Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/XJQdPz7SPvHYKvB8JfPttVk57v0.roa
File: XJQdPz7SPvHYKvB8JfPttVk57v0.roa (raw, json)
Hash identifier: rpkwnkVZlkQzpOu4Q4UIA5KlfDAPxb4H7OvbQBhiU+E=
Subject key identifier: 5C:94:1D:3F:3E:D2:3E:F1:D8:2A:F0:7C:25:F3:ED:B5:59:39:EE:FD
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 0193D396E83BAF3DA291E5A26645CF138D52
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/XJQdPz7SPvHYKvB8JfPttVk57v0.roa
Signing time: Tue 17 Dec 2024 07:48:22 +0000
ROA not before: Tue 17 Dec 2024 07:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20904
IP address blocks: 5.61.94.0/24 maxlen: 24
37.35.80.0/21 maxlen: 21
46.254.208.0/22 maxlen: 22
77.95.242.0/24 maxlen: 24
77.95.245.0/24 maxlen: 24
77.95.246.0/23 maxlen: 23
80.75.96.0/20 maxlen: 20
80.75.106.0/24 maxlen: 24
93.174.192.0/21 maxlen: 22
149.126.176.0/21 maxlen: 21
185.16.168.0/22 maxlen: 22
185.25.76.0/22 maxlen: 22
185.67.80.0/22 maxlen: 22
188.64.0.0/21 maxlen: 21
2a00:1a58::/32 maxlen: 32
2a00:74a0::/32 maxlen: 32
2a04:240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:96:e8:3b:af:3d:a2:91:e5:a2:66:45:cf:13:8d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Dec 17 07:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c941d3f3ed23ef1d82af07c25f3edb55939eefd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:44:96:43:df:2e:63:9a:6f:e0:92:3e:e9:2d:
c8:44:5f:01:f0:61:c8:75:21:6a:fc:d6:26:1f:74:
1f:d9:72:cb:a4:82:fd:af:4f:5c:9f:5f:87:2d:d1:
9f:36:51:ae:89:4d:39:27:ed:6f:c0:7a:36:61:09:
1b:df:8e:77:8c:69:b3:c7:cd:6a:48:2c:c4:02:b6:
3c:c4:e3:df:8d:02:5c:6f:8e:1d:40:d5:f7:96:04:
4b:e4:c0:29:45:ea:04:29:1b:f7:9b:b7:a6:af:f4:
11:53:22:f7:6e:8e:d2:50:b7:7e:ed:ae:fa:17:a6:
a4:5f:c6:4f:fb:2d:8b:31:3d:bd:88:33:d2:b9:0b:
bb:4b:9b:60:62:05:23:8e:05:55:5d:da:eb:09:e4:
b9:ff:e8:c5:0b:82:ce:4d:6e:38:9a:db:25:12:b7:
d9:81:39:b2:9b:bd:cf:d1:4e:22:0a:ac:ce:25:69:
49:3a:bd:bf:0d:a6:94:e1:9a:a5:17:94:ab:ab:f7:
6c:26:ee:17:84:84:a0:f3:07:da:32:6b:78:26:e5:
55:f0:94:6b:b7:98:ec:7f:65:ca:9a:cd:b4:f6:67:
19:5e:cc:4d:de:a3:4b:b2:4b:29:c8:a2:cc:e5:77:
c6:66:a3:2d:a8:0a:51:40:ce:ca:e9:ec:17:cf:e2:
42:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:94:1D:3F:3E:D2:3E:F1:D8:2A:F0:7C:25:F3:ED:B5:59:39:EE:FD
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/XJQdPz7SPvHYKvB8JfPttVk57v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.94.0/24
37.35.80.0/21
46.254.208.0/22
77.95.242.0/24
77.95.245.0-77.95.247.255
