Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/TEhrsoeWuOMO4hoiz_w8wF9fPHM.roa
File: TEhrsoeWuOMO4hoiz_w8wF9fPHM.roa (raw, json)
Hash identifier: hPXsGHEhmmT3jdTGVWdOX+WVuVPws63+IjXbacOAQEs=
Subject key identifier: 4C:48:6B:B2:87:96:B8:E3:0E:E2:1A:22:CF:FC:3C:C0:5F:5F:3C:73
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 0191DAF7489A79420BF6B24FBF04BDDD173C
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/TEhrsoeWuOMO4hoiz_w8wF9fPHM.roa
Signing time: Tue 10 Sep 2024 08:05:24 +0000
ROA not before: Tue 10 Sep 2024 08:05:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40994
IP address blocks: 31.14.17.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
46.102.157.0/24 maxlen: 24
83.138.55.0/24 maxlen: 24
86.106.182.0/23 maxlen: 24
94.177.8.0/23 maxlen: 24
110.172.148.0/24 maxlen: 24
193.219.97.0/24 maxlen: 24
2a0d:f302::/32 maxlen: 32
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:f7:48:9a:79:42:0b:f6:b2:4f:bf:04:bd:dd:17:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Sep 10 08:05:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c486bb28796b8e30ee21a22cffc3cc05f5f3c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e3:bd:06:22:d5:5e:e2:3e:d7:ab:36:6e:15:
97:06:2c:c2:55:d8:eb:de:76:d0:0d:f6:40:2e:dd:
06:16:b4:8a:9a:16:7d:93:60:2e:23:e6:16:6f:bc:
73:ee:bf:4e:39:f9:0a:da:0c:d2:65:2c:f4:ac:31:
cf:37:bc:bb:c0:97:8a:a8:2a:cc:c0:2c:76:1d:c2:
8d:6f:f0:88:35:d1:ba:92:de:25:38:53:81:dc:af:
a0:d6:1d:f7:20:58:68:34:45:d7:46:96:82:87:a5:
6b:56:68:26:2a:4a:cd:0c:6b:aa:3f:2f:37:f2:c9:
c2:80:22:9c:f2:62:3c:46:3d:da:d4:c5:73:1b:26:
e9:24:24:84:a2:ba:fd:1b:c1:a4:57:f1:31:c9:96:
f8:b0:4a:e4:86:a8:21:04:c8:89:0f:a2:dc:65:7a:
9e:1a:f3:ba:0f:a1:71:a2:2f:7c:a3:fe:0f:ac:39:
38:92:93:59:1c:64:0b:f1:11:e5:94:06:dd:8c:60:
60:0b:95:25:d2:c6:ff:f5:6d:b8:3d:0c:5b:a8:22:
e9:48:71:52:02:19:ab:77:5d:20:aa:60:9d:33:ff:
63:a8:50:b4:e3:e4:5f:6d:3a:b9:a4:fd:bb:7e:44:
72:5a:56:1a:26:eb:59:f6:b2:38:13:3c:ac:ce:d3:
2b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:48:6B:B2:87:96:B8:E3:0E:E2:1A:22:CF:FC:3C:C0:5F:5F:3C:73
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/TEhrsoeWuOMO4hoiz_w8wF9fPHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
83.138.55.0/24
86.106.182.0/23
94.177.8.0/23
110.172.148.0/24
193.219.97.0/24
IPv6:
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
05:e8:8c:2c:70:c9:59:2c:7b:ae:78:0a:9d:51:ce:bc:7c:f1:
