Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/1xADHuoFwuyzfSCgyVHxLsaXcJk.roa
File: 1xADHuoFwuyzfSCgyVHxLsaXcJk.roa (raw, json)
Hash identifier: uZFfqi4BGHFlSOOiP1vP7tRXFVblTmd30SSEIJbVEO4=
Subject key identifier: D7:10:03:1E:EA:05:C2:EC:B3:7D:20:A0:C9:51:F1:2E:C6:97:70:99
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 019424B2CA5ED87E247228D7FED9C7785603
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/1xADHuoFwuyzfSCgyVHxLsaXcJk.roa
Signing time: Thu 02 Jan 2025 01:48:04 +0000
ROA not before: Thu 02 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209984
IP address blocks: 89.40.238.0/24 maxlen: 24
89.43.72.0/24 maxlen: 24
89.43.198.0/24 maxlen: 24
89.44.145.0/24 maxlen: 24
109.205.136.0/22 maxlen: 24
185.237.136.0/22 maxlen: 24
185.249.232.0/24 maxlen: 24
185.253.145.0/24 maxlen: 24
185.253.146.0/24 maxlen: 24
193.39.95.0/24 maxlen: 24
194.15.219.0/24 maxlen: 24
194.15.232.0/24 maxlen: 24
194.15.236.0/24 maxlen: 24
194.26.1.0/24 maxlen: 24
2a06:ce00::/29 maxlen: 29
2a0c:1380::/29 maxlen: 29
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ca:5e:d8:7e:24:72:28:d7:fe:d9:c7:78:56:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Jan 2 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d710031eea05c2ecb37d20a0c951f12ec6977099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7a:08:d0:7b:43:d3:5b:d9:4e:be:9a:c3:8d:
cd:a2:7a:73:b2:0d:cc:47:28:69:d4:b4:b4:da:c7:
75:e0:3b:ee:8b:14:d9:68:e0:ff:05:c0:d8:bb:06:
98:ce:23:57:d8:c2:67:2d:2a:ba:f8:13:45:14:32:
49:67:fb:c5:ac:19:fb:20:aa:55:d6:d2:3e:76:bb:
3c:27:f6:7d:c5:ea:e6:4a:08:f3:2f:7a:9f:09:3c:
bc:d8:ad:01:f6:e2:a8:8e:82:0d:48:a5:29:eb:33:
4d:7c:77:cb:23:8e:bd:bc:16:e5:16:11:c4:12:94:
e6:7f:4a:1c:13:54:12:4e:6d:9e:95:d6:93:0f:18:
c2:08:aa:58:da:8a:cb:fc:dc:b4:d5:41:a8:0b:ad:
18:2c:27:29:6f:79:84:bc:0d:92:0c:fa:1d:7a:d6:
11:27:ab:89:4e:1b:7f:c6:1f:65:41:81:11:dd:07:
16:4a:17:53:50:91:d1:ba:74:63:59:67:ec:cc:b7:
6d:64:53:20:37:5f:c4:0d:99:d5:1b:b1:ee:21:5f:
84:f4:cd:68:63:bf:fa:ce:2f:40:59:86:9a:b2:a5:
f9:3e:31:8d:df:8f:73:42:ac:d0:8e:7d:3d:52:a5:
df:95:05:4b:8e:8a:47:18:6b:60:44:39:2d:86:66:
e6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:10:03:1E:EA:05:C2:EC:B3:7D:20:A0:C9:51:F1:2E:C6:97:70:99
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/1xADHuoFwuyzfSCgyVHxLsaXcJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.238.0/24
89.43.72.0/24
89.43.198.0/24
89.44.145.0/24
109.205.136.0/22
185.237.136.0/22
185.249.232.0/24
