Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/mFqIxo0UzJXFnu4cA-5bl-EHQFY.roa
File: mFqIxo0UzJXFnu4cA-5bl-EHQFY.roa (raw, json)
Hash identifier: 0FWoc/WEmchfToAk5WFycpeZb06+9qeKV93xMJyonXQ=
Subject key identifier: 98:5A:88:C6:8D:14:CC:95:C5:9E:EE:1C:03:EE:5B:97:E1:07:40:56
Certificate issuer: /CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Certificate serial: 018593D5355C35357754AD1791A36A7545FC
Authority key identifier: C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/mFqIxo0UzJXFnu4cA-5bl-EHQFY.roa
Signing time: Mon 09 Jan 2023 00:01:41 +0000
ROA not before: Mon 09 Jan 2023 00:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 77.37.91.0/24 maxlen: 24
77.37.94.0/24 maxlen: 24
77.37.40.0/24 maxlen: 24
77.37.41.0/24 maxlen: 24
77.37.43.0/24 maxlen: 24
77.37.52.0/24 maxlen: 24
77.37.60.0/24 maxlen: 24
93.127.203.0/24 maxlen: 24
93.127.212.0/24 maxlen: 24
93.127.219.0/24 maxlen: 24
93.127.167.0/24 maxlen: 24
93.127.179.0/24 maxlen: 24
93.127.188.0/24 maxlen: 24
93.127.190.0/24 maxlen: 24
93.127.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:93:d5:35:5c:35:35:77:54:ad:17:91:a3:6a:75:45:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c08d735f346c4fc42a4792ce33808a2210a82bb5
Validity
Not Before: Jan 9 00:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=985a88c68d14cc95c59eee1c03ee5b97e1074056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:e2:b9:0e:ee:1b:f9:8f:54:ff:a0:18:01:
43:a9:48:8b:fc:d3:b4:58:d8:d5:af:f0:56:76:ef:
e6:5e:82:5d:0b:fd:84:d3:41:83:2f:db:a4:3e:55:
0d:56:fa:6a:85:20:5f:83:8e:a2:02:a4:2a:68:72:
84:17:f8:9d:f5:f4:c8:72:41:b2:d8:51:70:2f:ca:
6d:c5:1f:1e:b5:d4:1e:e3:95:52:08:66:d7:ff:f1:
de:63:80:b3:fd:a8:bd:87:90:dc:b9:16:c0:ad:55:
80:0d:cf:98:26:ee:12:58:e5:70:85:65:d5:fb:be:
b4:5a:b3:b0:54:9c:5d:f7:03:88:aa:66:cf:a8:a2:
23:0e:53:56:f6:c1:ca:85:8d:22:61:bb:8b:6e:a6:
b0:7b:b2:65:67:4a:c5:ba:8d:c9:a1:43:98:e8:e4:
c4:0e:58:59:c0:0a:3d:58:83:d6:a6:61:1f:b6:20:
41:79:e7:a4:99:84:b9:5a:e8:87:83:05:20:ea:40:
c4:5f:f7:5d:47:79:6c:23:95:b3:97:2d:2e:31:39:
7e:91:aa:ea:00:6b:09:1c:ca:2c:e3:f4:33:f6:eb:
3a:35:d0:bd:0d:2b:ef:e3:77:4b:84:2f:f0:ae:da:
dc:40:9a:dc:42:93:c8:0d:d7:87:46:83:34:85:5e:
4b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5A:88:C6:8D:14:CC:95:C5:9E:EE:1C:03:EE:5B:97:E1:07:40:56
X509v3 Authority Key Identifier:
keyid:C0:8D:73:5F:34:6C:4F:C4:2A:47:92:CE:33:80:8A:22:10:A8:2B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wI1zXzRsT8QqR5LOM4CKIhCoK7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/mFqIxo0UzJXFnu4cA-5bl-EHQFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/d97287-fd01-4a10-909e-c3f257eb20cc/1/wI1zXzRsT8QqR5LOM4CKIhCoK7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.40.0/23
