Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/JmHHxi9aeKZvtkfn11dQazeW2RE.roa
File: JmHHxi9aeKZvtkfn11dQazeW2RE.roa (raw, json)
Hash identifier: ChuBYHEQNLuzMqQwDMEi2AwRMcpv1IVgv3Zb34x7c9M=
Subject key identifier: 26:61:C7:C6:2F:5A:78:A6:6F:B6:47:E7:D7:57:50:6B:37:96:D9:11
Certificate issuer: /CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Certificate serial: 019081770277D275FF9F852A6D6002D9A7ED
Authority key identifier: BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/JmHHxi9aeKZvtkfn11dQazeW2RE.roa
Signing time: Fri 05 Jul 2024 05:56:18 +0000
ROA not before: Fri 05 Jul 2024 05:56:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30815
IP address blocks: 88.209.128.0/22 maxlen: 22
88.209.128.0/24 maxlen: 24
88.209.130.0/24 maxlen: 24
88.209.132.0/22 maxlen: 22
88.209.132.0/24 maxlen: 24
88.209.135.0/24 maxlen: 24
88.209.136.0/24 maxlen: 24
88.209.137.0/24 maxlen: 24
88.209.160.0/21 maxlen: 21
88.209.160.0/22 maxlen: 22
88.209.160.0/24 maxlen: 24
88.209.161.0/24 maxlen: 24
88.209.162.0/24 maxlen: 24
88.209.163.0/24 maxlen: 24
88.209.164.0/22 maxlen: 22
88.209.164.0/23 maxlen: 23
88.209.164.0/24 maxlen: 24
88.209.165.0/24 maxlen: 24
88.209.166.0/24 maxlen: 24
88.209.167.0/24 maxlen: 24
88.209.191.0/24 maxlen: 24
93.189.96.0/21 maxlen: 21
93.189.96.0/23 maxlen: 23
93.189.96.0/24 maxlen: 24
93.189.97.0/24 maxlen: 24
93.189.98.0/23 maxlen: 23
93.189.98.0/24 maxlen: 24
93.189.99.0/24 maxlen: 24
93.189.100.0/23 maxlen: 23
93.189.100.0/24 maxlen: 24
93.189.101.0/24 maxlen: 24
93.189.102.0/23 maxlen: 23
93.189.102.0/24 maxlen: 24
93.189.103.0/24 maxlen: 24
185.63.232.0/22 maxlen: 22
185.63.232.0/23 maxlen: 23
185.63.232.0/24 maxlen: 24
185.63.233.0/24 maxlen: 24
185.63.234.0/24 maxlen: 24
185.63.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:77:02:77:d2:75:ff:9f:85:2a:6d:60:02:d9:a7:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Validity
Not Before: Jul 5 05:56:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2661c7c62f5a78a66fb647e7d757506b3796d911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fb:17:1d:5f:e1:a4:f5:59:9a:f5:44:7b:51:
b1:2b:ad:37:9f:d7:02:c7:49:e6:62:03:51:3c:70:
1c:ab:b8:53:51:9c:2a:0a:08:0c:26:3f:81:1c:d8:
6b:7c:fd:f1:d9:c6:2d:6a:8c:4b:17:a8:8a:7f:f0:
18:21:d3:d9:7c:27:05:86:c3:e7:12:34:0b:a4:78:
9f:b5:11:f2:ec:ac:e1:59:24:7a:ab:3b:e9:8a:f9:
ac:8c:60:3f:90:49:19:49:3f:ca:97:6f:dd:11:49:
a0:8c:af:74:3b:fb:c3:4a:9e:98:f0:d8:ad:8e:e9:
d0:4e:78:92:bd:92:19:ea:f7:c3:b6:a9:5c:f6:13:
76:95:03:b6:48:82:ef:3d:b9:a0:4f:5f:b4:ed:fa:
b2:a6:48:c4:ba:d1:66:4e:87:77:3c:6e:0f:f4:5e:
5a:5d:47:cb:ca:e7:0c:d7:e4:c7:32:f1:11:2a:73:
70:a0:01:3d:e9:ea:12:35:cd:b1:14:7f:78:81:44:
83:ef:87:01:c0:61:2a:56:02:d8:78:97:2e:5a:96:
19:47:32:57:a4:77:96:7b:ac:16:91:e6:10:6d:4f:
32:22:2c:90:c0:0e:84:1d:7d:b9:4b:ed:a2:69:9f:
