Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/v2IWbdpeXY4fbQbq6Lt168hmK2s.roa
File: v2IWbdpeXY4fbQbq6Lt168hmK2s.roa (raw, json)
Hash identifier: p66v91bkxqvQtxVKJusc32IN21Xe9RAi0OjxA01xQlA=
Subject key identifier: BF:62:16:6D:DA:5E:5D:8E:1F:6D:06:EA:E8:BB:75:EB:C8:66:2B:6B
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 01938C9EFCE036AD8CFE98E8AF1029EBF727
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/v2IWbdpeXY4fbQbq6Lt168hmK2s.roa
Signing time: Tue 03 Dec 2024 13:04:09 +0000
ROA not before: Tue 03 Dec 2024 13:04:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 719
IP address blocks: 131.207.133.0/24 maxlen: 24
131.207.168.0/24 maxlen: 24
131.207.174.0/24 maxlen: 24
131.207.175.0/24 maxlen: 24
131.207.176.0/24 maxlen: 24
131.207.199.0/24 maxlen: 24
131.207.213.0/24 maxlen: 24
131.207.225.0/24 maxlen: 24
131.207.230.0/24 maxlen: 24
131.207.242.0/24 maxlen: 24
131.207.243.0/24 maxlen: 24
131.207.248.0/21 maxlen: 21
192.49.8.0/24 maxlen: 24
192.49.32.0/24 maxlen: 24
192.49.50.0/24 maxlen: 24
192.49.69.0/24 maxlen: 24
192.49.78.0/24 maxlen: 24
192.49.102.0/24 maxlen: 24
192.49.171.0/24 maxlen: 24
192.49.172.0/24 maxlen: 24
193.142.224.0/24 maxlen: 24
193.142.225.0/24 maxlen: 24
193.142.226.0/24 maxlen: 24
193.142.227.0/24 maxlen: 24
193.142.228.0/24 maxlen: 24
193.142.229.0/24 maxlen: 24
193.142.230.0/24 maxlen: 24
193.142.231.0/24 maxlen: 24
194.110.38.0/24 maxlen: 24
194.110.44.0/24 maxlen: 24
194.110.45.0/24 maxlen: 24
194.110.46.0/24 maxlen: 24
194.110.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:9e:fc:e0:36:ad:8c:fe:98:e8:af:10:29:eb:f7:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Dec 3 13:04:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf62166dda5e5d8e1f6d06eae8bb75ebc8662b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:70:63:fa:10:ed:9c:42:fe:8a:d9:f6:07:37:
5c:e6:33:34:2f:5b:3f:e6:05:9f:4c:51:3e:5e:2c:
3f:ed:fb:ce:5d:fd:50:11:1f:b4:2f:29:b5:29:67:
57:e6:d2:24:be:c3:13:af:5f:4f:18:5c:42:93:65:
bd:ee:8b:fe:fc:0c:5a:86:95:61:f1:e2:9e:4b:78:
e8:3b:6b:c7:38:17:d2:60:8c:fa:49:7f:18:06:da:
45:2c:1f:88:0a:0d:bd:24:e7:5e:22:c7:c5:14:67:
37:bb:fc:99:88:6d:a6:d8:52:42:46:31:94:4f:ea:
03:0f:e7:fd:17:aa:db:75:48:83:83:11:ed:34:f9:
c4:3c:f1:ea:d0:40:f9:75:ff:c8:3e:05:74:96:c5:
e7:d2:3a:3e:ca:6a:c8:d4:d8:6a:bd:f3:89:99:75:
e4:9f:08:e2:49:97:7d:56:00:ab:7c:34:6b:9a:fd:
37:0c:1d:d5:07:f7:7d:1f:b0:00:a0:27:dc:87:19:
4b:a1:0a:ca:4c:ec:9a:4a:0c:bb:41:27:68:0e:fd:
0f:a5:58:4f:06:6c:1e:e8:5d:f6:af:26:b2:67:60:
00:7f:bd:27:b8:ad:3e:71:e3:ca:92:76:47:6e:d0:
02:a2:37:53:8a:cc:4c:f8:90:a0:ac:10:44:97:e4:
0c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:62:16:6D:DA:5E:5D:8E:1F:6D:06:EA:E8:BB:75:EB:C8:66:2B:6B
