Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1bde39-b6d5-46ec-a813-26ef96643d84/1/XLUWggG6y5ST84omTAbqN-ueLNE.roa
File: XLUWggG6y5ST84omTAbqN-ueLNE.roa (raw, json)
Hash identifier: sFhOJjcwt+0vPQ3YugcOZ7IO+agFqgV/vHf8FXUQuH0=
Subject key identifier: 5C:B5:16:82:01:BA:CB:94:93:F3:8A:26:4C:06:EA:37:EB:9E:2C:D1
Certificate issuer: /CN=9e80702ee6a1dcbf3ae257a199415f59b8338ea4
Certificate serial: 018CC64A47EBE8AC4A21393E935CEC08A8EF
Authority key identifier: 9E:80:70:2E:E6:A1:DC:BF:3A:E2:57:A1:99:41:5F:59:B8:33:8E:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/noBwLuah3L864lehmUFfWbgzjqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1bde39-b6d5-46ec-a813-26ef96643d84/1/XLUWggG6y5ST84omTAbqN-ueLNE.roa
Signing time: Mon 01 Jan 2024 18:30:06 +0000
ROA not before: Mon 01 Jan 2024 18:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47548
IP address blocks: 5.149.178.0/24 maxlen: 24
5.149.176.0/20 maxlen: 20
5.149.179.0/24 maxlen: 24
5.149.176.0/24 maxlen: 24
5.149.177.0/24 maxlen: 24
5.149.182.0/24 maxlen: 24
5.149.180.0/24 maxlen: 24
5.149.181.0/24 maxlen: 24
5.149.185.0/24 maxlen: 24
5.149.186.0/24 maxlen: 24
5.149.183.0/24 maxlen: 24
5.149.184.0/24 maxlen: 24
5.149.188.0/23 maxlen: 23
5.149.187.0/24 maxlen: 24
5.149.190.0/23 maxlen: 23
185.216.38.0/24 maxlen: 24
185.216.36.0/24 maxlen: 24
185.216.36.0/22 maxlen: 22
185.216.37.0/24 maxlen: 24
185.216.39.0/24 maxlen: 24
2a00:b7c0:200::/40 maxlen: 40
2a00:b7c0:100::/40 maxlen: 40
2a00:b7c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:47:eb:e8:ac:4a:21:39:3e:93:5c:ec:08:a8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e80702ee6a1dcbf3ae257a199415f59b8338ea4
Validity
Not Before: Jan 1 18:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cb5168201bacb9493f38a264c06ea37eb9e2cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9d:fd:37:8b:f1:7e:ba:a7:ab:45:c8:a0:cd:
cf:f8:35:73:bf:a3:a2:bf:ca:a9:1a:a7:5f:42:52:
d5:eb:fe:88:75:5a:0f:ce:58:65:27:c5:7c:a3:e4:
e6:d9:b0:8f:61:15:72:c0:10:a2:12:29:28:71:aa:
b0:51:4f:1a:80:8b:22:9b:c2:92:3b:0a:5a:43:6f:
e1:a4:df:a4:22:71:90:0c:16:ae:f7:41:12:b0:88:
bb:c2:c5:36:1e:9f:61:df:d2:fe:2c:83:56:0e:cb:
5f:af:ff:b2:8d:e7:ac:a7:96:13:9d:37:63:ff:71:
70:42:0b:6e:f9:83:11:9a:0f:91:d2:95:65:cf:cf:
56:77:82:a6:c5:b9:7b:6e:08:1e:35:57:37:64:44:
b5:8d:d5:b3:08:15:d2:2b:2f:02:08:9e:b1:23:a8:
b0:8f:1f:d3:b1:fb:34:3d:e4:5d:da:c8:54:e6:28:
e3:6c:ad:00:53:da:b3:64:21:81:d5:08:22:e1:67:
46:b3:41:e6:3f:db:8f:fd:6d:c9:55:f7:cd:0e:1d:
0a:4c:6b:68:d7:e2:87:6f:1f:6c:3c:c6:60:a4:06:
93:82:b3:d7:a8:67:a5:45:78:e4:0d:4b:2b:2a:cd:
c3:ab:84:ac:e4:4a:2e:f3:f2:a5:82:43:dd:44:b7:
8e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B5:16:82:01:BA:CB:94:93:F3:8A:26:4C:06:EA:37:EB:9E:2C:D1
X509v3 Authority Key Identifier:
