Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/UQfA0CQ50X-FAOjFY8Cpr_rezTE.roa
File: UQfA0CQ50X-FAOjFY8Cpr_rezTE.roa (raw, json)
Hash identifier: pLKomLth8c8umvj1pKSiTavB/zfxiarhUg6quQsJveQ=
Subject key identifier: 51:07:C0:D0:24:39:D1:7F:85:00:E8:C5:63:C0:A9:AF:FA:DE:CD:31
Certificate issuer: /CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Certificate serial: 01936254E0B5A96EBE2D1022CD1BAA8DB16A
Authority key identifier: 73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/UQfA0CQ50X-FAOjFY8Cpr_rezTE.roa
Signing time: Mon 25 Nov 2024 07:59:09 +0000
ROA not before: Mon 25 Nov 2024 07:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43391
IP address blocks: 77.223.128.0/19 maxlen: 24
77.223.132.0/24 maxlen: 24
77.223.135.0/24 maxlen: 24
77.223.136.0/24 maxlen: 24
77.223.143.0/24 maxlen: 24
77.223.148.0/24 maxlen: 24
77.223.149.0/24 maxlen: 24
77.223.152.0/24 maxlen: 24
77.223.153.0/24 maxlen: 24
77.223.154.0/24 maxlen: 24
77.223.156.0/24 maxlen: 24
77.223.158.0/24 maxlen: 24
78.40.224.0/21 maxlen: 21
78.40.224.0/24 maxlen: 24
78.40.228.0/24 maxlen: 24
78.40.230.0/24 maxlen: 24
91.191.160.0/20 maxlen: 24
91.191.168.0/21 maxlen: 21
91.191.170.0/24 maxlen: 24
91.191.171.0/24 maxlen: 24
93.187.200.0/21 maxlen: 21
93.187.204.0/24 maxlen: 24
93.187.205.0/24 maxlen: 24
93.187.206.0/24 maxlen: 24
93.187.207.0/24 maxlen: 24
185.80.72.0/24 maxlen: 24
195.244.32.0/19 maxlen: 24
195.244.33.0/24 maxlen: 24
195.244.43.0/24 maxlen: 24
195.244.46.0/24 maxlen: 24
195.244.59.0/24 maxlen: 24
2a01:aac0::/32 maxlen: 32
2a0a:be80::/29 maxlen: 29
2a0a:be80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:54:e0:b5:a9:6e:be:2d:10:22:cd:1b:aa:8d:b1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7302cdc29fdca09e9a0f3f7d2113da85a7e1d654
Validity
Not Before: Nov 25 07:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5107c0d02439d17f8500e8c563c0a9affadecd31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e2:48:88:20:80:44:a6:5d:8b:4a:2b:0b:e7:
91:9d:2f:2e:01:22:29:1e:f9:2b:fe:74:ad:d0:7d:
2e:3c:ac:d1:a3:fa:36:7f:c4:38:7a:82:46:35:1c:
8a:47:f4:91:47:8d:6a:bf:6b:86:95:16:58:6f:05:
be:55:f9:34:a4:bb:9e:d6:18:78:22:4c:c7:21:df:
9a:ec:95:65:71:f7:c8:50:4a:9b:2b:e5:02:26:e1:
e3:b0:b3:ec:2e:86:42:7a:1f:21:e2:d4:a8:db:b5:
4b:8d:0f:f3:cf:d5:54:d8:dd:f3:d8:f8:88:a6:0d:
7a:24:7d:13:e5:4d:e7:c2:28:f6:30:92:c4:fb:20:
2a:02:14:57:62:1d:4d:c5:68:64:f4:9a:20:af:61:
47:7b:18:69:d2:31:cc:56:ae:8f:7d:36:5a:c2:f1:
a4:f5:50:79:9d:fc:f6:b7:6a:82:6c:53:92:69:35:
f4:84:78:f3:f0:58:d8:ca:1f:86:b9:17:ff:56:4b:
77:1e:9e:25:ce:92:97:be:33:7f:d3:e5:47:58:ee:
fb:5d:93:90:69:34:d9:98:b9:7e:ae:28:bf:07:51:
41:40:65:af:6d:e5:18:66:7a:8a:dd:3c:d6:b9:5e:
67:5f:1b:65:c6:55:08:13:3b:53:07:a8:e8:51:84:
ca:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:07:C0:D0:24:39:D1:7F:85:00:E8:C5:63:C0:A9:AF:FA:DE:CD:31
X509v3 Authority Key Identifier:
