Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/73aXk6WGyA8wUaap1lshePOuIsQ.roa
File: 73aXk6WGyA8wUaap1lshePOuIsQ.roa (raw, json)
Hash identifier: U+42p5nwE/zAD472X5S8UTwG9B4ROrdosm60woEvHmk=
Subject key identifier: EF:76:97:93:A5:86:C8:0F:30:51:A6:A9:D6:5B:21:78:F3:AE:22:C4
Certificate issuer: /CN=660c32996ae12461897222e2d9cc093930927ddd
Certificate serial: 018CC26CF057DC391D0C6B91F1F2C5A1A2AE
Authority key identifier: 66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/73aXk6WGyA8wUaap1lshePOuIsQ.roa
Signing time: Mon 01 Jan 2024 00:29:28 +0000
ROA not before: Mon 01 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198325
IP address blocks: 89.145.185.0/24 maxlen: 24
89.145.184.0/24 maxlen: 24
89.145.186.0/24 maxlen: 24
89.145.189.0/24 maxlen: 24
89.145.188.0/24 maxlen: 24
89.145.190.0/24 maxlen: 24
89.145.191.0/24 maxlen: 24
89.145.187.0/24 maxlen: 24
185.251.35.0/24 maxlen: 24
185.251.34.0/24 maxlen: 24
185.251.33.0/24 maxlen: 24
185.251.32.0/24 maxlen: 24
2a04:6680::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f0:57:dc:39:1d:0c:6b:91:f1:f2:c5:a1:a2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=660c32996ae12461897222e2d9cc093930927ddd
Validity
Not Before: Jan 1 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef769793a586c80f3051a6a9d65b2178f3ae22c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2f:6e:92:52:b9:b6:37:3f:00:62:00:64:1c:
1a:d3:cd:83:c2:4c:f6:60:84:8c:e7:fa:80:fa:1d:
8a:81:ed:67:3e:ff:e4:a8:8a:f5:3c:c6:65:5d:10:
9a:a1:ff:5d:95:d1:70:5a:47:c8:c2:e5:ae:8c:89:
c9:dd:c8:ce:ce:03:46:e1:79:df:40:d3:2f:3e:5b:
c7:09:c8:de:57:3c:fd:01:d2:4e:d6:e8:3e:9e:cf:
87:ba:0a:a4:31:1e:bb:af:9a:ea:d9:86:e9:07:cc:
cc:0c:c3:26:0a:89:03:3a:d7:1a:3e:87:e4:e5:40:
ec:f1:14:52:96:bc:c7:c5:39:40:35:e9:e2:1b:de:
6c:eb:93:0e:b8:ad:8e:ec:97:49:b6:bb:50:be:c3:
c5:c4:5a:46:b6:62:be:83:b3:be:d2:5d:8a:9e:34:
a5:db:84:b7:04:ad:05:e9:46:a2:64:0d:b0:b8:5a:
ee:db:36:8b:de:9d:c3:3e:77:45:25:c7:81:ff:2b:
10:e3:05:89:d1:2b:94:5e:07:1e:cb:71:f1:3e:91:
43:60:9c:76:0b:2a:98:1f:ce:fa:b2:b8:e6:10:06:
2c:0b:0d:7a:a4:8f:7d:4d:7f:82:12:4d:ca:90:92:
b7:85:d7:57:94:0b:28:4f:ab:c9:09:51:57:05:12:
b7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:76:97:93:A5:86:C8:0F:30:51:A6:A9:D6:5B:21:78:F3:AE:22:C4
X509v3 Authority Key Identifier:
keyid:66:0C:32:99:6A:E1:24:61:89:72:22:E2:D9:CC:09:39:30:92:7D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZgwymWrhJGGJciLi2cwJOTCSfd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/73aXk6WGyA8wUaap1lshePOuIsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8d400-e6e8-41ef-ad24-55c3a28e62c3/1/ZgwymWrhJGGJciLi2cwJOTCSfd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.184.0/21
