Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/D4z8llGEjShYSFZXk6F7fToPdN8.roa
File: D4z8llGEjShYSFZXk6F7fToPdN8.roa (raw, json)
Hash identifier: h3dCFoxkimlansk7Vsvy3KSMAezR+k9gtJHN5Ch0GAQ=
Subject key identifier: 0F:8C:FC:96:51:84:8D:28:58:48:56:57:93:A1:7B:7D:3A:0F:74:DF
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 0193BF8685D41C9E7F276873ED8FAC2D4840
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/D4z8llGEjShYSFZXk6F7fToPdN8.roa
Signing time: Fri 13 Dec 2024 10:18:04 +0000
ROA not before: Fri 13 Dec 2024 10:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211261
IP address blocks: 5.253.156.0/24 maxlen: 24
5.253.157.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
91.210.126.0/24 maxlen: 24
185.146.67.0/24 maxlen: 24
185.210.192.0/24 maxlen: 24
185.210.193.0/24 maxlen: 24
185.210.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:86:85:d4:1c:9e:7f:27:68:73:ed:8f:ac:2d:48:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 13 10:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f8cfc9651848d285848565793a17b7d3a0f74df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:46:10:e5:75:35:81:a6:54:ea:1a:18:b0:
e6:5b:d0:2e:6d:51:03:be:fa:b6:ca:b0:38:ff:85:
40:83:35:08:d4:de:16:73:fa:d1:60:7f:16:b9:5d:
a5:66:7f:85:8b:82:50:e9:9f:13:e6:cc:38:ca:f2:
29:e0:2b:c3:c2:a0:9a:1b:72:12:82:60:ba:fb:91:
2c:ba:c6:3c:a1:be:3c:07:f1:a8:9c:1a:47:96:90:
27:27:6f:38:8d:26:a8:32:cc:48:70:2c:e9:5f:be:
b7:d2:bf:10:f2:60:bc:7e:1c:cd:55:cd:00:51:ee:
a7:86:fa:ce:b3:ab:7e:63:c1:8c:2c:59:9c:28:84:
71:0b:52:2e:4c:24:b7:61:2b:f2:bf:e4:4a:a3:ac:
7f:9f:de:9c:4c:5a:1a:19:f3:e0:6f:eb:79:b6:bf:
ba:cf:27:70:b0:1c:ec:ee:65:4d:25:00:8d:42:12:
0c:28:44:00:6f:2e:de:04:8b:e3:0e:74:1a:d0:b3:
b4:2c:35:44:11:17:b7:a0:a9:76:3c:be:c8:d9:9e:
b1:9a:27:6b:13:87:13:da:03:4c:69:90:63:7d:d6:
c3:da:80:03:b3:9c:2f:6a:78:c9:66:e9:23:97:40:
1b:ab:49:d7:18:c8:d0:2b:c1:64:3a:14:a9:16:bb:
c1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8C:FC:96:51:84:8D:28:58:48:56:57:93:A1:7B:7D:3A:0F:74:DF
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/D4z8llGEjShYSFZXk6F7fToPdN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.156.0/23
5.253.159.0/24
91.210.126.0/24
185.146.67.0/24
185.210.192.0/23
185.210.195.0/24
Signature Algorithm: sha256WithRSAEncryption
63:cd:19:94:44:28:8a:bc:10:b5:c1:f5:52:32:95:bd:07:97:
00:5b:58:35:5d:60:b9:6a:51:a2:8c:6a:b7:2c:d7:63:00:34:
c0:e4:48:8f:99:47:62:c9:98:31:cc:07:53:6f:40:d0:e7:b6:
a7:17:c6:86:53:2c:68:a1:c0:86:8b:0e:a9:13:36:21:62:83:
96:97:94:52:34:b1:ff:b0:c0:5e:44:df:a3:bf:14:a9:68:37:
99:ae:3f:84:e3:5f:f0:27:5b:b8:4e:85:42:69:e5:04:66:66:
40:4b:9f:a3:6d:37:be:6c:b0:f0:10:62:6f:cc:e4:14:d2:06:
a8:b5:c9:95:29:35:5b:88:36:6c:a8:1c:e7:99:59:d5:a5:84:
1a:93:fe:2a:c4:5a:50:20:e2:45:36:5b:e6:df:b9:77:55:07:
c7:5a:01:97:85:2c:83:b3:78:6c:f0:65:e5:20:8b:89:78:a5:
f9:8c:46:81:44:7f:83:19:09:bb:9d:9d:02:3c:c6:8a:07:88:
d0:04:4e:bc:e2:d8:19:eb:76:f9:c1:a8:ac:4e:11:08:93:f5:
91:a3:9f:c6:b5:d5:10:4e:f6:d2:d5:5d:0a:74:f9:42:74:4b:
b0:69:c2:11:2c:15:92:b4:3c:15:3b:7c:d0:47:05:1b:03:7f:
60:a7:f7:fc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZO/hoXUHJ5/J2hz7Y+sLUhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjQxMjEzMTAxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhjZmM5NjUxODQ4ZDI4NTg0ODU2NTc5M2ExN2I3ZDNhMGY3NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtalGEOV1NYGmVOoaGLDmW9AubVED
vvq2yrA4/4VAgzUI1N4Wc/rRYH8WuV2lZn+Fi4JQ6Z8T5sw4yvIp4CvDwqCaG3IS
gmC6+5EsusY8ob48B/GonBpHlpAnJ284jSaoMsxIcCzpX7630r8Q8mC8fhzNVc0A
Ue6nhvrOs6t+Y8GMLFmcKIRxC1IuTCS3YSvyv+RKo6x/n96cTFoaGfPgb+t5tr+6
zydwsBzs7mVNJQCNQhIMKEQAby7eBIvjDnQa0LO0LDVEERe3oKl2PL7I2Z6xmidr
E4cT2gNMaZBjfdbD2oADs5wvanjJZukjl0Abq0nXGMjQK8FkOhSpFrvBtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA+M/JZRhI0oWEhWV5Ohe306D3TfMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvRDR6OGxsR0VqU2hZU0ZaWGs2RjdmVG9QZE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBf2cAwQA
Bf2fAwQAW9J+AwQAuZJDAwQBudLAAwQAudLDMA0GCSqGSIb3DQEBCwUAA4IBAQBj
zRmURCiKvBC1wfVSMpW9B5cAW1g1XWC5alGijGq3LNdjADTA5EiPmUdiyZgxzAdT
b0DQ57anF8aGUyxoocCGiw6pEzYhYoOWl5RSNLH/sMBeRN+jvxSpaDeZrj+E41/w
J1u4ToVCaeUEZmZAS5+jbTe+bLDwEGJvzOQU0gaotcmVKTVbiDZsqBznmVnVpYQa
k/4qxFpQIOJFNlvm37l3VQfHWgGXhSyDs3hs8GXlIIuJeKX5jEaBRH+DGQm7nZ0C
PMaKB4jQBE684tgZ63b5waisThEIk/WRo5/GtdUQTvbS1V0KdPlCdEuwacIRLBWS
tDwVO3zQRwUbA39gp/f8
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:42 2024 by rpki-client on console.sobornost.net