Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/JXdq920DJOOWYuL38WRg09748zc.roa
File: JXdq920DJOOWYuL38WRg09748zc.roa (raw, json)
Hash identifier: LBViq/0ZKk+e1plPM2sQ7oxwlPpbEsPFpd/r0zNcGqM=
Subject key identifier: 25:77:6A:F7:6D:03:24:E3:96:62:E2:F7:F1:64:60:D3:DE:F8:F3:37
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 0193867932D9B1DBE248B79DEA9BD895FD72
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/JXdq920DJOOWYuL38WRg09748zc.roa
Signing time: Mon 02 Dec 2024 08:25:09 +0000
ROA not before: Mon 02 Dec 2024 08:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21416
IP address blocks: 62.76.253.0/24 maxlen: 24
212.193.104.0/24 maxlen: 24
212.193.105.0/24 maxlen: 24
212.193.106.0/24 maxlen: 24
212.193.107.0/24 maxlen: 24
212.193.108.0/24 maxlen: 24
212.193.109.0/24 maxlen: 24
212.193.110.0/24 maxlen: 24
212.193.111.0/24 maxlen: 24
212.193.112.0/24 maxlen: 24
212.193.113.0/24 maxlen: 24
212.193.114.0/24 maxlen: 24
212.193.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:79:32:d9:b1:db:e2:48:b7:9d:ea:9b:d8:95:fd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Dec 2 08:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25776af76d0324e39662e2f7f16460d3def8f337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9c:65:b0:d3:19:9f:1b:db:2e:77:05:49:0d:
7b:1b:63:bf:02:78:ac:59:83:b9:30:e9:22:29:b8:
15:53:a9:45:34:48:0d:cd:cc:c9:77:c1:7f:af:d5:
33:a7:29:6a:26:ab:d0:81:26:8a:42:0d:8c:99:a9:
3f:b9:c7:65:fe:04:e4:48:7d:2c:cc:ae:76:ef:7c:
7b:a2:bc:e8:ad:e1:73:f6:8b:63:20:25:f9:19:4f:
d8:48:4d:d7:d9:7f:b5:d0:f1:50:96:44:b4:51:a8:
fd:2d:c6:bd:ea:91:35:16:43:c1:b9:7c:5a:e1:1d:
25:1d:95:2f:89:0e:10:33:ed:1e:50:30:f4:0f:30:
c6:26:6b:df:2b:1e:5d:1b:31:c9:a6:1d:ef:0a:17:
da:e6:d4:d7:f1:7e:80:da:d5:96:fe:bd:52:fb:46:
2f:7c:6b:0b:78:5d:6a:37:6c:e1:c0:ae:b3:52:c6:
e4:f3:36:ee:53:58:e7:14:b3:b8:83:89:4a:b3:bc:
e3:db:7f:09:7b:4e:31:26:59:22:05:f6:f7:83:23:
78:d4:5b:34:19:75:b7:42:3f:82:c0:3b:4e:5a:00:
51:99:80:60:c0:3b:47:4c:6c:c7:9b:64:85:ee:ec:
37:c1:dd:e5:ca:e7:5e:2e:7f:09:dd:7d:b9:bf:9a:
0b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:77:6A:F7:6D:03:24:E3:96:62:E2:F7:F1:64:60:D3:DE:F8:F3:37
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/JXdq920DJOOWYuL38WRg09748zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.253.0/24
212.193.104.0-212.193.115.255
Signature Algorithm: sha256WithRSAEncryption
70:bc:32:c2:63:35:dc:8d:41:16:c4:99:91:a8:0d:39:bd:e3:
82:4e:1e:7a:39:56:c1:42:09:72:a8:1b:07:31:7f:34:0b:3f:
8d:17:69:11:cb:7a:26:e9:5c:60:62:ee:6d:a2:ee:f9:fd:d9:
d5:e9:97:10:f3:cc:64:c7:d1:69:56:f0:ab:63:a3:9a:b2:30:
e9:30:83:df:87:56:7d:7b:7a:64:06:32:80:d1:42:8c:00:9d:
8f:0d:67:c8:30:e9:c4:c7:dc:11:0c:6c:1a:69:0b:14:f4:30:
e0:41:4d:28:0d:f5:44:de:59:70:27:62:0e:dd:42:68:23:30:
46:70:ea:8c:3d:b9:a1:e5:94:1a:59:4b:3b:28:ee:b9:f2:54:
69:4d:76:c1:91:a7:e0:b8:ba:76:0a:1d:db:02:7a:17:9b:55:
fc:54:4b:e8:25:05:26:3b:51:30:c5:8d:07:25:47:e8:aa:a7:
63:69:04:05:ac:16:c2:9a:3e:9d:c1:e4:f4:34:01:50:7f:04:
30:f7:e4:0f:5e:d8:8c:be:e5:22:bb:29:39:1f:82:9b:cb:e6:
d1:91:34:54:98:76:6e:48:40:c4:bd:8b:ee:80:a1:09:c1:a9:
c3:7e:18:1e:7a:ec:43:59:06:76:28:df:db:1d:62:3d:5b:28:
41:da:d0:1b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZOGeTLZsdviSLed6pvYlf1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjQxMjAyMDgyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc3NmFmNzZkMDMyNGUzOTY2MmUyZjdmMTY0NjBkM2RlZjhmMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZxlsNMZnxvbLncFSQ17G2O/Anis
WYO5MOkiKbgVU6lFNEgNzczJd8F/r9UzpylqJqvQgSaKQg2Mmak/ucdl/gTkSH0s
zK5273x7orzoreFz9otjICX5GU/YSE3X2X+10PFQlkS0Uaj9Lca96pE1FkPBuXxa
4R0lHZUviQ4QM+0eUDD0DzDGJmvfKx5dGzHJph3vChfa5tTX8X6A2tWW/r1S+0Yv
fGsLeF1qN2zhwK6zUsbk8zbuU1jnFLO4g4lKs7zj238Je04xJlkiBfb3gyN41Fs0
GXW3Qj+CwDtOWgBRmYBgwDtHTGzHm2SF7uw3wd3lyudeLn8J3X25v5oLvwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCV3avdtAyTjlmLi9/FkYNPe+PM3MB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvSlhkcTkyMERKT09XWXVMMzhXUmcwOTc0OHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAPkz9MAwD
BAPUwWgDBALUwXAwDQYJKoZIhvcNAQELBQADggEBAHC8MsJjNdyNQRbEmZGoDTm9
44JOHno5VsFCCXKoGwcxfzQLP40XaRHLeibpXGBi7m2i7vn92dXplxDzzGTH0WlW
8Ktjo5qyMOkwg9+HVn17emQGMoDRQowAnY8NZ8gw6cTH3BEMbBppCxT0MOBBTSgN
9UTeWXAnYg7dQmgjMEZw6ow9uaHllBpZSzso7rnyVGlNdsGRp+C4unYKHdsCeheb
VfxUS+glBSY7UTDFjQclR+iqp2NpBAWsFsKaPp3B5PQ0AVB/BDD35A9e2Iy+5SK7
KTkfgpvL5tGRNFSYdm5IQMS9i+6AoQnBqcN+GB567ENZBnYo39sdYj1bKEHa0Bs=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:23 2024 by rpki-client on console.sobornost.net