Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/DYUp6E0HVXfnNxEzgeJ-YWen6d8.roa
File: DYUp6E0HVXfnNxEzgeJ-YWen6d8.roa (raw, json)
Hash identifier: 1sZ0088pI800QMJbBTdSIfVnvgbqcuWP2u5wHDpQP00=
Subject key identifier: 0D:85:29:E8:4D:07:55:77:E7:37:11:33:81:E2:7E:61:67:A7:E9:DF
Certificate issuer: /CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Certificate serial: 018CC4933C2BCC7C98F910F89ED734175EAB
Authority key identifier: 26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/DYUp6E0HVXfnNxEzgeJ-YWen6d8.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21415
IP address blocks: 178.169.142.0/24 maxlen: 24
178.169.143.0/24 maxlen: 24
109.121.255.0/24 maxlen: 24
109.121.254.0/24 maxlen: 24
178.169.165.0/24 maxlen: 24
178.169.162.0/24 maxlen: 24
178.169.169.0/24 maxlen: 24
109.121.192.0/24 maxlen: 24
109.121.203.0/24 maxlen: 24
109.121.202.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3c:2b:cc:7c:98:f9:10:f8:9e:d7:34:17:5e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d8529e84d075577e737113381e27e6167a7e9df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b3:5d:11:fd:d2:9c:b2:65:5d:3f:f1:62:85:
9e:27:d4:b3:01:34:c0:8d:91:01:3c:9e:f9:94:98:
06:fc:9a:fd:5d:e1:4e:d3:f6:ec:df:38:31:27:8e:
e8:27:bd:cc:29:a5:aa:9f:5f:c7:9f:19:f2:c2:df:
d7:2b:12:76:2c:b8:61:ef:b5:de:9e:66:14:11:8a:
ad:1f:c3:73:8c:1d:2b:10:2a:0b:fb:a5:e5:2d:b0:
27:d5:45:07:68:c4:5b:4b:e2:35:42:bf:19:16:63:
9e:d4:aa:1d:f5:6e:61:89:20:40:46:5d:1e:57:33:
f0:63:29:ce:a4:17:5c:c9:3d:fa:d4:1e:d7:43:ab:
e2:19:a1:58:94:28:48:73:df:06:60:83:4d:31:78:
84:5f:74:b4:b7:c4:65:30:f4:af:35:de:fb:3f:09:
66:17:44:ed:a3:9b:a7:e4:48:02:2a:3b:80:e9:92:
48:d5:c9:56:b9:a9:57:6d:7f:80:ae:f9:5f:9b:6d:
fd:32:e2:2a:06:05:9f:89:f1:5a:18:aa:28:cb:69:
0e:f0:a5:94:15:04:5d:86:6b:22:54:c7:fd:2d:e7:
49:b4:ae:29:3a:f3:1c:9c:88:b1:df:74:18:29:fd:
f2:99:f5:71:b2:c6:6c:15:50:9b:f1:9b:8e:aa:f9:
c2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:85:29:E8:4D:07:55:77:E7:37:11:33:81:E2:7E:61:67:A7:E9:DF
X509v3 Authority Key Identifier:
keyid:26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/DYUp6E0HVXfnNxEzgeJ-YWen6d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/JrvteI4p-EBrK9yN3e631OxLgz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.192.0/24
109.121.202.0/23
109.121.254.0/23
178.169.142.0/23
178.169.162.0/24
178.169.165.0/24
178.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:14:4a:49:7c:49:57:36:c3:5c:2d:ae:5c:02:b4:eb:aa:0a:
