Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/9FRRudA-iTiXw6tmPSmIov2PjM0.roa
File: 9FRRudA-iTiXw6tmPSmIov2PjM0.roa (raw, json)
Hash identifier: e5FpPofdz8VXHnR0/dIBmpH7QIwfveA/9ahSVrm1bMc=
Subject key identifier: F4:54:51:B9:D0:3E:89:38:97:C3:AB:66:3D:29:88:A2:FD:8F:8C:CD
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 0193DA4EE529496037E8BACEC8C08097FF54
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/9FRRudA-iTiXw6tmPSmIov2PjM0.roa
Signing time: Wed 18 Dec 2024 15:07:03 +0000
ROA not before: Wed 18 Dec 2024 15:07:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31034
IP address blocks: 5.249.128.0/19 maxlen: 24
31.11.32.0/21 maxlen: 24
31.14.128.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
62.149.128.0/17 maxlen: 24
66.71.128.0/18 maxlen: 24
66.71.128.0/19 maxlen: 24
66.71.176.0/20 maxlen: 24
77.81.224.0/20 maxlen: 24
80.73.224.0/21 maxlen: 24
80.211.0.0/16 maxlen: 24
82.192.128.0/19 maxlen: 24
89.36.208.0/22 maxlen: 24
89.46.64.0/20 maxlen: 24
89.46.104.0/21 maxlen: 24
89.46.192.0/21 maxlen: 24
94.177.160.0/19 maxlen: 24
94.177.192.0/18 maxlen: 24
95.110.128.0/17 maxlen: 24
176.107.144.0/21 maxlen: 24
185.56.8.0/22 maxlen: 24
185.58.116.0/22 maxlen: 24
188.213.160.0/20 maxlen: 24
194.182.110.0/23 maxlen: 24
195.231.0.0/17 maxlen: 24
195.231.64.0/20 maxlen: 24
195.231.80.0/21 maxlen: 24
195.231.88.0/21 maxlen: 24
209.227.224.0/20 maxlen: 24
217.61.0.0/18 maxlen: 24
217.61.56.0/21 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:4e:e5:29:49:60:37:e8:ba:ce:c8:c0:80:97:ff:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Dec 18 15:07:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f45451b9d03e893897c3ab663d2988a2fd8f8ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c5:75:65:37:d9:4d:0e:18:5c:9f:cd:e2:c1:
01:c0:d6:0c:a3:81:25:b4:e5:e4:3b:df:26:aa:cf:
08:de:33:65:7d:cf:1e:5b:c0:2a:86:79:4a:50:9f:
7c:fa:30:65:b6:c3:c4:c6:1a:de:c6:4a:97:36:f0:
13:cd:23:0b:39:58:20:7d:e0:55:ef:36:1d:54:20:
b5:98:99:95:95:86:a0:9a:f1:61:27:71:f7:3c:c7:
ef:91:9a:11:36:7f:fa:d5:99:da:70:9d:e4:c3:23:
fd:48:be:f9:28:ea:c5:ba:55:70:c6:3b:ff:04:11:
90:e9:86:40:b4:83:3d:9e:6b:a5:3b:ad:19:db:d3:
94:29:af:ed:51:7c:18:dc:45:e7:01:94:3a:ab:90:
32:7f:2c:fe:68:5e:a4:46:ae:e6:fb:58:74:1b:47:
72:0d:97:0a:51:27:ce:a5:60:4d:53:d1:da:5d:33:
4d:dd:12:54:af:54:80:30:7a:31:b5:69:d6:9c:7c:
a5:44:c9:bd:4b:b5:ed:9b:12:37:d1:d8:d9:3d:32:
ec:c6:0f:aa:63:0a:8c:d6:78:1f:34:c2:53:a9:e4:
d5:e7:c7:aa:23:62:8a:bd:bc:a1:a5:35:f4:86:58:
53:0e:02:2e:cb:6d:f0:f0:be:de:85:79:9f:4b:36:
c9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:54:51:B9:D0:3E:89:38:97:C3:AB:66:3D:29:88:A2:FD:8F:8C:CD
