Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/jwvGELKolrBywJsluTeDcxVs1bU.roa
File: jwvGELKolrBywJsluTeDcxVs1bU.roa (raw, json)
Hash identifier: qW0PWWEpa9RXg2U7YcJZeNBDd9V1U2bcQCs4w02oAJo=
Subject key identifier: 8F:0B:C6:10:B2:A8:96:B0:72:C0:9B:25:B9:37:83:73:15:6C:D5:B5
Certificate issuer: /CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Certificate serial: 018CCA2A1355E7459033F1D45B9FA8211032
Authority key identifier: 34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/jwvGELKolrBywJsluTeDcxVs1bU.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213122
IP address blocks: 45.130.152.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.130.154.0/24 maxlen: 24
45.130.155.0/24 maxlen: 24
89.36.230.0/24 maxlen: 24
45.87.62.0/24 maxlen: 24
45.87.63.0/24 maxlen: 24
45.87.60.0/24 maxlen: 24
45.87.61.0/24 maxlen: 24
89.37.100.0/24 maxlen: 24
188.210.236.0/24 maxlen: 24
5.252.166.0/24 maxlen: 24
5.252.164.0/24 maxlen: 24
5.252.165.0/24 maxlen: 24
5.252.167.0/24 maxlen: 24
103.202.55.0/24 maxlen: 24
103.202.52.0/24 maxlen: 24
103.202.53.0/24 maxlen: 24
103.202.54.0/24 maxlen: 24
89.46.43.0/24 maxlen: 24
103.104.251.0/24 maxlen: 24
103.104.248.0/24 maxlen: 24
103.104.249.0/24 maxlen: 24
103.104.250.0/24 maxlen: 24
185.162.74.0/24 maxlen: 24
185.162.75.0/24 maxlen: 24
2a0e:f380::/32 maxlen: 32
2a0e:f380:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:13:55:e7:45:90:33:f1:d4:5b:9f:a8:21:10:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f0bc610b2a896b072c09b25b9378373156cd5b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e0:22:8a:85:74:fa:4b:0b:7b:36:bc:72:68:
2b:ff:fb:82:90:da:3e:4e:d6:1b:13:42:07:f9:df:
f4:e1:00:25:0b:bc:ed:79:2e:94:4e:dd:55:97:33:
c5:dc:e3:e9:05:dd:ac:e2:1e:1a:ff:71:2d:62:23:
fc:fd:a1:dd:f5:02:4c:02:f6:11:1e:8f:ef:8a:7b:
12:86:25:ac:96:c5:9c:61:20:16:c9:9a:87:10:8f:
c5:41:96:4c:22:c1:38:84:ee:12:df:61:58:6b:be:
e9:6d:70:71:0b:1a:24:da:8e:dc:78:11:4f:64:ee:
d7:86:ce:ef:55:df:34:81:e8:81:f1:16:45:33:6e:
e5:0c:ff:e8:75:1c:ee:84:98:5b:34:ee:42:31:33:
61:9c:9e:1a:39:f7:08:5c:8c:33:f3:08:22:a0:ae:
d2:29:69:b7:df:56:30:92:5b:fe:aa:44:3e:9d:a6:
5c:a6:75:f5:8b:e3:c8:cb:09:d4:69:d9:51:c0:5c:
38:cf:2d:f4:75:18:5a:39:f9:6a:d6:1b:82:18:55:
45:a2:20:ce:b1:6e:23:0c:5b:87:ea:04:f9:51:ae:
7d:0a:11:ed:3f:d8:54:02:13:3c:39:b8:6d:bb:36:
d3:e8:fb:81:ff:76:0e:b3:97:2e:64:89:82:2a:9d:
0e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0B:C6:10:B2:A8:96:B0:72:C0:9B:25:B9:37:83:73:15:6C:D5:B5
X509v3 Authority Key Identifier:
keyid:34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/jwvGELKolrBywJsluTeDcxVs1bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/NAbSxDnMvLeKgtXLK0w_9umTS5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0/22