a8:eb:e1:55:46:52:b0:ec:31:4d:4e:21:f0:03:5b:ce:be:db:
1f:ec:2c:e8:fa:83:de:8b:26:fb:0e:08:72:a1:7d:0b:e0:34:
a2:39:35:52:25:27:e7:e4:3a:72:3f:b4:fa:f0:8e:e2:06:8c:
33:17:33:dd:73:bc:7f:c2:59:3c:00:2a:c5:5d:bf:c9:35:94:
32:cd:c9:7d:ba:04:05:d8:e0:8c:fa:a2:fa:7e:94:ef:f2:c4:
4e:e0:78:18:27:4a:51:44:f9:c2:a0:ba:9d:1a:8f:bd:a6:46:
60:ef:5f:0f:4e:5b:e8:b9:bf:ad:84:97:5e:30:66:a7:c3:17:
30:3f:e1:c4:d1:d4:22:24:0d:24:54:fe:5c:0e:dd:b6:16:69:
b1:89:fb:44:fd:ef:1b:a5:09:74:84:09:ef:da:ef:c9:4b:af:
7b:90:ad:30:40:09:a3:e6:f5:5b:9d:76:4a:b2:94:57:f9:89:
85:dc:46:0b:45:9d:15:51:4d:b9:ff:a3:29:53:e7:ee:48:e4:
05:48:4e:94:54:02:b8:ab:50:fb:e5:55:9a:27:c9:fe:f3:6d:
87:83:1f:5c:c7:9d:63:7f:1c:fa:1c:c4:b9:45:cd:c3:30:d5:
f6:c5:db:df
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzEkzwrzHyY+RD4ntc0F16rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmJlZDc4OGUyOWY4NDA2YjJiZGM4ZGRkZWViN2Q0ZWM0
YjgzM2UwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDg1MjllODRkMDc1NTc3ZTczNzExMzM4MWUyN2U2MTY3YTdlOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrNdEf3SnLJlXT/xYoWeJ9SzATTA
jZEBPJ75lJgG/Jr9XeFO0/bs3zgxJ47oJ73MKaWqn1/Hnxnywt/XKxJ2LLhh77Xe
nmYUEYqtH8NzjB0rECoL+6XlLbAn1UUHaMRbS+I1Qr8ZFmOe1Kod9W5hiSBARl0e
VzPwYynOpBdcyT361B7XQ6viGaFYlChIc98GYINNMXiEX3S0t8RlMPSvNd77Pwlm
F0Tto5un5EgCKjuA6ZJI1clWualXbX+Arvlfm239MuIqBgWfifFaGKooy2kO8KWU
FQRdhmsiVMf9LedJtK4pOvMcnIix33QYKf3ymfVxssZsFVCb8ZuOqvnCFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA2FKehNB1V35zcRM4HifmFnp+nfMB8GA1UdIwQY
MBaAFCa77XiOKfhAayvcjd3ut9TsS4M+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnJ2dGVJNHAtRUJySzl5TjNlNjMxT3hMZ3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9iZDdhOTMtYzllNC00MmI2LWE1YzYt
ZDM1YzU0ZjE0ZGJlLzEvRFlVcDZFMEhWWGZuTnhFemdlSi1ZV2VuNmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9iZDdhOTMtYzllNC00MmI2LWE1YzYtZDM1YzU0ZjE0ZGJl
LzEvSnJ2dGVJNHAtRUJySzl5TjNlNjMxT3hMZ3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAbXnAAwQB
bXnKAwQBbXn+AwQBsqmOAwQAsqmiAwQAsqmlAwQAsqmpMA0GCSqGSIb3DQEBCwUA
A4IBAQA8FEpJfElXNsNcLa5cArTrqgqo6+FVRlKw7DFNTiHwA1vOvtsf7Czo+oPe
iyb7DghyoX0L4DSiOTVSJSfn5DpyP7T68I7iBowzFzPdc7x/wlk8ACrFXb/JNZQy
zcl9ugQF2OCM+qL6fpTv8sRO4HgYJ0pRRPnCoLqdGo+9pkZg718PTlvoub+thJde
MGanwxcwP+HE0dQiJA0kVP5cDt22FmmxiftE/e8bpQl0hAnv2u/JS697kK0wQAmj
5vVbnXZKspRX+YmF3EYLRZ0VUU25/6MpU+fuSOQFSE6UVAK4q1D75VWaJ8n+822H
gx9cx51jfxz6HMS5Rc3DMNX2xdvf
-----END CERTIFICATE-----
Generated at Sat Aug 10 19:11:15 2024 by rpki-client on console.sobornost.net