Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/idtF2fxjfia_STED-qJKULLH0vQ.roa
File: idtF2fxjfia_STED-qJKULLH0vQ.roa (raw, json)
Hash identifier: zuUEDxqaWlGYID3m3S4cBDWR6Or/yMSX330Sdhgc+WA=
Subject key identifier: 89:DB:45:D9:FC:63:7E:26:BF:49:31:03:FA:A2:4A:50:B2:C7:D2:F4
Certificate issuer: /CN=8bdc53cc2263f6fdea170d3282a20b8e71607386
Certificate serial: 018CC86F08E76C5025663F2C5B54F381BD6A
Authority key identifier: 8B:DC:53:CC:22:63:F6:FD:EA:17:0D:32:82:A2:0B:8E:71:60:73:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9xTzCJj9v3qFw0ygqILjnFgc4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/idtF2fxjfia_STED-qJKULLH0vQ.roa
Signing time: Tue 02 Jan 2024 04:29:29 +0000
ROA not before: Tue 02 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51110
IP address blocks: 5.102.77.0/24 maxlen: 24
5.102.76.0/24 maxlen: 24
5.102.78.0/24 maxlen: 24
5.102.73.0/24 maxlen: 24
5.102.72.0/24 maxlen: 24
5.102.75.0/24 maxlen: 24
5.102.74.0/24 maxlen: 24
185.91.233.0/24 maxlen: 24
185.91.232.0/24 maxlen: 24
185.91.234.0/24 maxlen: 24
94.124.152.0/24 maxlen: 24
94.124.154.0/24 maxlen: 24
94.124.153.0/24 maxlen: 24
94.124.156.0/24 maxlen: 24
94.124.155.0/24 maxlen: 24
94.124.157.0/24 maxlen: 24
94.124.159.0/24 maxlen: 24
94.124.158.0/24 maxlen: 24
5.102.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:08:e7:6c:50:25:66:3f:2c:5b:54:f3:81:bd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdc53cc2263f6fdea170d3282a20b8e71607386
Validity
Not Before: Jan 2 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89db45d9fc637e26bf493103faa24a50b2c7d2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:30:3c:6d:03:9e:e6:ed:fc:6e:10:4a:a1:01:
90:fa:52:bf:04:8d:17:5a:2d:74:df:58:05:c9:3b:
13:43:79:03:86:ba:cf:fe:2f:4a:f8:ef:7d:72:e1:
2a:2a:42:07:2f:1b:92:87:48:24:9b:07:49:e8:61:
62:c7:e0:1e:71:0e:9e:67:fe:f9:53:23:5a:4e:15:
47:17:db:a9:72:a3:c2:44:e0:e5:55:f1:82:63:65:
9f:5c:91:fb:65:30:0f:83:1a:3a:00:a3:ff:56:13:
0b:47:b4:0f:8c:07:83:63:3d:85:35:7c:bb:3c:a2:
52:17:19:34:cb:4a:8c:0b:4f:31:62:6d:c4:c5:64:
8a:1e:63:02:1e:d7:fc:7c:35:3d:97:2a:3d:04:f4:
a7:33:51:f9:af:f4:13:1c:e9:7e:71:a3:ec:7e:18:
2b:72:d6:29:82:6e:d4:5b:34:2a:e4:e0:03:50:ce:
4e:82:10:ab:e9:95:76:1e:73:fb:12:6b:a6:28:cb:
f7:7f:8a:c6:4c:38:cc:39:e7:8e:e6:ce:3b:72:23:
35:8c:11:43:d6:ae:31:00:fe:49:20:bc:53:6c:5a:
cd:f6:b2:22:38:db:af:99:68:a8:91:77:b2:d2:46:
e4:86:16:33:49:04:c9:26:ba:af:84:7b:39:ef:5b:
17:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DB:45:D9:FC:63:7E:26:BF:49:31:03:FA:A2:4A:50:B2:C7:D2:F4
X509v3 Authority Key Identifier:
keyid:8B:DC:53:CC:22:63:F6:FD:EA:17:0D:32:82:A2:0B:8E:71:60:73:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9xTzCJj9v3qFw0ygqILjnFgc4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/idtF2fxjfia_STED-qJKULLH0vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/i9xTzCJj9v3qFw0ygqILjnFgc4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.72.0/21
