Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a4FChwIJz-nyWeMWBKVKQlxuZuA.roa
File: a4FChwIJz-nyWeMWBKVKQlxuZuA.roa (raw, json)
Hash identifier: mfyYB36lzpMHCSAcPaWgzUaO+MbspXI8ZL7C9n501N4=
Subject key identifier: 6B:81:42:87:02:09:CF:E9:F2:59:E3:16:04:A5:4A:42:5C:6E:66:E0
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0193DB9A51D33631C00AB94CD251615654D9
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a4FChwIJz-nyWeMWBKVKQlxuZuA.roa
Signing time: Wed 18 Dec 2024 21:09:03 +0000
ROA not before: Wed 18 Dec 2024 21:09:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398465
IP address blocks: 45.43.172.0/22 maxlen: 22
64.137.29.0/24 maxlen: 24
64.137.39.0/24 maxlen: 24
64.137.44.0/24 maxlen: 24
64.137.45.0/24 maxlen: 24
64.137.46.0/24 maxlen: 24
64.137.72.0/24 maxlen: 24
64.137.85.0/24 maxlen: 24
64.137.114.0/24 maxlen: 24
64.137.116.0/24 maxlen: 24
64.137.125.0/24 maxlen: 24
84.246.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:db:9a:51:d3:36:31:c0:0a:b9:4c:d2:51:61:56:54:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 18 21:09:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8142870209cfe9f259e31604a54a425c6e66e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:92:6c:0b:b5:16:80:f9:b6:b8:b4:bd:e2:
4c:f0:7a:14:cf:db:6a:84:cb:11:d3:d5:d6:6a:d8:
a5:30:9c:24:ea:9f:6e:ca:97:ea:8f:f9:cc:64:bd:
ed:09:fd:49:97:d4:2c:dd:7c:c1:df:de:19:14:1e:
3f:4a:f3:fb:7f:e7:0c:ed:ca:50:b4:c6:62:3d:09:
41:0a:96:3c:8d:4a:32:ea:c9:e3:9b:2e:91:a4:57:
93:3a:71:84:e0:00:6e:a2:10:bb:42:63:16:24:0f:
fd:ca:cd:60:21:55:2a:e0:5a:e1:d3:8a:e2:e9:14:
5e:4b:9d:9b:06:a8:b7:b2:fc:2f:62:78:4b:3e:e3:
c1:d3:2e:62:ec:7c:7e:3a:b8:84:8e:10:70:bf:2b:
3a:ce:bf:cc:a6:eb:b5:cb:30:fa:33:25:dc:6c:22:
60:36:5f:3b:1d:25:c7:26:71:90:82:f4:2f:b9:2d:
6d:ff:e2:f6:59:f3:26:9b:d6:ff:72:05:4c:9a:16:
b0:cf:81:19:5b:2b:89:39:e4:c0:37:f4:f7:e9:c1:
d6:3b:34:c9:fd:55:4d:2c:b8:d1:f6:7f:7f:34:ba:
28:94:0d:d0:14:74:db:11:5e:75:2e:25:0c:55:0a:
df:68:ff:f9:d8:eb:72:9d:74:4a:d8:59:9d:e5:2f:
6c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:81:42:87:02:09:CF:E9:F2:59:E3:16:04:A5:4A:42:5C:6E:66:E0
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a4FChwIJz-nyWeMWBKVKQlxuZuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.172.0/22
64.137.29.0/24
64.137.39.0/24
64.137.44.0-64.137.46.255
64.137.72.0/24
64.137.85.0/24
64.137.114.0/24
64.137.116.0/24
64.137.125.0/24
84.246.108.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ba:d6:94:8d:c2:eb:16:b8:a0:8e:fc:5f:72:83:85:ec:7f:
53:be:40:39:c2:b2:ec:ab:05:2d:6f:50:c7:69:d6:50:76:e1:
72:ee:3f:a1:07:ba:24:5c:9f:95:39:07:9d:a4:28:50:16:85:
de:ec:70:e9:c8:e6:59:13:c1:8e:e3:bb:af:8f:09:ac:b8:37:
71:f7:c9:2a:a8:6e:d0:3a:52:86:5a:5a:10:1e:3b:62:6f:5f:
b4:99:03:af:df:24:11:e4:b4:b0:c7:7b:00:b6:30:28:14:04:
f0:5e:5a:58:28:55:8d:9e:d4:04:de:66:23:07:56:ad:7c:05:
07:59:be:59:c1:a7:58:d9:e6:9f:49:66:fd:bd:76:bb:7d:e3:
a1:82:3e:ec:eb:7f:d0:19:3f:de:36:92:37:fd:93:60:69:9a:
ba:13:74:68:a2:96:d7:a3:4e:fb:b0:12:0d:f8:20:14:4f:2a:
a4:63:e9:e0:c8:86:6a:c5:d1:a8:28:12:6b:c9:43:ee:8e:1f:
b4:5b:10:c9:2a:6a:71:ca:a9:bb:5e:7b:be:17:59:e0:05:68:
08:d0:69:0e:51:f9:1b:7a:aa:cd:ed:99:54:3f:b5:7f:d8:61:
f2:33:6d:a3:fc:d4:ad:7a:86:24:c7:a3:cd:45:83:e0:f3:eb:
8b:2e:e1:15
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZPbmlHTNjHACrlM0lFhVlTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQxMjE4MjEwOTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjgxNDI4NzAyMDljZmU5ZjI1OWUzMTYwNGE1NGE0MjVjNmU2NmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzGSbAu1FoD5tri0veJM8HoUz9tq
hMsR09XWatilMJwk6p9uypfqj/nMZL3tCf1Jl9Qs3XzB394ZFB4/SvP7f+cM7cpQ
tMZiPQlBCpY8jUoy6snjmy6RpFeTOnGE4ABuohC7QmMWJA/9ys1gIVUq4Frh04ri
6RReS52bBqi3svwvYnhLPuPB0y5i7Hx+OriEjhBwvys6zr/Mpuu1yzD6MyXcbCJg
Nl87HSXHJnGQgvQvuS1t/+L2WfMmm9b/cgVMmhawz4EZWyuJOeTAN/T36cHWOzTJ
/VVNLLjR9n9/NLoolA3QFHTbEV51LiUMVQrfaP/52OtynXRK2Fmd5S9s3wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGuBQocCCc/p8lnjFgSlSkJcbmbgMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvYTRGQ2h3SUp6LW55V2VNV0JLVktRbHh1WnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLSusAwQA
QIkdAwQAQIknMAwDBAJAiSwDBABAiS4DBABAiUgDBABAiVUDBABAiXIDBABAiXQD
BABAiX0DBABU9mwwDQYJKoZIhvcNAQELBQADggEBAJu61pSNwusWuKCO/F9yg4Xs
f1O+QDnCsuyrBS1vUMdp1lB24XLuP6EHuiRcn5U5B52kKFAWhd7scOnI5lkTwY7j
u6+PCay4N3H3ySqobtA6UoZaWhAeO2JvX7SZA6/fJBHktLDHewC2MCgUBPBeWlgo
VY2e1ATeZiMHVq18BQdZvlnBp1jZ5p9JZv29drt946GCPuzrf9AZP942kjf9k2Bp
mroTdGiiltejTvuwEg34IBRPKqRj6eDIhmrF0agoEmvJQ+6OH7RbEMkqanHKqbte
e74XWeAFaAjQaQ5R+Rt6qs3tmVQ/tX/YYfIzbaP81K16hiTHo81Fg+Dz64su4RU=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:42 2024 by rpki-client on console.sobornost.net