Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/Xs-L0GiYr7JuYOPgQ-hWYZ88Zew.roa
File: Xs-L0GiYr7JuYOPgQ-hWYZ88Zew.roa (raw, json)
Hash identifier: 4T8z+Hryhk4WgP+LQU7hFgOXElOrigFJYE0Dv1oPYnA=
Subject key identifier: 5E:CF:8B:D0:68:98:AF:B2:6E:60:E3:E0:43:E8:56:61:9F:3C:65:EC
Certificate issuer: /CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Certificate serial: 0190E94226A4078506745142AA3BC37E1CC3
Authority key identifier: C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/Xs-L0GiYr7JuYOPgQ-hWYZ88Zew.roa
Signing time: Thu 25 Jul 2024 09:39:04 +0000
ROA not before: Thu 25 Jul 2024 09:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52142
IP address blocks: 46.174.176.0/24 maxlen: 24
46.174.177.0/24 maxlen: 24
46.174.178.0/24 maxlen: 24
46.174.179.0/24 maxlen: 24
46.174.180.0/24 maxlen: 24
46.174.181.0/24 maxlen: 24
46.174.182.0/24 maxlen: 24
46.174.183.0/24 maxlen: 24
91.210.128.0/24 maxlen: 24
91.210.129.0/24 maxlen: 24
185.16.144.0/24 maxlen: 24
185.16.145.0/24 maxlen: 24
195.69.80.0/22 maxlen: 22
2a03:c940::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e9:42:26:a4:07:85:06:74:51:42:aa:3b:c3:7e:1c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Validity
Not Before: Jul 25 09:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ecf8bd06898afb26e60e3e043e856619f3c65ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:66:c2:cf:8b:53:4a:af:e7:25:62:43:bc:52:
6c:d8:a9:08:f7:c2:a3:50:63:f4:42:fc:93:a1:84:
17:ed:b7:c2:2e:2f:5f:54:71:5d:b7:b4:fe:a9:1e:
8b:cf:6b:82:7c:02:e8:65:e1:d3:f9:5d:d2:1b:16:
23:d9:42:2b:bf:18:15:d6:f2:dc:72:06:d8:d9:81:
4d:d2:a4:74:c0:2d:65:a5:86:13:5b:52:28:fe:4c:
ee:8e:3a:e5:af:4f:5f:23:b5:e4:b9:94:dd:33:a6:
78:6c:a3:d8:0e:ab:4f:05:dd:63:58:c5:06:8d:57:
75:ce:03:17:f3:82:8b:52:8f:37:02:5d:3b:7f:b7:
c5:3e:a9:6d:d9:8a:43:ac:48:c4:4a:84:58:f4:56:
f9:16:80:3d:48:12:30:27:dd:b3:79:63:d0:c7:bf:
6e:51:4e:42:13:df:57:ce:a6:b6:a8:57:fe:3b:86:
6a:45:66:f4:87:82:a3:6a:c3:12:4e:9d:37:6a:87:
f7:7c:f4:ff:56:5d:1f:5b:08:69:48:67:ff:ed:fe:
93:e1:72:44:0b:10:a7:54:c1:99:bc:98:c8:6e:5f:
40:13:5f:50:f4:00:05:4e:ba:a4:d0:c9:71:6b:36:
fb:53:6e:c6:3a:03:94:d1:40:61:6d:07:3a:69:d7:
ef:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CF:8B:D0:68:98:AF:B2:6E:60:E3:E0:43:E8:56:61:9F:3C:65:EC
X509v3 Authority Key Identifier:
keyid:C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/Xs-L0GiYr7JuYOPgQ-hWYZ88Zew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/w8YbUevIQYDwprIy6H351hyQ-qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.176.0/21
