Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Xem9IZju9saEd4HBBcw54N7YJBo.roa
File: Xem9IZju9saEd4HBBcw54N7YJBo.roa (raw, json)
Hash identifier: epI0oO/Ypxw8PYKFNTs7wBb4RqAbB8FCJNKpVt0PS6U=
Subject key identifier: 5D:E9:BD:21:98:EE:F6:C6:84:77:81:C1:05:CC:39:E0:DE:D8:24:1A
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 0194228E325D0A2C57E1C39246A206D9B490
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Xem9IZju9saEd4HBBcw54N7YJBo.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
78.110.192.0/20 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
87.237.8.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
91.197.108.0/22 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
95.171.160.0/19 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
185.48.100.0/22 maxlen: 24
185.78.180.0/22 maxlen: 24
185.81.224.0/22 maxlen: 24
185.90.184.0/22 maxlen: 22
185.174.64.0/22 maxlen: 24
185.224.236.0/22 maxlen: 22
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
195.110.54.0/23 maxlen: 24
195.144.64.0/19 maxlen: 24
195.225.100.0/22 maxlen: 24
213.193.200.0/21 maxlen: 24
213.193.224.0/21 maxlen: 24
213.193.248.0/23 maxlen: 24
2001:4158::/29 maxlen: 48
2001:4c40::/32 maxlen: 48
2a00:1fb8::/32 maxlen: 48
2a01:8c20::/32 maxlen: 48
2a0b:8b00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:32:5d:0a:2c:57:e1:c3:92:46:a2:06:d9:b4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5de9bd2198eef6c6847781c105cc39e0ded8241a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:09:c8:2d:3e:4f:e0:44:25:34:ef:e4:d0:30:
19:fa:7c:5b:5e:21:b5:d5:e9:11:ee:6f:3b:31:2e:
07:32:59:3f:51:39:30:eb:f2:01:47:6a:e9:4c:57:
e8:da:0a:82:0e:49:8f:d8:d3:c2:f2:ea:31:bc:fb:
b9:19:fb:fd:a1:d6:eb:29:b6:69:f4:fd:fc:d9:f2:
6c:5e:d1:5f:38:89:8a:64:3f:1c:b6:2c:93:8e:40:
cb:e4:fe:67:36:f9:0c:9a:6a:6a:7c:d2:fe:ae:58:
0a:c8:b7:d6:b5:d5:62:b5:15:2b:a6:2b:2c:19:99:
68:10:0e:69:5b:36:8f:14:53:2d:d9:2f:b6:6d:95:
ed:82:7f:a0:e6:50:79:3c:30:fe:20:90:2a:bd:e3:
09:16:31:00:c3:57:f0:a1:17:43:56:4f:cd:8e:b5:
6d:6e:80:06:1a:99:44:c6:52:7e:d1:b2:ec:41:55:
c9:e3:ef:75:06:51:39:d7:af:93:fd:be:7d:cb:e9:
a8:1a:ae:c8:0d:d1:9e:2a:e4:dc:05:cb:26:26:1f:
85:15:df:dc:a6:47:d4:e5:e9:ee:a7:ec:1a:b5:f4:
b1:c1:17:cf:fb:a2:af:51:86:d9:5a:9a:0f:79:59:
1c:c3:8e:8f:9c:c7:48:6c:fe:e1:20:4d:65:fd:43:
b0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E9:BD:21:98:EE:F6:C6:84:77:81:C1:05:CC:39:E0:DE:D8:24:1A
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Xem9IZju9saEd4HBBcw54N7YJBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
78.110.192.0/20
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/24
95.171.160.0/19
178.132.8.0/21
185.47.0.0/22
185.48.100.0/22
185.78.180.0/22
