Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/LfZkrbUqqwhVJKVxdWjtIclGpso.roa
File: LfZkrbUqqwhVJKVxdWjtIclGpso.roa (raw, json)
Hash identifier: wspafNEeCFkz31MG9+Nt/cAalh5w1iDL98lRZCC2Ftk=
Subject key identifier: 2D:F6:64:AD:B5:2A:AB:08:55:24:A5:71:75:68:ED:21:C9:46:A6:CA
Certificate issuer: /CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Certificate serial: 018529853A5A8849420E37865EDF5EB3FA1A
Authority key identifier: C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/LfZkrbUqqwhVJKVxdWjtIclGpso.roa
Signing time: Mon 19 Dec 2022 08:34:35 +0000
ROA not before: Mon 19 Dec 2022 08:34:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 77.37.92.0/24 maxlen: 24
77.37.95.0/24 maxlen: 24
77.37.40.0/24 maxlen: 24
77.37.43.0/24 maxlen: 24
77.37.60.0/24 maxlen: 24
93.127.203.0/24 maxlen: 24
93.127.164.0/24 maxlen: 24
93.127.167.0/24 maxlen: 24
93.127.171.0/24 maxlen: 24
93.127.179.0/24 maxlen: 24
93.127.188.0/24 maxlen: 24
93.127.190.0/24 maxlen: 24
93.127.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:85:3a:5a:88:49:42:0e:37:86:5e:df:5e:b3:fa:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Validity
Not Before: Dec 19 08:34:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2df664adb52aab085524a5717568ed21c946a6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:57:ec:04:48:88:e4:71:b3:5c:56:02:e3:a9:
bf:bd:d0:ed:26:d4:61:34:02:6e:9b:dc:c4:a2:cf:
4a:8b:27:a1:c9:3c:f2:3c:e0:4d:2f:27:c0:9c:ca:
fa:a0:b2:1a:c2:3c:47:9d:e0:10:5d:5b:45:28:f7:
6e:01:e5:b4:74:38:0a:71:a9:93:11:b5:f7:c0:42:
af:8a:de:7d:f8:42:de:ed:52:7f:aa:98:29:1a:1b:
cb:ad:b2:3c:97:e8:b8:36:8d:c7:65:8b:29:40:c4:
52:96:da:8d:0c:91:d6:ca:8b:33:d4:db:99:78:b7:
73:b1:bd:16:ea:a9:5b:20:80:b3:af:1a:79:5d:9f:
2d:7c:2f:f8:b6:f3:7b:2e:c1:51:70:97:d4:8d:82:
dd:92:a2:bb:a8:bb:f5:fd:f4:66:2e:67:79:13:a3:
95:eb:6d:32:23:f6:66:c2:7e:94:e7:94:8d:3c:b4:
8d:fa:aa:83:ff:1f:4b:c8:43:ab:35:fe:d6:5e:ac:
b1:6b:d7:2e:44:92:7d:4f:64:e1:70:a2:31:72:03:
1e:2c:c7:6c:e9:63:be:6e:86:bf:bf:88:25:72:11:
52:a6:ac:2b:6f:1c:e3:c2:68:ad:6b:6c:43:d7:6b:
e4:ce:ef:ba:81:30:01:cd:1a:b8:a3:26:1d:9c:a1:
87:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F6:64:AD:B5:2A:AB:08:55:24:A5:71:75:68:ED:21:C9:46:A6:CA
X509v3 Authority Key Identifier:
keyid:C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/LfZkrbUqqwhVJKVxdWjtIclGpso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/wI1zXzRsT8QqR5LOM4CKIhCoK7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.40.0/24
77.37.43.0/24
77.37.60.0/24
77.37.92.0/24
77.37.95.0/24
93.127.164.0/24
93.127.167.0/24
