Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/OwkF38XtxQO4sdm430TK1GEvh-8.roa
File: OwkF38XtxQO4sdm430TK1GEvh-8.roa (raw, json)
Hash identifier: 2OpF0pyJABXKLHMdCeiiHzMH+pttyJE4neKE4JJoGXE=
Subject key identifier: 3B:09:05:DF:C5:ED:C5:03:B8:B1:D9:B8:DF:44:CA:D4:61:2F:87:EF
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 019229384EDE431A34E97F67C697AD34257E
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/OwkF38XtxQO4sdm430TK1GEvh-8.roa
Signing time: Wed 25 Sep 2024 12:46:49 +0000
ROA not before: Wed 25 Sep 2024 12:46:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 45.81.212.0/22 maxlen: 22
77.81.49.0/24 maxlen: 24
83.172.137.0/24 maxlen: 24
83.172.142.0/23 maxlen: 23
83.172.149.0/24 maxlen: 24
83.172.152.0/24 maxlen: 24
83.172.154.0/23 maxlen: 23
83.172.156.0/23 maxlen: 23
83.172.158.0/24 maxlen: 24
83.172.166.0/23 maxlen: 23
83.172.168.0/24 maxlen: 24
83.172.170.0/23 maxlen: 23
83.172.184.0/23 maxlen: 23
83.172.187.0/24 maxlen: 24
83.172.190.0/24 maxlen: 24
83.172.191.0/24 maxlen: 24
89.37.107.0/24 maxlen: 24
93.114.176.0/22 maxlen: 22
94.177.28.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
130.93.0.0/17 maxlen: 17
130.93.128.0/18 maxlen: 22
185.9.248.0/22 maxlen: 22
185.12.0.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
185.122.160.0/22 maxlen: 22
185.133.128.0/22 maxlen: 22
185.137.72.0/22 maxlen: 22
185.153.172.0/22 maxlen: 22
193.84.89.0/24 maxlen: 24
195.68.224.0/22 maxlen: 22
2a02:ec00::/29 maxlen: 29
2a0e:4180::/29 maxlen: 29
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:38:4e:de:43:1a:34:e9:7f:67:c6:97:ad:34:25:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Sep 25 12:46:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b0905dfc5edc503b8b1d9b8df44cad4612f87ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:41:6e:f4:c1:63:fd:bc:5b:89:31:06:b4:91:
78:a9:ae:16:86:73:1a:bf:5d:38:a7:0d:e2:7f:7f:
44:d5:4f:0a:2b:93:0c:84:f8:57:3b:b6:61:b2:51:
34:bb:ae:8f:93:40:b4:ac:fa:74:13:8e:01:2e:97:
89:99:98:82:40:89:9e:5a:e7:c3:b6:c8:3a:1a:c7:
c1:28:6b:7d:5c:31:61:32:f3:ea:6f:f8:57:7d:61:
70:a6:ab:1f:62:9c:9a:fb:82:84:8e:70:bc:a4:cb:
9b:df:30:8a:c7:4e:75:73:8f:eb:ad:12:ca:2b:86:
a9:33:eb:77:98:31:7c:f5:e3:b1:c4:c3:d3:c3:62:
7e:8a:e2:e1:81:9b:55:b0:36:d5:5b:9c:d4:24:53:
d1:93:7c:5c:40:c1:3d:7e:13:98:14:6b:7e:c6:49:
e4:ee:32:f9:a8:27:58:23:16:3d:6d:51:d0:c5:92:
9a:a0:81:3b:ba:ec:21:05:0b:51:5b:04:38:62:fc:
74:7f:5c:8c:96:c1:bc:1a:a2:fe:d8:53:1c:f8:d5:
4a:7a:e9:89:4e:6a:26:7b:c7:19:b3:e5:a4:6d:ed:
ef:6d:de:5e:85:8f:40:bd:46:f4:82:07:ee:ea:22:
b7:64:3a:64:78:92:fd:8c:c4:9d:86:0b:71:eb:8a:
a4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:09:05:DF:C5:ED:C5:03:B8:B1:D9:B8:DF:44:CA:D4:61:2F:87:EF
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/OwkF38XtxQO4sdm430TK1GEvh-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.212.0/22
77.81.49.0/24
83.172.137.0/24
83.172.142.0/23
83.172.149.0/24