80.75.96.0/20
93.174.192.0/21
149.126.176.0/21
185.16.168.0/22
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
2a04:240::/29
Signature Algorithm: sha256WithRSAEncryption
5f:9c:8e:8e:6f:76:89:6b:e5:6c:96:44:86:78:55:bb:e6:9d:
67:3a:c1:a7:a4:90:ab:69:8f:34:e4:b9:57:0a:15:68:79:2f:
c0:d6:11:c3:f6:1b:73:32:14:0f:c7:6b:e1:3a:1a:33:3c:83:
d9:ab:29:c7:9d:73:39:03:f8:4b:1c:34:0e:24:b4:72:6f:0e:
b8:53:c9:cc:5e:6b:ef:e8:8b:da:8f:4d:9b:af:8c:40:2c:c5:
9e:5a:e7:82:98:dd:b3:9b:22:5d:ea:a0:09:ef:62:8b:30:5a:
75:7c:d6:48:08:d2:d3:1d:d9:1c:f7:aa:b8:ea:6a:0d:07:09:
1e:7f:45:98:90:32:59:74:fd:ac:a1:28:e7:28:32:f2:e9:26:
8c:38:b5:7b:35:47:86:27:3b:c9:12:cf:65:0f:90:23:cf:88:
3c:8f:66:cc:88:a6:a6:b6:49:4c:29:69:93:c4:4c:4c:02:9c:
fa:fd:02:90:59:e8:25:1b:aa:01:ae:54:fb:d0:fd:bf:e1:86:
ea:0e:ef:96:4b:9b:1d:f2:30:42:89:96:a8:0e:5b:7c:ae:4d:
2d:d2:14:ea:9e:ab:5a:58:68:80:16:86:3d:ae:75:5b:20:8b:
12:ad:eb:d8:6d:31:12:29:7f:28:2c:5b:b5:1d:65:3b:04:52:
64:64:cf:b6
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZPTlug7rz2ikeWiZkXPE41SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjQxMjE3MDc0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk0MWQzZjNlZDIzZWYxZDgyYWYwN2MyNWYzZWRiNTU5MzllZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0SWQ98uY5pv4JI+6S3IRF8B8GHI
dSFq/NYmH3Qf2XLLpIL9r09cn1+HLdGfNlGuiU05J+1vwHo2YQkb3453jGmzx81q
SCzEArY8xOPfjQJcb44dQNX3lgRL5MApReoEKRv3m7emr/QRUyL3bo7SULd+7a76
F6akX8ZP+y2LMT29iDPSuQu7S5tgYgUjjgVVXdrrCeS5/+jFC4LOTW44mtslErfZ
gTmym73P0U4iCqzOJWlJOr2/DaaU4ZqlF5Srq/dsJu4XhISg8wfaMmt4JuVV8JRr
t5jsf2XKms209mcZXsxN3qNLskspyKLM5XfGZqMtqApRQM7K6ewXz+JC+wIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFFyUHT8+0j7x2CrwfCXz7bVZOe79MB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvWEpRZFB6N1NQdkhZS3ZCOEpmUHR0Vms1N3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwVgQCAAEwUAMEAAU9XgME
AyUjUAMEAi7+0AMEAE1f8jAMAwQATV/1AwQDTV/wAwQEUEtgAwQDXa7AAwQDlX6w
AwQCuRCoAwQCuRlMAwQCuUNQAwQDvEAAMBsEAgACMBUDBQAqABpYAwUAKgB0oAMF
AyoEAkAwDQYJKoZIhvcNAQELBQADggEBAF+cjo5vdolr5WyWRIZ4VbvmnWc6waek
kKtpjzTkuVcKFWh5L8DWEcP2G3MyFA/Ha+E6GjM8g9mrKcedczkD+EscNA4ktHJv
DrhTycxea+/oi9qPTZuvjEAsxZ5a54KY3bObIl3qoAnvYoswWnV81kgI0tMd2Rz3
qrjqag0HCR5/RZiQMll0/ayhKOcoMvLpJow4tXs1R4YnO8kSz2UPkCPPiDyPZsyI
pqa2SUwpaZPETEwCnPr9ApBZ6CUbqgGuVPvQ/b/hhuoO75ZLmx3yMEKJlqgOW3yu
TS3SFOqeq1pYaIAWhj2udVsgixKt69htMRIpfygsW7UdZTsEUmRkz7Y=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:04 2024 by rpki-client on console.sobornost.net