Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/mjt5eoNZJB2IkYZgT1ZmlqiSuY0.roa
File: mjt5eoNZJB2IkYZgT1ZmlqiSuY0.roa (raw, json)
Hash identifier: oazoCsqKrlBfWXZqlTOXcEvHSMBYQK6fiai8o+pha4g=
Subject key identifier: 9A:3B:79:7A:83:59:24:1D:88:91:86:60:4F:56:66:96:A8:92:B9:8D
Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial: 019386DCFE7F589DDD437B93518E206B2074
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/mjt5eoNZJB2IkYZgT1ZmlqiSuY0.roa
Signing time: Mon 02 Dec 2024 10:14:10 +0000
ROA not before: Mon 02 Dec 2024 10:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49683
IP address blocks: 31.25.234.0/24 maxlen: 24
171.22.172.0/24 maxlen: 24
171.22.173.0/24 maxlen: 24
171.22.174.0/24 maxlen: 24
185.44.64.0/24 maxlen: 24
185.44.65.0/24 maxlen: 24
185.44.66.0/24 maxlen: 24
185.44.67.0/24 maxlen: 24
185.85.240.0/24 maxlen: 24
185.85.241.0/24 maxlen: 24
185.85.242.0/24 maxlen: 24
185.85.243.0/24 maxlen: 24
185.116.236.0/24 maxlen: 24
185.116.237.0/24 maxlen: 24
185.116.239.0/24 maxlen: 24
185.122.164.0/24 maxlen: 24
185.122.165.0/24 maxlen: 24
185.122.166.0/24 maxlen: 24
185.122.167.0/24 maxlen: 24
185.168.192.0/24 maxlen: 24
185.168.193.0/24 maxlen: 24
185.168.194.0/24 maxlen: 24
185.168.195.0/24 maxlen: 24
185.184.68.0/24 maxlen: 24
185.184.69.0/24 maxlen: 24
185.184.70.0/24 maxlen: 24
185.184.71.0/24 maxlen: 24
185.189.56.0/24 maxlen: 24
185.189.57.0/24 maxlen: 24
185.189.58.0/24 maxlen: 24
185.189.59.0/24 maxlen: 24
2a0a:2f00:1::/48 maxlen: 48
2a0a:2f00:2::/48 maxlen: 48
2a0a:2f00:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:dc:fe:7f:58:9d:dd:43:7b:93:51:8e:20:6b:20:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
Validity
Not Before: Dec 2 10:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a3b797a8359241d889186604f566696a892b98d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9e:26:2f:38:4f:05:b7:d5:4b:8d:44:1b:c4:
be:ec:81:3d:82:f3:d2:1f:51:4b:6a:5a:9e:eb:bb:
17:54:7b:da:fb:3f:37:74:9b:01:d1:c2:7f:b4:49:
bc:f9:be:e3:b4:01:ad:63:37:eb:b7:09:19:fe:80:
e9:d8:5c:34:37:05:33:8d:9b:2f:1f:82:87:d6:af:
da:97:9e:a5:b1:b5:7b:48:f9:11:aa:79:5e:72:62:
ef:2b:5e:f5:43:22:03:5e:a8:1f:ca:3f:d7:b3:36:
4a:d2:b5:30:99:fd:6f:4e:6a:aa:50:a6:51:fc:91:
1b:38:db:c0:b2:48:11:a4:d2:ba:99:b8:70:35:5f:
71:18:39:40:1b:a8:4a:08:be:43:37:0a:58:5c:31:
e0:a8:78:cb:68:8d:5a:45:22:5c:18:0b:16:bb:e2:
e5:7a:e9:f9:36:38:30:bc:0c:b3:b1:69:b5:59:eb:
df:19:4e:66:f2:3a:22:aa:c4:ee:4d:f8:90:87:6f:
3d:91:f1:e6:29:74:96:76:0e:1f:f4:77:a5:59:4d:
58:63:78:fd:77:b4:77:92:44:a4:0f:47:64:da:72:
5a:22:25:56:23:e5:86:ef:87:ac:00:64:08:ba:6d:
a0:0c:10:9e:aa:39:18:17:d7:ad:4c:bb:49:0c:b0:
a2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3B:79:7A:83:59:24:1D:88:91:86:60:4F:56:66:96:A8:92:B9:8D
X509v3 Authority Key Identifier:
keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/mjt5eoNZJB2IkYZgT1ZmlqiSuY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.234.0/24
171.22.172.0-171.22.174.255
185.44.64.0/22
185.85.240.0/22
185.116.236.0/23
185.116.239.0/24
185.122.164.0/22
185.168.192.0/22
185.184.68.0/22
185.189.56.0/22
IPv6:
2a0a:2f00:1::-2a0a:2f00:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:bb:f5:95:22:20:7d:70:af:bf:6f:63:57:d9:70:7b:45:46:
22:32:e0:94:02:ab:88:40:cd:3a:44:77:57:2c:ba:e4:7d:f7:
36:a5:57:76:f4:c6:28:21:6d:18:8d:2c:68:ef:fb:51:1a:3e:
3f:fc:9f:16:b8:79:50:af:ce:06:5d:d8:c4:99:0f:25:7f:bd:
27:d3:dc:43:f3:21:4b:0b:b7:97:0a:cd:cc:1c:bf:e2:89:e0:
fa:58:c0:26:c1:26:42:36:4c:98:9a:8b:34:b0:d8:a3:a7:06:
29:b1:f8:18:2e:0d:f9:a8:57:c5:1e:77:5e:b9:4f:1a:64:9a:
de:12:d2:46:66:ad:40:0c:05:f7:70:2c:80:85:4a:c5:a9:3a:
78:3c:e7:7a:2f:fb:c7:2c:16:01:da:de:e1:8f:57:00:4a:ce:
15:00:86:a3:c0:13:8c:10:2c:61:4a:de:9f:e1:97:8d:75:e7:
eb:21:a0:0c:f4:2d:d1:24:0a:07:34:51:34:5e:c3:d0:7b:43:
57:86:ac:cf:12:57:8e:23:77:be:93:19:20:04:d8:91:9a:9e:
f3:38:fa:94:01:1b:31:54:1f:cb:c8:e8:93:e5:03:c6:46:de:
b2:65:64:3c:95:4b:bb:02:0d:bc:1d:49:b6:21:04:00:a3:3c:
e4:c7:dc:89
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZOG3P5/WJ3dQ3uTUY4gayB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl
Y2FkNGIwHhcNMjQxMjAyMTAxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNiNzk3YTgzNTkyNDFkODg5MTg2NjA0ZjU2NjY5NmE4OTJiOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ4mLzhPBbfVS41EG8S+7IE9gvPS
H1FLalqe67sXVHva+z83dJsB0cJ/tEm8+b7jtAGtYzfrtwkZ/oDp2Fw0NwUzjZsv
H4KH1q/al56lsbV7SPkRqnlecmLvK171QyIDXqgfyj/XszZK0rUwmf1vTmqqUKZR
/JEbONvAskgRpNK6mbhwNV9xGDlAG6hKCL5DNwpYXDHgqHjLaI1aRSJcGAsWu+Ll
eun5NjgwvAyzsWm1WevfGU5m8joiqsTuTfiQh289kfHmKXSWdg4f9HelWU1YY3j9
d7R3kkSkD0dk2nJaIiVWI+WG74esAGQIum2gDBCeqjkYF9etTLtJDLCiXwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFJo7eXqDWSQdiJGGYE9WZpaokrmNMB8GA1UdIwQY
MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt
OGJlMTQ2MjUzMzU2LzEvbWp0NWVvTlpKQjJJa1laZ1QxWm1scWlTdVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2
LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBKBAIAATBEAwQAHxnqMAwD
BAKrFqwDBACrFq4DBAK5LEADBAK5VfADBAG5dOwDBAC5dO8DBAK5eqQDBAK5qMAD
BAK5uEQDBAK5vTgwGgQCAAIwFDASAwcAKgovAAABAwcCKgovAAAAMA0GCSqGSIb3
DQEBCwUAA4IBAQBru/WVIiB9cK+/b2NX2XB7RUYiMuCUAquIQM06RHdXLLrkffc2
pVd29MYoIW0YjSxo7/tRGj4//J8WuHlQr84GXdjEmQ8lf70n09xD8yFLC7eXCs3M
HL/iieD6WMAmwSZCNkyYmos0sNijpwYpsfgYLg35qFfFHndeuU8aZJreEtJGZq1A
DAX3cCyAhUrFqTp4POd6L/vHLBYB2t7hj1cASs4VAIajwBOMECxhSt6f4ZeNdefr
IaAM9C3RJAoHNFE0XsPQe0NXhqzPEleOI3e+kxkgBNiRmp7zOPqUARsxVB/LyOiT
5QPGRt6yZWQ8lUu7Ag28HUm2IQQAozzkx9yJ
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:15 2024 by rpki-client on console.sobornost.net