Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/JZs1xmtEjhJ-xjttorveo5XvDsQ.roa
File: JZs1xmtEjhJ-xjttorveo5XvDsQ.roa (raw, json)
Hash identifier: WAiVi1pNpmy+SeNto58RdZcyBfr7WR0NsFGLNoQRxDU=
Subject key identifier: 25:9B:35:C6:6B:44:8E:12:7E:C6:3B:6D:A2:BB:DE:A3:95:EF:0E:C4
Certificate issuer: /CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Certificate serial: 01936E698768913FA9B62F31F7D05157A4FD
Authority key identifier: BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/JZs1xmtEjhJ-xjttorveo5XvDsQ.roa
Signing time: Wed 27 Nov 2024 16:17:09 +0000
ROA not before: Wed 27 Nov 2024 16:17:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24904
IP address blocks: 2.59.236.0/22 maxlen: 24
45.15.60.0/22 maxlen: 24
45.83.228.0/22 maxlen: 24
81.28.192.0/20 maxlen: 24
83.243.124.0/22 maxlen: 24
92.118.96.0/22 maxlen: 24
171.22.0.0/22 maxlen: 24
178.250.208.0/21 maxlen: 24
178.250.208.64/27 maxlen: 27
178.250.208.128/28 maxlen: 28
185.4.76.0/22 maxlen: 24
185.45.32.0/22 maxlen: 24
185.66.100.0/22 maxlen: 24
185.73.232.0/22 maxlen: 24
185.109.200.0/22 maxlen: 24
185.144.44.0/22 maxlen: 24
185.164.232.0/22 maxlen: 24
185.172.232.0/22 maxlen: 22
185.172.233.0/24 maxlen: 24
185.172.234.0/24 maxlen: 24
185.200.200.0/22 maxlen: 24
185.202.60.0/22 maxlen: 24
185.207.80.0/22 maxlen: 24
185.215.12.0/22 maxlen: 24
185.216.240.0/22 maxlen: 24
185.219.204.0/22 maxlen: 24
185.229.160.0/22 maxlen: 24
185.238.4.0/22 maxlen: 24
185.251.160.0/22 maxlen: 24
194.26.150.0/23 maxlen: 24
194.29.74.0/23 maxlen: 24
194.38.32.0/22 maxlen: 24
194.147.0.0/22 maxlen: 24
2a03:4980::/32 maxlen: 32
2a03:4980::/40 maxlen: 40
2a03:4980:100::/40 maxlen: 40
2a03:4980:200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:69:87:68:91:3f:a9:b6:2f:31:f7:d0:51:57:a4:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bab5e5e601cbf5d19d10d4db476a923b3b36f827
Validity
Not Before: Nov 27 16:17:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=259b35c66b448e127ec63b6da2bbdea395ef0ec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a6:30:88:13:d5:76:b4:ba:c0:af:d4:86:c7:
12:bf:85:31:79:e7:3f:01:7b:71:31:b0:97:f8:27:
33:dd:a1:c9:69:1c:be:85:c0:0c:53:86:b6:15:24:
95:5b:bb:6a:c3:87:5e:11:55:3e:9b:e7:12:f0:98:
a7:16:12:b5:f8:71:e7:de:59:c7:4d:12:0a:eb:e8:
4d:78:72:f2:8c:6c:dd:26:d7:69:04:54:43:3c:22:
ac:9e:ce:74:b6:de:67:28:47:a5:a7:56:8d:a2:41:
79:c5:fb:1c:19:05:f3:44:82:39:89:37:aa:72:1f:
78:06:f6:7a:0d:3b:cd:a2:c6:90:91:a2:e4:bb:ba:
d6:db:05:b7:86:22:3a:70:6f:15:b3:2b:08:9b:80:
84:c9:6f:cb:11:01:0f:11:66:2a:b2:2b:d4:54:35:
74:c0:31:b1:4a:74:60:71:f7:3f:12:9e:3c:31:67:
07:d7:40:38:2f:1c:41:e6:73:1b:c7:e1:f6:4c:a7:
d4:04:e4:b9:71:18:8c:98:5b:77:13:32:f0:d8:3b:
cb:84:38:fb:15:1b:13:b8:af:cd:83:51:35:ca:1b:
b9:4a:61:6d:ac:f7:e8:9c:3c:4d:41:7f:69:57:a9:
ae:69:6b:da:15:ea:ee:3c:7b:8f:3c:fe:99:b4:fc:
32:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:9B:35:C6:6B:44:8E:12:7E:C6:3B:6D:A2:BB:DE:A3:95:EF:0E:C4
X509v3 Authority Key Identifier:
keyid:BA:B5:E5:E6:01:CB:F5:D1:9D:10:D4:DB:47:6A:92:3B:3B:36:F8:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urXl5gHL9dGdENTbR2qSOzs2-Cc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/JZs1xmtEjhJ-xjttorveo5XvDsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/00df29-5022-405e-895d-77ca89cf436a/1/urXl5gHL9dGdENTbR2qSOzs2-Cc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.236.0/22
