Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/tKud41_uF6MLg9JuD7WmUpZGc4s.roa
File: tKud41_uF6MLg9JuD7WmUpZGc4s.roa (raw, json)
Hash identifier: vNVzZqZ1Zf27T9w0eQmS3fFPTTvby+VMmYnGkFNAClI=
Subject key identifier: B4:AB:9D:E3:5F:EE:17:A3:0B:83:D2:6E:0F:B5:A6:52:96:46:73:8B
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 0193CFF2E58762DB1198F46A7B1001288428
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/tKud41_uF6MLg9JuD7WmUpZGc4s.roa
Signing time: Mon 16 Dec 2024 14:50:22 +0000
ROA not before: Mon 16 Dec 2024 14:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40994
IP address blocks: 31.14.17.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
46.102.157.0/24 maxlen: 24
83.138.55.0/24 maxlen: 24
86.106.182.0/23 maxlen: 24
94.177.8.0/23 maxlen: 24
110.172.148.0/24 maxlen: 24
193.219.97.0/24 maxlen: 24
203.34.137.0/24 maxlen: 24
2a0d:f302::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:f2:e5:87:62:db:11:98:f4:6a:7b:10:01:28:84:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: Dec 16 14:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4ab9de35fee17a30b83d26e0fb5a6529646738b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b1:ac:b3:55:1e:a5:cd:41:5f:4c:a7:14:68:
ac:ab:a0:3a:c6:15:4d:b3:97:12:b8:f3:58:6d:51:
14:bb:d3:0d:5e:00:7b:7d:41:ff:1a:6c:8a:95:11:
2a:1c:6e:e6:0d:b4:cd:84:8a:28:7e:c2:bb:6a:e1:
a0:73:d2:e8:1a:e5:b5:97:ab:71:06:f4:c3:c6:4b:
c1:b8:90:e8:ad:01:2f:0b:0c:46:f4:38:e2:9c:1c:
82:fa:15:ef:04:f7:93:35:b9:d8:e5:dc:bb:c6:2e:
8a:53:77:7e:10:a9:e0:2b:54:56:52:44:11:4d:8b:
dc:66:08:5f:12:4e:80:77:e9:4d:c4:e4:34:17:3b:
be:da:1b:49:0f:6f:6d:07:bd:5e:f6:b8:1a:fc:97:
e4:35:01:e6:fe:cc:38:92:a2:53:f1:9d:6f:d1:32:
15:b1:21:c6:0b:e9:16:6c:fd:0b:72:99:fb:28:3b:
f9:7d:6a:fc:77:9c:8b:cc:c7:2c:06:5d:21:4c:78:
98:16:92:ea:a7:bb:02:3a:d4:b0:be:39:b6:07:93:
0c:bc:92:a9:90:bb:8a:01:33:11:93:33:42:ce:8c:
a6:01:12:44:70:c5:0c:a7:e2:38:2a:5d:25:67:12:
00:a5:ee:ae:96:69:06:43:40:30:c8:84:f3:0d:c2:
43:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AB:9D:E3:5F:EE:17:A3:0B:83:D2:6E:0F:B5:A6:52:96:46:73:8B
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/tKud41_uF6MLg9JuD7WmUpZGc4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
83.138.55.0/24
86.106.182.0/23
94.177.8.0/23
110.172.148.0/24
193.219.97.0/24
203.34.137.0/24
IPv6:
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
