Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/NKc5KxkwjpA2ldReSMlK-MT_Mfc.roa
File: NKc5KxkwjpA2ldReSMlK-MT_Mfc.roa (raw, json)
Hash identifier: 0zoueL1E1eOCT0Ux1ioRvCXdSknBB0BqDlfgUemgQtQ=
Subject key identifier: 34:A7:39:2B:19:30:8E:90:36:95:D4:5E:48:C9:4A:F8:C4:FF:31:F7
Certificate issuer: /CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Certificate serial: 0192AA4BF27AB12946B8FEB218B4B9C16C52
Authority key identifier: B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/NKc5KxkwjpA2ldReSMlK-MT_Mfc.roa
Signing time: Sun 20 Oct 2024 14:19:16 +0000
ROA not before: Sun 20 Oct 2024 14:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56485
IP address blocks: 37.72.129.0/24 maxlen: 24
43.252.24.0/22 maxlen: 22
45.11.198.0/24 maxlen: 24
45.154.116.0/22 maxlen: 22
77.87.127.0/24 maxlen: 24
88.151.12.0/24 maxlen: 24
88.218.188.0/22 maxlen: 22
91.223.180.0/24 maxlen: 24
91.234.32.0/22 maxlen: 22
91.247.189.0/24 maxlen: 24
146.19.45.0/24 maxlen: 24
176.114.0.0/22 maxlen: 22
176.114.4.0/22 maxlen: 22
176.114.8.0/22 maxlen: 22
176.114.12.0/22 maxlen: 22
185.166.216.0/22 maxlen: 22
185.168.150.0/24 maxlen: 24
185.230.88.0/22 maxlen: 22
185.252.24.0/22 maxlen: 22
188.93.118.0/24 maxlen: 24
194.110.248.0/24 maxlen: 24
194.110.254.0/24 maxlen: 24
194.113.32.0/24 maxlen: 24
194.113.58.0/24 maxlen: 24
2a09:b180::/29 maxlen: 29
2a0b:1600::/29 maxlen: 29
2a0c:f00::/29 maxlen: 48
2a0f:abc0::/29 maxlen: 29
2a0f:c100::/29 maxlen: 48
2a11:11c0::/29 maxlen: 29
2a11:1280::/29 maxlen: 48
2a11:2bc0::/29 maxlen: 29
2a11:cbc0::/29 maxlen: 29
2a12:1640::/29 maxlen: 29
2a12:3d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:aa:4b:f2:7a:b1:29:46:b8:fe:b2:18:b4:b9:c1:6c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Validity
Not Before: Oct 20 14:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34a7392b19308e903695d45e48c94af8c4ff31f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:63:b1:fc:04:46:9d:48:ab:39:bf:69:aa:1f:
1d:95:e4:1f:a0:73:51:20:c2:78:a4:ca:2e:da:a6:
4f:88:23:6f:9d:f3:df:dd:62:6a:43:47:8d:ea:88:
b0:cc:8e:c7:c3:4e:85:77:4c:11:1e:8c:a0:ba:97:
18:aa:63:21:9c:49:3d:ed:73:91:eb:6b:2b:75:0d:
48:2b:96:3b:10:d3:3a:fe:3d:3e:ad:d8:bc:4e:56:
7f:e2:05:b0:64:2f:ba:fd:60:ca:21:19:d7:28:43:
90:09:91:ff:87:72:3e:39:bd:2f:57:4b:61:47:85:
2f:57:c4:30:14:8e:a9:e0:79:b7:ba:6e:4b:ff:d1:
1c:5a:b7:28:bb:1a:ba:c1:ef:c6:c1:64:06:dd:15:
af:59:2f:ba:86:fa:a8:b4:63:40:0a:28:d6:17:d3:
e8:62:e4:f1:57:fa:2d:ff:d9:51:72:6f:13:f7:9e:
ae:db:9e:1a:4e:5b:63:7f:de:f7:65:99:21:aa:ed:
ad:9d:b0:6d:e9:1e:0f:c2:1f:ed:06:86:9f:3c:d1:
c6:a9:74:ef:3a:ff:cc:ea:78:5e:f3:7e:7e:3c:70:
5e:f9:bd:ad:b8:b7:83:ac:f0:c2:fe:a1:f0:ad:05:
df:6a:e1:fd:c1:c7:3c:28:f2:7d:92:5b:f8:6d:77:
39:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A7:39:2B:19:30:8E:90:36:95:D4:5E:48:C9:4A:F8:C4:FF:31:F7
X509v3 Authority Key Identifier:
keyid:B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/NKc5KxkwjpA2ldReSMlK-MT_Mfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.129.0/24
43.252.24.0/22
45.11.198.0/24
45.154.116.0/22
77.87.127.0/24
88.151.12.0/24
