Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/pHFKdH-KCc_ydVnHGNf0-RSJM3k.roa
File: pHFKdH-KCc_ydVnHGNf0-RSJM3k.roa (raw, json)
Hash identifier: peH1uAAWlXznmJ8AOcxPssvikeyDpR+2OPe6dh39CwU=
Subject key identifier: A4:71:4A:74:7F:8A:09:CF:F2:75:59:C7:18:D7:F4:F9:14:89:33:79
Certificate issuer: /CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Certificate serial: 018CC801536A84BBBEC1BFDD923CDDE925FC
Authority key identifier: 5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/pHFKdH-KCc_ydVnHGNf0-RSJM3k.roa
Signing time: Tue 02 Jan 2024 02:29:39 +0000
ROA not before: Tue 02 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44795
IP address blocks: 62.128.160.0/19 maxlen: 19
82.214.240.0/21 maxlen: 21
82.214.244.0/22 maxlen: 22
195.238.32.0/19 maxlen: 19
62.128.168.0/21 maxlen: 21
62.128.168.0/22 maxlen: 22
62.128.172.0/22 maxlen: 22
128.65.64.0/19 maxlen: 24
82.214.192.0/18 maxlen: 18
82.214.210.0/24 maxlen: 24
185.117.52.0/22 maxlen: 22
82.214.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:53:6a:84:bb:be:c1:bf:dd:92:3c:dd:e9:25:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Validity
Not Before: Jan 2 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4714a747f8a09cff27559c718d7f4f914893379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cf:79:57:67:9c:fd:2d:9a:e1:f2:3d:e3:26:
3a:84:b1:66:1c:1f:c1:b0:3c:9d:24:2f:d2:13:38:
2a:f1:41:04:ff:2d:d0:05:5e:d4:0a:c0:16:37:1e:
1f:5d:29:91:41:19:d4:33:a9:49:3d:f4:c1:94:8c:
25:51:fc:4d:ad:01:0e:0e:f5:04:b4:63:6d:22:55:
bc:c1:07:cc:47:50:0d:b1:61:a4:5b:a3:24:e8:49:
be:d0:86:4d:d2:4e:53:b7:be:3c:58:1c:5d:7c:29:
78:0b:9c:5f:d7:de:0a:64:c1:26:97:cc:ea:1a:65:
84:78:d6:73:a4:f4:86:ea:af:b7:c6:f9:10:c6:cd:
8d:5f:72:f8:58:ff:45:58:79:83:0b:09:ba:c4:61:
2d:60:a7:d6:7f:89:f0:72:17:e1:ea:1f:b9:5f:e3:
a1:b8:07:6a:e9:5e:be:7d:9d:1e:27:87:c1:2c:d8:
3c:7b:2a:12:b8:35:a9:f4:e6:ae:8c:51:31:de:cd:
c9:19:1c:f3:fc:47:01:c3:77:1f:5d:ef:66:f0:0c:
df:08:4d:7e:60:b6:60:5f:c6:79:48:0f:88:75:e3:
34:4c:23:10:3b:e2:1e:b9:e4:d6:40:ba:9c:cc:11:
14:6b:18:1d:d0:34:a4:ed:25:d5:29:5e:55:7b:4e:
6a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:71:4A:74:7F:8A:09:CF:F2:75:59:C7:18:D7:F4:F9:14:89:33:79
X509v3 Authority Key Identifier:
keyid:5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/pHFKdH-KCc_ydVnHGNf0-RSJM3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.160.0/19
82.214.192.0/18
128.65.64.0/19
185.117.52.0/22
195.238.32.0/19