45.87.60.0/22
45.130.152.0/22
89.36.230.0/24
89.37.100.0/24
89.46.43.0/24
103.104.248.0/22
103.202.52.0/22
185.162.74.0/23
188.210.236.0/24
IPv6:
2a0e:f380::/32
Signature Algorithm: sha256WithRSAEncryption
a2:79:26:da:0a:13:d9:82:19:9c:95:47:97:8e:7c:9d:90:1a:
23:39:a6:60:20:b6:bf:13:d0:e9:86:9a:3f:44:da:05:f0:bc:
ba:b4:b6:3e:1b:6b:ae:96:e0:b5:b1:a9:53:92:eb:85:0a:32:
7d:46:bc:7a:e6:72:6a:02:ba:8c:23:a1:c5:79:48:38:e4:55:
41:6a:d6:71:d6:c5:b5:d5:ad:1f:72:ea:b9:a4:a9:59:98:9d:
cb:67:86:c0:73:36:49:d4:8c:14:f9:a8:03:0f:b2:1d:66:52:
c2:62:78:f7:dd:80:5c:96:75:d5:ec:df:16:33:ea:7f:a1:1e:
11:4e:ea:d4:ca:f3:72:4a:bb:3f:43:63:56:66:80:ab:b1:89:
bb:db:c2:5d:e7:60:5d:20:81:3d:45:db:fb:19:b0:24:3f:93:
89:77:3d:9a:7a:da:80:b6:c5:ee:2c:a0:16:ec:de:f4:72:32:
fe:c1:07:52:c0:78:23:fe:fb:95:9f:0d:96:ee:b3:f3:41:0b:
bd:41:1e:f9:84:9e:b9:61:ed:4e:b0:96:f7:51:0d:c8:8e:ad:
2e:d1:27:5c:b1:25:0f:8c:6f:cd:81:c3:3a:90:cc:09:39:78:
a0:c6:ca:95:a3:fb:be:42:e5:15:b0:52:25:00:7b:e4:c9:62:
d2:79:50:25
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzKKhNV50WQM/HUW5+oIRAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZkMmM0MzljY2JjYjc4YTgyZDVjYjJiNGMzZmY2ZTk5
MzRiOTYwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjBiYzYxMGIyYTg5NmIwNzJjMDliMjViOTM3ODM3MzE1NmNkNWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+AiioV0+ksLeza8cmgr//uCkNo+
TtYbE0IH+d/04QAlC7zteS6UTt1VlzPF3OPpBd2s4h4a/3EtYiP8/aHd9QJMAvYR
Ho/vinsShiWslsWcYSAWyZqHEI/FQZZMIsE4hO4S32FYa77pbXBxCxok2o7ceBFP
ZO7Xhs7vVd80geiB8RZFM27lDP/odRzuhJhbNO5CMTNhnJ4aOfcIXIwz8wgioK7S
KWm331Ywklv+qkQ+naZcpnX1i+PIywnUadlRwFw4zy30dRhaOflq1huCGFVFoiDO
sW4jDFuH6gT5Ua59ChHtP9hUAhM8ObhtuzbT6PuB/3YOs5cuZImCKp0OeQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFI8LxhCyqJawcsCbJbk3g3MVbNW1MB8GA1UdIwQY
MBaAFDQG0sQ5zLy3ioLVyytMP/bpk0uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAt
N2I4ODBjMDYzMzY3LzEvand2R0VMS29sckJ5d0pzbHVUZURjeFZzMWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAtN2I4ODBjMDYzMzY3
LzEvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCBfykAwQC
LVc8AwQCLYKYAwQAWSTmAwQAWSVkAwQAWS4rAwQCZ2j4AwQCZ8o0AwQBuaJKAwQA
vNLsMA0EAgACMAcDBQAqDvOAMA0GCSqGSIb3DQEBCwUAA4IBAQCieSbaChPZghmc
lUeXjnydkBojOaZgILa/E9Dphpo/RNoF8Ly6tLY+G2uuluC1salTkuuFCjJ9Rrx6
5nJqArqMI6HFeUg45FVBatZx1sW11a0fcuq5pKlZmJ3LZ4bAczZJ1IwU+agDD7Id
ZlLCYnj33YBclnXV7N8WM+p/oR4RTurUyvNySrs/Q2NWZoCrsYm728Jd52BdIIE9
Rdv7GbAkP5OJdz2aetqAtsXuLKAW7N70cjL+wQdSwHgj/vuVnw2W7rPzQQu9QR75
hJ65Ye1OsJb3UQ3Ijq0u0SdcsSUPjG/NgcM6kMwJOXigxsqVo/u+QuUVsFIlAHvk
yWLSeVAl
-----END CERTIFICATE-----
Generated at Mon Jun 10 09:53:03 2024 by rpki-client on console.sobornost.net