Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/wky6djnIqKT-f3vsqzXo0zHg99E.roa
File: wky6djnIqKT-f3vsqzXo0zHg99E.roa (raw, json)
Hash identifier: v5IkqelEodoGmxEaRCC4ssbqg9pvnFxwW/IruAzZJDk=
Subject key identifier: C2:4C:BA:76:39:C8:A8:A4:FE:7F:7B:EC:AB:35:E8:D3:31:E0:F7:D1
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019427469B020A9FC1254577EA126687F32D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/wky6djnIqKT-f3vsqzXo0zHg99E.roa
Signing time: Thu 02 Jan 2025 13:48:46 +0000
ROA not before: Thu 02 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.46.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
31.210.54.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
212.68.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:9b:02:0a:9f:c1:25:45:77:ea:12:66:87:f3:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c24cba7639c8a8a4fe7f7becab35e8d331e0f7d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:ee:75:81:b4:a4:52:fb:02:c5:87:fc:17:
f7:75:8f:0e:bd:8e:a7:65:02:40:81:ad:92:1f:6c:
1a:f6:cb:c9:69:65:3d:13:93:22:59:84:51:1e:5e:
d3:8e:76:53:1b:48:13:e8:b6:44:88:d5:fd:f8:ef:
0e:fc:b5:5c:58:b1:94:86:cc:59:d9:c5:e4:44:37:
b5:05:da:3c:28:ad:05:91:6a:a9:70:d5:1c:7f:98:
84:b5:84:1a:56:01:85:ba:22:cf:6f:ea:06:b7:bf:
b4:1b:33:49:7c:7b:d5:74:64:b5:99:f4:36:0a:e7:
98:69:b8:79:d9:eb:cc:a4:03:b1:d2:78:bf:03:82:
8e:82:2b:b7:9d:7f:23:67:12:28:d7:c8:9d:64:4d:
4d:bb:e0:f8:cf:bb:3d:24:4c:5f:df:50:06:a5:c4:
b2:a2:bb:f8:4d:b1:ad:fd:75:ea:75:75:90:f3:ea:
f5:d4:b8:17:bb:84:d5:32:c6:d5:7e:83:b9:91:c3:
4a:62:9d:5a:69:07:7b:88:cd:01:7f:79:03:7f:29:
4d:17:c4:9f:94:d6:4f:9f:6a:b9:e6:16:48:c8:fd:
16:0a:f8:01:d6:af:ec:27:a3:c5:10:08:26:96:de:
59:29:db:59:ae:8f:83:d5:e0:7e:13:ce:8b:f8:a0:
60:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4C:BA:76:39:C8:A8:A4:FE:7F:7B:EC:AB:35:E8:D3:31:E0:F7:D1
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/wky6djnIqKT-f3vsqzXo0zHg99E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.46.0/24
31.210.50.0/23
31.210.53.0-31.210.54.255
77.92.148.0/24
188.132.170.0/24
188.132.215.0/24
188.132.227.0-188.132.229.255
212.68.36.0/24
212.68.49.0/24
212.68.56.0/24
Signature Algorithm: sha256WithRSAEncryption
43:3e:50:38:60:ac:76:87:39:37:d8:f3:aa:88:ba:bf:36:a9:
32:af:2d:74:f2:27:4e:c5:e5:7e:91:8f:d2:e9:20:db:c2:28:
4b:cc:2f:69:b6:2b:0b:fa:87:17:19:08:b4:15:9e:24:60:55:
c0:0a:35:24:02:e7:8b:ef:5a:43:bd:bd:29:40:0f:7f:2d:a9:
49:1a:5e:97:38:25:04:4a:13:bc:15:de:10:15:0d:e5:6b:62:
77:1c:06:d3:11:45:94:f9:b9:ba:f5:6b:07:6d:9e:50:8f:39:
ad:7a:c7:af:48:c0:02:16:15:0e:da:79:57:98:ab:b5:69:92:
44:7e:2a:e0:9c:3f:62:ab:91:26:ad:be:5e:9a:67:ca:e5:96:
c9:fe:99:78:e5:48:90:67:36:62:17:c0:25:03:60:4d:9f:aa:
4f:b7:d0:f8:19:c0:1d:3f:c6:54:3e:48:be:9b:0c:94:59:b1:
bf:b1:8e:3e:1c:01:a0:81:ec:a5:47:39:7b:43:52:2c:8a:1d:
9b:3a:33:47:88:b5:36:3d:50:f6:e3:20:86:39:ef:b8:f7:d5:
5f:00:76:b6:89:84:34:91:35:00:ac:a1:af:99:49:04:23:f5:
fb:0e:10:80:c2:a7:b6:cb:43:46:6e:5d:2a:b2:55:36:12:69:
50:46:0f:a3
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQnRpsCCp/BJUV36hJmh/MtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRjYmE3NjM5YzhhOGE0ZmU3ZjdiZWNhYjM1ZThkMzMxZTBmN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjbudYG0pFL7AsWH/Bf3dY8OvY6n
ZQJAga2SH2wa9svJaWU9E5MiWYRRHl7TjnZTG0gT6LZEiNX9+O8O/LVcWLGUhsxZ
2cXkRDe1Bdo8KK0FkWqpcNUcf5iEtYQaVgGFuiLPb+oGt7+0GzNJfHvVdGS1mfQ2
CueYabh52evMpAOx0ni/A4KOgiu3nX8jZxIo18idZE1Nu+D4z7s9JExf31AGpcSy
orv4TbGt/XXqdXWQ8+r11LgXu4TVMsbVfoO5kcNKYp1aaQd7iM0Bf3kDfylNF8Sf
lNZPn2q55hZIyP0WCvgB1q/sJ6PFEAgmlt5ZKdtZro+D1eB+E86L+KBg5QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMJMunY5yKik/n977Ks16NMx4PfRMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvd2t5NmRqbklxS1QtZjN2c3F6WG8wekhnOTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAH9IuAwQB
H9IyMAwDBAAf0jUDBAAf0jYDBABNXJQDBAC8hKoDBAC8hNcwDAMEALyE4wMEAbyE
5AMEANREJAMEANREMQMEANREODANBgkqhkiG9w0BAQsFAAOCAQEAQz5QOGCsdoc5
N9jzqoi6vzapMq8tdPInTsXlfpGP0ukg28IoS8wvabYrC/qHFxkItBWeJGBVwAo1
JALni+9aQ729KUAPfy2pSRpelzglBEoTvBXeEBUN5WtidxwG0xFFlPm5uvVrB22e
UI85rXrHr0jAAhYVDtp5V5irtWmSRH4q4Jw/YquRJq2+XppnyuWWyf6ZeOVIkGc2
YhfAJQNgTZ+qT7fQ+BnAHT/GVD5IvpsMlFmxv7GOPhwBoIHspUc5e0NSLIodmzoz
R4i1Nj1Q9uMghjnvuPfVXwB2tomENJE1AKyhr5lJBCP1+w4QgMKntstDRm5dKrJV
NhJpUEYPow==
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:02:55 2025 by rpki-client on console.sobornost.net