Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/YQNEisXtPg0do8M3HW8RIbpAbbc.roa
File: YQNEisXtPg0do8M3HW8RIbpAbbc.roa (raw, json)
Hash identifier: aE0cttaqAvat7D0lysolmJGm/NMZGstwYYRMBmwwUHw=
Subject key identifier: 61:03:44:8A:C5:ED:3E:0D:1D:A3:C3:37:1D:6F:11:21:BA:40:6D:B7
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018CC9BCEDCD445F68928F74CC1DD6430CAD
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/YQNEisXtPg0do8M3HW8RIbpAbbc.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209236
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.38.0/24 maxlen: 24
193.221.32.0/22 maxlen: 22
193.221.36.0/24 maxlen: 24
193.221.47.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ed:cd:44:5f:68:92:8f:74:cc:1d:d6:43:0c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6103448ac5ed3e0d1da3c3371d6f1121ba406db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c1:7f:7c:aa:2b:0e:77:2a:34:fc:44:81:42:
d7:3f:67:9b:53:19:dc:d5:04:46:e7:35:11:06:14:
07:a2:82:23:a0:86:c1:d4:55:72:a0:34:a4:41:51:
59:82:d4:cd:0c:3e:5f:d0:fe:5d:c3:d9:87:e2:d0:
5a:df:0d:e5:b4:02:1b:7c:ba:f8:eb:2f:ef:fb:d1:
c0:24:65:6e:02:44:ea:cd:12:46:71:96:15:9c:9e:
a8:ef:00:23:91:b8:e2:a6:04:46:61:f9:ed:d2:78:
60:c4:60:a5:35:6d:45:3f:28:3c:9c:21:25:de:d2:
a5:69:76:21:8e:e0:64:39:37:11:13:6b:7d:5b:38:
b9:c7:76:d9:8c:5c:4b:06:52:b4:5d:92:f8:da:c6:
09:b1:50:b5:da:e3:47:73:2e:41:10:5b:5e:57:bc:
f8:06:7a:23:4d:3a:fa:6d:6a:86:db:e1:03:cf:35:
35:c7:5c:d6:cd:af:c1:a3:03:af:71:c2:76:1c:5f:
43:79:48:7b:2d:e6:f0:f2:ac:e6:68:99:f1:9f:61:
d7:d8:de:f9:4e:03:ae:42:54:7e:37:b1:ca:c5:bf:
6e:57:81:43:f0:d7:a0:80:24:62:a6:3b:e7:b7:36:
60:9e:8b:bc:23:0e:5d:c2:ea:aa:ed:40:74:3e:79:
9a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:03:44:8A:C5:ED:3E:0D:1D:A3:C3:37:1D:6F:11:21:BA:40:6D:B7
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/YQNEisXtPg0do8M3HW8RIbpAbbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.32.0-193.221.38.255
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
50:b6:fb:2f:91:bd:d8:b9:da:38:61:d6:23:25:dc:23:56:f0:
78:28:ec:61:66:d3:77:db:78:8b:65:63:42:4f:a8:44:91:4d:
e6:a2:72:ca:11:ba:6c:a8:7e:28:34:00:bc:49:5f:48:ba:92:
f3:bb:9a:e2:e2:5e:9b:bd:fa:18:c0:96:d0:25:99:b4:02:de:
ce:a2:53:75:d0:d2:86:e4:16:f5:a6:66:bf:26:41:10:50:04:
98:56:aa:58:d0:95:a9:a9:31:9f:e6:7d:18:18:46:a1:75:3c:
78:b6:2b:74:4c:69:21:3f:3e:49:24:e9:dd:4f:99:8c:14:72:
5a:ad:e7:f6:56:50:dc:c7:cf:77:01:e6:80:a5:27:af:c8:53:
ea:4b:b3:4d:f0:51:0a:6a:fb:e0:a7:fe:12:c8:69:2f:d7:3e:
ab:84:e8:33:98:ea:fa:bd:4b:d8:0f:46:1a:e9:9b:65:5f:98:
76:8b:7a:3a:60:22:1d:e0:14:99:1d:1f:91:94:d3:4b:5b:df:
08:a2:4e:d1:0a:48:4c:94:17:e8:1d:0f:04:60:34:46:4b:21:
77:f0:13:98:f6:da:56:cc:05:c2:0c:c2:c2:1b:0b:ec:05:a8:
49:81:71:f9:c5:c1:35:95:bc:03:a9:4f:f4:45:b1:81:5e:c9:
22:5a:f5:d5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJvO3NRF9oko90zB3WQwytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTAzNDQ4YWM1ZWQzZTBkMWRhM2MzMzcxZDZmMTEyMWJhNDA2ZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMF/fKorDncqNPxEgULXP2ebUxnc
1QRG5zURBhQHooIjoIbB1FVyoDSkQVFZgtTNDD5f0P5dw9mH4tBa3w3ltAIbfLr4
6y/v+9HAJGVuAkTqzRJGcZYVnJ6o7wAjkbjipgRGYfnt0nhgxGClNW1FPyg8nCEl
3tKlaXYhjuBkOTcRE2t9Wzi5x3bZjFxLBlK0XZL42sYJsVC12uNHcy5BEFteV7z4
BnojTTr6bWqG2+EDzzU1x1zWza/BowOvccJ2HF9DeUh7Lebw8qzmaJnxn2HX2N75
TgOuQlR+N7HKxb9uV4FD8NeggCRipjvntzZgnou8Iw5dwuqq7UB0PnmaTQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGEDRIrF7T4NHaPDNx1vESG6QG23MB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvWVFORWlzWHRQZzBkbzhNM0hXOFJJYnBBYmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDqxmAAwQA
wd0cMAwDBAXB3SADBADB3SYDBADB3S8DBAHB3TQDBADB3TswDQYJKoZIhvcNAQEL
BQADggEBAFC2+y+Rvdi52jhh1iMl3CNW8Hgo7GFm03fbeItlY0JPqESRTeaicsoR
umyofig0ALxJX0i6kvO7muLiXpu9+hjAltAlmbQC3s6iU3XQ0obkFvWmZr8mQRBQ
BJhWqljQlampMZ/mfRgYRqF1PHi2K3RMaSE/Pkkk6d1PmYwUclqt5/ZWUNzHz3cB
5oClJ6/IU+pLs03wUQpq++Cn/hLIaS/XPquE6DOY6vq9S9gPRhrpm2VfmHaLejpg
Ih3gFJkdH5GU00tb3wiiTtEKSEyUF+gdDwRgNEZLIXfwE5j22lbMBcIMwsIbC+wF
qEmBcfnFwTWVvAOpT/RFsYFeySJa9dU=
-----END CERTIFICATE-----
Generated at Thu May 2 16:10:09 2024 by rpki-client on console.sobornost.net