93.127.171.0/24
93.127.179.0/24
93.127.188.0/24
93.127.190.0/23
93.127.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:2a:c3:db:12:4f:1a:ab:e5:ca:b2:46:af:bf:4f:2c:e5:ed:
5b:d5:ab:94:21:0b:e8:cd:4c:00:cd:7c:60:b8:3d:e9:11:bd:
99:3c:e2:41:7c:15:9f:b5:dd:91:5e:01:8d:2d:cc:89:a8:34:
b3:dd:51:fd:a0:a8:64:e4:1d:a7:5c:d1:55:09:42:80:03:db:
f0:df:ad:40:c3:41:38:63:05:9c:4a:33:37:e7:52:10:f1:8f:
ac:f7:cd:1e:81:7a:0a:ff:78:b6:b1:a5:20:6b:6c:e6:75:4f:
bf:51:ed:18:30:42:42:a3:56:a2:8b:c0:d7:dd:ea:2a:46:6a:
2e:91:0d:df:c7:2b:3d:8b:a1:4f:f8:c9:d3:86:ca:27:22:65:
0b:0d:86:0d:6d:86:f0:51:5c:a6:20:a9:7b:50:d7:32:39:c1:
9a:a7:ea:be:a7:9e:d6:e0:b7:7c:06:0d:8e:7b:37:05:60:e3:
b6:59:89:d6:ea:2b:3f:29:55:a3:05:43:76:0c:5c:4d:52:48:
1e:bd:bd:37:9e:0b:1a:6a:61:1d:d8:b5:a4:ad:44:4d:92:53:
a6:9a:1c:e0:8d:c8:88:c5:68:0d:94:cf:e3:b5:8b:ca:cb:b1:
0d:31:ec:16:c7:ee:7a:d9:9e:d6:fb:39:77:01:d2:be:74:2b:
54:12:35:ff
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYUphTpaiElCDjeGXt9es/oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOGQ3MzVmMzQ2YzRmYzQyYTQ3OTJjZTMzODA4YTIyMTBh
ODJiYjUwHhcNMjIxMjE5MDgzNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGY2NjRhZGI1MmFhYjA4NTUyNGE1NzE3NTY4ZWQyMWM5NDZhNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVfsBEiI5HGzXFYC46m/vdDtJtRh
NAJum9zEos9KiyehyTzyPOBNLyfAnMr6oLIawjxHneAQXVtFKPduAeW0dDgKcamT
EbX3wEKvit59+ELe7VJ/qpgpGhvLrbI8l+i4No3HZYspQMRSltqNDJHWyosz1NuZ
eLdzsb0W6qlbIICzrxp5XZ8tfC/4tvN7LsFRcJfUjYLdkqK7qLv1/fRmLmd5E6OV
620yI/Zmwn6U55SNPLSN+qqD/x9LyEOrNf7WXqyxa9cuRJJ9T2ThcKIxcgMeLMds
6WO+boa/v4glchFSpqwrbxzjwmita2xD12vkzu+6gTABzRq4oyYdnKGHQQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFC32ZK21KqsIVSSlcXVo7SHJRqbKMB8GA1UdIwQY
MBaAFMCNc180bE/EKkeSzjOAiiIQqCu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUt
YzNmMjU3ZWIyMGNjLzEvTGZaa3JiVXFxd2hWSktWeGRXanRJY2xHcHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUtYzNmMjU3ZWIyMGNj
LzEvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQATSUoAwQA
TSUrAwQATSU8AwQATSVcAwQATSVfAwQAXX+kAwQAXX+nAwQAXX+rAwQAXX+zAwQA
XX+8AwQBXX++AwQAXX/LMA0GCSqGSIb3DQEBCwUAA4IBAQAqKsPbEk8aq+XKskav
v08s5e1b1auUIQvozUwAzXxguD3pEb2ZPOJBfBWftd2RXgGNLcyJqDSz3VH9oKhk
5B2nXNFVCUKAA9vw361Aw0E4YwWcSjM351IQ8Y+s980egXoK/3i2saUga2zmdU+/
Ue0YMEJCo1aii8DX3eoqRmoukQ3fxys9i6FP+MnThsonImULDYYNbYbwUVymIKl7
UNcyOcGap+q+p57W4Ld8Bg2OezcFYOO2WYnW6is/KVWjBUN2DFxNUkgevb03ngsa
amEd2LWkrURNklOmmhzgjciIxWgNlM/jtYvKy7ENMewWx+562Z7W+zl3AdK+dCtU
EjX/
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:05 2023 by rpki-client on console.sobornost.net