Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/XnngYStGFwZ4WoOd4ayUpg4of3c.roa
File: XnngYStGFwZ4WoOd4ayUpg4of3c.roa (raw, json)
Hash identifier: QRzsVu2PNbluxjNl3vdUKStiVXiLs8vuZfj9wHWnq/Y=
Subject key identifier: 5E:79:E0:61:2B:46:17:06:78:5A:83:9D:E1:AC:94:A6:0E:28:7F:77
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 0193D994209F589638373F0E869B41E894CE
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/XnngYStGFwZ4WoOd4ayUpg4of3c.roa
Signing time: Wed 18 Dec 2024 11:43:03 +0000
ROA not before: Wed 18 Dec 2024 11:43:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49632
IP address blocks: 188.125.160.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.168.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
188.125.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:94:20:9f:58:96:38:37:3f:0e:86:9b:41:e8:94:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Dec 18 11:43:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e79e0612b461706785a839de1ac94a60e287f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3f:62:15:2b:17:68:d5:dd:82:09:42:fa:31:
86:bb:14:21:b1:be:5e:d9:cc:6a:ce:a7:c9:c5:b0:
e7:fe:ea:55:36:40:18:f9:c1:1e:02:b3:95:ec:9f:
6d:dd:bc:af:62:7f:26:40:28:eb:fc:69:73:00:07:
28:08:6d:3f:47:95:de:17:37:ca:e7:c9:c7:cb:c0:
5f:1f:d3:ee:60:e2:28:c4:28:55:ca:c1:57:15:7d:
c8:df:08:cb:55:10:42:8b:fa:89:bc:8d:06:5f:37:
52:ea:21:66:7f:ab:8f:8a:05:fb:b0:cc:cf:06:56:
7b:c2:f1:fa:f7:05:1f:b7:16:64:e5:a9:18:32:93:
69:56:22:e2:f9:cf:c1:5a:88:ef:03:3d:a3:20:f0:
b7:84:5d:16:42:9d:e2:bc:87:4d:5c:bc:2b:bf:b3:
c3:a2:13:ae:ef:81:90:a0:42:b1:56:6f:00:f1:00:
a0:4c:07:6d:7e:8f:91:dd:fa:4b:62:60:e8:d5:d9:
fd:55:b3:2e:9f:31:39:d1:b2:6c:0d:11:61:b3:6d:
4d:16:cc:d7:90:1f:ae:56:1b:61:a0:df:25:ab:29:
45:98:70:f8:23:48:86:5d:85:1b:5f:2c:6e:f5:e6:
82:e2:19:cb:d2:40:59:b2:00:0c:43:d8:35:6d:84:
45:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:79:E0:61:2B:46:17:06:78:5A:83:9D:E1:AC:94:A6:0E:28:7F:77
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/XnngYStGFwZ4WoOd4ayUpg4of3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.160.0/24
188.125.164.0-188.125.166.255
188.125.168.0/24
188.125.170.0/24
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c8:08:f0:f7:68:eb:92:43:5f:7e:89:0c:42:82:2c:b3:b9:
9d:6a:db:1c:1a:ed:18:3a:cc:98:82:c7:9f:54:cd:19:a5:d6:
9c:07:23:a1:b1:ec:6b:8d:58:c9:b4:d2:2b:c8:d0:2e:bd:5c:
64:b1:d1:93:dc:fb:28:92:f3:95:44:61:17:49:09:c9:91:f2:
4e:bb:dc:bd:d1:88:a6:b1:52:27:7c:0c:ff:6d:4e:78:9c:d9:
ea:7c:57:c1:76:1f:9b:43:0a:bc:87:5d:0d:65:5c:85:a5:5c:
b9:12:bc:90:71:0b:d3:10:d8:ef:69:bf:10:9b:8f:c3:7e:81:
b2:81:db:1b:9d:d6:9d:96:6c:88:7c:2f:e7:e1:9f:09:3e:ba:
d7:0a:e6:98:ee:c4:b9:b9:be:db:01:b4:93:81:d8:0f:83:41:
2c:14:a8:8d:9d:60:48:d8:d4:9e:ed:e5:ef:8b:78:73:4c:e2:
c6:37:bd:22:4d:52:90:84:28:26:c7:51:60:a8:4a:0a:67:2f:
ae:61:a3:74:56:7e:3d:cd:41:16:81:d7:4c:a4:83:7e:0b:3d:
ea:e3:07:59:40:6c:dc:31:5b:6c:ad:3f:37:db:ef:7c:41:bd:
3f:08:03:ad:e6:4d:af:61:b6:e1:1d:f0:00:75:9b:16:93:56:
41:8c:31:77
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZPZlCCfWJY4Nz8OhptB6JTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjQxMjE4MTE0MzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc5ZTA2MTJiNDYxNzA2Nzg1YTgzOWRlMWFjOTRhNjBlMjg3Zjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj9iFSsXaNXdgglC+jGGuxQhsb5e
2cxqzqfJxbDn/upVNkAY+cEeArOV7J9t3byvYn8mQCjr/GlzAAcoCG0/R5XeFzfK
58nHy8BfH9PuYOIoxChVysFXFX3I3wjLVRBCi/qJvI0GXzdS6iFmf6uPigX7sMzP
BlZ7wvH69wUftxZk5akYMpNpViLi+c/BWojvAz2jIPC3hF0WQp3ivIdNXLwrv7PD
ohOu74GQoEKxVm8A8QCgTAdtfo+R3fpLYmDo1dn9VbMunzE50bJsDRFhs21NFszX
kB+uVhthoN8lqylFmHD4I0iGXYUbXyxu9eaC4hnL0kBZsgAMQ9g1bYRFIQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF554GErRhcGeFqDneGslKYOKH93MB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvWG5uZ1lTdEdGd1o0V29PZDRheVVwZzRvZjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAvH2gMAwD
BAK8faQDBAC8faYDBAC8fagDBAC8faoDBAC8fa4wDQYJKoZIhvcNAQELBQADggEB
AFLICPD3aOuSQ19+iQxCgiyzuZ1q2xwa7Rg6zJiCx59UzRml1pwHI6Gx7GuNWMm0
0ivI0C69XGSx0ZPc+yiS85VEYRdJCcmR8k673L3RiKaxUid8DP9tTnic2ep8V8F2
H5tDCryHXQ1lXIWlXLkSvJBxC9MQ2O9pvxCbj8N+gbKB2xud1p2WbIh8L+fhnwk+
utcK5pjuxLm5vtsBtJOB2A+DQSwUqI2dYEjY1J7t5e+LeHNM4sY3vSJNUpCEKCbH
UWCoSgpnL65ho3RWfj3NQRaB10ykg34LPerjB1lAbNwxW2ytPzfb73xBvT8IA63m
Ta9htuEd8AB1mxaTVkGMMXc=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:25 2024 by rpki-client on console.sobornost.net