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/v2IWbdpeXY4fbQbq6Lt168hmK2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.207.133.0/24
131.207.168.0/24
131.207.174.0-131.207.176.255
131.207.199.0/24
131.207.213.0/24
131.207.225.0/24
131.207.230.0/24
131.207.242.0/23
131.207.248.0/21
192.49.8.0/24
192.49.32.0/24
192.49.50.0/24
192.49.69.0/24
192.49.78.0/24
192.49.102.0/24
192.49.171.0-192.49.172.255
193.142.224.0/21
194.110.38.0/24
194.110.44.0/22
Signature Algorithm: sha256WithRSAEncryption
08:bc:fe:be:ef:db:34:17:de:d3:66:b9:17:eb:8a:18:43:f1:
be:98:9c:6c:de:b3:58:2c:a7:b9:af:8e:0d:c8:20:73:ad:71:
fa:2f:cb:23:e0:5a:43:71:4f:10:de:72:a2:46:0a:9b:32:a5:
84:74:fd:1b:3c:93:60:37:ac:68:20:80:89:5e:5f:06:98:9b:
65:71:ac:73:2d:ec:b6:f5:bc:63:d2:f3:1e:df:ae:8c:f4:a8:
60:ca:1d:c6:72:8d:ac:92:2a:85:2b:22:b2:82:f7:e8:a7:8e:
24:af:6c:14:b2:67:3c:be:fe:02:6b:04:45:94:a1:cf:46:42:
d5:8d:ed:da:8d:c6:de:62:65:e0:47:70:5d:6d:a6:a9:f0:8a:
d6:54:4a:62:a3:55:40:30:42:63:8a:36:db:5d:57:88:21:eb:
44:03:7f:34:4e:0f:ae:04:7d:58:98:d0:c1:54:3f:f3:10:6c:
ca:8c:ea:8c:2a:fc:7e:b7:6b:61:48:98:be:ea:59:06:11:1a:
3f:78:7f:8f:c1:c2:9b:68:ef:0a:ff:44:02:8b:1f:85:57:a5:
a3:31:73:4d:7e:e4:cf:1f:ea:70:c6:ac:b1:43:51:89:52:dc:
f4:fb:db:11:96:b8:8a:12:d8:0e:ae:b4:99:da:ab:e4:2f:23:
4b:62:7c:c2
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZOMnvzgNq2M/pjorxAp6/cnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjQxMjAzMTMwNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjYyMTY2ZGRhNWU1ZDhlMWY2ZDA2ZWFlOGJiNzVlYmM4NjYyYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnBj+hDtnEL+itn2Bzdc5jM0L1s/
5gWfTFE+Xiw/7fvOXf1QER+0Lym1KWdX5tIkvsMTr19PGFxCk2W97ov+/AxahpVh
8eKeS3joO2vHOBfSYIz6SX8YBtpFLB+ICg29JOdeIsfFFGc3u/yZiG2m2FJCRjGU
T+oDD+f9F6rbdUiDgxHtNPnEPPHq0ED5df/IPgV0lsXn0jo+ymrI1NhqvfOJmXXk
nwjiSZd9VgCrfDRrmv03DB3VB/d9H7AAoCfchxlLoQrKTOyaSgy7QSdoDv0PpVhP
Bmwe6F32ryayZ2AAf70nuK0+cePKknZHbtACojdTisxM+JCgrBBEl+QMhQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFL9iFm3aXl2OH20G6ui7devIZitrMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvdjJJV2JkcGVYWTRmYlFicTZMdDE2OGhtSzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBACD
z4UDBACDz6gwDAMEAYPPrgMEAIPPsAMEAIPPxwMEAIPP1QMEAIPP4QMEAIPP5gME
AYPP8gMEA4PP+AMEAMAxCAMEAMAxIAMEAMAxMgMEAMAxRQMEAMAxTgMEAMAxZjAM
AwQAwDGrAwQAwDGsAwQDwY7gAwQAwm4mAwQCwm4sMA0GCSqGSIb3DQEBCwUAA4IB
AQAIvP6+79s0F97TZrkX64oYQ/G+mJxs3rNYLKe5r44NyCBzrXH6L8sj4FpDcU8Q
3nKiRgqbMqWEdP0bPJNgN6xoIICJXl8GmJtlcaxzLey29bxj0vMe366M9Khgyh3G
co2skiqFKyKygvfop44kr2wUsmc8vv4CawRFlKHPRkLVje3ajcbeYmXgR3Bdbaap
8IrWVEpio1VAMEJjijbbXVeIIetEA380Tg+uBH1YmNDBVD/zEGzKjOqMKvx+t2th
SJi+6lkGERo/eH+PwcKbaO8K/0QCix+FV6WjMXNNfuTPH+pwxqyxQ1GJUtz0+9sR
lriKEtgOrrSZ2qvkLyNLYnzC
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:14 2024 by rpki-client on console.sobornost.net