Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/haWxVRLQM7jpPJTWhXqWfSzrKk4.roa
File: haWxVRLQM7jpPJTWhXqWfSzrKk4.roa (raw, json)
Hash identifier: Hw6UgwXR2WXiXO7mAYBIvqN2Ur7hiTqhxmcrm9aNQyY=
Subject key identifier: 85:A5:B1:55:12:D0:33:B8:E9:3C:94:D6:85:7A:96:7D:2C:EB:2A:4E
Certificate issuer: /CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Certificate serial: 01912771563A8389CD1C6219ED3457666E3F
Authority key identifier: C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/haWxVRLQM7jpPJTWhXqWfSzrKk4.roa
Signing time: Tue 06 Aug 2024 11:27:04 +0000
ROA not before: Tue 06 Aug 2024 11:27:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52142
IP address blocks: 46.174.176.0/24 maxlen: 24
46.174.177.0/24 maxlen: 24
46.174.178.0/24 maxlen: 24
46.174.179.0/24 maxlen: 24
46.174.180.0/24 maxlen: 24
46.174.181.0/24 maxlen: 24
46.174.182.0/24 maxlen: 24
46.174.183.0/24 maxlen: 24
91.210.128.0/24 maxlen: 24
91.210.129.0/24 maxlen: 24
185.16.144.0/22 maxlen: 22
185.16.144.0/24 maxlen: 24
185.16.145.0/24 maxlen: 24
185.16.146.0/24 maxlen: 24
185.16.147.0/24 maxlen: 24
195.69.80.0/22 maxlen: 22
2a03:c940::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:71:56:3a:83:89:cd:1c:62:19:ed:34:57:66:6e:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c61b51ebc84180f0a6b232e87df9d61c90faab
Validity
Not Before: Aug 6 11:27:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85a5b15512d033b8e93c94d6857a967d2ceb2a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c5:ea:21:40:e3:62:39:c9:07:89:65:c2:42:
85:c4:c5:67:0d:c4:7a:b0:9f:4e:2e:7a:d6:0c:6c:
97:da:89:85:93:fa:9b:78:06:97:7b:af:e7:f6:fc:
b2:35:20:08:e5:38:d4:7e:da:57:b4:7d:bb:bf:1d:
8c:eb:97:6d:d0:be:b0:8d:c6:fd:c5:5a:88:fa:8f:
b1:4b:15:67:f2:6f:77:0d:0a:04:29:d5:f6:9d:eb:
0e:2c:e5:31:18:30:ea:42:48:dd:ed:7c:e3:3d:d9:
b4:0f:41:23:07:19:99:52:c6:b2:32:ed:15:8d:1d:
a6:4b:ff:e1:25:66:43:fb:9b:22:b4:12:c3:6f:43:
e5:fb:3e:9f:67:10:67:2e:f1:d0:2e:0a:9b:82:ce:
a1:90:3a:1f:42:32:fa:f3:28:55:17:bc:fb:3e:d9:
2a:1d:f6:49:76:4c:1c:4c:ef:07:05:db:57:ad:49:
f3:55:9b:80:4d:93:88:ef:75:5a:7b:a2:14:eb:4d:
64:93:7d:c1:21:68:08:36:40:4e:00:e7:36:42:33:
6b:81:a4:dd:5d:99:68:95:20:ed:c0:07:91:9b:2b:
a9:29:23:60:07:b4:91:27:0a:76:ae:0a:51:54:b4:
78:6f:33:c0:de:a0:1e:6c:2e:56:6f:35:71:0c:fc:
c5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A5:B1:55:12:D0:33:B8:E9:3C:94:D6:85:7A:96:7D:2C:EB:2A:4E
X509v3 Authority Key Identifier:
keyid:C3:C6:1B:51:EB:C8:41:80:F0:A6:B2:32:E8:7D:F9:D6:1C:90:FA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8YbUevIQYDwprIy6H351hyQ-qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/haWxVRLQM7jpPJTWhXqWfSzrKk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7aadab-959a-4663-b935-8f9827344790/1/w8YbUevIQYDwprIy6H351hyQ-qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.176.0/21
