Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/wOm7lSK-8nkpw0hb8l6mrr7DAso.roa
File: wOm7lSK-8nkpw0hb8l6mrr7DAso.roa (raw, json)
Hash identifier: Td2/Mh54rJNTMBEj1+d3WT++98QyAYFahMbePNpZ8U0=
Subject key identifier: C0:E9:BB:95:22:BE:F2:79:29:C3:48:5B:F2:5E:A6:AE:BE:C3:02:CA
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 01938DB873182584A4BF820CD9AEB3292212
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/wOm7lSK-8nkpw0hb8l6mrr7DAso.roa
Signing time: Tue 03 Dec 2024 18:11:35 +0000
ROA not before: Tue 03 Dec 2024 18:11:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
78.110.192.0/20 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
87.237.8.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
91.197.108.0/22 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
95.171.160.0/19 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
185.48.100.0/22 maxlen: 24
185.78.180.0/22 maxlen: 24
185.81.224.0/22 maxlen: 24
185.90.184.0/22 maxlen: 22
185.174.64.0/22 maxlen: 24
185.224.236.0/22 maxlen: 22
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
195.110.54.0/23 maxlen: 24
195.144.64.0/19 maxlen: 24
195.225.100.0/22 maxlen: 24
213.193.200.0/21 maxlen: 24
213.193.224.0/21 maxlen: 24
213.193.248.0/23 maxlen: 24
2001:4158::/29 maxlen: 48
2001:4c40::/32 maxlen: 48
2a00:1fb8::/32 maxlen: 48
2a01:8c20::/32 maxlen: 48
2a0b:8b00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:b8:73:18:25:84:a4:bf:82:0c:d9:ae:b3:29:22:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Dec 3 18:11:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0e9bb9522bef27929c3485bf25ea6aebec302ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f0:84:8e:59:89:e0:21:33:4e:29:1a:6f:01:
72:19:74:3a:fa:89:80:f8:8d:af:62:ff:72:13:d9:
13:e0:ec:d2:05:d4:c4:1f:cc:39:d4:d7:1c:47:cd:
06:dd:61:26:c9:0c:6e:bb:65:c4:82:54:69:9c:ec:
fb:94:5c:ff:e3:dd:42:47:d0:a5:ac:b3:91:84:9a:
51:4f:52:27:7d:cf:b1:5f:b8:4f:c9:06:9f:ae:d8:
84:c9:00:a0:4d:d6:a3:b0:05:4d:ee:28:6f:fe:54:
14:b4:74:50:c1:f6:18:9c:4d:f7:b1:a5:a5:41:11:
91:18:24:dd:59:eb:75:7c:de:1c:de:4a:30:b0:14:
22:e5:ad:58:f0:32:2c:a5:f7:04:10:79:93:9d:26:
6d:ec:99:87:21:03:3c:79:af:60:7c:6a:38:54:cc:
ca:2a:d0:51:38:b0:7c:c2:61:3a:67:7d:ff:d1:95:
39:16:5e:b4:26:25:ad:d9:b2:76:37:6b:05:fe:af:
ee:b9:4e:5a:df:d4:b2:5b:df:ac:72:bd:20:36:7a:
ec:13:ac:84:99:df:ed:b7:67:62:8b:0e:d9:c9:8a:
19:41:00:c0:0c:fa:28:da:6e:34:4d:3b:f8:d4:75:
ee:93:00:9e:d0:8e:b7:2e:11:b0:ca:7c:7f:6b:21:
07:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E9:BB:95:22:BE:F2:79:29:C3:48:5B:F2:5E:A6:AE:BE:C3:02:CA
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/wOm7lSK-8nkpw0hb8l6mrr7DAso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
78.110.192.0/20
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/24
95.171.160.0/19
178.132.8.0/21
