Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/4UP762lt38ncXmRMCIpFcZrN6mA.roa
File: 4UP762lt38ncXmRMCIpFcZrN6mA.roa (raw, json)
Hash identifier: +qw15NptHW0ixU5ovtu1iMLA/kxBzEZAWk8L+Nod0SM=
Subject key identifier: E1:43:FB:EB:69:6D:DF:C9:DC:5E:64:4C:08:8A:45:71:9A:CD:EA:60
Certificate issuer: /CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Certificate serial: 0190A7035E9D4C4FDA86F80AA46989821D6B
Authority key identifier: BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/4UP762lt38ncXmRMCIpFcZrN6mA.roa
Signing time: Fri 12 Jul 2024 12:55:34 +0000
ROA not before: Fri 12 Jul 2024 12:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60284
IP address blocks: 178.238.0.0/22 maxlen: 24
193.9.27.0/24 maxlen: 24
193.135.96.0/22 maxlen: 24
193.228.197.0/24 maxlen: 24
193.228.198.0/24 maxlen: 24
2a13:a200::/29 maxlen: 48
2a13:a200::/44 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a7:03:5e:9d:4c:4f:da:86:f8:0a:a4:69:89:82:1d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Validity
Not Before: Jul 12 12:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e143fbeb696ddfc9dc5e644c088a45719acdea60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:50:f7:1f:62:e2:2f:9e:54:30:9f:d9:10:
ba:ac:99:a3:da:2c:62:4b:95:35:a9:23:05:04:ba:
33:51:df:fe:f8:3d:f9:2a:1c:2c:9b:26:86:4a:5d:
2a:e5:4d:f8:da:ca:56:46:bd:75:22:fe:dc:9f:5a:
aa:8e:0e:5c:91:28:fe:fb:11:64:91:c9:eb:ec:85:
74:d1:85:ad:c1:1b:d3:f1:55:ac:e6:2a:f4:94:2f:
a7:54:02:cd:36:38:87:37:66:c4:7f:c7:47:b1:a1:
77:ac:53:08:da:76:4a:f1:b5:12:48:f9:9a:a2:9f:
63:49:40:d7:ba:82:99:e1:dc:29:80:65:c0:53:92:
f4:1e:0d:59:d4:1c:e3:71:45:5b:35:27:7a:8c:fd:
4a:01:fa:87:61:7c:5a:86:ad:68:44:79:04:8c:bb:
4a:3d:b7:e9:57:e1:ab:65:94:75:b8:cf:ce:fd:a2:
91:c3:6b:67:1c:12:06:15:a8:50:fd:5f:ba:b3:c2:
44:aa:c2:16:17:8a:5a:c6:d2:5d:ea:ab:57:61:d2:
ab:01:8a:be:32:a4:d6:3a:70:c2:6c:c7:f0:cc:4e:
dc:9c:ac:cb:d0:04:8e:03:66:42:b8:ee:33:d8:7d:
71:00:9a:87:f2:2d:c3:a6:ca:90:2c:cd:42:e6:ec:
04:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:43:FB:EB:69:6D:DF:C9:DC:5E:64:4C:08:8A:45:71:9A:CD:EA:60
X509v3 Authority Key Identifier:
keyid:BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/4UP762lt38ncXmRMCIpFcZrN6mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.238.0.0/22
193.9.27.0/24
193.135.96.0/22
193.228.197.0-193.228.198.255
IPv6:
2a13:a200::/29
Signature Algorithm: sha256WithRSAEncryption
