Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/43RT1iBjJJ0QyvncK4QWrTnyjpY.roa
File: 43RT1iBjJJ0QyvncK4QWrTnyjpY.roa (raw, json)
Hash identifier: 05hN1MCxee8FpV+PnoeIHW7IPv+9cP/j3pomcaJ7xgM=
Subject key identifier: E3:74:53:D6:20:63:24:9D:10:CA:F9:DC:2B:84:16:AD:39:F2:8E:96
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019353CC2E77B7C38C03FA58717DA512EB43
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/43RT1iBjJJ0QyvncK4QWrTnyjpY.roa
Signing time: Fri 22 Nov 2024 12:15:10 +0000
ROA not before: Fri 22 Nov 2024 12:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 168.199.244.0/24 maxlen: 24
168.199.246.0/24 maxlen: 24
185.101.252.0/24 maxlen: 24
185.171.252.0/24 maxlen: 24
185.171.254.0/24 maxlen: 24
185.226.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:cc:2e:77:b7:c3:8c:03:fa:58:71:7d:a5:12:eb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Nov 22 12:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e37453d62063249d10caf9dc2b8416ad39f28e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:64:4c:19:6d:a3:f6:81:29:5a:68:63:20:d7:
f6:25:25:11:1c:08:e8:f1:4b:fc:72:cb:7d:ae:cb:
96:2e:40:6e:7c:d1:4f:6f:a6:38:a6:8e:04:87:92:
20:6a:90:e0:d0:81:f7:1b:66:b5:2c:03:2e:0c:e0:
9b:6b:8f:1b:97:af:f6:8a:74:0d:31:29:68:8f:f2:
11:5e:bf:8b:c4:d8:b3:84:97:e3:73:2c:63:d1:ef:
8d:17:3b:7a:9a:0c:f6:a8:2f:00:c2:74:3a:32:c0:
f4:62:cd:6d:05:4f:f7:85:da:6b:48:2b:a9:a4:94:
e4:50:8f:33:4d:d6:47:51:d1:55:7d:66:23:96:28:
96:fe:65:05:6f:e1:73:1c:fe:a2:15:a1:96:2c:3b:
76:cc:34:f0:15:9e:bd:97:b8:d5:20:ac:95:76:88:
a2:9c:00:aa:c6:67:b3:81:13:18:77:6a:b4:b1:81:
a0:29:37:df:5f:82:f7:d2:23:3a:b9:cc:32:f6:22:
80:25:b2:db:2a:de:6b:97:7c:42:94:66:af:4d:9c:
4b:26:10:d0:a2:7d:51:c5:e0:ca:38:5c:e3:c3:89:
d7:d7:17:20:85:ee:ff:93:ee:38:e7:1a:e7:0c:81:
35:ff:cc:14:c0:ba:9f:66:1d:0f:02:21:4c:21:46:
27:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:74:53:D6:20:63:24:9D:10:CA:F9:DC:2B:84:16:AD:39:F2:8E:96
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/43RT1iBjJJ0QyvncK4QWrTnyjpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.244.0/24
168.199.246.0/24
185.101.252.0/24
185.171.252.0/24
185.171.254.0/24
185.226.205.0/24
Signature Algorithm: sha256WithRSAEncryption
81:51:0f:4d:09:20:88:e9:8c:0f:eb:be:f8:f8:ca:5c:08:ef:
d3:45:b0:b7:46:98:d7:22:4d:4f:8e:24:7c:a9:a9:55:40:fe:
9e:e7:5b:88:22:73:94:9e:3b:96:05:f7:55:da:b9:3f:1f:c4:
aa:a4:b8:ec:72:ab:90:b0:44:03:00:97:40:98:fb:d2:ab:13:
c0:ac:01:40:bd:75:41:2c:bf:b7:7e:e8:51:1a:05:3a:6b:e2:
1f:e2:eb:28:4d:29:8f:02:ac:2b:65:c3:32:50:bf:a4:08:f8:
13:59:b1:95:c3:68:fe:77:11:ce:9a:1e:18:e6:df:d9:94:02:
e4:27:54:ac:68:29:c8:ed:36:d4:e2:64:08:9d:69:54:e9:85:
1f:61:e5:43:2c:82:76:02:e4:b4:7a:02:f6:61:e9:45:e2:64:
3e:43:15:68:ff:54:0a:29:b9:78:ff:aa:99:9e:d0:66:b9:0b:
75:de:23:04:e1:c8:a8:aa:87:e2:7e:23:18:49:e5:f3:a2:b9:
12:65:48:74:7e:57:43:41:27:b7:31:40:67:77:80:b0:77:7e:
a4:83:2a:99:7f:1f:23:56:cc:64:3c:26:45:7f:3e:a3:64:bf:
88:b2:29:62:46:ab:5c:bb:e6:c2:91:df:ea:51:07:87:41:74:
74:fb:7c:86
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNTzC53t8OMA/pYcX2lEutDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQxMTIyMTIxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzc0NTNkNjIwNjMyNDlkMTBjYWY5ZGMyYjg0MTZhZDM5ZjI4ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWRMGW2j9oEpWmhjINf2JSURHAjo
8Uv8cst9rsuWLkBufNFPb6Y4po4Eh5IgapDg0IH3G2a1LAMuDOCba48bl6/2inQN
MSloj/IRXr+LxNizhJfjcyxj0e+NFzt6mgz2qC8AwnQ6MsD0Ys1tBU/3hdprSCup
pJTkUI8zTdZHUdFVfWYjliiW/mUFb+FzHP6iFaGWLDt2zDTwFZ69l7jVIKyVdoii
nACqxmezgRMYd2q0sYGgKTffX4L30iM6ucwy9iKAJbLbKt5rl3xClGavTZxLJhDQ
on1RxeDKOFzjw4nX1xcghe7/k+445xrnDIE1/8wUwLqfZh0PAiFMIUYnLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFON0U9YgYySdEMr53CuEFq058o6WMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvNDNSVDFpQmpKSjBReXZuY0s0UVdyVG55anBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAqMf0AwQA
qMf2AwQAuWX8AwQAuav8AwQAuav+AwQAueLNMA0GCSqGSIb3DQEBCwUAA4IBAQCB
UQ9NCSCI6YwP6774+MpcCO/TRbC3RpjXIk1PjiR8qalVQP6e51uIInOUnjuWBfdV
2rk/H8SqpLjscquQsEQDAJdAmPvSqxPArAFAvXVBLL+3fuhRGgU6a+If4usoTSmP
AqwrZcMyUL+kCPgTWbGVw2j+dxHOmh4Y5t/ZlALkJ1SsaCnI7TbU4mQInWlU6YUf
YeVDLIJ2AuS0egL2YelF4mQ+QxVo/1QKKbl4/6qZntBmuQt13iME4cioqofifiMY
SeXzorkSZUh0fldDQSe3MUBnd4Cwd36kgyqZfx8jVsxkPCZFfz6jZL+IsiliRqtc
u+bCkd/qUQeHQXR0+3yG
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:23 2024 by rpki-client on console.sobornost.net