0:E9:9B:94:E7:46:7B:5A
Certificate issuer: /CN=ec4af6fdc16d68ae26aa0eab5623e6be217036c1
Certificate serial: 018E953C0FAA71EEA777FAA4C4F7A8C22070
Authority key identifier: EC:4A:F6:FD:C1:6D:68:AE:26:AA:0E:AB:56:23:E6:BE:21:70:36:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Er2_cFtaK4mqg6rViPmviFwNsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/c_ORZpR3ooKMGPfa0OmblOdGe1o.roa
Signing time: Sun 31 Mar 2024 15:58:45 +0000
ROA not before: Sun 31 Mar 2024 15:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58262
IP address blocks: 5.61.24.0/24 maxlen: 24
5.61.25.0/24 maxlen: 24
5.61.26.0/24 maxlen: 24
5.61.28.0/24 maxlen: 24
5.61.29.0/24 maxlen: 24
5.61.30.0/24 maxlen: 24
5.61.31.0/24 maxlen: 24
92.119.56.0/24 maxlen: 24
92.119.57.0/24 maxlen: 24
92.119.58.0/24 maxlen: 24
185.73.112.0/24 maxlen: 24
185.73.114.0/24 maxlen: 24
2a05:2d80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:95:3c:0f:aa:71:ee:a7:77:fa:a4:c4:f7:a8:c2:20:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4af6fdc16d68ae26aa0eab5623e6be217036c1
Validity
Not Before: Mar 31 15:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73f391669477a2828c18f7dad0e99b94e7467b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e7:ba:2a:35:68:be:9b:c0:0f:8a:73:b6:ae:
2e:0b:62:e1:e0:6b:b1:48:d8:3a:59:40:82:ca:7c:
8a:a6:99:ec:f0:f3:86:67:b9:86:eb:ff:1e:2a:bc:
28:7d:3b:2d:7d:9f:ae:76:53:da:7b:b5:bc:2f:ad:
76:4b:5a:04:9e:74:f3:4c:3e:cc:4c:7c:6f:ec:27:
86:a4:9e:a7:87:2d:1f:b9:0e:c9:aa:6c:82:d1:ac:
dd:7c:b7:b4:24:c4:1e:4b:28:15:7a:79:52:90:6f:
d4:49:63:01:e9:0d:d7:b8:f6:9a:e3:9e:78:c0:37:
97:26:4f:9b:3f:37:b2:25:d6:86:ba:60:72:f9:9b:
ac:75:eb:34:b6:e0:ca:47:58:8f:30:a0:95:d1:c1:
a6:52:94:20:5f:75:0c:67:9f:2d:7e:af:1f:f1:e7:
d2:2b:66:d1:a3:eb:21:4c:ec:c8:e6:47:41:03:50:
49:d3:04:a3:21:81:bf:84:61:f2:e7:17:dd:38:36:
10:cb:74:5f:d7:30:bd:37:10:e7:3e:4c:75:4a:83:
16:ee:4e:e6:72:0a:83:07:cd:b6:d3:31:6e:0e:35:
cd:dd:9d:8c:0b:b8:f4:62:e0:53:78:57:dc:23:90:
cb:18:f7:7a:0f:e9:12:3d:a9:05:b1:f4:47:03:ae:
c3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F3:91:66:94:77:A2:82:8C:18:F7:DA:D0:E9:9B:94:E7:46:7B:5A
X509v3 Authority Key Identifier:
keyid:EC:4A:F6:FD:C1:6D:68:AE:26:AA:0E:AB:56:23:E6:BE:21:70:36:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Er2_cFtaK4mqg6rViPmviFwNsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/c_ORZpR3ooKMGPfa0OmblOdGe1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/7Er2_cFtaK4mqg6rViPmviFwNsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.24.0-5.61.26.255
5.61.28.0/22
92.119.56.0-92.119.58.255
185.73.112.0/24
185.73.114.0/24
IPv6:
2a05:2d80::/48