keyid:9E:80:70:2E:E6:A1:DC:BF:3A:E2:57:A1:99:41:5F:59:B8:33:8E:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/noBwLuah3L864lehmUFfWbgzjqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1bde39-b6d5-46ec-a813-26ef96643d84/1/XLUWggG6y5ST84omTAbqN-ueLNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1bde39-b6d5-46ec-a813-26ef96643d84/1/noBwLuah3L864lehmUFfWbgzjqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.176.0/20
185.216.36.0/22
IPv6:
2a00:b7c0::/32
Signature Algorithm: sha256WithRSAEncryption
6c:29:78:34:07:c4:4c:80:64:c3:99:ad:98:f1:30:2d:04:3f:
2a:4c:9b:8e:29:f8:61:6e:87:d0:20:3b:19:6a:9a:2b:12:76:
32:0e:71:3e:91:b4:b4:0b:4f:c5:cc:a3:b5:03:ed:0c:0c:7c:
d5:45:0f:91:2e:b7:55:41:d6:3f:4e:d3:09:e4:04:11:ba:de:
4b:f6:f3:45:69:8f:33:13:16:d2:49:a6:1b:8c:d4:75:fd:f0:
9a:de:62:21:4a:48:4c:26:15:f3:2b:44:d6:ff:2c:27:c6:17:
4a:9b:ef:a6:fb:74:2f:26:ff:cd:05:aa:ca:28:f7:e6:e0:3f:
25:d6:68:94:16:9e:3e:da:42:2f:0a:63:5f:60:de:46:d3:7f:
d8:96:77:ce:98:d8:0e:fd:05:93:db:9c:92:47:5f:a2:72:06:
0a:b6:71:f1:fb:0a:10:78:b4:7b:84:33:81:d4:a8:6b:b1:ba:
b8:46:2d:bb:7c:85:99:46:4a:99:dd:b6:30:15:04:ed:64:89:
4a:2c:7f:86:08:d6:82:7f:c8:ae:2f:25:9b:70:a6:6c:03:ab:
e8:42:c2:ce:a5:9f:bc:8d:74:77:bf:2b:68:2a:9a:19:77:3d:
7e:a8:e7:d6:90:f0:00:2a:64:5e:bb:0d:12:ec:fd:46:1d:e9:
26:70:01:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSkfr6KxKITk+k1zsCKjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllODA3MDJlZTZhMWRjYmYzYWUyNTdhMTk5NDE1ZjU5Yjgz
MzhlYTQwHhcNMjQwMTAxMTgzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I1MTY4MjAxYmFjYjk0OTNmMzhhMjY0YzA2ZWEzN2ViOWUyY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp539N4vxfrqnq0XIoM3P+DVzv6Oi
v8qpGqdfQlLV6/6IdVoPzlhlJ8V8o+Tm2bCPYRVywBCiEikocaqwUU8agIsim8KS
OwpaQ2/hpN+kInGQDBau90ESsIi7wsU2Hp9h39L+LINWDstfr/+yjeesp5YTnTdj
/3FwQgtu+YMRmg+R0pVlz89Wd4Kmxbl7bggeNVc3ZES1jdWzCBXSKy8CCJ6xI6iw
jx/Tsfs0PeRd2shU5ijjbK0AU9qzZCGB1Qgi4WdGs0HmP9uP/W3JVffNDh0KTGto
1+KHbx9sPMZgpAaTgrPXqGelRXjkDUsrKs3Dq4Ss5Eou8/KlgkPdRLeOQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFy1FoIBusuUk/OKJkwG6jfrnizRMB8GA1UdIwQY
MBaAFJ6AcC7mody/OuJXoZlBX1m4M46kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm9Cd0x1YWgzTDg2NGxlaG1VRmZXYmd6anFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xYmRlMzktYjZkNS00NmVjLWE4MTMt
MjZlZjk2NjQzZDg0LzEvWExVV2dnRzZ5NVNUODRvbVRBYnFOLXVlTE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xYmRlMzktYjZkNS00NmVjLWE4MTMtMjZlZjk2NjQzZDg0
LzEvbm9Cd0x1YWgzTDg2NGxlaG1VRmZXYmd6anFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEBZWwAwQC
udgkMA0EAgACMAcDBQAqALfAMA0GCSqGSIb3DQEBCwUAA4IBAQBsKXg0B8RMgGTD
ma2Y8TAtBD8qTJuOKfhhbofQIDsZaporEnYyDnE+kbS0C0/FzKO1A+0MDHzVRQ+R
LrdVQdY/TtMJ5AQRut5L9vNFaY8zExbSSaYbjNR1/fCa3mIhSkhMJhXzK0TW/ywn
xhdKm++m+3QvJv/NBarKKPfm4D8l1miUFp4+2kIvCmNfYN5G03/YlnfOmNgO/QWT
25ySR1+icgYKtnHx+woQeLR7hDOB1Khrsbq4Ri27fIWZRkqZ3bYwFQTtZIlKLH+G
CNaCf8iuLyWbcKZsA6voQsLOpZ+8jXR3vytoKpoZdz1+qOfWkPAAKmReuw0S7P1G
HekmcAGI
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:10 2024 by rpki-client on console.sobornost.net