45.15.60.0/22
45.83.228.0/22
81.28.192.0/20
83.243.124.0/22
92.118.96.0/22
171.22.0.0/22
178.250.208.0/21
185.4.76.0/22
185.45.32.0/22
185.66.100.0/22
185.73.232.0/22
185.109.200.0/22
185.144.44.0/22
185.164.232.0/22
185.172.232.0/22
185.200.200.0/22
185.202.60.0/22
185.207.80.0/22
185.215.12.0/22
185.216.240.0/22
185.219.204.0/22
185.229.160.0/22
185.238.4.0/22
185.251.160.0/22
194.26.150.0/23
194.29.74.0/23
194.38.32.0/22
194.147.0.0/22
IPv6:
2a03:4980::/32
Signature Algorithm: sha256WithRSAEncryption
a0:98:27:5c:a2:84:4d:80:4c:3c:87:d6:5a:f5:76:d4:fc:46:
c1:45:00:6b:1d:7b:f0:41:d3:b5:02:68:12:59:84:74:0d:ea:
5f:29:8d:34:14:14:cc:09:e7:87:0e:44:39:c0:a4:9f:00:fd:
da:0d:57:92:67:7b:1d:49:ef:40:58:08:8b:1b:e9:83:3a:64:
a8:44:51:3e:ef:d1:7f:8a:7c:44:f4:36:4b:87:51:c5:6c:5e:
d5:8d:a5:b8:4b:30:8d:5f:ec:35:ec:b3:31:b2:64:bc:be:02:
a8:f2:eb:76:0b:b0:3f:2b:9d:54:b7:d8:83:a1:59:cf:6f:43:
08:4d:26:3d:75:32:65:8f:1f:01:88:c6:da:b5:dc:a0:00:67:
0f:f4:5f:b9:b0:a0:b3:08:59:2f:05:e1:cc:cd:90:d2:e4:c5:
c8:bb:b9:50:a8:a1:d2:ec:d6:19:3b:32:80:dd:c1:9e:a5:bd:
fd:fd:87:24:a1:f1:37:20:53:1f:0b:d2:0f:79:cf:64:49:71:
50:13:1f:34:95:18:3e:0f:f3:4d:ec:97:e0:13:05:fc:60:16:
a8:74:e4:38:6e:7c:f1:ab:6c:2a:5c:8b:a9:48:79:b6:88:b8:
2f:c0:5f:86:7b:5a:5c:5e:4d:bc:0d:98:d5:42:4c:a7:14:ea:
e7:95:1d:7b
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAZNuaYdokT+pti8x99BRV6T9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjVlNWU2MDFjYmY1ZDE5ZDEwZDRkYjQ3NmE5MjNiM2Iz
NmY4MjcwHhcNMjQxMTI3MTYxNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTliMzVjNjZiNDQ4ZTEyN2VjNjNiNmRhMmJiZGVhMzk1ZWYwZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6YwiBPVdrS6wK/UhscSv4Uxeec/
AXtxMbCX+Ccz3aHJaRy+hcAMU4a2FSSVW7tqw4deEVU+m+cS8JinFhK1+HHn3lnH
TRIK6+hNeHLyjGzdJtdpBFRDPCKsns50tt5nKEelp1aNokF5xfscGQXzRII5iTeq
ch94BvZ6DTvNosaQkaLku7rW2wW3hiI6cG8VsysIm4CEyW/LEQEPEWYqsivUVDV0
wDGxSnRgcfc/Ep48MWcH10A4LxxB5nMbx+H2TKfUBOS5cRiMmFt3EzLw2DvLhDj7
FRsTuK/Ng1E1yhu5SmFtrPfonDxNQX9pV6muaWvaFeruPHuPPP6ZtPwygwIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFCWbNcZrRI4SfsY7baK73qOV7w7EMB8GA1UdIwQY
MBaAFLq15eYBy/XRnRDU20dqkjs7NvgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQt
NzdjYTg5Y2Y0MzZhLzEvSlpzMXhtdEVqaEoteGp0dG9ydmVvNVh2RHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wMGRmMjktNTAyMi00MDVlLTg5NWQtNzdjYTg5Y2Y0MzZh
LzEvdXJYbDVnSEw5ZEdkRU5UYlIycVNPenMyLUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBtQQCAAEwga4DBAIC
O+wDBAItDzwDBAItU+QDBARRHMADBAJT83wDBAJcdmADBAKrFgADBAOy+tADBAK5
BEwDBAK5LSADBAK5QmQDBAK5SegDBAK5bcgDBAK5kCwDBAK5pOgDBAK5rOgDBAK5
yMgDBAK5yjwDBAK5z1ADBAK51wwDBAK52PADBAK528wDBAK55aADBAK57gQDBAK5
+6ADBAHCGpYDBAHCHUoDBALCJiADBALCkwAwDQQCAAIwBwMFACoDSYAwDQYJKoZI
hvcNAQELBQADggEBAKCYJ1yihE2ATDyH1lr1dtT8RsFFAGsde/BB07UCaBJZhHQN
6l8pjTQUFMwJ54cORDnApJ8A/doNV5Jnex1J70BYCIsb6YM6ZKhEUT7v0X+KfET0
NkuHUcVsXtWNpbhLMI1f7DXsszGyZLy+Aqjy63YLsD8rnVS32IOhWc9vQwhNJj11
MmWPHwGIxtq13KAAZw/0X7mwoLMIWS8F4czNkNLkxci7uVCoodLs1hk7MoDdwZ6l
vf39hySh8TcgUx8L0g95z2RJcVATHzSVGD4P803sl+ATBfxgFqh05DhufPGrbCpc
i6lIebaIuC/AX4Z7WlxeTbwNmNVCTKcU6ueVHXs=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:30 2024 by rpki-client on console.sobornost.net