keyid:73:02:CD:C2:9F:DC:A0:9E:9A:0F:3F:7D:21:13:DA:85:A7:E1:D6:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cwLNwp_coJ6aDz99IRPahafh1lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/UQfA0CQ50X-FAOjFY8Cpr_rezTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/77217d-814b-486a-8ef2-fe0333ed005f/1/cwLNwp_coJ6aDz99IRPahafh1lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.128.0/19
78.40.224.0/21
91.191.160.0/20
93.187.200.0/21
185.80.72.0/24
195.244.32.0/19
IPv6:
2a01:aac0::/32
2a0a:be80::/29
Signature Algorithm: sha256WithRSAEncryption
47:f9:81:17:8b:f8:cf:b4:71:1e:c6:d4:90:e6:75:50:0e:1f:
43:61:bf:e9:1c:b0:37:aa:b3:dc:98:24:b1:f1:9f:a2:93:28:
cd:47:99:92:a1:9a:7a:15:4c:99:02:11:4c:c7:3e:5a:01:1c:
65:6e:3f:d0:3b:53:3c:0c:64:d3:68:c3:f3:85:39:de:91:5e:
4d:15:e2:79:90:28:ab:61:2b:c7:a6:cb:71:10:0c:f4:ee:75:
3d:90:6f:1b:11:fa:33:18:07:3b:53:39:33:32:e8:fe:c5:4f:
ce:90:25:2c:cc:43:99:43:18:9e:8c:52:56:18:0f:ce:b5:cc:
1c:03:70:b0:83:8f:67:99:ec:d2:c6:d0:e6:bc:70:aa:4a:d3:
96:1b:1e:fb:7c:88:68:da:13:7c:e2:b2:63:a9:d8:b6:82:7c:
8e:c2:83:0d:87:66:07:fb:fd:fa:c0:ec:c0:cd:f0:1f:89:af:
ea:70:4e:9e:77:4e:a4:dc:49:a3:85:f8:b2:0f:d4:dd:84:d9:
93:0b:3d:fc:2a:4b:02:64:aa:70:d5:b7:dc:02:74:6a:dc:d3:
b1:db:01:6a:be:ff:50:17:4a:3b:18:21:73:16:5c:83:b9:b0:
bb:cf:7d:7a:d9:88:74:22:5e:cf:ab:c9:5a:3f:7b:cf:73:3a:
f5:45:6a:b5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZNiVOC1qW6+LRAizRuqjbFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMDJjZGMyOWZkY2EwOWU5YTBmM2Y3ZDIxMTNkYTg1YTdl
MWQ2NTQwHhcNMjQxMTI1MDc1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTA3YzBkMDI0MzlkMTdmODUwMGU4YzU2M2MwYTlhZmZhZGVjZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+JIiCCARKZdi0orC+eRnS8uASIp
Hvkr/nSt0H0uPKzRo/o2f8Q4eoJGNRyKR/SRR41qv2uGlRZYbwW+Vfk0pLue1hh4
IkzHId+a7JVlcffIUEqbK+UCJuHjsLPsLoZCeh8h4tSo27VLjQ/zz9VU2N3z2PiI
pg16JH0T5U3nwij2MJLE+yAqAhRXYh1NxWhk9Jogr2FHexhp0jHMVq6PfTZawvGk
9VB5nfz2t2qCbFOSaTX0hHjz8FjYyh+GuRf/Vkt3Hp4lzpKXvjN/0+VHWO77XZOQ
aTTZmLl+rii/B1FBQGWvbeUYZnqK3TzWuV5nXxtlxlUIEztTB6joUYTKEwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFEHwNAkOdF/hQDoxWPAqa/63s0xMB8GA1UdIwQY
MBaAFHMCzcKf3KCemg8/fSET2oWn4dZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjIt
ZmUwMzMzZWQwMDVmLzEvVVFmQTBDUTUwWC1GQU9qRlk4Q3ByX3JlelRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83NzIxN2QtODE0Yi00ODZhLThlZjItZmUwMzMzZWQwMDVm
LzEvY3dMTndwX2NvSjZhRHo5OUlSUGFoYWZoMWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFTd+AAwQD
TijgAwQEW7+gAwQDXbvIAwQAuVBIAwQFw/QgMBQEAgACMA4DBQAqAarAAwUDKgq+
gDANBgkqhkiG9w0BAQsFAAOCAQEAR/mBF4v4z7RxHsbUkOZ1UA4fQ2G/6RywN6qz
3JgksfGfopMozUeZkqGaehVMmQIRTMc+WgEcZW4/0DtTPAxk02jD84U53pFeTRXi
eZAoq2Erx6bLcRAM9O51PZBvGxH6MxgHO1M5MzLo/sVPzpAlLMxDmUMYnoxSVhgP
zrXMHANwsIOPZ5ns0sbQ5rxwqkrTlhse+3yIaNoTfOKyY6nYtoJ8jsKDDYdmB/v9
+sDswM3wH4mv6nBOnndOpNxJo4X4sg/U3YTZkws9/CpLAmSqcNW33AJ0atzTsdsB
ar7/UBdKOxghcxZcg7mwu899etmIdCJez6vJWj97z3M69UVqtQ==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:41 2024 by rpki-client on console.sobornost.net