185.47.0.0/22
185.48.100.0/22
185.78.180.0/22
185.81.224.0/22
185.90.184.0/22
185.174.64.0/22
185.224.236.0/22
188.64.72.0/21
188.118.0.0/18
195.110.54.0/23
195.144.64.0/19
195.225.100.0/22
213.193.200.0/21
213.193.224.0/21
213.193.248.0/23
IPv6:
2001:4158::/29
2001:4c40::/32
2a00:1fb8::/32
2a01:8c20::/32
2a0b:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
55:a6:25:13:3b:8a:c8:d0:d3:8a:ac:9c:a9:67:93:fa:3a:69:
dc:d1:ae:47:27:b5:93:76:b7:62:0b:83:db:c6:8a:a0:3e:04:
bb:72:c7:bb:b8:60:65:d1:71:90:c4:e8:e9:3e:7d:ed:3a:d8:
53:8b:38:a6:cd:db:1f:60:63:44:b8:54:1c:77:1a:e4:71:3f:
8f:46:18:3d:4e:19:f6:ae:e0:fb:f8:3d:46:21:9b:b4:6f:ec:
d3:bc:80:af:0c:11:71:0b:6a:d1:82:be:77:6e:20:cf:17:80:
b9:dd:48:ac:a6:b0:bf:5a:bd:02:2c:9a:67:44:53:45:df:71:
e3:a9:f0:23:93:e9:a3:25:d1:e6:f3:a5:45:5b:79:33:83:08:
2f:e5:24:b3:d9:df:2c:09:0e:47:02:56:ea:ac:25:a6:26:53:
93:ba:2d:9d:6e:0b:fb:6f:47:d2:37:80:dc:9a:52:bb:2c:d4:
16:86:56:64:bf:fd:1a:1b:3c:f9:66:9a:1b:6e:54:ca:98:08:
24:bf:c2:8e:f6:25:f3:42:4f:75:64:fc:8d:fc:98:15:6d:bd:
58:b0:c8:a0:aa:41:17:8a:4b:67:3b:6a:5d:43:5f:5c:08:8e:
a3:c2:4f:23:1e:2d:f0:ca:9b:88:c7:f4:ba:c7:cb:bf:ba:7d:
9b:3b:a9:6c
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZONuHMYJYSkv4IM2a6zKSISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjQxMjAzMTgxMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGU5YmI5NTIyYmVmMjc5MjljMzQ4NWJmMjVlYTZhZWJlYzMwMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvCEjlmJ4CEzTikabwFyGXQ6+omA
+I2vYv9yE9kT4OzSBdTEH8w51NccR80G3WEmyQxuu2XEglRpnOz7lFz/491CR9Cl
rLORhJpRT1Infc+xX7hPyQafrtiEyQCgTdajsAVN7ihv/lQUtHRQwfYYnE33saWl
QRGRGCTdWet1fN4c3kowsBQi5a1Y8DIspfcEEHmTnSZt7JmHIQM8ea9gfGo4VMzK
KtBROLB8wmE6Z33/0ZU5Fl60JiWt2bJ2N2sF/q/uuU5a39SyW9+scr0gNnrsE6yE
md/tt2diiw7ZyYoZQQDADPoo2m40TTv41HXukwCe0I63LhGwynx/ayEHhwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFMDpu5UivvJ5KcNIW/Jepq6+wwLKMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvd09tN2xTSy04bmtwdzBoYjhsNm1ycjdEQXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCBtQQCAAEwga4DBAMu
8xgDBANOKUADBARObsADBAVSkmADBANVntADBANX7QgDBAVYUiADBANZIxADBARZ
+rADBAJbxWwDBAVejKADBABenvgDBAVfq6ADBAOyhAgDBAK5LwADBAK5MGQDBAK5
TrQDBAK5UeADBAK5WrgDBAK5rkADBAK54OwDBAO8QEgDBAa8dgADBAHDbjYDBAXD
kEADBALD4WQDBAPVwcgDBAPVweADBAHVwfgwKQQCAAIwIwMFAyABQVgDBQAgAUxA
AwUAKgAfuAMFACoBjCADBQMqC4sAMA0GCSqGSIb3DQEBCwUAA4IBAQBVpiUTO4rI
0NOKrJypZ5P6Omnc0a5HJ7WTdrdiC4PbxoqgPgS7cse7uGBl0XGQxOjpPn3tOthT
izimzdsfYGNEuFQcdxrkcT+PRhg9Thn2ruD7+D1GIZu0b+zTvICvDBFxC2rRgr53
biDPF4C53UisprC/Wr0CLJpnRFNF33HjqfAjk+mjJdHm86VFW3kzgwgv5SSz2d8s
CQ5HAlbqrCWmJlOTui2dbgv7b0fSN4DcmlK7LNQWhlZkv/0aGzz5ZpobblTKmAgk
v8KO9iXzQk91ZPyN/JgVbb1YsMigqkEXiktnO2pdQ19cCI6jwk8jHi3wypuIx/S6
x8u/un2bO6ls
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:17 2024 by rpki-client on console.sobornost.net