88.218.188.0/22
91.223.180.0/24
91.234.32.0/22
91.247.189.0/24
146.19.45.0/24
176.114.0.0/20
185.166.216.0/22
185.168.150.0/24
185.230.88.0/22
185.252.24.0/22
188.93.118.0/24
194.110.248.0/24
194.110.254.0/24
194.113.32.0/24
194.113.58.0/24
IPv6:
2a09:b180::/29
2a0b:1600::/29
2a0c:f00::/29
2a0f:abc0::/29
2a0f:c100::/29
2a11:11c0::/29
2a11:1280::/29
2a11:2bc0::/29
2a11:cbc0::/29
2a12:1640::/29
2a12:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
a4:e8:af:ef:9c:72:7d:e8:1d:cc:95:a2:b6:59:45:b0:9a:00:
10:82:96:c0:a5:da:02:73:5e:06:38:ca:93:37:f8:c3:45:2d:
a0:e7:35:bc:c3:27:d0:5b:9c:81:38:28:71:a6:70:43:b6:43:
74:c4:25:c3:84:f4:9c:a2:74:2b:0e:59:eb:95:f7:c1:b6:f2:
73:92:95:51:d6:cf:f1:75:db:30:53:ea:05:b4:b4:02:33:4b:
be:ca:7e:4f:b5:ea:97:6d:52:12:a6:00:1e:4c:b6:82:80:05:
e9:95:e1:fe:6b:5e:26:5a:55:23:5a:ca:2e:01:11:f6:99:9b:
a4:cd:2c:7b:22:89:28:aa:1a:4d:71:ea:6b:85:de:03:27:eb:
ba:b2:81:00:89:24:99:53:a4:4e:87:33:a9:aa:3e:7a:85:32:
00:00:d4:69:4f:58:a0:c1:43:34:25:e3:74:9e:ef:9f:63:19:
eb:54:4d:df:2a:3d:13:5d:ee:9d:c4:ba:6f:b2:db:11:11:67:
fb:97:a5:fa:a6:93:cc:28:25:d0:3d:bb:fc:b5:61:6e:00:81:
4f:a9:38:14:37:82:a9:ac:0e:82:04:d9:01:71:c2:52:c9:ce:
f6:c7:3f:39:73:ae:f2:69:fc:17:26:73:ee:c8:97:f5:33:b1:
35:c3:9c:dc
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZKqS/J6sSlGuP6yGLS5wWxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjY0NmRlNDE0MDcyZmMxYWI3NmIxYjJjOWUwOGI5YmQy
MWE4NDMwHhcNMjQxMDIwMTQxOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE3MzkyYjE5MzA4ZTkwMzY5NWQ0NWU0OGM5NGFmOGM0ZmYzMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2Ox/ARGnUirOb9pqh8dleQfoHNR
IMJ4pMou2qZPiCNvnfPf3WJqQ0eN6oiwzI7Hw06Fd0wRHoygupcYqmMhnEk97XOR
62srdQ1IK5Y7ENM6/j0+rdi8TlZ/4gWwZC+6/WDKIRnXKEOQCZH/h3I+Ob0vV0th
R4UvV8QwFI6p4Hm3um5L/9EcWrcouxq6we/GwWQG3RWvWS+6hvqotGNACijWF9Po
YuTxV/ot/9lRcm8T956u254aTltjf973ZZkhqu2tnbBt6R4Pwh/tBoafPNHGqXTv
Ov/M6nhe835+PHBe+b2tuLeDrPDC/qHwrQXfauH9wcc8KPJ9klv4bXc5WwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFDSnOSsZMI6QNpXUXkjJSvjE/zH3MB8GA1UdIwQY
MBaAFLf2Rt5BQHL8GrdrGyyeCLm9IahDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTct
NzdlZjg3YTczZTEzLzEvTktjNUt4a3dqcEEybGRSZVNNbEstTVRfTWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTctNzdlZjg3YTczZTEz
LzEvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCBhAQCAAEwfgMEACVI
gQMEAiv8GAMEAC0LxgMEAi2adAMEAE1XfwMEAFiXDAMEAljavAMEAFvftAMEAlvq
IAMEAFv3vQMEAJITLQMEBLByAAMEArmm2AMEALmolgMEArnmWAMEArn8GAMEALxd
dgMEAMJu+AMEAMJu/gMEAMJxIAMEAMJxOjBTBAIAAjBNAwUDKgmxgAMFAyoLFgAD
BQMqDA8AAwUDKg+rwAMFAyoPwQADBQMqERHAAwUDKhESgAMFAyoRK8ADBQMqEcvA
AwUDKhIWQAMFAyoSPQAwDQYJKoZIhvcNAQELBQADggEBAKTor++ccn3oHcyVorZZ
RbCaABCClsCl2gJzXgY4ypM3+MNFLaDnNbzDJ9BbnIE4KHGmcEO2Q3TEJcOE9Jyi
dCsOWeuV98G28nOSlVHWz/F12zBT6gW0tAIzS77Kfk+16pdtUhKmAB5MtoKABemV
4f5rXiZaVSNayi4BEfaZm6TNLHsiiSiqGk1x6muF3gMn67qygQCJJJlTpE6HM6mq
PnqFMgAA1GlPWKDBQzQl43Se759jGetUTd8qPRNd7p3Eum+y2xERZ/uXpfqmk8wo
JdA9u/y1YW4AgU+pOBQ3gqmsDoIE2QFxwlLJzvbHPzlzrvJp/Bcmc+7Il/UzsTXD
nNw=
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:18:35 2024 by rpki-client on console.sobornost.net