Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/f08585-68b1-490d-a7fa-a51926601f4e/1/hc-jJsjJ99b9LM6mqU1PeHA8GXg.roa
File: hc-jJsjJ99b9LM6mqU1PeHA8GXg.roa (raw, json)
Hash identifier: WKmxXCzQjyjghPwidrphneKQJWDgOMLupB9blsXy5TU=
Subject key identifier: 85:CF:A3:26:C8:C9:F7:D6:FD:2C:CE:A6:A9:4D:4F:78:70:3C:19:78
Certificate issuer: /CN=3171bfa6b3d32dfe3a0ee2df77cfbe585c27f5db
Certificate serial: 03621536
Authority key identifier: 31:71:BF:A6:B3:D3:2D:FE:3A:0E:E2:DF:77:CF:BE:58:5C:27:F5:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXG_prPTLf46DuLfd8--WFwn9ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/f08585-68b1-490d-a7fa-a51926601f4e/1/hc-jJsjJ99b9LM6mqU1PeHA8GXg.roa
Signing time: Mon 04 Jul 2022 08:34:25 +0000
ROA not before: Mon 04 Jul 2022 08:34:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34704
IP address blocks: 37.208.53.0/24 maxlen: 24
37.208.52.0/24 maxlen: 24
37.208.55.0/24 maxlen: 24
37.208.54.0/24 maxlen: 24
37.208.51.0/24 maxlen: 24
37.208.50.0/24 maxlen: 24
37.208.49.0/24 maxlen: 24
37.208.48.0/24 maxlen: 24
93.174.37.0/24 maxlen: 24
93.174.36.0/24 maxlen: 24
93.174.35.0/24 maxlen: 24
93.174.34.0/24 maxlen: 24
93.174.33.0/24 maxlen: 24
93.174.32.0/24 maxlen: 24
93.174.39.0/24 maxlen: 24
213.232.82.0/24 maxlen: 24
213.232.81.0/24 maxlen: 24
213.232.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56759606 (0x3621536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3171bfa6b3d32dfe3a0ee2df77cfbe585c27f5db
Validity
Not Before: Jul 4 08:34:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85cfa326c8c9f7d6fd2ccea6a94d4f78703c1978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:df:56:52:2a:29:60:ce:39:5c:a3:97:e4:25:
07:eb:8a:36:96:73:96:ce:47:d6:d5:1d:52:58:bf:
5a:83:d5:4a:2b:04:13:3a:68:6e:bf:04:36:be:a1:
23:3c:ba:df:92:35:07:ec:5d:6c:f9:50:6f:4a:2e:
80:be:19:76:7a:21:f4:4f:c8:0f:15:51:ee:80:16:
13:28:4d:3d:0c:bf:ab:af:71:e0:8d:d9:24:61:0f:
86:b9:b7:83:4e:7d:5e:9a:e5:93:50:bb:4e:dc:b5:
b0:69:bf:cc:9f:2a:41:fb:a7:ec:ea:e4:63:9d:fa:
54:6c:6e:e0:86:3c:b7:85:64:a0:17:09:49:c5:c8:
96:ea:ad:7a:39:92:aa:9d:5f:d0:68:dc:cd:a9:5b:
bb:de:12:62:05:79:c5:aa:be:9a:98:de:cf:a6:d1:
8b:7c:e6:c1:1c:4d:f1:a2:37:ce:df:50:ce:81:5a:
ab:ba:14:53:5a:fd:d0:66:e5:fe:2c:d3:3a:1b:18:
3c:7c:36:ce:bf:68:33:c9:33:77:35:79:9b:bf:0a:
13:75:b0:bc:c6:60:82:c0:ab:ca:16:c7:cf:05:7e:
06:a1:14:3e:5b:e1:19:97:16:37:56:cc:79:26:7e:
2d:8a:57:9f:28:c5:44:f5:03:dc:d0:e4:83:fc:d2:
ac:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CF:A3:26:C8:C9:F7:D6:FD:2C:CE:A6:A9:4D:4F:78:70:3C:19:78
X509v3 Authority Key Identifier:
keyid:31:71:BF:A6:B3:D3:2D:FE:3A:0E:E2:DF:77:CF:BE:58:5C:27:F5:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXG_prPTLf46DuLfd8--WFwn9ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/f08585-68b1-490d-a7fa-a51926601f4e/1/hc-jJsjJ99b9LM6mqU1PeHA8GXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/f08585-68b1-490d-a7fa-a51926601f4e/1/MXG_prPTLf46DuLfd8--WFwn9ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.48.0/21
