Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/jF37wkyhPg8tP3Vsf2eZf13-S1c.roa
File: jF37wkyhPg8tP3Vsf2eZf13-S1c.roa (raw, json)
Hash identifier: lfDb66A1VPa2I+DyTA9AAw3BomAMsBjze8kl/c5B960=
Subject key identifier: 8C:5D:FB:C2:4C:A1:3E:0F:2D:3F:75:6C:7F:67:99:7F:5D:FE:4B:57
Certificate issuer: /CN=5c9f01985a3f410f92370d6600a14ee783b044e9
Certificate serial: 0177CD46
Authority key identifier: 5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/jF37wkyhPg8tP3Vsf2eZf13-S1c.roa
Signing time: Sat 01 Jan 2022 05:53:09 +0000
ROA not before: Sat 01 Jan 2022 05:53:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31242
IP address blocks: 84.205.176.0/22 maxlen: 24
89.25.128.0/17 maxlen: 24
84.205.186.0/24 maxlen: 24
84.205.187.0/24 maxlen: 24
119.12.28.0/22 maxlen: 24
93.179.192.0/18 maxlen: 24
193.106.244.0/22 maxlen: 24
31.172.176.0/20 maxlen: 24
213.179.72.0/22 maxlen: 24
85.14.64.0/18 maxlen: 24
188.117.128.0/18 maxlen: 24
194.150.96.0/22 maxlen: 24
91.90.176.0/20 maxlen: 24
195.242.69.0/24 maxlen: 24
2a00:13a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24628550 (0x177cd46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c9f01985a3f410f92370d6600a14ee783b044e9
Validity
Not Before: Jan 1 05:53:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c5dfbc24ca13e0f2d3f756c7f67997f5dfe4b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a0:02:e7:55:95:ee:c0:a0:a7:ba:88:a3:b5:
71:93:60:b9:7a:0e:7d:94:a0:7a:e7:e1:e3:bc:97:
d3:71:5c:60:72:eb:d7:f6:8b:6c:4a:08:9e:1e:e3:
40:f6:08:21:7b:55:9b:de:8a:cc:a0:2a:58:c9:96:
6c:44:e9:a5:bf:03:53:8a:c6:9e:50:d2:06:a7:c4:
0b:08:70:de:a9:ec:58:5a:fc:83:89:bf:af:d5:5b:
f3:21:cb:29:03:71:f5:b0:cd:74:fd:2d:65:aa:0c:
92:bf:6a:86:59:cb:4a:93:33:0d:c5:10:9b:23:a6:
fe:d5:1d:e0:9d:02:52:81:3f:33:3f:9c:14:6e:b3:
69:a0:fc:7c:14:2d:75:18:f4:b5:a2:63:ef:47:a8:
9a:63:85:00:2b:67:d9:c9:e8:27:57:45:42:24:fd:
87:cf:5e:8f:f1:59:29:13:1e:66:ce:9f:e2:80:c4:
52:e5:1e:a4:86:91:be:8e:42:1e:66:31:34:d1:49:
73:6e:23:dc:a2:e9:07:c3:07:4b:bd:f1:a8:d2:96:
7e:53:69:2d:9b:8e:4c:90:71:36:51:9f:e6:ec:a3:
ed:ee:b1:2e:6f:15:16:fe:41:1a:21:27:02:5e:08:
94:31:c1:35:19:94:39:5a:77:5e:02:59:dd:22:e6:
08:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:5D:FB:C2:4C:A1:3E:0F:2D:3F:75:6C:7F:67:99:7F:5D:FE:4B:57
X509v3 Authority Key Identifier:
keyid:5C:9F:01:98:5A:3F:41:0F:92:37:0D:66:00:A1:4E:E7:83:B0:44:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJ8BmFo_QQ-SNw1mAKFO54OwROk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/jF37wkyhPg8tP3Vsf2eZf13-S1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/79fb00-8d51-4712-929a-8cfb2e73f70d/1/XJ8BmFo_QQ-SNw1mAKFO54OwROk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.176.0/20
84.205.176.0/22
84.205.186.0/23
85.14.64.0/18
89.25.128.0/17
91.90.176.0/20
93.179.192.0/18
