Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/5de4gYjYEEhzw_du0H1uantwsQk.roa
File: 5de4gYjYEEhzw_du0H1uantwsQk.roa (raw, json)
Hash identifier: QHGEVBQv0d2c3a+K1LeIN1zk1Xb+a7WOp5hMNNKkxVc=
Subject key identifier: E5:D7:B8:81:88:D8:10:48:73:C3:F7:6E:D0:7D:6E:6A:7B:70:B1:09
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 01929E8174F3E9EE9F120B5DD00BBA74E23E
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/5de4gYjYEEhzw_du0H1uantwsQk.roa
Signing time: Fri 18 Oct 2024 07:22:17 +0000
ROA not before: Fri 18 Oct 2024 07:22:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20904
IP address blocks: 5.61.88.0/21 maxlen: 24
37.35.80.0/21 maxlen: 21
46.254.208.0/21 maxlen: 21
77.95.242.0/24 maxlen: 24
77.95.245.0/24 maxlen: 24
77.95.246.0/23 maxlen: 23
80.75.96.0/20 maxlen: 20
80.75.106.0/24 maxlen: 24
84.240.64.0/19 maxlen: 19
84.240.96.0/19 maxlen: 19
93.174.192.0/21 maxlen: 22
149.126.176.0/21 maxlen: 21
185.16.168.0/22 maxlen: 22
185.25.76.0/22 maxlen: 22
185.67.80.0/22 maxlen: 22
188.64.0.0/21 maxlen: 21
2a00:1a58::/32 maxlen: 32
2a00:74a0::/32 maxlen: 32
2a04:240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:81:74:f3:e9:ee:9f:12:0b:5d:d0:0b:ba:74:e2:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Oct 18 07:22:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5d7b88188d8104873c3f76ed07d6e6a7b70b109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:eb:12:68:6a:27:08:a5:9e:28:05:b1:01:03:
e1:ee:c7:fe:de:19:04:fa:9c:4a:5b:42:33:e2:6f:
66:e9:e6:d3:3d:65:1d:de:51:f0:d6:8b:07:08:c2:
d9:9a:d2:aa:4b:92:cb:3f:17:e1:c7:84:6b:50:36:
12:ff:04:14:a7:f1:95:64:7f:86:c1:f9:b9:e8:9a:
ba:0a:52:0c:ae:44:82:b7:0b:b6:fa:98:5f:d7:e4:
fe:ea:11:4a:a1:f3:02:a3:0a:35:bc:9b:7e:53:14:
46:7f:14:8c:b0:43:99:9a:fb:b1:da:81:90:a5:ff:
63:2b:5b:c2:3b:e9:f5:88:61:7f:a2:34:b0:ec:3e:
43:71:cc:63:6f:b8:2e:6a:d6:d8:60:9e:a6:43:3e:
89:3e:37:be:69:f9:b6:cc:aa:00:0c:6e:00:50:a6:
4e:a9:19:10:16:86:d8:df:da:70:7e:6b:70:98:e1:
a3:6b:41:d7:69:85:3b:2d:fc:13:f5:f1:9f:f4:c7:
aa:7f:af:7a:f6:63:42:71:dc:0a:85:bb:6a:82:ea:
1d:b8:bd:c5:fb:e0:3c:8f:1e:80:52:0e:cc:a2:c3:
b6:d6:9b:91:7d:fe:44:33:f3:88:87:38:a4:e4:fc:
24:2a:97:9f:38:e6:44:ac:1f:2a:8c:6f:7e:ae:20:
aa:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D7:B8:81:88:D8:10:48:73:C3:F7:6E:D0:7D:6E:6A:7B:70:B1:09
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/5de4gYjYEEhzw_du0H1uantwsQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.88.0/21
37.35.80.0/21
46.254.208.0/21
77.95.242.0/24
77.95.245.0-77.95.247.255
