Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/OA3iHPqmHnV30OHdzrxxTZCfRWY.roa
File: OA3iHPqmHnV30OHdzrxxTZCfRWY.roa (raw, json)
Hash identifier: aaQpq/zvYq8wi9zZlPjA214/vf4p9y+AperZpTN0bEE=
Subject key identifier: 38:0D:E2:1C:FA:A6:1E:75:77:D0:E1:DD:CE:BC:71:4D:90:9F:45:66
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 019424B3DA092DEAC1FF3DAA90063A6366E0
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/OA3iHPqmHnV30OHdzrxxTZCfRWY.roa
Signing time: Thu 02 Jan 2025 01:49:14 +0000
ROA not before: Thu 02 Jan 2025 01:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60798
IP address blocks: 37.156.244.0/24 maxlen: 24
89.45.228.0/24 maxlen: 24
185.116.60.0/24 maxlen: 24
2a0c:79c0:1::/48 maxlen: 48
2a0c:79c0:3::/48 maxlen: 48
2a0c:79c0:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:da:09:2d:ea:c1:ff:3d:aa:90:06:3a:63:66:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Jan 2 01:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=380de21cfaa61e7577d0e1ddcebc714d909f4566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2d:22:b7:01:66:61:f1:93:7d:c4:bd:85:bb:
f3:62:18:f0:36:3f:24:dd:2e:2f:94:8d:07:d8:b2:
1a:93:2d:86:ed:f2:22:bc:e9:e3:3a:7b:89:a8:05:
9c:34:3e:62:5e:9e:ca:6e:20:af:dc:50:4d:d7:c6:
82:a5:ce:d8:b6:3d:2c:62:82:f5:1c:bd:3f:24:f4:
35:10:b0:af:09:57:1e:b5:4e:33:e5:f1:07:2d:8a:
64:f8:25:63:f2:1a:bd:e9:00:00:4c:1d:be:0e:da:
df:21:c1:f4:7f:42:3b:ea:1f:a0:84:8c:c1:c9:18:
2d:13:3e:6a:f6:73:d6:f4:0b:8a:a5:11:c2:d6:c5:
3c:6d:dc:38:cd:06:96:0d:46:1d:84:c3:1d:8e:1b:
89:1e:c6:6b:fe:e7:5f:b5:46:3e:9c:f9:78:f8:c8:
e9:14:33:dd:db:4e:f1:2e:70:f7:0c:4d:86:9c:0a:
75:bd:50:f6:ea:8e:f0:68:51:41:ce:6c:4e:bc:e6:
96:6e:41:76:d3:3a:fe:94:2b:ba:2f:34:57:48:8c:
fd:d5:f5:6d:c7:64:1b:df:32:93:90:70:40:cc:18:
d4:18:01:29:17:eb:b1:99:bd:f9:35:0c:e7:fa:8b:
d3:dc:8a:24:1a:49:74:1a:05:8a:d2:30:57:12:e1:
e6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0D:E2:1C:FA:A6:1E:75:77:D0:E1:DD:CE:BC:71:4D:90:9F:45:66
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/OA3iHPqmHnV30OHdzrxxTZCfRWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.244.0/24
89.45.228.0/24
185.116.60.0/24
IPv6:
2a0c:79c0:1::/48
2a0c:79c0:3::/48
2a0c:79c0:5::/48
Signature Algorithm: sha256WithRSAEncryption
2b:ba:e8:f3:74:29:9a:49:cb:aa:e0:4d:36:28:7c:8f:d3:cc:
99:8c:c4:52:c4:11:7c:7f:17:fe:44:ab:48:7f:90:e1:18:76:
5d:37:f1:ae:e2:9a:06:15:a0:d3:6e:91:c8:bf:79:2a:59:68:
95:81:2a:6f:b3:55:2f:67:92:14:a1:a1:3f:85:23:07:65:79:
d4:4f:fc:fa:12:fb:e1:71:26:f3:4c:52:34:e2:bf:40:f3:af:
7d:cc:14:4c:b9:34:42:6f:57:12:cb:7f:18:4a:d7:6c:cb:11:
db:63:e3:a9:6d:8e:c9:71:eb:1c:48:b6:84:24:95:45:8d:25:
cf:bd:a1:3d:4e:aa:70:c9:58:6f:28:18:1b:2d:5e:44:ca:53:
06:5d:75:8a:d9:15:7e:25:be:0b:69:a4:3f:84:4b:97:5e:27:
ca:43:20:5c:7d:17:ef:21:83:03:d3:6a:3e:b5:da:fb:bd:db:
09:66:e1:9a:ab:55:f1:e2:35:ea:40:2a:ae:d3:29:3d:02:ad:
3e:00:04:b1:27:c6:ef:f7:2f:88:8e:fa:b7:da:d9:a1:94:da:
ed:89:74:2f:26:4e:2a:e9:d7:68:b4:e1:d4:2b:44:89:2e:5b:
79:f4:db:d9:1f:c2:29:d4:b6:9b:b3:75:a9:ad:73:2c:4b:36:
c6:e0:7b:cc
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQks9oJLerB/z2qkAY6Y2bgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjUwMTAyMDE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBkZTIxY2ZhYTYxZTc1NzdkMGUxZGRjZWJjNzE0ZDkwOWY0NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS0itwFmYfGTfcS9hbvzYhjwNj8k
3S4vlI0H2LIaky2G7fIivOnjOnuJqAWcND5iXp7KbiCv3FBN18aCpc7Ytj0sYoL1
HL0/JPQ1ELCvCVcetU4z5fEHLYpk+CVj8hq96QAATB2+DtrfIcH0f0I76h+ghIzB
yRgtEz5q9nPW9AuKpRHC1sU8bdw4zQaWDUYdhMMdjhuJHsZr/udftUY+nPl4+Mjp
FDPd207xLnD3DE2GnAp1vVD26o7waFFBzmxOvOaWbkF20zr+lCu6LzRXSIz91fVt
x2Qb3zKTkHBAzBjUGAEpF+uxmb35NQzn+ovT3IokGkl0GgWK0jBXEuHmywIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDgN4hz6ph51d9Dh3c68cU2Qn0VmMB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvT0EzaUhQcW1IblYzME9IZHpyeHhUWkNmUldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAJZz0AwQA
WS3kAwQAuXQ8MCEEAgACMBsDBwAqDHnAAAEDBwAqDHnAAAMDBwAqDHnAAAUwDQYJ
KoZIhvcNAQELBQADggEBACu66PN0KZpJy6rgTTYofI/TzJmMxFLEEXx/F/5Eq0h/
kOEYdl038a7imgYVoNNukci/eSpZaJWBKm+zVS9nkhShoT+FIwdledRP/PoS++Fx
JvNMUjTiv0Dzr33MFEy5NEJvVxLLfxhK12zLEdtj46ltjslx6xxItoQklUWNJc+9
oT1OqnDJWG8oGBstXkTKUwZddYrZFX4lvgtppD+ES5deJ8pDIFx9F+8hgwPTaj61
2vu92wlm4ZqrVfHiNepAKq7TKT0CrT4ABLEnxu/3L4iO+rfa2aGU2u2JdC8mTirp
12i04dQrRIkuW3n029kfwinUtpuzdamtcyxLNsbge8w=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:23 2025 by rpki-client on console.sobornost.net