Signature Algorithm: sha256WithRSAEncryption
60:f8:3e:ac:c6:13:2a:ec:24:99:23:b6:61:5c:32:b8:01:3d:
fc:a7:07:ab:c0:b2:34:42:09:71:6a:e5:b6:fc:28:7e:b9:60:
b4:af:fb:b6:16:a5:8c:49:a4:62:96:6e:4a:3c:22:a8:23:40:
1a:86:90:58:c1:fe:42:b7:7c:c3:26:37:61:2a:13:66:a0:b5:
c0:a7:0a:20:26:a1:9a:3e:38:23:8b:1a:cb:9a:a7:1d:c6:17:
5b:81:61:52:2e:24:ed:91:fe:55:11:07:67:8f:d6:40:c0:74:
ee:55:c1:dc:49:93:fa:62:67:9f:73:26:dc:15:d7:d8:54:87:
0f:be:2e:0d:ac:4a:9a:47:be:3c:1b:34:ec:11:11:d8:02:e3:
39:13:53:54:80:04:9f:66:63:9b:c5:c2:42:23:d2:4b:bd:26:
23:8c:80:7e:4a:d1:53:c4:53:be:31:72:00:45:a1:c8:ca:80:
3a:64:a8:b9:0c:bf:42:ab:22:1c:68:37:1d:80:c0:dd:ec:77:
cc:c9:f3:74:ce:d7:cd:66:d9:93:08:3c:7f:1b:54:18:e3:23:
0c:2b:2e:69:b5:0c:4d:b0:ac:c9:07:0d:ab:0e:69:8b:04:58:
ec:cb:99:1f:97:af:df:0c:76:97:54:29:be:34:7d:f6:21:f4:
d2:9e:aa:b1
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY6VPA+qce6nd/qkxPeowiBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGFmNmZkYzE2ZDY4YWUyNmFhMGVhYjU2MjNlNmJlMjE3
MDM2YzEwHhcNMjQwMzMxMTU1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2YzOTE2Njk0NzdhMjgyOGMxOGY3ZGFkMGU5OWI5NGU3NDY3YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkue6KjVovpvAD4pztq4uC2Lh4Gux
SNg6WUCCynyKppns8POGZ7mG6/8eKrwofTstfZ+udlPae7W8L612S1oEnnTzTD7M
THxv7CeGpJ6nhy0fuQ7JqmyC0azdfLe0JMQeSygVenlSkG/USWMB6Q3XuPaa4554
wDeXJk+bPzeyJdaGumBy+Zusdes0tuDKR1iPMKCV0cGmUpQgX3UMZ58tfq8f8efS
K2bRo+shTOzI5kdBA1BJ0wSjIYG/hGHy5xfdODYQy3Rf1zC9NxDnPkx1SoMW7k7m
cgqDB8220zFuDjXN3Z2MC7j0YuBTeFfcI5DLGPd6D+kSPakFsfRHA67DmwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHPzkWaUd6KCjBj32tDpm5TnRntaMB8GA1UdIwQY
MBaAFOxK9v3BbWiuJqoOq1Yj5r4hcDbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0VyMl9jRnRhSzRtcWc2clZpUG12aUZ3TnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC83ZGM4NWMtYjBhMS00OGQ5LTk4NzAt
MzgyNWJmMzNlNGVjLzEvY19PUlpwUjNvb0tNR1BmYTBPbWJsT2RHZTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC83ZGM4NWMtYjBhMS00OGQ5LTk4NzAtMzgyNWJmMzNlNGVj
LzEvN0VyMl9jRnRhSzRtcWc2clZpUG12aUZ3TnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuMAwDBAMFPRgD
BAAFPRoDBAIFPRwwDAMEA1x3OAMEAFx3OgMEALlJcAMEALlJcjAPBAIAAjAJAwcA
KgUtgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBg+D6sxhMq7CSZI7ZhXDK4AT38pwer
wLI0QglxauW2/Ch+uWC0r/u2FqWMSaRilm5KPCKoI0AahpBYwf5Ct3zDJjdhKhNm
oLXApwogJqGaPjgjixrLmqcdxhdbgWFSLiTtkf5VEQdnj9ZAwHTuVcHcSZP6Ymef
cybcFdfYVIcPvi4NrEqaR748GzTsERHYAuM5E1NUgASfZmObxcJCI9JLvSYjjIB+
StFTxFO+MXIARaHIyoA6ZKi5DL9CqyIcaDcdgMDd7HfMyfN0ztfNZtmTCDx/G1QY
4yMMKy5ptQxNsKzJBw2rDmmLBFjsy5kfl6/fDHaXVCm+NH32IfTSnqqx
-----END CERTIFICATE-----
Generated at Fri Sep 27 20:07:23 2024 by rpki-client on console.sobornost.net