Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/FlLUDtJLemuN_BKbJN1fJcTs1uc.roa
File: FlLUDtJLemuN_BKbJN1fJcTs1uc.roa (raw, json)
Hash identifier: 3dx+bvVn8Sv+QH7LBpP0VRkLuWwRZFyVuuQwWb9qaTw=
Subject key identifier: 16:52:D4:0E:D2:4B:7A:6B:8D:FC:12:9B:24:DD:5F:25:C4:EC:D6:E7
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0194612D61775048D33E820E53DFF64A1773
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/FlLUDtJLemuN_BKbJN1fJcTs1uc.roa
Signing time: Mon 13 Jan 2025 19:39:11 +0000
ROA not before: Mon 13 Jan 2025 19:39:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
31.44.46.0/23 maxlen: 23
45.143.158.0/23 maxlen: 24
46.21.16.0/24 maxlen: 24
46.21.29.0/24 maxlen: 24
77.220.64.0/19 maxlen: 19
193.221.216.0/23 maxlen: 23
193.222.104.0/23 maxlen: 24
193.222.105.0/24 maxlen: 24
2a0f:e880::/29 maxlen: 29
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:2d:61:77:50:48:d3:3e:82:0e:53:df:f6:4a:17:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 13 19:39:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1652d40ed24b7a6b8dfc129b24dd5f25c4ecd6e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:86:fe:d8:4e:2a:1d:17:15:b7:06:af:21:da:
ea:da:41:50:51:35:4a:30:45:68:37:21:bf:13:da:
6d:70:a1:ae:c4:85:c8:03:d0:11:69:23:89:d3:a4:
fb:74:86:55:22:e8:5f:f9:03:44:f9:1d:0e:17:a7:
7b:28:bb:db:75:41:30:a9:ad:44:7e:93:f6:2a:da:
3f:16:ee:f2:48:ae:1d:a9:13:ea:af:7a:04:39:c4:
e9:f8:b1:f4:8a:72:e1:9a:fe:66:34:b0:69:8d:6a:
73:b1:e7:fa:b2:62:b1:ce:b4:c3:ac:0d:ba:ec:a7:
2f:66:7e:8b:89:c7:eb:af:2d:da:8c:9e:72:d5:a4:
a4:05:1d:84:38:60:e9:e0:d7:57:a3:a3:4a:af:ad:
cf:22:8a:38:ff:23:c4:3c:83:63:37:c3:3a:6b:64:
f4:8b:31:ce:af:56:e3:be:b4:b4:97:10:d7:c8:9a:
25:00:ec:eb:0b:0e:c6:c8:40:78:e9:47:d5:7f:8b:
99:2b:9d:00:ab:93:65:60:b6:ec:db:93:f6:07:2f:
12:c9:53:ce:75:76:fa:86:8b:14:fb:ad:b6:d2:61:
11:8a:72:43:ee:7e:7b:7f:ac:f2:38:16:78:0d:dc:
0c:7c:61:02:e7:3f:26:27:23:88:9a:f3:01:92:df:
36:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:52:D4:0E:D2:4B:7A:6B:8D:FC:12:9B:24:DD:5F:25:C4:EC:D6:E7
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/FlLUDtJLemuN_BKbJN1fJcTs1uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
45.143.158.0/23
46.21.16.0/24
46.21.29.0/24
77.220.64.0/19
193.221.216.0/23
193.222.104.0/23
IPv6:
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
12:89:c5:8f:5a:c2:3c:2d:04:54:4b:d9:2e:ab:d8:e9:0b:97:
c4:03:a2:0b:17:19:51:26:e0:78:24:0b:d8:6a:8a:2b:f8:65:
db:f5:83:39:2c:94:0f:fd:83:2d:5c:44:dc:cc:43:75:f0:06:
fe:a4:85:08:10:b9:e8:f8:dd:f8:cd:2f:10:c3:4b:e6:82:b5:
2c:84:dd:52:de:e1:eb:63:22:78:c8:58:c2:04:a5:8c:15:9a:
27:81:52:7d:b4:f2:fa:94:ef:ff:ec:e5:01:a7:db:37:cb:e4:
5f:01:a9:6d:df:7f:9f:16:69:ea:a6:b6:19:dc:69:d5:1a:bc:
c8:46:3e:50:67:9b:6c:dd:a6:8e:6d:39:49:37:a4:ef:29:17:
67:70:fa:db:5c:3c:df:12:2d:7c:68:3f:7c:b3:5d:cf:38:e3:
70:8c:3f:25:da:e4:9c:b1:0b:ca:97:86:4e:04:ec:84:2d:2f:
29:4b:af:d3:a9:4d:10:8c:43:8c:fd:78:fe:61:64:8d:78:88:
9e:e0:13:41:a4:90:16:4a:b2:40:34:17:fd:b4:38:d2:15:64:
a8:1d:65:13:ba:06:0b:76:ca:61:37:02:1a:44:f6:a2:3f:9f:
f3:fb:6e:3a:e7:f5:0a:53:6c:93:8a:19:20:91:f8:9b:b8:a3:
55:df:8a:81
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZRhLWF3UEjTPoIOU9/2ShdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjUwMTEzMTkzOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUyZDQwZWQyNGI3YTZiOGRmYzEyOWIyNGRkNWYyNWM0ZWNkNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4b+2E4qHRcVtwavIdrq2kFQUTVK
MEVoNyG/E9ptcKGuxIXIA9ARaSOJ06T7dIZVIuhf+QNE+R0OF6d7KLvbdUEwqa1E
fpP2Kto/Fu7ySK4dqRPqr3oEOcTp+LH0inLhmv5mNLBpjWpzsef6smKxzrTDrA26
7KcvZn6Licfrry3ajJ5y1aSkBR2EOGDp4NdXo6NKr63PIoo4/yPEPINjN8M6a2T0
izHOr1bjvrS0lxDXyJolAOzrCw7GyEB46UfVf4uZK50Aq5NlYLbs25P2By8SyVPO
dXb6hosU+6220mERinJD7n57f6zyOBZ4DdwMfGEC5z8mJyOImvMBkt82MQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBZS1A7SS3prjfwSmyTdXyXE7NbnMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvRmxMVUR0SkxlbXVOX0JLYkpOMWZKY1RzMXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEHywgAwQB
LY+eAwQALhUQAwQALhUdAwQFTdxAAwQBwd3YAwQBwd5oMA0EAgACMAcDBQMqD+iA
MA0GCSqGSIb3DQEBCwUAA4IBAQASicWPWsI8LQRUS9kuq9jpC5fEA6ILFxlRJuB4
JAvYaoor+GXb9YM5LJQP/YMtXETczEN18Ab+pIUIELno+N34zS8Qw0vmgrUshN1S
3uHrYyJ4yFjCBKWMFZongVJ9tPL6lO//7OUBp9s3y+RfAalt33+fFmnqprYZ3GnV
GrzIRj5QZ5ts3aaObTlJN6TvKRdncPrbXDzfEi18aD98s13POONwjD8l2uScsQvK
l4ZOBOyELS8pS6/TqU0QjEOM/Xj+YWSNeIie4BNBpJAWSrJANBf9tDjSFWSoHWUT
ugYLdsphNwIaRPaiP5/z+2465/UKU2yTihkgkfibuKNV34qB
-----END CERTIFICATE-----
Generated at Tue Mar 25 14:43:54 2025 by rpki-client on console.sobornost.net