94.124.152.0/21
185.91.232.0-185.91.234.255
Signature Algorithm: sha256WithRSAEncryption
12:e4:30:11:f3:f3:48:d2:49:1b:27:1a:82:2d:72:2f:a7:32:
50:fb:ad:9e:62:27:4d:90:78:32:6b:d7:5f:0d:59:b0:5f:1b:
7b:c5:e5:b4:29:11:d6:51:a3:06:77:79:50:93:1d:d1:5b:84:
85:db:0d:43:c2:ee:ed:56:55:31:1c:28:03:ad:b0:53:52:7d:
e8:5c:23:87:b0:44:01:25:f1:76:af:0c:51:24:52:fd:06:56:
72:2b:28:d4:89:8b:34:9c:0f:20:b0:c5:32:48:29:fb:6d:ee:
31:df:a5:0a:d2:9d:2d:6a:88:58:3c:d3:3c:f6:e8:80:40:8a:
b4:c2:3b:42:c2:c8:10:a4:23:41:60:e9:77:26:fd:38:43:3e:
ac:e7:71:97:cc:a8:32:12:00:0c:25:99:ac:e0:aa:cc:81:9d:
18:e6:ff:4f:9c:f8:e6:12:8e:15:be:1e:ed:e4:70:92:f5:ac:
b4:e5:72:e5:42:b9:f0:67:25:1c:0c:8b:a5:a9:47:78:e2:2c:
e9:71:27:d9:e2:20:20:ad:86:81:17:48:7e:68:22:15:a9:d6:
f7:19:dc:fb:a4:df:e0:7a:fe:20:8b:90:be:e2:d3:5e:35:82:
10:2d:49:98:25:7d:51:92:54:e2:57:05:cd:1b:e9:a9:1c:09:
56:c4:59:7e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIbwjnbFAlZj8sW1Tzgb1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGM1M2NjMjI2M2Y2ZmRlYTE3MGQzMjgyYTIwYjhlNzE2
MDczODYwHhcNMjQwMTAyMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRiNDVkOWZjNjM3ZTI2YmY0OTMxMDNmYWEyNGE1MGIyYzdkMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizA8bQOe5u38bhBKoQGQ+lK/BI0X
Wi1031gFyTsTQ3kDhrrP/i9K+O99cuEqKkIHLxuSh0gkmwdJ6GFix+AecQ6eZ/75
UyNaThVHF9upcqPCRODlVfGCY2WfXJH7ZTAPgxo6AKP/VhMLR7QPjAeDYz2FNXy7
PKJSFxk0y0qMC08xYm3ExWSKHmMCHtf8fDU9lyo9BPSnM1H5r/QTHOl+caPsfhgr
ctYpgm7UWzQq5OADUM5OghCr6ZV2HnP7EmumKMv3f4rGTDjMOeeO5s47ciM1jBFD
1q4xAP5JILxTbFrN9rIiONuvmWiokXey0kbkhhYzSQTJJrqvhHs571sXxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFInbRdn8Y34mv0kxA/qiSlCyx9L0MB8GA1UdIwQY
MBaAFIvcU8wiY/b96hcNMoKiC45xYHOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTl4VHpDSmo5djNxRncweWdxSUxqbkZnYzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMzc0MmYtMWQ3MC00ZjMxLWE5Y2Et
N2FjYjIxYmE3NzNmLzEvaWR0RjJmeGpmaWFfU1RFRC1xSktVTExIMHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMzc0MmYtMWQ3MC00ZjMxLWE5Y2EtN2FjYjIxYmE3NzNm
LzEvaTl4VHpDSmo5djNxRncweWdxSUxqbkZnYzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDBWZIAwQD
XnyYMAwDBAO5W+gDBAC5W+owDQYJKoZIhvcNAQELBQADggEBABLkMBHz80jSSRsn
GoItci+nMlD7rZ5iJ02QeDJr118NWbBfG3vF5bQpEdZRowZ3eVCTHdFbhIXbDUPC
7u1WVTEcKAOtsFNSfehcI4ewRAEl8XavDFEkUv0GVnIrKNSJizScDyCwxTJIKftt
7jHfpQrSnS1qiFg80zz26IBAirTCO0LCyBCkI0Fg6Xcm/ThDPqzncZfMqDISAAwl
mazgqsyBnRjm/0+c+OYSjhW+Hu3kcJL1rLTlcuVCufBnJRwMi6WpR3jiLOlxJ9ni
ICCthoEXSH5oIhWp1vcZ3Puk3+B6/iCLkL7i0141ghAtSZglfVGSVOJXBc0b6akc
CVbEWX4=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:17 2024 by rpki-client on console.sobornost.net