83.172.152.0/24
83.172.154.0-83.172.158.255
83.172.166.0-83.172.168.255
83.172.170.0/23
83.172.184.0/23
83.172.187.0/24
83.172.190.0/23
89.37.107.0/24
93.114.176.0/22
94.177.28.0/24
94.177.144.0/24
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
185.153.172.0/22
193.84.89.0/24
195.68.224.0/22
IPv6:
2a02:ec00::/29
2a0e:4180::/29
Signature Algorithm: sha256WithRSAEncryption
5e:57:d7:f6:91:d2:b4:55:8e:cd:57:cc:0c:5e:01:16:cd:9b:
8f:1c:9d:9b:aa:7b:1b:06:47:6e:7d:fd:cf:55:f4:2b:53:e1:
65:6f:c5:11:07:49:fc:76:eb:7a:c9:09:11:d6:bf:23:20:ac:
fa:0d:56:9e:4e:6a:66:ef:c2:b9:cb:fb:2a:13:ef:2e:d2:0f:
b6:72:61:ff:63:db:34:23:b8:0b:bb:ba:d8:c1:d5:10:53:77:
3a:44:f9:8e:4d:62:f0:fa:20:0d:1c:c1:ce:bf:63:0e:96:5d:
68:40:69:a7:4f:92:5e:c9:6c:84:68:4f:d1:a6:84:57:5a:a6:
7e:da:8d:4b:ab:aa:59:2a:de:da:f7:c2:57:ef:a2:87:5a:9a:
83:67:fe:65:0b:8a:c4:6d:c5:f8:40:25:ce:eb:b0:14:05:fd:
12:f3:fe:02:c0:f7:8a:d2:bf:99:ad:33:b9:97:f6:29:cf:09:
a5:d1:9f:2b:87:76:15:be:b6:6e:45:a8:ee:ba:00:53:fe:ec:
85:44:71:99:c1:9e:56:1f:61:80:f9:35:ab:d7:b4:11:ae:3b:
2a:cf:c4:bc:7f:63:8a:a4:da:8a:ac:92:2c:a1:c9:ab:17:6c:
b3:97:e7:24:cf:29:97:f8:10:cc:d0:44:30:d6:2f:3b:19:f3:
ee:06:7d:19
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAZIpOE7eQxo06X9nxpetNCV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw
NjcyMDgwHhcNMjQwOTI1MTI0NjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA5MDVkZmM1ZWRjNTAzYjhiMWQ5YjhkZjQ0Y2FkNDYxMmY4N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0Fu9MFj/bxbiTEGtJF4qa4WhnMa
v104pw3if39E1U8KK5MMhPhXO7ZhslE0u66Pk0C0rPp0E44BLpeJmZiCQImeWufD
tsg6GsfBKGt9XDFhMvPqb/hXfWFwpqsfYpya+4KEjnC8pMub3zCKx051c4/rrRLK
K4apM+t3mDF89eOxxMPTw2J+iuLhgZtVsDbVW5zUJFPRk3xcQME9fhOYFGt+xknk
7jL5qCdYIxY9bVHQxZKaoIE7uuwhBQtRWwQ4Yvx0f1yMlsG8GqL+2FMc+NVKeumJ
Tmome8cZs+Wkbe3vbd5ehY9AvUb0ggfu6iK3ZDpkeJL9jMSdhgtx64qkvQIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFDsJBd/F7cUDuLHZuN9EytRhL4fvMB8GA1UdIwQY
MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt
YmM1NGIxMjExYjYwLzEvT3drRjM4WHR4UU80c2RtNDMwVEsxR0V2aC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw
LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBugQCAAEwgbMDBAIt
UdQDBABNUTEDBABTrIkDBAFTrI4DBABTrJUDBABTrJgwDAMEAVOsmgMEAFOsnjAM
AwQBU6ymAwQAU6yoAwQBU6yqAwQBU6y4AwQAU6y7AwQBU6y+AwQAWSVrAwQCXXKw
AwQAXrEcAwQAXrGQMAsDAwCCXQMEBoJdgAMEArkJ+AMEArkMAAMEArl4sAMEArl6
oAMEArmFgAMEArmJSAMEArmZrAMEAMFUWQMEAsNE4DAUBAIAAjAOAwUDKgLsAAMF
AyoOQYAwDQYJKoZIhvcNAQELBQADggEBAF5X1/aR0rRVjs1XzAxeARbNm48cnZuq
exsGR259/c9V9CtT4WVvxREHSfx263rJCRHWvyMgrPoNVp5OambvwrnL+yoT7y7S
D7ZyYf9j2zQjuAu7utjB1RBTdzpE+Y5NYvD6IA0cwc6/Yw6WXWhAaadPkl7JbIRo
T9GmhFdapn7ajUurqlkq3tr3wlfvoodamoNn/mULisRtxfhAJc7rsBQF/RLz/gLA
94rSv5mtM7mX9inPCaXRnyuHdhW+tm5FqO66AFP+7IVEcZnBnlYfYYD5NavXtBGu
OyrPxLx/Y4qk2oqskiyhyasXbLOX5yTPKZf4EMzQRDDWLzsZ8+4GfRk=
-----END CERTIFICATE-----
Generated at Fri Sep 27 18:08:36 2024 by rpki-client on console.sobornost.net