119.12.28.0/22
188.117.128.0/18
193.106.244.0/22
194.150.96.0/22
195.242.69.0/24
213.179.72.0/22
IPv6:
2a00:13a0::/32
Signature Algorithm: sha256WithRSAEncryption
96:81:2b:93:d7:a8:19:3d:d9:c3:88:74:f6:85:9f:d6:fd:52:
d3:35:fe:90:10:30:d7:6e:c1:b0:a7:1e:d7:6f:2b:12:c2:95:
95:ce:d3:8c:ef:d3:76:8e:60:ba:f4:75:37:52:dd:13:38:2b:
76:5b:73:df:92:be:d8:d9:88:e8:32:3a:b7:5f:e6:84:ef:fb:
6a:9b:1f:f5:cd:8f:2c:65:b9:e5:69:d5:78:b6:5b:71:5a:4f:
77:fc:2b:ff:93:c0:39:51:8d:10:9d:91:c5:d7:2a:f1:57:8b:
1a:81:c8:95:a6:e6:ff:b3:38:d2:29:54:01:1f:96:d2:0e:98:
18:97:8d:35:2e:5a:65:ec:9f:82:11:36:38:3e:31:b4:7a:bd:
4e:b6:64:62:24:41:6b:5b:07:55:da:e6:4a:c0:86:e8:f1:d0:
6e:a8:84:0c:c8:1c:f2:8b:71:76:2c:d8:86:6e:07:41:0e:e0:
26:19:30:9f:44:9c:cb:ee:ec:92:f8:6e:85:39:84:c8:a3:f6:
d2:05:79:22:0d:2f:d2:bd:1c:d3:95:02:17:67:96:80:a5:02:
0b:5c:c9:f3:25:92:f1:30:3e:d2:55:54:18:5e:cf:1f:78:63:
8a:46:f4:99:90:68:e1:dd:9f:1d:fe:e5:10:14:5a:73:4f:c4:
7d:fc:1a:b7
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIEAXfNRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzlmMDE5ODVhM2Y0MTBmOTIzNzBkNjYwMGExNGVlNzgzYjA0NGU5MB4XDTIyMDEw
MTA1NTMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGM1ZGZiYzI0Y2Ex
M2UwZjJkM2Y3NTZjN2Y2Nzk5N2Y1ZGZlNGI1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGgAudVle7AoKe6iKO1cZNguXoOfZSgeufh47yX03FcYHLr
1/aLbEoInh7jQPYIIXtVm96KzKAqWMmWbETppb8DU4rGnlDSBqfECwhw3qnsWFr8
g4m/r9Vb8yHLKQNx9bDNdP0tZaoMkr9qhlnLSpMzDcUQmyOm/tUd4J0CUoE/Mz+c
FG6zaaD8fBQtdRj0taJj70eommOFACtn2cnoJ1dFQiT9h89ej/FZKRMeZs6f4oDE
UuUepIaRvo5CHmYxNNFJc24j3KLpB8MHS73xqNKWflNpLZuOTJBxNlGf5uyj7e6x
Lm8VFv5BGiEnAl4IlDHBNRmUOVp3XgJZ3SLmCCUCAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBSMXfvCTKE+Dy0/dWx/Z5l/Xf5LVzAfBgNVHSMEGDAWgBRcnwGYWj9BD5I3
DWYAoU7ng7BE6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hKOEJtRm9fUVEtU053MW1BS0ZPNTRPd1JPay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvNzlmYjAwLThkNTEtNDcxMi05MjlhLThjZmIyZTczZjcwZC8x
L2pGMzd3a3loUGc4dFAzVnNmMmVaZjEzLVMxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
NzlmYjAwLThkNTEtNDcxMi05MjlhLThjZmIyZTczZjcwZC8xL1hKOEJtRm9fUVEt
U053MW1BS0ZPNTRPd1JPay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEBB+ssAMEAlTNsAMEAVTNugMEBlUO
QAMEB1kZgAMEBFtasAMEBl2zwAMEAncMHAMEBrx1gAMEAsFq9AMEAsKWYAMEAMPy
RQMEAtWzSDANBAIAAjAHAwUAKgAToDANBgkqhkiG9w0BAQsFAAOCAQEAloErk9eo
GT3Zw4h09oWf1v1S0zX+kBAw127BsKce128rEsKVlc7TjO/Tdo5guvR1N1LdEzgr
dltz35K+2NmI6DI6t1/mhO/7apsf9c2PLGW55WnVeLZbcVpPd/wr/5PAOVGNEJ2R
xdcq8VeLGoHIlabm/7M40ilUAR+W0g6YGJeNNS5aZeyfghE2OD4xtHq9TrZkYiRB
a1sHVdrmSsCG6PHQbqiEDMgc8otxdizYhm4HQQ7gJhkwn0Scy+7skvhuhTmEyKP2
0gV5Ig0v0r0c05UCF2eWgKUCC1zJ8yWS8TA+0lVUGF7PH3hjikb0mZBo4d2fHf7l
EBRac0/Effwatw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:28 2023 by rpki-client on console.sobornost.net