Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/yXDXku2_IYVOm5zTR6dH3EqipeM.roa
File: yXDXku2_IYVOm5zTR6dH3EqipeM.roa (raw, json)
Hash identifier: 4rkkqR6d2IEoOESIQkTmfPx+TIKLB/YRzASsmAFyp14=
Subject key identifier: C9:70:D7:92:ED:BF:21:85:4E:9B:9C:D3:47:A7:47:DC:4A:A2:A5:E3
Certificate issuer: /CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Certificate serial: 0193DF7D80342FE6AB166E2ED7836DB9C651
Authority key identifier: 06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/yXDXku2_IYVOm5zTR6dH3EqipeM.roa
Signing time: Thu 19 Dec 2024 15:16:04 +0000
ROA not before: Thu 19 Dec 2024 15:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15497
IP address blocks: 31.28.160.0/22 maxlen: 22
31.28.164.0/22 maxlen: 22
31.28.172.0/22 maxlen: 22
31.28.176.0/22 maxlen: 22
31.28.180.0/22 maxlen: 22
31.28.184.0/22 maxlen: 22
31.28.184.0/24 maxlen: 24
31.28.190.0/24 maxlen: 24
62.149.2.0/24 maxlen: 24
62.149.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:df:7d:80:34:2f:e6:ab:16:6e:2e:d7:83:6d:b9:c6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Validity
Not Before: Dec 19 15:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c970d792edbf21854e9b9cd347a747dc4aa2a5e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d7:44:fb:f7:ff:17:e6:4f:49:b6:79:5c:c5:
c6:7c:11:89:06:34:d3:68:64:8c:b5:9a:e0:22:55:
f8:bc:93:ba:97:03:ec:65:e7:fe:28:9f:1c:9f:02:
55:d8:c4:54:e3:f8:64:a4:79:77:b4:a6:3d:4d:2e:
60:d1:96:8f:c1:db:6f:44:2a:09:c4:80:e6:85:fb:
0a:52:77:2c:3c:6c:2c:5e:6e:8a:04:de:8c:04:d8:
e1:79:6c:00:6b:e6:05:9d:03:71:63:3a:6d:ec:d2:
44:05:89:c7:88:f8:1d:d6:c0:58:81:91:99:fe:21:
f8:b8:4f:c5:3f:14:90:59:c6:e9:7a:5a:d2:c5:59:
81:18:29:12:bd:e1:24:7b:54:32:34:01:b7:29:ac:
8f:80:76:2b:f0:5c:8c:53:08:99:fb:70:d5:b5:57:
1e:3d:48:67:30:1b:ed:bc:cf:85:41:14:e4:e8:65:
1f:9b:5e:9f:3f:90:aa:94:f6:3c:13:49:b6:ae:a8:
10:f5:db:ac:4b:9d:9b:9c:91:d5:e5:25:5c:b2:ff:
09:6f:8d:8c:fa:15:a5:2e:fa:40:f9:b7:55:c7:ab:
c2:7f:c7:e4:08:a3:2f:f3:ab:05:dd:c8:a2:25:b5:
00:79:3e:b5:5e:c5:f9:9f:10:35:d6:d6:2c:ab:f9:
af:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:70:D7:92:ED:BF:21:85:4E:9B:9C:D3:47:A7:47:DC:4A:A2:A5:E3
X509v3 Authority Key Identifier:
keyid:06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/yXDXku2_IYVOm5zTR6dH3EqipeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/BuS72riW5mET81G02cgt9Q5mpxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.28.160.0/21
31.28.172.0-31.28.187.255
31.28.190.0/24
