Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/066976kyLCaZ8mnA3LrFtES_QhY.roa
File: 066976kyLCaZ8mnA3LrFtES_QhY.roa (raw, json)
Hash identifier: fN+k8NIzOUDTP0Dxe5xkOEPpfnkgh7oO6liX5xrW0Mk=
Subject key identifier: D3:AE:BD:EF:A9:32:2C:26:99:F2:69:C0:DC:BA:C5:B4:44:BF:42:16
Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial: 01946EE36F0E3F1278A81C2841F164D89098
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/066976kyLCaZ8mnA3LrFtES_QhY.roa
Signing time: Thu 16 Jan 2025 11:33:06 +0000
ROA not before: Thu 16 Jan 2025 11:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202207
IP address blocks: 5.56.160.0/21 maxlen: 24
5.56.160.0/22 maxlen: 22
5.56.160.0/24 maxlen: 24
5.56.161.0/24 maxlen: 24
5.56.162.0/24 maxlen: 24
5.56.163.0/24 maxlen: 24
5.56.164.0/22 maxlen: 22
5.56.164.0/24 maxlen: 24
5.56.165.0/24 maxlen: 24
5.56.166.0/24 maxlen: 24
5.56.167.0/24 maxlen: 24
5.181.44.0/22 maxlen: 24
5.181.44.0/23 maxlen: 23
5.181.44.0/24 maxlen: 24
5.181.45.0/24 maxlen: 24
5.181.46.0/23 maxlen: 23
5.181.46.0/24 maxlen: 24
5.181.47.0/24 maxlen: 24
185.5.124.0/22 maxlen: 24
185.5.124.0/23 maxlen: 23
185.5.124.0/24 maxlen: 24
185.5.125.0/24 maxlen: 24
185.5.126.0/23 maxlen: 23
185.5.126.0/24 maxlen: 24
185.5.127.0/24 maxlen: 24
2a03:1c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:e3:6f:0e:3f:12:78:a8:1c:28:41:f1:64:d8:90:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Validity
Not Before: Jan 16 11:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3aebdefa9322c2699f269c0dcbac5b444bf4216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3b:15:20:b5:50:e8:46:7b:3f:e0:4d:65:ea:
a4:a0:c5:e9:d6:a5:fb:9b:07:fc:f7:db:c1:7f:17:
54:69:1c:f4:36:79:eb:7e:1d:1c:7c:1c:20:52:02:
e4:ce:8c:c5:e4:88:95:74:6b:14:b5:7d:f0:34:af:
9c:bb:fd:ae:03:1f:22:a2:0e:5f:50:cf:81:d6:81:
c9:9e:8f:ee:d5:a1:20:66:bf:23:fa:a8:0a:cb:2e:
3e:5d:40:60:aa:7f:99:79:10:a3:a8:a8:2e:4b:be:
60:cd:6e:b1:48:cb:e7:b0:3a:71:1f:27:a4:3c:09:
56:9b:dc:a8:47:f4:59:a4:13:a5:10:98:fd:95:52:
85:80:55:2e:71:9e:a8:c7:e7:ee:27:37:f3:ce:83:
04:83:13:4f:51:95:35:58:59:bc:44:c7:13:4d:10:
f5:98:c4:00:88:9a:76:1b:f4:75:73:0d:71:ab:ef:
0d:68:0f:46:02:b0:9b:47:1d:8e:93:16:77:b2:1e:
40:99:04:e8:60:07:5c:db:59:d9:49:97:56:06:85:
72:85:ee:e3:d7:bc:49:02:39:c0:e3:44:fc:54:0c:
13:f5:fd:b1:cb:0b:3e:93:0f:84:e2:72:81:5d:b3:
4e:62:f4:8c:dc:e2:02:99:19:6c:dc:9b:64:b1:f2:
f0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:AE:BD:EF:A9:32:2C:26:99:F2:69:C0:DC:BA:C5:B4:44:BF:42:16