185.253.145.0-185.253.146.255
193.39.95.0/24
194.15.219.0/24
194.15.232.0/24
194.15.236.0/24
194.26.1.0/24
IPv6:
2a06:ce00::/29
2a0c:1380::/29
Signature Algorithm: sha256WithRSAEncryption
83:66:30:61:0f:99:2b:36:dd:59:76:d6:b3:a6:9d:2e:d7:a9:
78:f2:0b:f9:92:ad:ef:b0:e4:8f:47:bc:61:2a:ac:1f:2e:ab:
61:3c:d3:af:f7:11:0e:d7:bb:6e:47:65:70:2f:ea:89:64:25:
3f:c2:f5:b4:71:41:50:9c:06:41:d0:8a:99:aa:da:d1:2f:41:
5c:f5:40:5b:cc:4c:87:b3:ea:6c:62:5c:29:e9:8c:74:a1:92:
f0:1c:9f:9c:e3:ff:9b:56:99:ad:0d:73:44:21:77:66:63:1c:
62:a5:9f:b9:d6:bc:21:b5:4a:76:7a:ef:e8:2e:31:89:28:a4:
07:6f:84:35:d8:dd:be:97:dc:c2:da:3c:a2:c9:2b:a7:d1:34:
4e:83:39:b6:a0:42:2c:cc:6d:f4:48:2d:60:8b:18:6a:c3:7b:
01:92:88:bf:19:23:34:9a:15:ad:0c:3d:29:69:2d:31:ca:92:
91:a3:53:27:77:2d:ed:3a:33:27:ed:51:44:e8:15:a1:57:d2:
9a:18:a0:ad:2b:11:33:72:a7:69:c2:6c:29:d0:64:64:76:97:
b0:4a:e9:7f:a1:e2:b7:a5:39:ba:1f:72:ca:3e:34:8d:6d:51:
d1:1f:a6:a4:38:da:63:b3:ed:c1:12:7f:a3:32:d2:f6:b8:57:
41:ce:8d:21
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQksspe2H4kcijX/tnHeFYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjUwMTAyMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzEwMDMxZWVhMDVjMmVjYjM3ZDIwYTBjOTUxZjEyZWM2OTc3MDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHoI0HtD01vZTr6aw43Nonpzsg3M
Ryhp1LS02sd14DvuixTZaOD/BcDYuwaYziNX2MJnLSq6+BNFFDJJZ/vFrBn7IKpV
1tI+drs8J/Z9xermSgjzL3qfCTy82K0B9uKojoINSKUp6zNNfHfLI469vBblFhHE
EpTmf0ocE1QSTm2eldaTDxjCCKpY2orL/Ny01UGoC60YLCcpb3mEvA2SDPodetYR
J6uJTht/xh9lQYER3QcWShdTUJHRunRjWWfszLdtZFMgN1/EDZnVG7HuIV+E9M1o
Y7/6zi9AWYaasqX5PjGN349zQqzQjn09UqXflQVLjopHGGtgRDkthmbmKwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNcQAx7qBcLss30goMlR8S7Gl3CZMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvMXhBREh1b0Z3dXl6ZlNDZ3lWSHhMc2FYY0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVgMEAFko7gME
AFkrSAMEAFkrxgMEAFkskQMEAm3NiAMEArntiAMEALn56DAMAwQAuf2RAwQAuf2S
AwQAwSdfAwQAwg/bAwQAwg/oAwQAwg/sAwQAwhoBMBQEAgACMA4DBQMqBs4AAwUD
KgwTgDANBgkqhkiG9w0BAQsFAAOCAQEAg2YwYQ+ZKzbdWXbWs6adLtepePIL+ZKt
77Dkj0e8YSqsHy6rYTzTr/cRDte7bkdlcC/qiWQlP8L1tHFBUJwGQdCKmara0S9B
XPVAW8xMh7PqbGJcKemMdKGS8ByfnOP/m1aZrQ1zRCF3ZmMcYqWfuda8IbVKdnrv
6C4xiSikB2+ENdjdvpfcwto8oskrp9E0ToM5tqBCLMxt9EgtYIsYasN7AZKIvxkj
NJoVrQw9KWktMcqSkaNTJ3ct7TozJ+1RROgVoVfSmhigrSsRM3KnacJsKdBkZHaX
sErpf6Hit6U5uh9yyj40jW1R0R+mpDjaY7PtwRJ/ozLS9rhXQc6NIQ==
-----END CERTIFICATE-----
Generated at Wed Jan 22 14:46:46 2025 by rpki-client on console.sobornost.net