62.149.2.0/24
62.149.10.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:5b:22:02:fb:65:7b:1f:22:32:6a:77:00:b0:ed:27:a4:37:
9d:19:17:e9:2f:10:fb:01:81:39:18:a0:ff:d7:5b:0d:36:6b:
3c:fa:4a:3d:96:6e:de:d2:b6:5d:92:a1:a1:e5:b3:e3:e4:21:
ac:34:fb:cb:cd:24:2f:44:f7:e1:25:3f:90:1b:2c:12:f1:c8:
f0:04:ba:89:73:81:7f:7d:3c:14:18:9e:ec:23:78:3e:c5:1f:
e7:22:fe:87:05:af:c8:e1:c1:17:7c:95:b0:fa:2b:02:4e:93:
a5:21:29:46:00:e3:82:f2:d6:ad:9a:0f:b6:a0:c3:26:73:45:
76:42:c2:82:11:5e:05:f9:36:08:b4:16:be:4a:58:cb:75:61:
25:c1:77:63:d6:57:ba:51:70:6d:fe:ec:e1:1c:7f:01:b8:9d:
f6:79:20:c7:08:3c:d5:8d:2d:07:92:fc:05:62:d0:04:64:f5:
c8:2e:59:b8:af:de:02:0a:2a:7d:bf:9f:d7:55:45:c7:76:f8:
f1:8b:32:5b:ee:b8:0b:4e:ae:6d:55:5d:c6:95:f1:46:4b:1a:
98:71:1a:15:47:2b:ed:29:98:57:27:1d:6c:24:3c:2f:14:60:
0a:22:14:21:b2:5b:b8:88:2b:c7:07:4f:1c:27:70:33:4d:d4:
23:67:09:51
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZPffYA0L+arFm4u14NtucZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZTRiYmRhYjg5NmU2NjExM2YzNTFiNGQ5YzgyZGY1MGU2
NmE3MTIwHhcNMjQxMjE5MTUxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTcwZDc5MmVkYmYyMTg1NGU5YjljZDM0N2E3NDdkYzRhYTJhNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmddE+/f/F+ZPSbZ5XMXGfBGJBjTT
aGSMtZrgIlX4vJO6lwPsZef+KJ8cnwJV2MRU4/hkpHl3tKY9TS5g0ZaPwdtvRCoJ
xIDmhfsKUncsPGwsXm6KBN6MBNjheWwAa+YFnQNxYzpt7NJEBYnHiPgd1sBYgZGZ
/iH4uE/FPxSQWcbpelrSxVmBGCkSveEke1QyNAG3KayPgHYr8FyMUwiZ+3DVtVce
PUhnMBvtvM+FQRTk6GUfm16fP5CqlPY8E0m2rqgQ9dusS52bnJHV5SVcsv8Jb42M
+hWlLvpA+bdVx6vCf8fkCKMv86sF3ciiJbUAeT61XsX5nxA11tYsq/mvnQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMlw15LtvyGFTpuc00enR9xKoqXjMB8GA1UdIwQY
MBaAFAbku9q4luZhE/NRtNnILfUOZqcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAt
ZmUwZDI4YjY4Y2Q1LzEveVhEWGt1Ml9JWVZPbTV6VFI2ZEgzRXFpcGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAtZmUwZDI4YjY4Y2Q1
LzEvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDHxygMAwD
BAIfHKwDBAIfHLgDBAAfHL4DBAA+lQIDBAA+lQowDQYJKoZIhvcNAQELBQADggEB
AKZbIgL7ZXsfIjJqdwCw7SekN50ZF+kvEPsBgTkYoP/XWw02azz6Sj2Wbt7Stl2S
oaHls+PkIaw0+8vNJC9E9+ElP5AbLBLxyPAEuolzgX99PBQYnuwjeD7FH+ci/ocF
r8jhwRd8lbD6KwJOk6UhKUYA44Ly1q2aD7agwyZzRXZCwoIRXgX5Ngi0Fr5KWMt1
YSXBd2PWV7pRcG3+7OEcfwG4nfZ5IMcIPNWNLQeS/AVi0ARk9cguWbiv3gIKKn2/
n9dVRcd2+PGLMlvuuAtOrm1VXcaV8UZLGphxGhVHK+0pmFcnHWwkPC8UYAoiFCGy
W7iIK8cHTxwncDNN1CNnCVE=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:54 2024 by rpki-client on console.sobornost.net