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/9FRRudA-iTiXw6tmPSmIov2PjM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
66.71.128.0/18
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
82.192.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
209.227.224.0/20
217.61.0.0/18
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
1c:53:9b:3d:45:37:4c:3c:a2:52:85:d5:c2:53:5d:c2:1d:cd:
14:08:38:e8:3d:fd:c2:f1:a8:2f:8d:4d:82:5d:3b:c7:c9:75:
e0:d6:32:64:0c:a4:2a:af:7d:06:47:69:2d:2c:95:b4:0f:01:
9d:c5:a4:f2:b2:9c:65:be:ab:03:09:67:b9:e0:dc:36:cd:d3:
46:83:0d:56:15:8b:a9:60:1c:c9:5a:b7:a3:72:40:e4:67:49:
0d:60:62:d1:75:aa:82:ff:15:47:47:4b:a1:36:dd:c5:21:ac:
63:60:ff:40:b2:9b:26:1e:27:06:14:38:33:a6:ce:56:5a:b4:
b2:92:42:39:f6:a1:5c:62:97:c4:79:14:74:ad:68:5c:42:dc:
7d:d3:e3:09:70:3c:9a:57:c0:26:77:12:2e:45:e2:18:51:00:
e0:a2:c9:83:f3:65:88:57:3e:a3:26:a5:d4:59:55:ea:75:5c:
01:13:b6:9c:21:33:36:f7:03:03:c7:b5:c3:3d:98:a4:df:17:
93:80:e8:b9:11:ae:5e:13:49:51:92:a0:f5:ac:41:30:0c:20:
b5:21:ed:6c:5f:ee:58:05:84:b8:44:4f:95:0c:1f:f9:91:cc:
ba:ae:b5:00:e2:f7:f8:42:73:c3:cb:d3:8e:dc:27:ba:20:4b:
5b:2a:80:3f
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAZPaTuUpSWA36LrOyMCAl/9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjQxMjE4MTUwNzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU0NTFiOWQwM2U4OTM4OTdjM2FiNjYzZDI5ODhhMmZkOGY4Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38V1ZTfZTQ4YXJ/N4sEBwNYMo4El
tOXkO98mqs8I3jNlfc8eW8AqhnlKUJ98+jBltsPExhrexkqXNvATzSMLOVggfeBV
7zYdVCC1mJmVlYagmvFhJ3H3PMfvkZoRNn/61ZnacJ3kwyP9SL75KOrFulVwxjv/
BBGQ6YZAtIM9nmulO60Z29OUKa/tUXwY3EXnAZQ6q5Ayfyz+aF6kRq7m+1h0G0dy
DZcKUSfOpWBNU9HaXTNN3RJUr1SAMHoxtWnWnHylRMm9S7XtmxI30djZPTLsxg+q
YwqM1ngfNMJTqeTV58eqI2KKvbyhpTX0hlhTDgIuy23w8L7ehXmfSzbJ3wIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFPRUUbnQPok4l8OrZj0piKL9j4zNMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvOUZSUnVkQS1pVGlYdzZ0bVBTbUlvdjJQak0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBAZCR4ADBARNUeADBANQSeADAwBQ
0wMEBVLAgAMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdf
boADBAOwa5ADBAK5OAgDBAK5OnQDBAS81aADBAHCtm4DBAfD5wADBATR4+ADBAbZ
PQAwDQQCAAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBABxTmz1FN0w8olKF
1cJTXcIdzRQIOOg9/cLxqC+NTYJdO8fJdeDWMmQMpCqvfQZHaS0slbQPAZ3FpPKy
nGW+qwMJZ7ng3DbN00aDDVYVi6lgHMlat6NyQORnSQ1gYtF1qoL/FUdHS6E23cUh
rGNg/0CymyYeJwYUODOmzlZatLKSQjn2oVxil8R5FHStaFxC3H3T4wlwPJpXwCZ3
Ei5F4hhRAOCiyYPzZYhXPqMmpdRZVep1XAETtpwhMzb3AwPHtcM9mKTfF5OA6LkR
rl4TSVGSoPWsQTAMILUh7Wxf7lgFhLhET5UMH/mRzLqutQDi9/hCc8PL047cJ7og
S1sqgD8=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:24 2024 by rpki-client on console.sobornost.net