Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/5wEyBP2xfwl6b4CjPQEWzcrJqQ4.roa
File: 5wEyBP2xfwl6b4CjPQEWzcrJqQ4.roa (raw, json)
Hash identifier: uGO4DQ6BmPlevDbpX0JZ8T3zBbhalb3d6R74iEqi1J0=
Subject key identifier: E7:01:32:04:FD:B1:7F:09:7A:6F:80:A3:3D:01:16:CD:CA:C9:A9:0E
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 0193B5A61BBCF276F06BAA378016F2699986
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/5wEyBP2xfwl6b4CjPQEWzcrJqQ4.roa
Signing time: Wed 11 Dec 2024 12:16:22 +0000
ROA not before: Wed 11 Dec 2024 12:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51935
IP address blocks: 46.163.192.0/18 maxlen: 24
62.220.240.0/21 maxlen: 24
62.220.248.0/22 maxlen: 24
83.146.160.0/19 maxlen: 24
185.192.24.0/22 maxlen: 24
2a02:6fa0::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:a6:1b:bc:f2:76:f0:6b:aa:37:80:16:f2:69:99:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Dec 11 12:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7013204fdb17f097a6f80a33d0116cdcac9a90e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:2e:81:98:b7:e7:f9:74:fb:50:c5:ed:92:
ca:3f:29:21:43:08:c9:6f:f8:44:42:30:b2:2b:d1:
09:46:f1:da:7b:b2:af:39:b2:ed:8c:e3:a8:31:ac:
20:59:64:1e:b5:50:b7:21:91:b0:ff:c8:70:0a:61:
bb:53:35:cc:bf:93:16:9e:30:8d:32:d9:5d:cd:fd:
ef:c8:e2:94:e9:7d:50:74:4d:0c:0e:c2:d8:71:ff:
71:f9:48:cb:4c:f5:a7:87:0d:6b:b5:c5:79:cd:72:
09:e1:d8:da:87:40:64:a3:43:58:0f:8e:43:91:e4:
1e:fc:7d:24:6b:2c:f5:e8:68:fc:f1:db:4f:df:2c:
25:36:73:9e:e5:73:1c:a4:45:05:1e:2d:9c:d2:3f:
31:0e:6a:72:8a:c5:02:47:5b:13:7f:2e:ba:4f:36:
b0:ec:83:b3:d1:52:91:e6:eb:b4:b7:0d:98:ad:26:
17:31:29:fb:41:5a:4d:16:00:fc:06:39:dd:3d:94:
e3:02:43:33:32:27:d7:a3:a8:c4:12:37:89:3b:b4:
05:03:da:3d:c1:af:74:fb:98:d8:31:5c:c1:3c:d7:
18:8e:0d:75:24:66:da:5f:86:8d:38:36:f0:5c:18:
e0:c7:c5:40:4a:96:c8:c8:bf:e7:26:62:71:8d:70:
80:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:01:32:04:FD:B1:7F:09:7A:6F:80:A3:3D:01:16:CD:CA:C9:A9:0E
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/5wEyBP2xfwl6b4CjPQEWzcrJqQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.163.192.0/18
62.220.240.0-62.220.251.255
83.146.160.0/19
185.192.24.0/22
IPv6:
2a02:6fa0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:7c:34:5e:b6:79:0b:76:59:6f:5a:48:0b:47:12:1e:3a:5b:
2e:d0:22:8f:85:0d:d2:7b:c2:47:33:58:a9:4a:ee:25:e7:75:
6a:53:06:8d:59:a2:b0:99:5b:61:7b:37:45:fb:84:b1:a2:92:
a2:ad:04:3e:82:51:62:bb:25:ee:62:12:32:ea:01:19:b5:93:
3c:51:aa:e1:51:5a:1c:f7:b4:1a:fb:bc:19:fc:40:32:39:a6:
fa:62:73:d3:08:f0:d5:8f:fd:9d:65:a1:8b:45:cb:1e:48:5e:
ce:60:72:43:d9:ae:6a:ac:77:a5:f7:0a:5b:b6:1c:62:51:01:
3f:07:9e:04:fd:13:a1:22:58:90:2a:60:e7:e0:92:59:0e:c3:
75:5b:1f:28:ab:0a:6a:a9:54:c6:95:f0:4d:d1:a9:42:36:fc:
57:1c:1b:91:f6:df:2b:35:41:38:1f:b3:9a:a5:e6:e0:b7:3a:
20:b7:94:e1:9f:06:99:b0:48:9f:e4:3a:e0:b4:86:ba:20:38:
30:e6:08:cd:ee:88:ad:9d:fe:d9:36:0d:ba:32:5f:0f:e1:ec:
00:33:c7:74:b9:47:26:bd:bd:52:d1:1c:9c:3c:9a:d9:69:36:
62:2d:76:dc:b2:9c:34:71:29:99:90:5d:d7:dc:db:ca:5d:33:
cb:2c:c8:c9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZO1phu88nbwa6o3gBbyaZmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjQxMjExMTIxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAxMzIwNGZkYjE3ZjA5N2E2ZjgwYTMzZDAxMTZjZGNhYzlhOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTcugZi35/l0+1DF7ZLKPykhQwjJ
b/hEQjCyK9EJRvHae7KvObLtjOOoMawgWWQetVC3IZGw/8hwCmG7UzXMv5MWnjCN
Mtldzf3vyOKU6X1QdE0MDsLYcf9x+UjLTPWnhw1rtcV5zXIJ4djah0Bko0NYD45D
keQe/H0kayz16Gj88dtP3ywlNnOe5XMcpEUFHi2c0j8xDmpyisUCR1sTfy66Tzaw
7IOz0VKR5uu0tw2YrSYXMSn7QVpNFgD8BjndPZTjAkMzMifXo6jEEjeJO7QFA9o9
wa90+5jYMVzBPNcYjg11JGbaX4aNODbwXBjgx8VASpbIyL/nJmJxjXCAsQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOcBMgT9sX8Jem+Aoz0BFs3KyakOMB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEvNXdFeUJQMnhmd2w2YjRDalBRRVd6Y3JKcVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGLqPAMAwD
BAQ+3PADBAI+3PgDBAVTkqADBAK5wBgwDQQCAAIwBwMFACoCb6AwDQYJKoZIhvcN
AQELBQADggEBAD98NF62eQt2WW9aSAtHEh46Wy7QIo+FDdJ7wkczWKlK7iXndWpT
Bo1ZorCZW2F7N0X7hLGikqKtBD6CUWK7Je5iEjLqARm1kzxRquFRWhz3tBr7vBn8
QDI5pvpic9MI8NWP/Z1loYtFyx5IXs5gckPZrmqsd6X3Clu2HGJRAT8HngT9E6Ei
WJAqYOfgklkOw3VbHyirCmqpVMaV8E3RqUI2/FccG5H23ys1QTgfs5ql5uC3OiC3
lOGfBpmwSJ/kOuC0hrogODDmCM3uiK2d/tk2DboyXw/h7AAzx3S5Rya9vVLRHJw8
mtlpNmItdtyynDRxKZmQXdfc28pdM8ssyMk=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:28 2024 by rpki-client on console.sobornost.net