1e:fa:fc:cf:10:cf:9c:5f:1a:e3:e7:7e:f4:63:0e:
70:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:61:C7:C6:2F:5A:78:A6:6F:B6:47:E7:D7:57:50:6B:37:96:D9:11
X509v3 Authority Key Identifier:
keyid:BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/JmHHxi9aeKZvtkfn11dQazeW2RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.128.0-88.209.137.255
88.209.160.0/21
88.209.191.0/24
93.189.96.0/21
185.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:12:1a:90:a7:0d:d5:ea:4f:1e:48:92:cf:44:64:32:51:2f:
db:3f:9a:c9:df:67:d4:90:59:21:cd:94:22:10:b9:82:04:51:
19:6a:b9:85:bb:a2:42:d1:ab:91:22:b9:28:bc:99:e3:dd:78:
fc:2f:cc:3e:64:7c:f0:34:45:ab:e2:29:73:20:b9:ff:db:01:
bc:bb:75:2c:e7:d6:b4:e1:5d:0a:79:02:3b:8f:9d:fb:a2:03:
86:15:30:98:91:e4:a4:b8:7a:18:ef:be:bc:02:35:28:99:41:
56:63:ea:4d:dd:3d:ff:3b:61:18:26:a3:6c:96:07:44:e9:f7:
35:30:c5:c2:05:6b:1d:ac:28:7e:f5:b8:00:1a:19:68:55:30:
de:1d:47:c7:a3:98:f8:84:5f:13:3d:95:07:bf:f2:f8:95:d1:
59:1d:54:6f:15:b6:3b:4e:2a:9d:65:6c:ce:cf:67:67:63:c3:
1f:b8:0d:2f:84:9f:0e:39:d9:9c:1d:82:8e:0b:2a:6e:57:4a:
e3:28:38:ce:0a:b5:6e:97:53:e0:a0:4f:5a:f8:48:3f:8c:da:
87:f2:66:92:a4:05:c5:6f:11:f7:3d:06:72:5c:17:c6:4c:b4:
9e:42:af:fe:87:f5:50:0a:11:93:36:83:3e:ce:7b:b2:c8:87:
94:90:13:55
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZCBdwJ30nX/n4UqbWAC2aftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE2NGNkMjljOTRjY2RlMTQ0NDhmNjFhMTcyYzc2M2Ix
ZTQwNTAwHhcNMjQwNzA1MDU1NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjYxYzdjNjJmNWE3OGE2NmZiNjQ3ZTdkNzU3NTA2YjM3OTZkOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/sXHV/hpPVZmvVEe1GxK603n9cC
x0nmYgNRPHAcq7hTUZwqCggMJj+BHNhrfP3x2cYtaoxLF6iKf/AYIdPZfCcFhsPn
EjQLpHiftRHy7KzhWSR6qzvpivmsjGA/kEkZST/Kl2/dEUmgjK90O/vDSp6Y8Nit
junQTniSvZIZ6vfDtqlc9hN2lQO2SILvPbmgT1+07fqypkjEutFmTod3PG4P9F5a
XUfLyucM1+THMvERKnNwoAE96eoSNc2xFH94gUSD74cBwGEqVgLYeJcuWpYZRzJX
pHeWe6wWkeYQbU8yIiyQwA6EHX25S+2iaZ8e+vzPEM+cXxrj5370Yw5wtwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCZhx8YvWnimb7ZH59dXUGs3ltkRMB8GA1UdIwQY
MBaAFLqqZM0pyUzN4URI9hoXLHY7HkBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUt
OGZjYWE2OTM2YzZjLzEvSm1ISHhpOWFlS1p2dGtmbjExZFFhemVXMlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUtOGZjYWE2OTM2YzZj
LzEvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdY0YAD
BAFY0YgDBANY0aADBABY0b8DBANdvWADBAK5P+gwDQYJKoZIhvcNAQELBQADggEB
AE8SGpCnDdXqTx5Iks9EZDJRL9s/msnfZ9SQWSHNlCIQuYIEURlquYW7okLRq5Ei
uSi8mePdePwvzD5kfPA0RaviKXMguf/bAby7dSzn1rThXQp5AjuPnfuiA4YVMJiR
5KS4ehjvvrwCNSiZQVZj6k3dPf87YRgmo2yWB0Tp9zUwxcIFax2sKH71uAAaGWhV
MN4dR8ejmPiEXxM9lQe/8viV0VkdVG8VtjtOKp1lbM7PZ2djwx+4DS+Enw452Zwd
go4LKm5XSuMoOM4KtW6XU+CgT1r4SD+M2ofyZpKkBcVvEfc9BnJcF8ZMtJ5Cr/6H
9VAKEZM2gz7Oe7LIh5SQE1U=
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:46:56 2024 by rpki-client on console.sobornost.net