185.81.224.0/22
185.90.184.0/22
185.174.64.0/22
185.224.236.0/22
188.64.72.0/21
188.118.0.0/18
195.110.54.0/23
195.144.64.0/19
195.225.100.0/22
213.193.200.0/21
213.193.224.0/21
213.193.248.0/23
IPv6:
2001:4158::/29
2001:4c40::/32
2a00:1fb8::/32
2a01:8c20::/32
2a0b:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
2e:2c:a2:d2:77:0f:5d:c5:bd:d3:e2:19:78:82:4e:80:b4:c0:
2f:8e:6f:cc:06:58:c2:1f:c4:ae:70:2d:7a:02:2c:36:5f:2e:
0e:f5:29:df:4b:2f:fe:28:b3:12:a6:9b:81:0a:d4:a6:81:91:
3b:ac:72:dd:7c:24:36:b9:7c:2b:7a:39:d9:ce:47:10:7c:ed:
34:57:97:70:17:63:01:8c:3a:e6:b1:3d:84:1a:d6:75:b8:06:
ec:0f:b6:e7:ee:05:78:4f:64:1f:2f:00:c2:b5:b9:ab:60:7f:
8b:81:7e:b3:7f:95:23:1f:10:f7:c6:b0:95:e6:7e:e7:fc:76:
df:17:ef:08:01:b0:7e:64:44:a4:82:62:8f:7b:9e:bf:28:73:
6a:5c:1d:40:b7:52:a3:7a:ed:14:56:e6:15:f0:de:41:00:6b:
3b:10:46:92:07:e5:73:5c:b5:a9:3c:46:64:63:ae:b9:5f:05:
22:1b:34:96:19:84:ea:d3:01:85:2a:d4:cf:ee:07:bd:32:95:
2e:a4:e4:b6:de:f4:75:17:fd:ec:1e:cb:de:a2:54:59:78:f9:
b7:37:87:92:82:8d:22:72:93:20:f8:1b:03:f3:e2:94:94:44:
1f:6f:d4:c8:ba:a5:07:46:04:45:d0:9b:60:7c:c9:b6:63:52:
d4:3e:9e:5d
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZQijjJdCixX4cOSRqIG2bSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU5YmQyMTk4ZWVmNmM2ODQ3NzgxYzEwNWNjMzllMGRlZDgyNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gnILT5P4EQlNO/k0DAZ+nxbXiG1
1ekR7m87MS4HMlk/UTkw6/IBR2rpTFfo2gqCDkmP2NPC8uoxvPu5Gfv9odbrKbZp
9P382fJsXtFfOImKZD8ctiyTjkDL5P5nNvkMmmpqfNL+rlgKyLfWtdVitRUrpiss
GZloEA5pWzaPFFMt2S+2bZXtgn+g5lB5PDD+IJAqveMJFjEAw1fwoRdDVk/NjrVt
boAGGplExlJ+0bLsQVXJ4+91BlE516+T/b59y+moGq7IDdGeKuTcBcsmJh+FFd/c
pkfU5enup+watfSxwRfP+6KvUYbZWpoPeVkcw46PnMdIbP7hIE1l/UOwHwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFF3pvSGY7vbGhHeBwQXMOeDe2CQaMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvWGVtOUlaanU5c2FFZDRIQkJjdzU0TjdZSkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBtQQCAAEwga4DBAMu
8xgDBANOKUADBARObsADBAVSkmADBANVntADBANX7QgDBAVYUiADBANZIxADBARZ
+rADBAJbxWwDBAVejKADBABenvgDBAVfq6ADBAOyhAgDBAK5LwADBAK5MGQDBAK5
TrQDBAK5UeADBAK5WrgDBAK5rkADBAK54OwDBAO8QEgDBAa8dgADBAHDbjYDBAXD
kEADBALD4WQDBAPVwcgDBAPVweADBAHVwfgwKQQCAAIwIwMFAyABQVgDBQAgAUxA
AwUAKgAfuAMFACoBjCADBQMqC4sAMA0GCSqGSIb3DQEBCwUAA4IBAQAuLKLSdw9d
xb3T4hl4gk6AtMAvjm/MBljCH8SucC16Aiw2Xy4O9SnfSy/+KLMSppuBCtSmgZE7
rHLdfCQ2uXwrejnZzkcQfO00V5dwF2MBjDrmsT2EGtZ1uAbsD7bn7gV4T2QfLwDC
tbmrYH+LgX6zf5UjHxD3xrCV5n7n/HbfF+8IAbB+ZESkgmKPe56/KHNqXB1At1Kj
eu0UVuYV8N5BAGs7EEaSB+VzXLWpPEZkY665XwUiGzSWGYTq0wGFKtTP7ge9MpUu
pOS23vR1F/3sHsveolRZePm3N4eSgo0icpMg+BsD8+KUlEQfb9TIuqUHRgRF0Jtg
fMm2Y1LUPp5d
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:15:57 2025 by rpki-client on console.sobornost.net