Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/kBrOeRtyoumynjMHFZGHvO_8Z5Q.roa
File: kBrOeRtyoumynjMHFZGHvO_8Z5Q.roa (raw, json)
Hash identifier: +29GhHOh8SwdaywveiGgC6RjBCdbPD8DKBGDFFsmmGw=
Subject key identifier: 90:1A:CE:79:1B:72:A2:E9:B2:9E:33:07:15:91:87:BC:EF:FC:67:94
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01946EA8D7975DF51A4C32D3CFAF5DD34AB5
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/kBrOeRtyoumynjMHFZGHvO_8Z5Q.roa
Signing time: Thu 16 Jan 2025 10:29:06 +0000
ROA not before: Thu 16 Jan 2025 10:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.62.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
192.253.208.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.210.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.48.0/24 maxlen: 24
212.32.49.0/24 maxlen: 24
212.32.50.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.68.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.72.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.75.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.52.0/24 maxlen: 24
212.56.53.0/24 maxlen: 24
212.56.54.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.174.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:a8:d7:97:5d:f5:1a:4c:32:d3:cf:af:5d:d3:4a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 16 10:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=901ace791b72a2e9b29e3307159187bceffc6794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4a:49:b4:93:40:e6:d1:e4:3a:a5:f5:49:7f:
8e:3f:fc:04:f7:e1:a5:df:7d:4a:12:3b:b4:03:b0:
cf:23:d8:04:80:35:26:17:3a:33:2e:b0:db:0b:d3:
80:aa:79:0e:73:7b:c6:a9:93:5b:7c:6c:db:ac:7a:
97:23:ec:44:6a:11:b3:25:65:9f:12:27:ac:be:d2:
cd:9d:62:0f:7d:e9:24:18:39:1c:ff:a9:72:a8:ba:
12:37:d0:c1:61:a1:a4:d8:30:7e:7c:db:23:49:dc:
d8:0c:e1:fa:58:c2:16:66:8a:e1:46:09:8a:07:26:
3d:81:f1:20:59:a8:4a:8d:13:d7:26:77:8a:40:eb:
6b:b0:33:6d:11:2a:f3:67:d7:ff:c0:bb:a6:eb:3d:
9a:c0:88:8f:50:ec:94:6c:c4:23:1a:d4:3a:d6:9a:
69:a1:48:6f:a5:d2:7b:82:f8:26:e3:d0:58:bd:58:
32:4b:93:20:21:d9:e8:a5:10:5b:ed:56:0f:86:c4:
a0:00:a4:5a:0d:85:62:42:d6:83:2c:1f:04:56:e6:
28:a0:ef:2c:a0:4b:df:9b:a4:a4:5b:63:4f:d1:07:
fe:5f:61:0d:89:cc:ce:68:6e:cb:66:d9:10:26:a7:
8e:c3:c7:cf:67:54:75:63:14:72:48:74:a6:1b:0e:
0e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1A:CE:79:1B:72:A2:E9:B2:9E:33:07:15:91:87:BC:EF:FC:67:94
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/kBrOeRtyoumynjMHFZGHvO_8Z5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.62.0/24
62.169.134.0/24
103.61.196.0/24
103.138.78.0/24
167.160.28.0/24
