Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/5xwanXVqGN8cbDL31ePd1pPr3Rw.roa
File: 5xwanXVqGN8cbDL31ePd1pPr3Rw.roa (raw, json)
Hash identifier: QjLz0ILY1vJwG0Oo4kLq7m+PhEr/Ws71uI4XJimrElo=
Subject key identifier: E7:1C:1A:9D:75:6A:18:DF:1C:6C:32:F7:D5:E3:DD:D6:93:EB:DD:1C
Certificate issuer: /CN=58dd42ab3460279709c134b570f76e34e4d95b91
Certificate serial: 018CC64ACFF6C5E966A8F094A5220B04DC25
Authority key identifier: 58:DD:42:AB:34:60:27:97:09:C1:34:B5:70:F7:6E:34:E4:D9:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WN1CqzRgJ5cJwTS1cPduNOTZW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/5xwanXVqGN8cbDL31ePd1pPr3Rw.roa
Signing time: Mon 01 Jan 2024 18:30:40 +0000
ROA not before: Mon 01 Jan 2024 18:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29152
IP address blocks: 195.80.152.0/24 maxlen: 24
195.80.158.0/24 maxlen: 24
195.80.154.0/24 maxlen: 24
195.80.157.0/24 maxlen: 24
195.80.153.0/24 maxlen: 24
195.80.156.0/24 maxlen: 24
195.80.159.0/24 maxlen: 24
195.80.155.0/24 maxlen: 24
2a00:1b11:115::/48 maxlen: 48
2a00:1b11:116::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:cf:f6:c5:e9:66:a8:f0:94:a5:22:0b:04:dc:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58dd42ab3460279709c134b570f76e34e4d95b91
Validity
Not Before: Jan 1 18:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e71c1a9d756a18df1c6c32f7d5e3ddd693ebdd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:fa:8c:bf:47:09:7f:3e:10:1a:60:2c:5c:
80:36:49:00:91:55:60:48:ec:83:7a:b3:d6:ef:d9:
31:b1:c0:e3:21:ae:9a:fa:a5:36:fd:20:eb:4f:8e:
b8:89:20:ce:fc:1c:6e:5f:12:c0:1a:c4:98:20:0a:
7b:5e:de:9b:6b:06:b9:06:66:30:fc:f8:d4:51:4f:
84:47:90:bb:a8:39:91:e1:52:f7:0c:c9:e2:ae:47:
2c:b7:60:5f:ed:45:32:50:41:3e:9d:b6:23:c8:05:
67:d7:06:8f:cc:56:a4:22:2c:c7:d6:ed:10:c0:3d:
89:82:ae:c3:c8:b9:a0:f5:83:ae:b6:9e:4f:28:a1:
19:ea:55:bb:f7:b1:c8:46:49:36:24:4e:8f:44:f6:
aa:c5:64:1b:26:48:c9:a6:d7:7a:a7:82:c1:86:d7:
0c:89:a0:52:1f:6a:be:db:2f:7a:7c:a8:76:8d:af:
25:c5:77:cb:9c:df:83:74:57:e3:0d:74:c2:0a:4f:
4f:dc:33:b2:8e:cd:ca:23:64:8f:9f:a5:af:17:a3:
8d:0d:f9:31:04:04:3b:ff:0d:3c:46:07:37:dc:d2:
c8:50:e4:6a:f8:69:5b:99:33:ee:7e:79:1c:b0:05:
c1:01:7f:48:88:04:f3:d4:a9:13:3f:33:9b:fa:c1:
c1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:1C:1A:9D:75:6A:18:DF:1C:6C:32:F7:D5:E3:DD:D6:93:EB:DD:1C
X509v3 Authority Key Identifier:
keyid:58:DD:42:AB:34:60:27:97:09:C1:34:B5:70:F7:6E:34:E4:D9:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WN1CqzRgJ5cJwTS1cPduNOTZW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/5xwanXVqGN8cbDL31ePd1pPr3Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/40b8f6-685d-4e86-97d8-6e31347d04d9/1/WN1CqzRgJ5cJwTS1cPduNOTZW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.152.0/21