77.37.43.0/24
77.37.52.0/24
77.37.60.0/24
77.37.91.0/24
77.37.94.0/24
93.127.167.0/24
93.127.179.0/24
93.127.188.0/24
93.127.190.0/23
93.127.203.0/24
93.127.212.0/24
93.127.219.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:43:d1:21:7e:16:20:69:76:53:7a:86:6e:3a:82:b3:48:c7:
e7:0a:ac:67:5b:d3:3e:7a:81:58:f5:98:9b:52:a7:d3:19:53:
09:70:cf:9d:21:1c:d8:d7:3e:99:67:61:08:42:09:88:b7:98:
02:b1:4e:a3:72:3a:fe:48:94:45:57:59:54:fc:cf:7f:87:b6:
c5:07:f2:90:f1:10:bc:8e:6f:4c:54:34:0c:b9:3c:7b:4e:ba:
34:f1:ec:51:76:9f:5f:07:a5:ad:e5:a3:90:be:1b:5c:e5:96:
db:50:4b:38:08:c7:74:b1:5c:4c:bf:2c:31:07:66:6a:fc:bc:
c4:b3:bd:79:ee:a3:96:0d:55:4f:68:18:46:e3:5c:52:be:36:
a6:b4:b8:35:ea:bb:b7:61:92:49:01:3d:06:6c:7c:e4:31:5d:
25:b8:4a:4a:9b:31:2a:72:e0:14:7b:44:c4:bb:3e:dd:44:d6:
a3:4b:ba:f8:c6:94:93:61:d6:60:81:43:55:b2:21:01:5f:d6:
45:e7:c7:10:f7:ed:b5:5f:77:2e:10:58:90:ba:6f:a6:82:41:
71:1a:9d:15:13:ef:47:f3:3e:74:75:de:3e:d6:c7:f3:4d:90:
bd:ab:05:49:04:5b:70:4e:87:6c:8a:33:f8:f2:3d:65:c2:4a:
d8:4c:2f:3c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYWT1TVcNTV3VK0XkaNqdUX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOGQ3MzVmMzQ2YzRmYzQyYTQ3OTJjZTMzODA4YTIyMTBh
ODJiYjUwHhcNMjMwMTA5MDAwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVhODhjNjhkMTRjYzk1YzU5ZWVlMWMwM2VlNWI5N2UxMDc0MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymHiuQ7uG/mPVP+gGAFDqUiL/NO0
WNjVr/BWdu/mXoJdC/2E00GDL9ukPlUNVvpqhSBfg46iAqQqaHKEF/id9fTIckGy
2FFwL8ptxR8etdQe45VSCGbX//HeY4Cz/ai9h5DcuRbArVWADc+YJu4SWOVwhWXV
+760WrOwVJxd9wOIqmbPqKIjDlNW9sHKhY0iYbuLbqawe7JlZ0rFuo3JoUOY6OTE
DlhZwAo9WIPWpmEftiBBeeekmYS5WuiHgwUg6kDEX/ddR3lsI5Wzly0uMTl+karq
AGsJHMos4/Qz9us6NdC9DSvv43dLhC/wrtrcQJrcQpPIDdeHRoM0hV5L/wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJhaiMaNFMyVxZ7uHAPuW5fhB0BWMB8GA1UdIwQY
MBaAFMCNc180bE/EKkeSzjOAiiIQqCu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUt
YzNmMjU3ZWIyMGNjLzEvbUZxSXhvMFV6SlhGbnU0Y0EtNWJsLUVIUUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9kOTcyODctZmQwMS00YTEwLTkwOWUtYzNmMjU3ZWIyMGNj
LzEvd0kxelh6UnNUOFFxUjVMT000Q0tJaENvSzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBTSUoAwQA
TSUrAwQATSU0AwQATSU8AwQATSVbAwQATSVeAwQAXX+nAwQAXX+zAwQAXX+8AwQB
XX++AwQAXX/LAwQAXX/UAwQAXX/bMA0GCSqGSIb3DQEBCwUAA4IBAQAqQ9EhfhYg
aXZTeoZuOoKzSMfnCqxnW9M+eoFY9ZibUqfTGVMJcM+dIRzY1z6ZZ2EIQgmIt5gC
sU6jcjr+SJRFV1lU/M9/h7bFB/KQ8RC8jm9MVDQMuTx7Tro08exRdp9fB6Wt5aOQ
vhtc5ZbbUEs4CMd0sVxMvywxB2Zq/LzEs7157qOWDVVPaBhG41xSvjamtLg16ru3
YZJJAT0GbHzkMV0luEpKmzEqcuAUe0TEuz7dRNajS7r4xpSTYdZggUNVsiEBX9ZF
58cQ9+21X3cuEFiQum+mgkFxGp0VE+9H8z50dd4+1sfzTZC9qwVJBFtwTodsijP4
8j1lwkrYTC88
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:05 2023 by rpki-client on console.sobornost.net