91.210.128.0/23
185.16.144.0/22
195.69.80.0/22
IPv6:
2a03:c940::/32
Signature Algorithm: sha256WithRSAEncryption
b4:d0:60:de:cf:69:b8:cc:82:b7:7d:fe:34:92:ce:cb:56:0d:
5e:c9:18:3e:0d:c6:12:f4:b0:2d:af:ce:4d:b9:b8:e3:c7:61:
40:12:0e:7b:2e:c4:31:3f:b2:87:fe:1b:e1:41:de:68:82:23:
3c:05:de:b7:fc:76:42:77:ea:f9:26:fe:14:9b:20:5d:d1:df:
b3:71:1e:3d:44:3b:81:09:26:c8:8c:62:1f:18:8f:6b:3b:0b:
2d:78:6b:80:c1:eb:d4:31:e2:8c:24:89:8d:42:07:60:b5:28:
8e:db:a3:92:a9:c2:2e:e3:77:a8:f5:62:9c:03:6c:28:fd:63:
cf:10:cb:2a:a6:15:c2:2a:d5:cb:7a:4a:4e:60:05:5d:62:bc:
6a:9d:74:82:76:42:f2:49:ae:9d:c6:6c:7a:6f:df:b6:4e:0a:
da:18:3f:42:7a:7b:b6:4e:06:7d:d0:34:dd:ba:0d:35:17:b7:
ec:52:48:8e:b8:72:72:7f:7b:bb:4b:a9:e1:9e:4a:ca:88:fc:
41:a1:11:64:c5:21:07:9c:75:ef:fa:0b:3f:57:d2:c4:00:fe:
59:f8:b2:88:f4:3f:75:d7:0b:3c:91:8a:ad:46:71:6b:ff:b3:
63:b4:c1:d0:dc:f7:dc:2d:95:8d:bc:9d:6e:7b:e9:a9:7b:95:
41:d3:0f:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZEncVY6g4nNHGIZ7TRXZm4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzYxYjUxZWJjODQxODBmMGE2YjIzMmU4N2RmOWQ2MWM5
MGZhYWIwHhcNMjQwODA2MTEyNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWE1YjE1NTEyZDAzM2I4ZTkzYzk0ZDY4NTdhOTY3ZDJjZWIyYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsXqIUDjYjnJB4llwkKFxMVnDcR6
sJ9OLnrWDGyX2omFk/qbeAaXe6/n9vyyNSAI5TjUftpXtH27vx2M65dt0L6wjcb9
xVqI+o+xSxVn8m93DQoEKdX2nesOLOUxGDDqQkjd7XzjPdm0D0EjBxmZUsayMu0V
jR2mS//hJWZD+5sitBLDb0Pl+z6fZxBnLvHQLgqbgs6hkDofQjL68yhVF7z7Ptkq
HfZJdkwcTO8HBdtXrUnzVZuATZOI73Vae6IU601kk33BIWgINkBOAOc2QjNrgaTd
XZlolSDtwAeRmyupKSNgB7SRJwp2rgpRVLR4bzPA3qAebC5WbzVxDPzFLQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIWlsVUS0DO46TyU1oV6ln0s6ypOMB8GA1UdIwQY
MBaAFMPGG1HryEGA8KayMuh9+dYckPqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUt
OGY5ODI3MzQ0NzkwLzEvaGFXeFZSTFFNN2pwUEpUV2hYcVdmU3pyS2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YWFkYWItOTU5YS00NjYzLWI5MzUtOGY5ODI3MzQ0Nzkw
LzEvdzhZYlVldklRWUR3cHJJeTZIMzUxaHlRLXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLq6wAwQB
W9KAAwQCuRCQAwQCw0VQMA0EAgACMAcDBQAqA8lAMA0GCSqGSIb3DQEBCwUAA4IB
AQC00GDez2m4zIK3ff40ks7LVg1eyRg+DcYS9LAtr85Nubjjx2FAEg57LsQxP7KH
/hvhQd5ogiM8Bd63/HZCd+r5Jv4UmyBd0d+zcR49RDuBCSbIjGIfGI9rOwsteGuA
wevUMeKMJImNQgdgtSiO26OSqcIu43eo9WKcA2wo/WPPEMsqphXCKtXLekpOYAVd
YrxqnXSCdkLySa6dxmx6b9+2TgraGD9Cenu2TgZ90DTdug01F7fsUkiOuHJyf3u7
S6nhnkrKiPxBoRFkxSEHnHXv+gs/V9LEAP5Z+LKI9D911ws8kYqtRnFr/7NjtMHQ
3PfcLZWNvJ1ue+mpe5VB0w86
-----END CERTIFICATE-----
Generated at Thu Aug 15 03:08:26 2024 by rpki-client on console.sobornost.net