21:64:ea:0d:3f:a9:b1:7d:ce:93:d1:ab:d3:3a:ee:27:4b:3d:
39:24:f8:cb:f5:d0:24:10:c2:6f:9e:0a:ac:22:59:98:82:6f:
ce:2d:0c:8f:49:df:22:81:6d:d0:6a:27:ea:7f:89:1b:dc:a6:
e3:a6:b5:e4:f5:6b:2f:01:fd:3d:88:14:37:4c:1c:12:40:4a:
b5:d3:32:be:bd:6e:f1:35:c3:8e:b0:98:42:5a:fe:0a:a4:42:
77:d7:ba:e3:67:84:0c:15:3c:75:38:49:79:5d:ad:75:10:c7:
60:eb:0b:79:7a:8d:46:4c:b6:64:10:05:77:61:84:b6:cc:b3:
81:a3:cd:9b:0c:e2:bc:e8:22:46:1f:97:f6:59:e3:c5:fa:fe:
13:aa:35:e9:78:f2:54:35:5b:08:5a:ad:4d:5f:54:65:2c:a4:
af:e3:68:fe:32:74:29:4e:1c:95:7f:ba:60:e0:ec:31:30:55:
39:3f:09:5c:d5:a0:27:4b:c0:de:1c:54:ea:17:be:96:90:9f:
71:03:b0:74:53:47:b9:1c:93:d0:bd:ab:d7:ba:4c:ca:fb:28:
d3:d0:cc:31:1f:d8:23:a0:28:97:62:30:4c:b0:05:4e:2a:11:
a0:f6:2b:93:77:91:1c:6b:33:2e:13:d8:19:9c:72:83:fb:5e:
cc:3a:1a:f3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZPP8uWHYtsRmPRqexABKIQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2YwZmJkNWY2ZTE3NTk5MDNjYzY5ZGUwZGM0ZWEyNGMx
ZjgzZGYwHhcNMjQxMjE2MTQ1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFiOWRlMzVmZWUxN2EzMGI4M2QyNmUwZmI1YTY1Mjk2NDY3MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbGss1Uepc1BX0ynFGisq6A6xhVN
s5cSuPNYbVEUu9MNXgB7fUH/GmyKlREqHG7mDbTNhIoofsK7auGgc9LoGuW1l6tx
BvTDxkvBuJDorQEvCwxG9DjinByC+hXvBPeTNbnY5dy7xi6KU3d+EKngK1RWUkQR
TYvcZghfEk6Ad+lNxOQ0Fzu+2htJD29tB71e9rga/JfkNQHm/sw4kqJT8Z1v0TIV
sSHGC+kWbP0Lcpn7KDv5fWr8d5yLzMcsBl0hTHiYFpLqp7sCOtSwvjm2B5MMvJKp
kLuKATMRkzNCzoymARJEcMUMp+I4Kl0lZxIApe6ulmkGQ0AwyITzDcJDEwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLSrneNf7hejC4PSbg+1plKWRnOLMB8GA1UdIwQY
MBaAFNTPD71fbhdZkDzGneDcTqJMH4PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMt
NTg1N2YxYzE3NjI0LzEvdEt1ZDQxX3VGNk1MZzlKdUQ3V21VcFpHYzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMtNTg1N2YxYzE3NjI0
LzEvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAHw4RAwQB
LmacAwQAU4o3AwQBVmq2AwQBXrEIAwQAbqyUAwQAwdthAwQAyyKJMA0EAgACMAcD
BQAqDfMCMA0GCSqGSIb3DQEBCwUAA4IBAQAhZOoNP6mxfc6T0avTOu4nSz05JPjL
9dAkEMJvngqsIlmYgm/OLQyPSd8igW3Qaifqf4kb3KbjprXk9WsvAf09iBQ3TBwS
QEq10zK+vW7xNcOOsJhCWv4KpEJ317rjZ4QMFTx1OEl5Xa11EMdg6wt5eo1GTLZk
EAV3YYS2zLOBo82bDOK86CJGH5f2WePF+v4TqjXpePJUNVsIWq1NX1RlLKSv42j+
MnQpThyVf7pg4OwxMFU5Pwlc1aAnS8DeHFTqF76WkJ9xA7B0U0e5HJPQvavXukzK
+yjT0MwxH9gjoCiXYjBMsAVOKhGg9iuTd5EcazMuE9gZnHKD+17MOhrz
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:18 2024 by rpki-client on console.sobornost.net