80.75.96.0/20
84.240.64.0/18
93.174.192.0/21
149.126.176.0/21
185.16.168.0/22
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
2a04:240::/29
Signature Algorithm: sha256WithRSAEncryption
48:89:85:fe:6f:9f:5c:4c:71:bb:0d:b6:05:8b:73:b7:42:4f:
73:3f:72:49:d7:3c:58:2e:90:26:6c:9c:d9:77:a8:e1:8e:d7:
93:e6:45:8c:05:14:69:04:93:5a:8e:83:63:29:7e:75:8a:cc:
c6:55:c3:f7:11:98:b6:25:0d:ec:25:31:37:64:9d:07:ff:0d:
4c:c6:66:45:64:45:3f:dc:6a:63:9b:97:cd:1b:7f:38:9f:3e:
20:86:21:1f:c2:a9:e7:29:ff:15:11:ba:fb:bb:2e:c1:ae:90:
ff:21:1b:0c:8b:cc:85:fb:35:52:e8:a9:d4:d9:71:ca:f2:3f:
32:eb:2f:54:e2:60:05:91:37:3d:ef:a1:d4:5e:b5:4c:97:cc:
8a:a9:f6:6c:ca:b4:cf:4e:9f:35:65:11:d7:8c:e1:e4:da:49:
9d:f0:f3:6e:ae:d3:51:ca:a7:51:41:ce:5c:43:03:f4:ea:34:
e7:cf:a9:1e:e9:33:f0:2c:84:6d:c6:9c:30:7b:9a:81:61:9b:
85:bc:15:5a:08:25:99:be:99:c4:27:cb:2d:47:79:22:b4:12:
87:16:4a:5c:67:cc:ab:9a:50:5d:80:36:0c:35:e8:f9:e5:27:
82:68:b8:f2:49:96:71:f5:6c:14:28:70:bf:e0:34:85:0e:07:
9a:0d:5f:56
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZKegXTz6e6fEgtd0Au6dOI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjQxMDE4MDcyMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQ3Yjg4MTg4ZDgxMDQ4NzNjM2Y3NmVkMDdkNmU2YTdiNzBiMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+sSaGonCKWeKAWxAQPh7sf+3hkE
+pxKW0Iz4m9m6ebTPWUd3lHw1osHCMLZmtKqS5LLPxfhx4RrUDYS/wQUp/GVZH+G
wfm56Jq6ClIMrkSCtwu2+phf1+T+6hFKofMCowo1vJt+UxRGfxSMsEOZmvux2oGQ
pf9jK1vCO+n1iGF/ojSw7D5Dccxjb7guatbYYJ6mQz6JPje+afm2zKoADG4AUKZO
qRkQFobY39pwfmtwmOGja0HXaYU7LfwT9fGf9Meqf6969mNCcdwKhbtqguoduL3F
++A8jx6AUg7MosO21puRff5EM/OIhzik5PwkKpefOOZErB8qjG9+riCq4wIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFOXXuIGI2BBIc8P3btB9bmp7cLEJMB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvNWRlNGdZallFRWh6d19kdTBIMXVhbnR3c1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswXAQCAAEwVgMEAwU9WAME
AyUjUAMEAy7+0AMEAE1f8jAMAwQATV/1AwQDTV/wAwQEUEtgAwQGVPBAAwQDXa7A
AwQDlX6wAwQCuRCoAwQCuRlMAwQCuUNQAwQDvEAAMBsEAgACMBUDBQAqABpYAwUA
KgB0oAMFAyoEAkAwDQYJKoZIhvcNAQELBQADggEBAEiJhf5vn1xMcbsNtgWLc7dC
T3M/cknXPFgukCZsnNl3qOGO15PmRYwFFGkEk1qOg2MpfnWKzMZVw/cRmLYlDewl
MTdknQf/DUzGZkVkRT/camObl80bfzifPiCGIR/Cqecp/xURuvu7LsGukP8hGwyL
zIX7NVLoqdTZccryPzLrL1TiYAWRNz3vodRetUyXzIqp9mzKtM9OnzVlEdeM4eTa
SZ3w826u01HKp1FBzlxDA/TqNOfPqR7pM/AshG3GnDB7moFhm4W8FVoIJZm+mcQn
yy1HeSK0EocWSlxnzKuaUF2ANgw16PnlJ4JouPJJlnH1bBQocL/gNIUOB5oNX1Y=
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:19:06 2024 by rpki-client on console.sobornost.net