X509v3 Authority Key Identifier:
keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/066976kyLCaZ8mnA3LrFtES_QhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.160.0/21
5.181.44.0/22
185.5.124.0/22
IPv6:
2a03:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
33:12:dc:74:79:30:c2:45:1c:6d:25:98:2d:43:1f:ac:e0:04:
b5:9c:5a:35:74:c5:9b:36:80:a3:09:fd:7f:3b:96:69:90:b1:
fa:93:ad:f0:8a:be:3b:9a:01:91:58:b5:c4:4f:8c:aa:4c:8c:
35:40:15:82:05:a2:dc:27:22:50:dc:1d:8e:63:54:29:ea:07:
da:ff:04:a8:ec:ab:93:85:18:40:45:48:e6:89:bf:db:eb:54:
2f:4f:e7:24:91:01:1f:64:7f:75:a4:18:db:42:e1:f1:da:7a:
a8:23:52:d2:8c:a9:e3:b8:de:91:ba:67:79:fb:88:e1:84:4f:
c7:c5:e5:4d:e8:87:03:71:32:6e:32:80:2a:25:fd:dd:16:92:
7e:70:dc:7e:a2:2e:40:3f:57:20:bf:70:eb:87:95:81:2a:26:
6a:d0:a0:fe:bb:62:49:4b:d8:f7:04:4e:b0:1f:9f:41:f4:20:
91:65:22:7a:b3:5d:db:ce:e8:c0:86:4e:2d:5e:7c:e5:b6:91:
db:77:b2:1e:ce:4e:0b:c0:a6:13:31:86:15:12:59:8b:10:6e:
78:bb:20:b5:51:cd:4d:ac:f5:f9:43:1e:9a:f9:fa:9a:f9:46:
a1:1e:f1:3f:2b:f4:0d:9f:6b:7e:c9:cc:7f:d1:fe:94:cf:22:
b8:65:87:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZRu428OPxJ4qBwoQfFk2JCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjUwMTE2MTEzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2FlYmRlZmE5MzIyYzI2OTlmMjY5YzBkY2JhYzViNDQ0YmY0MjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjsVILVQ6EZ7P+BNZeqkoMXp1qX7
mwf899vBfxdUaRz0Nnnrfh0cfBwgUgLkzozF5IiVdGsUtX3wNK+cu/2uAx8iog5f
UM+B1oHJno/u1aEgZr8j+qgKyy4+XUBgqn+ZeRCjqKguS75gzW6xSMvnsDpxHyek
PAlWm9yoR/RZpBOlEJj9lVKFgFUucZ6ox+fuJzfzzoMEgxNPUZU1WFm8RMcTTRD1
mMQAiJp2G/R1cw1xq+8NaA9GArCbRx2OkxZ3sh5AmQToYAdc21nZSZdWBoVyhe7j
17xJAjnA40T8VAwT9f2xyws+kw+E4nKBXbNOYvSM3OICmRls3JtksfLwUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNOuve+pMiwmmfJpwNy6xbREv0IWMB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvMDY2OTc2a3lMQ2FaOG1uQTNMckZ0RVNfUWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBTigAwQC
BbUsAwQCuQV8MA0EAgACMAcDBQAqAwHAMA0GCSqGSIb3DQEBCwUAA4IBAQAzEtx0
eTDCRRxtJZgtQx+s4AS1nFo1dMWbNoCjCf1/O5ZpkLH6k63wir47mgGRWLXET4yq
TIw1QBWCBaLcJyJQ3B2OY1Qp6gfa/wSo7KuThRhARUjmib/b61QvT+ckkQEfZH91
pBjbQuHx2nqoI1LSjKnjuN6Rumd5+4jhhE/HxeVN6IcDcTJuMoAqJf3dFpJ+cNx+
oi5AP1cgv3Drh5WBKiZq0KD+u2JJS9j3BE6wH59B9CCRZSJ6s13bzujAhk4tXnzl
tpHbd7Iezk4LwKYTMYYVElmLEG54uyC1Uc1NrPX5Qx6a+fqa+UahHvE/K/QNn2t+
ycx/0f6UzyK4ZYf0
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:27 2025 by rpki-client on console.sobornost.net