192.253.208.0/22
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.180.255
203.188.182.0-203.188.191.255
212.32.48.0/22
212.32.68.0/24
212.32.70.0-212.32.73.255
212.32.75.0-212.32.79.255
212.56.52.0/22
213.254.163.0/24
213.254.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:0a:20:94:e7:90:89:67:d9:5d:67:1e:17:c3:17:11:b8:48:
a1:5e:46:43:28:33:a6:52:a7:9b:5e:19:2b:ad:16:3e:83:60:
c4:ca:5b:5f:4d:81:26:f2:1f:ce:98:21:6e:46:c3:b6:a0:b7:
b7:73:6b:d7:b1:a7:d3:84:c8:e5:81:cc:69:e5:73:48:62:6b:
8e:6b:8e:e1:24:5d:45:62:6a:f1:1d:0d:bf:bc:f8:9a:7a:27:
de:87:e7:96:ec:14:7b:22:d0:c7:05:d5:bf:36:2b:33:ed:9f:
98:70:f9:38:df:d5:bd:00:62:22:da:03:e2:92:d5:ec:16:69:
0a:82:a6:ae:5f:78:4c:df:0c:68:e0:f4:0a:05:23:26:25:ca:
56:f4:a4:70:bc:68:5f:5e:90:8d:c5:fe:d8:38:e2:05:7a:71:
6e:ee:57:79:e4:be:38:75:a7:ce:fd:aa:f7:e7:5a:65:45:99:
5e:cd:71:5d:b7:dc:b2:c9:05:48:4f:0e:ea:68:35:68:da:71:
89:18:61:bb:dd:bc:66:b4:ef:6f:4d:45:28:2b:f2:b8:d6:48:
82:b5:1e:9f:21:e6:fd:09:d8:8d:59:2d:aa:e3:a7:b6:60:af:
d2:f8:a2:b8:fb:cb:4e:a6:ac:de:26:90:16:58:ee:b9:8d:04:
17:dd:8b:3e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZRuqNeXXfUaTDLTz69d00q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTE2MTAyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDFhY2U3OTFiNzJhMmU5YjI5ZTMzMDcxNTkxODdiY2VmZmM2Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEpJtJNA5tHkOqX1SX+OP/wE9+Gl
331KEju0A7DPI9gEgDUmFzozLrDbC9OAqnkOc3vGqZNbfGzbrHqXI+xEahGzJWWf
EiesvtLNnWIPfekkGDkc/6lyqLoSN9DBYaGk2DB+fNsjSdzYDOH6WMIWZorhRgmK
ByY9gfEgWahKjRPXJneKQOtrsDNtESrzZ9f/wLum6z2awIiPUOyUbMQjGtQ61ppp
oUhvpdJ7gvgm49BYvVgyS5MgIdnopRBb7VYPhsSgAKRaDYViQtaDLB8EVuYooO8s
oEvfm6SkW2NP0Qf+X2ENiczOaG7LZtkQJqeOw8fPZ1R1YxRySHSmGw4OSQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFJAaznkbcqLpsp4zBxWRh7zv/GeUMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEva0JyT2VSdHlvdW15bmpNSEZaR0h2T184WjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAO
Zj4DBAA+qYYDBABnPcQDBABnik4DBACnoBwDBALA/dADBADGNx8DBADLvKYwDAME
Acu8rgMEAMu8tDAMAwQBy7y2AwQGy7yAAwQC1CAwAwQA1CBEMAwDBAHUIEYDBAHU
IEgwDAMEANQgSwMEBNQgQAMEAtQ4NAMEANX+owMEAtX+rDANBgkqhkiG9w0BAQsF
AAOCAQEAogoglOeQiWfZXWceF8MXEbhIoV5GQygzplKnm14ZK60WPoNgxMpbX02B
JvIfzpghbkbDtqC3t3Nr17Gn04TI5YHMaeVzSGJrjmuO4SRdRWJq8R0Nv7z4mnon
3ofnluwUeyLQxwXVvzYrM+2fmHD5ON/VvQBiItoD4pLV7BZpCoKmrl94TN8MaOD0
CgUjJiXKVvSkcLxoX16QjcX+2DjiBXpxbu5XeeS+OHWnzv2q9+daZUWZXs1xXbfc
sskFSE8O6mg1aNpxiRhhu928ZrTvb01FKCvyuNZIgrUenyHm/QnYjVktquOntmCv
0viiuPvLTqas3iaQFljuuY0EF92LPg==
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:27 2025 by rpki-client on console.sobornost.net