93.174.32.0-93.174.37.255
93.174.39.0/24
213.232.80.0-213.232.82.255
Signature Algorithm: sha256WithRSAEncryption
9b:2c:c8:9f:e9:e5:42:82:1f:3f:48:46:a4:f0:78:a7:7d:3e:
13:6c:3e:bf:f9:49:9f:f0:b3:33:d7:24:17:dc:78:34:f3:19:
b1:a4:55:81:63:a9:7b:0c:d5:2a:7b:84:c5:5a:72:2c:53:37:
61:a2:7f:d1:ae:b5:7a:05:4b:86:17:51:7c:12:5c:7e:6a:79:
32:59:0b:66:a7:50:92:bc:fb:55:d4:ed:fc:36:4c:13:4f:f4:
0b:4e:00:88:82:21:8f:a8:28:59:7c:c9:e3:52:e0:ef:7f:d5:
c6:c7:28:d0:78:3d:74:06:b2:c3:cd:0f:1d:6f:de:cf:38:fb:
e8:7c:d2:4d:d4:ce:4a:4b:08:33:6c:a8:79:06:49:b5:2a:c6:
85:85:0f:8d:d9:d5:f9:11:6f:6e:2b:d5:b8:ac:a3:2a:52:37:
8b:b9:2a:bf:a8:e9:eb:76:55:94:22:93:eb:5e:0d:38:4d:7d:
77:63:c6:35:1f:0d:ae:4c:45:c8:d2:52:32:ab:9f:6b:1a:41:
96:ec:68:39:0d:4c:d1:9d:a3:ee:e9:f3:5b:3f:60:51:d6:eb:
c3:ad:8c:69:d9:d0:0d:65:58:b3:79:d4:28:db:ca:34:7a:94:
1d:60:e2:f8:dd:52:ba:46:47:33:00:81:4d:11:36:94:34:3c:
91:84:cd:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEA2IVNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTcxYmZhNmIzZDMyZGZlM2EwZWUyZGY3N2NmYmU1ODVjMjdmNWRiMB4XDTIyMDcw
NDA4MzQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVjZmEzMjZjOGM5
ZjdkNmZkMmNjZWE2YTk0ZDRmNzg3MDNjMTk3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIvfVlIqKWDOOVyjl+QlB+uKNpZzls5H1tUdUli/WoPVSisE
Ezpobr8ENr6hIzy635I1B+xdbPlQb0ougL4Zdnoh9E/IDxVR7oAWEyhNPQy/q69x
4I3ZJGEPhrm3g059Xprlk1C7Tty1sGm/zJ8qQfun7OrkY536VGxu4IY8t4VkoBcJ
ScXIluqtejmSqp1f0Gjczalbu94SYgV5xaq+mpjez6bRi3zmwRxN8aI3zt9QzoFa
q7oUU1r90Gbl/izTOhsYPHw2zr9oM8kzdzV5m78KE3WwvMZggsCryhbHzwV+BqEU
PlvhGZcWN1bMeSZ+LYpXnyjFRPUD3NDkg/zSrIcCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSFz6MmyMn31v0szqapTU94cDwZeDAfBgNVHSMEGDAWgBQxcb+ms9Mt/joO
4t93z75YXCf12zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01YR19wclBUTGY0NkR1TGZkOC0tV0Z3bjlkcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvZjA4NTg1LTY4YjEtNDkwZC1hN2ZhLWE1MTkyNjYwMWY0ZS8x
L2hjLWpKc2pKOTliOUxNNm1xVTFQZUhBOEdYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
ZjA4NTg1LTY4YjEtNDkwZC1hN2ZhLWE1MTkyNjYwMWY0ZS8xL01YR19wclBUTGY0
NkR1TGZkOC0tV0Z3bjlkcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEAyXQMDAMAwQFXa4gAwQBXa4kAwQA
Xa4nMAwDBATV6FADBADV6FIwDQYJKoZIhvcNAQELBQADggEBAJssyJ/p5UKCHz9I
RqTweKd9PhNsPr/5SZ/wszPXJBfceDTzGbGkVYFjqXsM1Sp7hMVacixTN2Gif9Gu
tXoFS4YXUXwSXH5qeTJZC2anUJK8+1XU7fw2TBNP9AtOAIiCIY+oKFl8yeNS4O9/
1cbHKNB4PXQGssPNDx1v3s84++h80k3UzkpLCDNsqHkGSbUqxoWFD43Z1fkRb24r
1bisoypSN4u5Kr+o6et2VZQik+teDThNfXdjxjUfDa5MRcjSUjKrn2saQZbsaDkN
TNGdo+7p81s/YFHW68OtjGnZ0A1lWLN51CjbyjR6lB1g4vjdUrpGRzMAgU0RNpQ0
PJGEzdg=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:29 2023 by rpki-client on console.sobornost.net