185.251.32.0/22
IPv6:
2a04:6680::/48
Signature Algorithm: sha256WithRSAEncryption
bd:3a:67:87:8c:9f:84:84:ea:c8:9d:ff:e1:ca:22:2a:7e:d1:
3a:29:c9:2d:29:2f:02:79:15:65:61:84:72:7f:95:4d:19:01:
49:50:6b:d4:18:ee:98:df:33:2d:b8:00:16:5b:1c:e5:8c:86:
82:dc:93:fd:3e:8e:10:dd:59:b6:52:48:84:4d:24:bb:e0:30:
2b:02:d9:e0:41:a8:4c:ef:44:f7:2b:3e:44:7a:3f:d0:5f:33:
90:5e:39:c2:4a:d8:5c:8a:85:3c:ef:0f:1c:64:f4:ae:2d:57:
30:a9:4e:53:9f:97:fb:e4:76:7f:4d:c4:be:65:87:2b:2f:3b:
52:81:b1:09:cd:ff:70:b1:a5:10:3c:41:26:9b:98:98:b0:90:
71:26:3e:f4:e7:7d:c1:0c:9d:3b:03:61:41:dc:43:93:2a:46:
bc:07:e6:4d:06:80:2b:59:22:f4:02:ad:e6:05:eb:53:e9:d8:
d4:4a:e7:c0:0e:e7:35:fc:85:f2:4a:b6:fa:db:33:85:74:f2:
43:25:5c:dd:66:53:df:93:3b:37:4d:b2:23:2b:88:ba:da:e4:
6f:f0:ed:ce:76:e9:0a:47:22:58:ed:1b:47:57:66:e8:a1:8e:
10:92:c8:f5:ad:00:a7:d7:fa:20:55:47:fa:87:97:f1:de:d1:
3e:06:6c:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzCbPBX3DkdDGuR8fLFoaKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MGMzMjk5NmFlMTI0NjE4OTcyMjJlMmQ5Y2MwOTM5MzA5
MjdkZGQwHhcNMjQwMTAxMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjc2OTc5M2E1ODZjODBmMzA1MWE2YTlkNjViMjE3OGYzYWUyMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0C9uklK5tjc/AGIAZBwa082Dwkz2
YISM5/qA+h2Kge1nPv/kqIr1PMZlXRCaof9dldFwWkfIwuWujInJ3cjOzgNG4Xnf
QNMvPlvHCcjeVzz9AdJO1ug+ns+HugqkMR67r5rq2YbpB8zMDMMmCokDOtcaPofk
5UDs8RRSlrzHxTlANeniG95s65MOuK2O7JdJtrtQvsPFxFpGtmK+g7O+0l2KnjSl
24S3BK0F6UaiZA2wuFru2zaL3p3DPndFJceB/ysQ4wWJ0SuUXgcey3HxPpFDYJx2
CyqYH876srjmEAYsCw16pI99TX+CEk3KkJK3hddXlAsoT6vJCVFXBRK3XQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFO92l5OlhsgPMFGmqdZbIXjzriLEMB8GA1UdIwQY
MBaAFGYMMplq4SRhiXIi4tnMCTkwkn3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmd3eW1XcmhKR0dKY2lMaTJjd0pPVENTZmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iOGQ0MDAtZTZlOC00MWVmLWFkMjQt
NTVjM2EyOGU2MmMzLzEvNzNhWGs2V0d5QTh3VWFhcDFsc2hlUE91SXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iOGQ0MDAtZTZlOC00MWVmLWFkMjQtNTVjM2EyOGU2MmMz
LzEvWmd3eW1XcmhKR0dKY2lMaTJjd0pPVENTZmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDWZG4AwQC
ufsgMA8EAgACMAkDBwAqBGaAAAAwDQYJKoZIhvcNAQELBQADggEBAL06Z4eMn4SE
6sid/+HKIip+0TopyS0pLwJ5FWVhhHJ/lU0ZAUlQa9QY7pjfMy24ABZbHOWMhoLc
k/0+jhDdWbZSSIRNJLvgMCsC2eBBqEzvRPcrPkR6P9BfM5BeOcJK2FyKhTzvDxxk
9K4tVzCpTlOfl/vkdn9NxL5lhysvO1KBsQnN/3CxpRA8QSabmJiwkHEmPvTnfcEM
nTsDYUHcQ5MqRrwH5k0GgCtZIvQCreYF61Pp2NRK58AO5zX8hfJKtvrbM4V08kMl
XN1mU9+TOzdNsiMriLra5G/w7c526QpHIljtG0dXZuihjhCSyPWtAKfX+iBVR/qH
l/He0T4GbNQ=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:40 2024 by rpki-client on console.sobornost.net