7b:ba:c0:f9:3e:39:09:d2:c5:55:35:a4:f7:1f:83:4b:a3:59:
2b:7b:9d:e0:df:84:a8:51:88:ec:0c:ed:6e:ce:bc:fb:36:ad:
83:ec:c9:f4:97:f7:cc:66:4d:9a:23:fb:d4:26:7e:7a:06:07:
66:67:24:ff:d9:df:07:d3:66:25:63:c5:02:80:6d:a1:1a:1c:
e5:71:e4:90:65:19:e4:94:71:95:a8:db:7c:38:30:8c:5b:20:
fa:97:95:f6:51:fd:a9:57:7f:cb:75:fc:b5:dd:82:12:82:88:
4d:6b:f6:06:a8:6d:9f:0d:a1:79:20:fd:71:7e:b3:95:ef:6d:
81:16:e9:06:99:77:2b:42:80:63:c6:c9:c0:77:1c:51:09:b6:
c9:96:32:9b:7d:69:ca:a2:5c:35:59:ba:0b:e6:b8:a9:9b:a9:
59:6d:37:ea:65:0b:ce:bd:2c:3a:1b:2e:d7:39:20:08:7f:ce:
74:a8:df:ce:28:40:db:45:b3:a4:3a:67:34:78:61:07:68:4f:
ba:7c:25:14:cf:68:a1:41:15:22:d6:96:54:c9:55:39:b2:6c:
7e:7e:72:e5:a5:cf:99:45:30:56:78:d3:d6:46:cf:7d:63:fa:
63:25:a8:30:6a:b8:5a:42:ab:ad:69:5a:f6:c7:b4:f9:9a:4b:
c3:8c:91:7f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZCnA16dTE/ahvgKpGmJgh1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTYzNmZmNTIzZTVmMzczNDIyN2YzM2M0NGMyZTUwZmY4
ZDFlZTIwHhcNMjQwNzEyMTI1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQzZmJlYjY5NmRkZmM5ZGM1ZTY0NGMwODhhNDU3MTlhY2RlYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEZQ9x9i4i+eVDCf2RC6rJmj2ixi
S5U1qSMFBLozUd/++D35KhwsmyaGSl0q5U342spWRr11Iv7cn1qqjg5ckSj++xFk
kcnr7IV00YWtwRvT8VWs5ir0lC+nVALNNjiHN2bEf8dHsaF3rFMI2nZK8bUSSPma
op9jSUDXuoKZ4dwpgGXAU5L0Hg1Z1BzjcUVbNSd6jP1KAfqHYXxahq1oRHkEjLtK
PbfpV+GrZZR1uM/O/aKRw2tnHBIGFahQ/V+6s8JEqsIWF4paxtJd6qtXYdKrAYq+
MqTWOnDCbMfwzE7cnKzL0ASOA2ZCuO4z2H1xAJqH8i3DpsqQLM1C5uwEUwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOFD++tpbd/J3F5kTAiKRXGazepgMB8GA1UdIwQY
MBaAFL3mNv9SPl83NCJ/M8RMLlD/jR7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYt
N2JmYjQzODFhYjU0LzEvNFVQNzYybHQzOG5jWG1STUNJcEZjWnJONm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYtN2JmYjQzODFhYjU0
LzEvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCsu4AAwQA
wQkbAwQCwYdgMAwDBADB5MUDBADB5MYwDQQCAAIwBwMFAyoTogAwDQYJKoZIhvcN
AQELBQADggEBAHu6wPk+OQnSxVU1pPcfg0ujWSt7neDfhKhRiOwM7W7OvPs2rYPs
yfSX98xmTZoj+9QmfnoGB2ZnJP/Z3wfTZiVjxQKAbaEaHOVx5JBlGeSUcZWo23w4
MIxbIPqXlfZR/alXf8t1/LXdghKCiE1r9gaobZ8NoXkg/XF+s5XvbYEW6QaZdytC
gGPGycB3HFEJtsmWMpt9acqiXDVZugvmuKmbqVltN+plC869LDobLtc5IAh/znSo
384oQNtFs6Q6ZzR4YQdoT7p8JRTPaKFBFSLWllTJVTmybH5+cuWlz5lFMFZ409ZG
z31j+mMlqDBquFpCq61pWvbHtPmaS8OMkX8=
-----END CERTIFICATE-----
Generated at Wed Aug 21 13:44:42 2024 by rpki-client on console.sobornost.net