Signature Algorithm: sha256WithRSAEncryption
01:fb:d4:e0:0b:11:a4:2b:c6:35:77:5d:8a:74:cc:3f:90:11:
bd:e6:a7:32:36:44:d0:08:99:29:c8:10:38:14:f6:b1:de:93:
1d:25:56:fa:14:4d:b6:43:0f:7d:e9:7d:f8:24:3a:86:30:51:
71:80:ac:43:6a:8a:a9:4f:89:81:f5:9c:39:9e:55:3f:60:9f:
86:a3:09:0a:91:1b:25:a8:d6:a1:81:92:d6:26:70:55:1f:c7:
78:d1:c8:df:c2:0f:f8:30:d5:cd:c3:0b:83:7f:a9:9a:46:06:
d4:fb:03:98:65:93:73:ed:3c:1e:d1:a7:21:29:13:67:0b:f8:
20:c8:10:c0:96:cf:52:53:d3:85:79:71:d9:ec:35:85:14:00:
73:01:82:6c:a9:5e:1b:9f:21:77:bb:82:49:d9:a0:19:aa:3a:
6c:0f:9a:46:66:1e:a8:79:61:3d:14:1c:d9:f2:4b:e5:32:72:
a0:09:ad:6d:04:bf:12:ac:3e:36:0d:fd:cc:4f:c1:e5:54:4c:
e1:00:67:a4:35:65:66:a9:a3:e1:38:28:ae:f2:72:fe:40:36:
de:52:95:7a:80:aa:59:56:ca:45:42:c2:25:85:fe:ce:c4:74:
e8:5f:24:6b:58:c9:6a:45:60:fa:2b:eb:43:30:8a:34:bf:9a:
a9:bc:ef:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAVNqhLu+wb/dkjzd6SX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZjRkZTZlNzNjOGUwNTNjYjY0MGI3NGQyYjkxMmFiZDkw
YjA1ODAwHhcNMjQwMTAyMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDcxNGE3NDdmOGEwOWNmZjI3NTU5YzcxOGQ3ZjRmOTE0ODkzMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic95V2ec/S2a4fI94yY6hLFmHB/B
sDydJC/SEzgq8UEE/y3QBV7UCsAWNx4fXSmRQRnUM6lJPfTBlIwlUfxNrQEODvUE
tGNtIlW8wQfMR1ANsWGkW6Mk6Em+0IZN0k5Tt748WBxdfCl4C5xf194KZMEml8zq
GmWEeNZzpPSG6q+3xvkQxs2NX3L4WP9FWHmDCwm6xGEtYKfWf4nwchfh6h+5X+Oh
uAdq6V6+fZ0eJ4fBLNg8eyoSuDWp9OaujFEx3s3JGRzz/EcBw3cfXe9m8AzfCE1+
YLZgX8Z5SA+IdeM0TCMQO+IeueTWQLqczBEUaxgd0DSk7SXVKV5Ve05qGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKRxSnR/ignP8nVZxxjX9PkUiTN5MB8GA1UdIwQY
MBaAFFr03m5zyOBTy2QLdNK5EqvZCwWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUt
YzFlOTM2MmIxYTUxLzEvcEhGS2RILUtDY195ZFZuSEdOZjAtUlNKTTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9hZDM2OTYtZjM2Zi00ZGYwLWIyZGUtYzFlOTM2MmIxYTUx
LzEvV3ZUZWJuUEk0RlBMWkF0MDBya1NxOWtMQllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFPoCgAwQG
UtbAAwQFgEFAAwQCuXU0AwQFw+4gMA0GCSqGSIb3DQEBCwUAA4IBAQAB+9TgCxGk
K8Y1d12KdMw/kBG95qcyNkTQCJkpyBA4FPax3pMdJVb6FE22Qw996X34JDqGMFFx
gKxDaoqpT4mB9Zw5nlU/YJ+GowkKkRslqNahgZLWJnBVH8d40cjfwg/4MNXNwwuD
f6maRgbU+wOYZZNz7Twe0achKRNnC/ggyBDAls9SU9OFeXHZ7DWFFABzAYJsqV4b
nyF3u4JJ2aAZqjpsD5pGZh6oeWE9FBzZ8kvlMnKgCa1tBL8SrD42Df3MT8HlVEzh
AGekNWVmqaPhOCiu8nL+QDbeUpV6gKpZVspFQsIlhf7OxHToXyRrWMlqRWD6K+tD
MIo0v5qpvO9a
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:25:56 2024 by rpki-client on console.sobornost.net