Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/panGASXrl6VFMXoRujVY_apH2L4.roa
File: panGASXrl6VFMXoRujVY_apH2L4.roa (raw, json)
Hash identifier: Mf3H96wP+DLy/gZr+TexaKrgIOPBoQV93OCvF/D4+0Q=
Subject key identifier: A5:A9:C6:01:25:EB:97:A5:45:31:7A:11:BA:35:58:FD:AA:47:D8:BE
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 0193D937CBE5FF851FC38BE0F2450F111997
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/panGASXrl6VFMXoRujVY_apH2L4.roa
Signing time: Wed 18 Dec 2024 10:02:12 +0000
ROA not before: Wed 18 Dec 2024 10:02:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28918
IP address blocks: 185.55.232.0/22 maxlen: 24
188.95.0.0/21 maxlen: 24
193.28.96.0/21 maxlen: 24
194.59.172.0/22 maxlen: 24
194.59.172.0/24 maxlen: 24
194.147.133.0/24 maxlen: 24
2a00:b400::/29 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:37:cb:e5:ff:85:1f:c3:8b:e0:f2:45:0f:11:19:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Dec 18 10:02:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5a9c60125eb97a545317a11ba3558fdaa47d8be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a3:f0:19:12:93:08:35:af:6a:fd:2d:95:e8:
1a:3a:bc:c5:60:38:50:76:d6:90:3c:a5:d2:bb:7a:
39:95:91:93:26:3e:99:5e:8d:0d:48:12:3c:8d:32:
48:ca:6f:8b:b9:01:d2:97:21:00:30:61:49:10:01:
ee:2b:43:9a:dc:a2:dd:de:29:fc:d9:0e:1e:e3:69:
47:d9:51:d2:7b:d4:4a:89:59:b3:d8:67:d4:75:f9:
43:b0:31:d4:27:79:b2:d6:fa:65:ee:87:ef:e3:f4:
d0:37:4f:4e:87:e0:80:cb:6e:44:41:ef:6d:a9:3d:
e8:f2:84:8e:b2:1d:f8:4c:df:91:c5:8d:9c:10:59:
2b:87:89:44:95:a1:b4:9a:3b:43:21:b2:e3:f5:1c:
fd:ed:7e:4f:37:93:03:22:0a:8a:c8:ba:ed:7c:b7:
d0:a7:f9:40:f9:1b:3d:71:d5:27:bb:4a:1d:49:34:
50:26:ae:c7:b6:d7:e0:07:30:12:18:09:55:72:e7:
8b:a6:96:9c:43:9c:1d:76:36:56:c1:e0:9b:63:d2:
16:f6:a7:aa:8b:2f:fb:a9:2b:66:bd:97:3f:04:05:
a2:79:76:52:15:90:f8:ac:67:47:25:36:df:82:bf:
e9:bd:d1:d1:6b:5d:56:71:44:a8:1a:17:44:f0:bc:
2d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A9:C6:01:25:EB:97:A5:45:31:7A:11:BA:35:58:FD:AA:47:D8:BE
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/panGASXrl6VFMXoRujVY_apH2L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.232.0/22
188.95.0.0/21
193.28.96.0/21
194.59.172.0/22
194.147.133.0/24
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
6c:62:7a:30:47:6c:94:55:78:c8:93:86:56:ce:d2:37:58:4e:
12:62:4d:1d:16:0c:a3:7a:04:90:eb:ed:59:51:f8:55:a9:82:
1b:a2:8c:a4:6b:9d:c0:43:b9:98:28:60:04:2c:16:f1:c7:e5:
05:af:6c:4c:27:7c:66:ab:82:80:e0:92:93:98:64:6c:d4:ec:
75:6c:d4:f2:3b:88:f9:15:bc:ae:82:08:dc:ee:bf:9b:19:b0:
e7:0c:01:1c:1b:26:e9:cc:7b:4c:5a:3b:5b:f7:a9:12:57:48:
2b:5c:7a:dd:10:8f:63:2e:21:c8:3b:53:cd:ba:11:95:c3:28:
04:f5:9d:39:db:3e:f3:23:20:78:91:d4:c9:9d:70:9a:37:f1:
85:a6:e4:a2:e2:9b:f7:23:bc:9d:e1:a4:d8:e3:c4:1c:8d:63:
7c:19:25:47:ed:6d:1c:c9:3b:d7:cc:c0:96:09:5b:25:6b:22:
ec:4c:04:5e:e7:2b:9b:8e:ac:de:10:1a:b7:4e:9b:3f:9f:4d:
83:7d:86:d7:33:cc:38:08:74:d6:09:b6:88:8d:62:05:f7:59:
15:62:c1:8a:59:5a:e5:34:ad:24:20:ec:7f:df:ff:8e:17:f2:
cd:a9:3b:21:31:92:e7:f3:40:b3:e0:43:88:cc:22:30:d0:a6:
01:d1:21:a2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZPZN8vl/4Ufw4vg8kUPERmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjQxMjE4MTAwMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWE5YzYwMTI1ZWI5N2E1NDUzMTdhMTFiYTM1NThmZGFhNDdkOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6PwGRKTCDWvav0tlegaOrzFYDhQ
dtaQPKXSu3o5lZGTJj6ZXo0NSBI8jTJIym+LuQHSlyEAMGFJEAHuK0Oa3KLd3in8
2Q4e42lH2VHSe9RKiVmz2GfUdflDsDHUJ3my1vpl7ofv4/TQN09Oh+CAy25EQe9t
qT3o8oSOsh34TN+RxY2cEFkrh4lElaG0mjtDIbLj9Rz97X5PN5MDIgqKyLrtfLfQ
p/lA+Rs9cdUnu0odSTRQJq7HttfgBzASGAlVcueLppacQ5wddjZWweCbY9IW9qeq
iy/7qStmvZc/BAWieXZSFZD4rGdHJTbfgr/pvdHRa11WcUSoGhdE8Lwt1wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKWpxgEl65elRTF6Ebo1WP2qR9i+MB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvcGFuR0FTWHJsNlZGTVhvUnVqVllfYXBIMkw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuTfoAwQD
vF8AAwQDwRxgAwQCwjusAwQAwpOFMA0EAgACMAcDBQMqALQAMA0GCSqGSIb3DQEB
CwUAA4IBAQBsYnowR2yUVXjIk4ZWztI3WE4SYk0dFgyjegSQ6+1ZUfhVqYIbooyk
a53AQ7mYKGAELBbxx+UFr2xMJ3xmq4KA4JKTmGRs1Ox1bNTyO4j5Fbyuggjc7r+b
GbDnDAEcGybpzHtMWjtb96kSV0grXHrdEI9jLiHIO1PNuhGVwygE9Z052z7zIyB4
kdTJnXCaN/GFpuSi4pv3I7yd4aTY48QcjWN8GSVH7W0cyTvXzMCWCVslayLsTARe
5yubjqzeEBq3Tps/n02DfYbXM8w4CHTWCbaIjWIF91kVYsGKWVrlNK0kIOx/3/+O
F/LNqTshMZLn80Cz4EOIzCIw0KYB0SGi
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:38 2024 by rpki-client on console.sobornost.net