91.210.128.0/23
185.16.144.0/23
195.69.80.0/22
IPv6:
2a03:c940::/32
Signature Algorithm: sha256WithRSAEncryption
79:9d:ad:7c:ab:d1:cf:a4:1d:4a:b4:fb:fe:39:b2:6f:9b:55:
96:e7:28:9a:70:b8:0b:14:40:63:4f:71:44:13:01:2d:9c:06:
2b:12:41:81:7d:7e:f8:46:db:5f:59:19:54:11:9c:a0:95:7b:
be:e5:e4:b5:70:79:07:8d:e4:85:04:ed:de:33:18:99:3f:08:
36:78:0d:f5:75:99:53:27:0f:73:45:6a:6a:42:d9:2b:30:8f:
00:e4:39:53:4c:65:3c:32:49:96:eb:c5:61:39:58:6f:cd:80:
f5:86:01:5e:1c:b2:64:c1:4b:4e:77:95:a8:4c:4d:86:fc:a1:
c9:86:4c:68:6f:51:17:40:31:ac:94:df:61:03:59:34:8c:7d:
1d:6c:fe:f2:78:aa:d0:f0:3a:87:08:b3:8b:d0:42:5d:e0:8b:
1a:db:8d:7c:7d:84:49:b2:35:15:ed:e7:d8:5c:47:0d:4b:42:
cd:b5:34:25:77:c6:a1:8b:ef:1d:4b:16:c0:03:c3:e6:06:fd:
37:14:32:db:12:7a:91:d4:64:fd:23:ae:06:75:d7:cf:2f:49:
9a:92:96:8a:01:b5:c0:d0:30:83:49:84:2a:bd:c5:36:54:12:
b8:f1:3c:43:b7:52:2e:05:5f:31:11:69:7f:a4:e0:8b:4c:3c:
2b:83:b0:8e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZDpQiakB4UGdFFCqjvDfhzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzYxYjUxZWJjODQxODBmMGE2YjIzMmU4N2RmOWQ2MWM5
MGZhYWIwHhcNMjQwNzI1MDkzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWNmOGJkMDY4OThhZmIyNmU2MGUzZTA0M2U4NTY2MTlmM2M2NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WbCz4tTSq/nJWJDvFJs2KkI98Kj
UGP0QvyToYQX7bfCLi9fVHFdt7T+qR6Lz2uCfALoZeHT+V3SGxYj2UIrvxgV1vLc
cgbY2YFN0qR0wC1lpYYTW1Io/kzujjrlr09fI7XkuZTdM6Z4bKPYDqtPBd1jWMUG
jVd1zgMX84KLUo83Al07f7fFPqlt2YpDrEjESoRY9Fb5FoA9SBIwJ92zeWPQx79u
UU5CE99Xzqa2qFf+O4ZqRWb0h4KjasMSTp03aof3fPT/Vl0fWwhpSGf/7f6T4XJE
CxCnVMGZvJjIbl9AE19Q9AAFTrqk0Mlxazb7U27GOgOU0UBhbQc6adfv6QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFF7Pi9BomK+ybmDj4EPoVmGfPGXsMB8GA1UdIwQY
MBaAFMPGG1HryEGA8KayMuh9+dYckPqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUt
OGY5ODI3MzQ0NzkwLzEvWHMtTDBHaVlyN0p1WU9QZ1EtaFdZWjg4WmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUtOGY5ODI3MzQ0Nzkw
LzEvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLq6wAwQB
W9KAAwQBuRCQAwQCw0VQMA0EAgACMAcDBQAqA8lAMA0GCSqGSIb3DQEBCwUAA4IB
AQB5na18q9HPpB1KtPv+ObJvm1WW5yiacLgLFEBjT3FEEwEtnAYrEkGBfX74Rttf
WRlUEZyglXu+5eS1cHkHjeSFBO3eMxiZPwg2eA31dZlTJw9zRWpqQtkrMI8A5DlT
TGU8MkmW68VhOVhvzYD1hgFeHLJkwUtOd5WoTE2G/KHJhkxob1EXQDGslN9hA1k0
jH0dbP7yeKrQ8DqHCLOL0EJd4Isa2418fYRJsjUV7efYXEcNS0LNtTQld8ahi+8d
SxbAA8PmBv03FDLbEnqR1GT9I64GddfPL0makpaKAbXA0DCDSYQqvcU2VBK48TxD
t1IuBV8xEWl/pOCLTDwrg7CO
-----END CERTIFICATE-----
Generated at Mon Jul 29 19:49:03 2024 by rpki-client on console.sobornost.net