Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/_BoN0i3vn1zaij8Ztduvu4IgIzc.roa
File: _BoN0i3vn1zaij8Ztduvu4IgIzc.roa (raw, json)
Hash identifier: CzJPS//UlFqRaZDsWcMLlFH2P4/Ll3MqcpKVnRmiKlM=
Subject key identifier: FC:1A:0D:D2:2D:EF:9F:5C:DA:8A:3F:19:B5:DB:AF:BB:82:20:23:37
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 019355AAFF9C8C03DC0133C0C95A53191047
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/_BoN0i3vn1zaij8Ztduvu4IgIzc.roa
Signing time: Fri 22 Nov 2024 20:58:10 +0000
ROA not before: Fri 22 Nov 2024 20:58:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
31.44.46.0/23 maxlen: 23
46.21.29.0/24 maxlen: 24
77.220.64.0/19 maxlen: 19
193.221.216.0/23 maxlen: 23
193.222.104.0/23 maxlen: 24
2a0f:e880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:aa:ff:9c:8c:03:dc:01:33:c0:c9:5a:53:19:10:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Nov 22 20:58:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc1a0dd22def9f5cda8a3f19b5dbafbb82202337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a4:a0:bd:64:1a:27:3f:17:08:ee:66:a2:62:
01:0e:c7:59:b0:50:5b:df:4d:f5:42:88:57:32:63:
e1:04:89:03:a3:a9:f7:d0:31:7c:ae:83:a2:20:c4:
10:07:af:45:11:e7:1b:73:1f:fb:a5:c5:09:4b:4e:
64:fd:d9:48:d7:03:14:16:26:4c:92:ce:0d:81:5b:
68:f6:31:b0:7e:cd:35:b1:ce:1c:e3:df:34:8a:89:
c7:0b:be:77:ed:9c:5c:4f:cf:e4:da:76:89:21:e3:
02:4b:f1:3c:3f:fd:3b:c6:2c:3f:38:ab:fa:a8:b8:
d6:c1:8b:2f:55:b6:52:c9:b9:0a:e3:f0:81:a0:40:
51:b2:fe:5d:d9:5c:7f:fc:7d:0d:80:4a:c9:1a:be:
04:a2:c9:1f:76:f5:95:34:a9:ff:c4:7f:31:5c:49:
41:d8:70:06:62:20:e1:56:fb:ac:dc:9e:63:fa:f5:
9d:ac:2f:b6:9d:21:7e:3a:81:a9:21:33:49:13:79:
c0:85:1a:c2:fa:e8:cf:00:78:f5:2e:4b:d7:d8:fa:
ae:e9:e7:be:c1:9a:1d:c9:d5:50:32:e9:2f:12:fa:
41:c3:1f:f2:9e:f1:ea:2d:46:a5:a4:03:de:55:58:
14:f8:a4:73:bf:ab:71:ef:4c:cc:6b:74:6b:7c:f3:
bf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:1A:0D:D2:2D:EF:9F:5C:DA:8A:3F:19:B5:DB:AF:BB:82:20:23:37
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/_BoN0i3vn1zaij8Ztduvu4IgIzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.29.0/24
77.220.64.0/19
193.221.216.0/23
193.222.104.0/23
IPv6:
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
3f:34:c8:83:83:7a:dc:e1:91:6b:3b:12:86:93:44:37:b9:1c:
a8:20:b7:c9:4c:25:3e:f6:16:a1:3f:30:06:57:20:05:30:18:
cc:fc:5b:ae:bc:a3:92:e2:c0:dc:b8:4a:a6:e7:52:78:95:c2:
9b:51:27:1b:6d:30:53:fe:64:49:da:77:eb:68:6f:6e:dd:fd:
ca:ff:be:91:6e:1e:3f:cf:de:1d:de:63:74:d6:08:18:68:14:
1e:2c:83:bb:06:a7:35:9e:4f:dd:07:6e:4c:8b:89:fb:4c:7b:
43:7c:72:e3:8f:28:a2:11:71:93:b1:3d:b0:70:66:dc:ca:f9:
f1:75:9d:0e:f1:12:0d:88:e7:fd:b6:d6:6b:75:94:d4:2c:66:
d3:3d:3c:9f:e2:7a:59:bd:af:34:b4:12:89:a1:63:2a:e5:15:
8a:70:7f:95:db:2e:f7:76:bd:33:10:7d:f4:2e:98:50:8c:5c:
cb:de:26:fe:1c:3f:ce:82:af:72:f3:26:b5:b6:07:b4:56:7d:
bd:a7:9c:25:5e:cd:ab:a1:ee:02:72:a6:8b:b0:35:0f:50:98:
3d:77:3d:bd:ab:7e:84:7b:92:72:fc:39:0e:f5:30:54:99:7a:
38:9f:1b:06:f5:12:1d:74:86:61:24:a4:36:51:59:08:63:9a:
3f:65:29:a3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZNVqv+cjAPcATPAyVpTGRBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQxMTIyMjA1ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzFhMGRkMjJkZWY5ZjVjZGE4YTNmMTliNWRiYWZiYjgyMjAyMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqSgvWQaJz8XCO5momIBDsdZsFBb
3031QohXMmPhBIkDo6n30DF8roOiIMQQB69FEecbcx/7pcUJS05k/dlI1wMUFiZM
ks4NgVto9jGwfs01sc4c4980ionHC7537ZxcT8/k2naJIeMCS/E8P/07xiw/OKv6
qLjWwYsvVbZSybkK4/CBoEBRsv5d2Vx//H0NgErJGr4EoskfdvWVNKn/xH8xXElB
2HAGYiDhVvus3J5j+vWdrC+2nSF+OoGpITNJE3nAhRrC+ujPAHj1LkvX2Pqu6ee+
wZodydVQMukvEvpBwx/ynvHqLUalpAPeVVgU+KRzv6tx70zMa3RrfPO/SwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPwaDdIt759c2oo/GbXbr7uCICM3MB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvX0JvTjBpM3ZuMXphaWo4WnRkdXZ1NElnSXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEHywgAwQA
LhUdAwQFTdxAAwQBwd3YAwQBwd5oMA0EAgACMAcDBQMqD+iAMA0GCSqGSIb3DQEB
CwUAA4IBAQA/NMiDg3rc4ZFrOxKGk0Q3uRyoILfJTCU+9hahPzAGVyAFMBjM/Fuu
vKOS4sDcuEqm51J4lcKbUScbbTBT/mRJ2nfraG9u3f3K/76Rbh4/z94d3mN01ggY
aBQeLIO7Bqc1nk/dB25Mi4n7THtDfHLjjyiiEXGTsT2wcGbcyvnxdZ0O8RINiOf9
ttZrdZTULGbTPTyf4npZva80tBKJoWMq5RWKcH+V2y73dr0zEH30LphQjFzL3ib+
HD/Ogq9y8ya1tge0Vn29p5wlXs2roe4CcqaLsDUPUJg9dz29q36Ee5Jy/DkO9TBU
mXo4nxsG9RIddIZhJKQ2UVkIY5o/ZSmj
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:44 2024 by rpki-client on console.sobornost.net