6c:e7:2c:63:65:60:ca:44:41:87:f4:b0:a9:ec:a0:ef:6c:55:
b2:33:8f:37:89:13:db:4c:af:f4:9d:f5:2f:ff:49:8f:42:4d:
d8:e6:ad:73:23:a5:6f:f8:ea:cd:2a:56:16:38:cf:89:97:20:
2d:45:4c:4b:ca:0d:71:64:f8:86:e8:ce:32:cb:18:c0:67:1e:
7d:e6:0a:03:43:d0:8a:ca:f0:6c:b1:95:fb:a0:5b:24:7c:b1:
6d:ab:39:79:ca:51:5c:2f:7e:26:2b:1a:38:fe:11:0f:f6:e0:
1b:54:0d:d5:13:f1:68:6d:63:0e:34:e0:8b:22:e5:46:a3:6b:
cc:74:c4:94:58:76:89:d2:21:b8:73:ec:1d:e7:c2:b1:e8:89:
c9:6e:9d:dc:fe:0d:a1:42:19:3a:18:5c:ef:5b:d0:06:d8:9e:
23:35:c3:6c:12:2b:7f:c0:3a:65:f8:ab:73:6c:9b:99:bc:15:
cb:21:09:31:55:79:ee:50:f8:18:a6:ca:b9:05:00:68:13:60:
3d:a7:81:84:8d:17:94:57:2a:a4:c6:50:8c:25:6a:88:38:e5:
1c:d5:e4:03:56:86:cc:4d:d8:e3:e0:eb:b1:89:6c:87:af:70:
43:98:da:c1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZHa90iaeUIL9rJPvwS93Rc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2YwZmJkNWY2ZTE3NTk5MDNjYzY5ZGUwZGM0ZWEyNGMx
ZjgzZGYwHhcNMjQwOTEwMDgwNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ4NmJiMjg3OTZiOGUzMGVlMjFhMjJjZmZjM2NjMDVmNWYzYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOO9BiLVXuI+16s2bhWXBizCVdjr
3nbQDfZALt0GFrSKmhZ9k2AuI+YWb7xz7r9OOfkK2gzSZSz0rDHPN7y7wJeKqCrM
wCx2HcKNb/CINdG6kt4lOFOB3K+g1h33IFhoNEXXRpaCh6VrVmgmKkrNDGuqPy83
8snCgCKc8mI8Rj3a1MVzGybpJCSEorr9G8GkV/ExyZb4sErkhqghBMiJD6LcZXqe
GvO6D6Fxoi98o/4PrDk4kpNZHGQL8RHllAbdjGBgC5Ul0sb/9W24PQxbqCLpSHFS
Ahmrd10gqmCdM/9jqFC04+RfbTq5pP27fkRyWlYaJutZ9rI4EzysztMryQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFExIa7KHlrjjDuIaIs/8PMBfXzxzMB8GA1UdIwQY
MBaAFNTPD71fbhdZkDzGneDcTqJMH4PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMt
NTg1N2YxYzE3NjI0LzEvVEVocnNvZVd1T01PNGhvaXpfdzh3RjlmUEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMtNTg1N2YxYzE3NjI0
LzEvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAHw4RAwQB
LmacAwQAU4o3AwQBVmq2AwQBXrEIAwQAbqyUAwQAwdthMA0EAgACMAcDBQAqDfMC
MA0GCSqGSIb3DQEBCwUAA4IBAQAF6IwscMlZLHuueAqdUc68fPFs5yxjZWDKREGH
9LCp7KDvbFWyM483iRPbTK/0nfUv/0mPQk3Y5q1zI6Vv+OrNKlYWOM+JlyAtRUxL
yg1xZPiG6M4yyxjAZx595goDQ9CKyvBssZX7oFskfLFtqzl5ylFcL34mKxo4/hEP
9uAbVA3VE/FobWMONOCLIuVGo2vMdMSUWHaJ0iG4c+wd58Kx6InJbp3c/g2hQhk6
GFzvW9AG2J4jNcNsEit/wDpl+KtzbJuZvBXLIQkxVXnuUPgYpsq5BQBoE2A9p4GE
jReUVyqkxlCMJWqIOOUc1eQDVobMTdjj4OuxiWyHr3BDmNrB
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:06:26 2024 by rpki-client on console.sobornost.net