IPv6:
2a00:1b11:115::-2a00:1b11:116:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
71:85:ac:a5:61:14:7f:d4:af:fb:23:1f:bd:26:b1:2a:48:f5:
cf:32:18:9b:ea:29:cf:93:ef:88:56:31:cd:4c:4d:8f:b9:a0:
84:5f:90:b3:20:c2:44:23:f9:fa:5f:ad:a9:35:a7:9b:46:45:
f9:a1:7b:94:33:49:05:1f:68:eb:3f:74:42:23:a3:2e:6d:f0:
c4:36:6b:66:97:a4:62:21:dd:75:fe:79:ca:77:6e:48:69:b2:
ed:b0:39:af:fa:e2:f5:b4:a9:7c:b2:78:dd:b7:4a:5c:58:21:
f3:3e:31:d3:12:94:85:3c:e4:c5:39:c5:54:0d:d0:6a:07:cd:
6a:98:ae:3f:9a:4c:42:88:1f:b3:3b:ac:2a:32:ed:7b:27:ea:
a6:db:2b:3f:dd:af:51:06:9a:cc:e9:c1:0e:0d:61:16:c6:71:
fb:b3:c0:e7:06:9c:b8:c7:b4:f9:4f:a5:4d:27:6d:86:1a:c9:
1c:05:c5:b3:4d:03:19:1e:95:ce:7d:59:07:6b:23:d4:8e:b4:
2e:56:65:03:c3:23:fa:68:0c:2f:04:74:ae:a7:fc:eb:72:6c:
87:5f:c3:5a:76:af:76:0f:64:bc:d1:68:27:94:e5:1e:df:29:
af:73:e9:1f:33:fe:a4:63:b1:3e:32:a4:02:4a:af:7b:a6:d4:
b9:53:c8:5e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGSs/2xelmqPCUpSILBNwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZGQ0MmFiMzQ2MDI3OTcwOWMxMzRiNTcwZjc2ZTM0ZTRk
OTViOTEwHhcNMjQwMTAxMTgzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzFjMWE5ZDc1NmExOGRmMWM2YzMyZjdkNWUzZGRkNjkzZWJkZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbP6jL9HCX8+EBpgLFyANkkAkVVg
SOyDerPW79kxscDjIa6a+qU2/SDrT464iSDO/BxuXxLAGsSYIAp7Xt6bawa5BmYw
/PjUUU+ER5C7qDmR4VL3DMnirkcst2Bf7UUyUEE+nbYjyAVn1waPzFakIizH1u0Q
wD2Jgq7DyLmg9YOutp5PKKEZ6lW797HIRkk2JE6PRPaqxWQbJkjJptd6p4LBhtcM
iaBSH2q+2y96fKh2ja8lxXfLnN+DdFfjDXTCCk9P3DOyjs3KI2SPn6WvF6ONDfkx
BAQ7/w08Rgc33NLIUORq+GlbmTPufnkcsAXBAX9IiATz1KkTPzOb+sHBiQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOccGp11ahjfHGwy99Xj3daT690cMB8GA1UdIwQY
MBaAFFjdQqs0YCeXCcE0tXD3bjTk2VuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV04xQ3F6UmdKNWNKd1RTMWNQZHVOT1RaVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80MGI4ZjYtNjg1ZC00ZTg2LTk3ZDgt
NmUzMTM0N2QwNGQ5LzEvNXh3YW5YVnFHTjhjYkRMMzFlUGQxcFByM1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80MGI4ZjYtNjg1ZC00ZTg2LTk3ZDgtNmUzMTM0N2QwNGQ5
LzEvV04xQ3F6UmdKNWNKd1RTMWNQZHVOT1RaVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQDw1CYMBoE
AgACMBQwEgMHACoAGxEBFQMHACoAGxEBFjANBgkqhkiG9w0BAQsFAAOCAQEAcYWs
pWEUf9Sv+yMfvSaxKkj1zzIYm+opz5PviFYxzUxNj7mghF+QsyDCRCP5+l+tqTWn
m0ZF+aF7lDNJBR9o6z90QiOjLm3wxDZrZpekYiHddf55ynduSGmy7bA5r/ri9bSp
fLJ43bdKXFgh8z4x0xKUhTzkxTnFVA3QagfNapiuP5pMQogfszusKjLteyfqptsr
P92vUQaazOnBDg1hFsZx+7PA5wacuMe0+U+lTSdthhrJHAXFs00DGR6Vzn1ZB2sj
1I60LlZlA8Mj+mgMLwR0rqf863Jsh1/DWnavdg9kvNFoJ5TlHt8pr3PpHzP+pGOx
PjKkAkqve6bUuVPIXg==
-----END CERTIFICATE-----
Generated at Sat Jul 27 04:48:07 2024 by rpki-client on console.sobornost.net