Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/JvUuqVHthQS6idIePyk8qCH9MlE.roa
File: JvUuqVHthQS6idIePyk8qCH9MlE.roa (raw, json)
Hash identifier: HGDalgnpb1UwcY664ywSrgi8W+lqXfZO7swxuGPx7HQ=
Subject key identifier: 26:F5:2E:A9:51:ED:85:04:BA:89:D2:1E:3F:29:3C:A8:21:FD:32:51
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 019127B6EA45CA732C99F77CE6FEC03D572F
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/JvUuqVHthQS6idIePyk8qCH9MlE.roa
Signing time: Tue 06 Aug 2024 12:43:04 +0000
ROA not before: Tue 06 Aug 2024 12:43:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 37.16.78.0/24 maxlen: 24
37.235.88.0/21 maxlen: 24
45.15.204.0/22 maxlen: 24
45.88.140.0/22 maxlen: 24
45.138.192.0/22 maxlen: 24
46.29.120.0/21 maxlen: 24
85.208.216.0/22 maxlen: 24
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 24
109.71.136.0/21 maxlen: 24
109.197.240.0/21 maxlen: 24
109.205.0.0/21 maxlen: 24
185.31.148.0/22 maxlen: 24
185.39.168.0/22 maxlen: 24
185.71.148.0/22 maxlen: 24
185.75.140.0/22 maxlen: 24
185.117.18.0/23 maxlen: 24
185.161.44.0/22 maxlen: 24
185.167.76.0/24 maxlen: 24
185.181.4.0/22 maxlen: 24
185.218.212.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
185.246.26.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
185.252.156.0/22 maxlen: 24
193.176.64.0/22 maxlen: 24
194.88.112.0/21 maxlen: 24
194.126.178.0/24 maxlen: 24
195.90.116.0/22 maxlen: 24
195.190.27.0/24 maxlen: 24
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a01:6600:2e00::/40 maxlen: 40
2a01:6603::/32 maxlen: 32
2a01:6604::/32 maxlen: 32
2a01:6605::/32 maxlen: 32
2a02:21c8::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:b6:ea:45:ca:73:2c:99:f7:7c:e6:fe:c0:3d:57:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Aug 6 12:43:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26f52ea951ed8504ba89d21e3f293ca821fd3251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:49:06:db:21:b7:1b:9a:1a:ba:44:c5:ca:fb:
c2:d4:95:3b:d2:13:0d:96:de:6d:23:81:89:b9:b7:
10:4d:d6:51:50:c8:92:0e:fd:4c:7b:d1:c3:ba:69:
c2:1c:c1:50:21:7b:e3:60:72:52:b3:d3:40:a3:7b:
39:04:b2:40:8e:54:ff:85:1c:91:8a:4c:62:a5:2c:
b6:53:1a:38:04:f4:5e:c5:03:3b:aa:d8:e8:5c:25:
e7:24:de:c3:c8:69:50:13:c4:46:89:71:d2:94:5c:
d1:fa:85:4c:94:8b:37:4d:b3:c3:d7:da:95:8e:60:
df:27:54:a2:73:fe:34:4e:27:af:8e:84:a4:f1:15:
95:76:55:78:8e:97:30:1e:ee:5f:f8:b5:ce:89:0d:
7a:cc:4d:f5:e8:e1:b8:43:6f:0c:2b:f3:66:ff:db:
3b:6f:d1:fc:41:97:1d:d6:8c:23:25:5d:d7:d0:1f:
c2:c7:57:92:aa:b4:58:0b:a4:51:44:8d:06:65:63:
8c:e0:da:9f:c7:33:53:84:e2:c4:4f:da:54:54:60:
41:d2:5f:c0:29:32:f2:89:84:6a:5e:19:6c:9e:2b:
b2:5c:42:17:b6:21:20:71:2d:b1:5b:35:94:4f:1f:
82:ba:ed:5c:19:99:0a:1d:9a:5f:c7:74:46:c8:62:
15:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F5:2E:A9:51:ED:85:04:BA:89:D2:1E:3F:29:3C:A8:21:FD:32:51
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/JvUuqVHthQS6idIePyk8qCH9MlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.78.0/24
37.235.88.0/21
45.15.204.0/22
45.88.140.0/22
45.138.192.0/22
46.29.120.0/21
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.71.136.0/21
109.197.240.0/21
109.205.0.0/21
185.31.148.0/22
185.39.168.0/22
185.71.148.0/22
185.75.140.0/22
185.117.18.0/23
185.161.44.0/22
185.167.76.0/24
185.181.4.0/22
185.218.212.0/22
185.220.72.0/22
185.227.0.0/22
185.230.96.0/22
185.246.26.0/24
185.246.96.0/22
185.252.156.0/22
193.176.64.0/22
194.88.112.0/21
194.126.178.0/24
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a01:6600:2e00::/40
2a01:6603::-2a01:6605:ffff:ffff:ffff:ffff:ffff:ffff
2a02:21c8::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
16:56:6c:b9:ab:59:24:ab:b9:9d:9a:e3:10:3e:a0:7d:74:ba:
e3:dc:0f:89:b0:8a:b9:3a:90:26:55:b7:6b:f9:1d:2f:6d:34:
b5:3f:bf:0a:f4:ad:73:17:a2:db:71:96:0c:ac:1b:b7:f0:cd:
b9:6d:8e:6e:7a:90:ee:31:df:61:93:7c:a9:bd:d4:a2:ed:23:
5f:6a:f9:35:3c:06:4c:4c:c7:a3:0c:12:73:55:76:3e:dc:32:
60:b5:b7:db:46:eb:32:18:70:e3:56:62:93:fe:ad:e1:df:a1:
2c:19:c7:49:32:61:ef:e9:ac:58:4a:ea:70:9c:59:de:70:46:
71:58:d5:ec:e2:5c:28:11:ef:0f:e5:f4:e6:60:7b:99:a0:29:
18:db:f0:71:d1:d9:ce:cc:b7:a3:ac:a0:d7:a1:b5:43:44:15:
90:9a:b3:b3:96:3e:3d:70:8b:8b:26:ee:4b:d0:e8:c6:5b:56:
6c:68:3a:d6:51:f9:83:69:03:98:dd:60:8a:c5:83:0b:2d:2c:
65:ff:21:62:c9:02:48:5b:e4:79:a4:94:0d:f3:cd:52:c9:11:
45:ac:76:99:86:53:3b:6d:78:b9:fc:f4:a7:4b:36:49:52:bc:
ae:1d:23:bc:e6:3c:4e:77:15:02:7d:e3:2e:1e:1b:eb:ad:ce:
c2:92:14:ae
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAZEntupFynMsmfd85v7APVcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwODA2MTI0MzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmY1MmVhOTUxZWQ4NTA0YmE4OWQyMWUzZjI5M2NhODIxZmQzMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkkG2yG3G5oaukTFyvvC1JU70hMN
lt5tI4GJubcQTdZRUMiSDv1Me9HDumnCHMFQIXvjYHJSs9NAo3s5BLJAjlT/hRyR
ikxipSy2Uxo4BPRexQM7qtjoXCXnJN7DyGlQE8RGiXHSlFzR+oVMlIs3TbPD19qV
jmDfJ1Sic/40TievjoSk8RWVdlV4jpcwHu5f+LXOiQ16zE316OG4Q28MK/Nm/9s7
b9H8QZcd1owjJV3X0B/Cx1eSqrRYC6RRRI0GZWOM4NqfxzNThOLET9pUVGBB0l/A
KTLyiYRqXhlsniuyXEIXtiEgcS2xWzWUTx+Cuu1cGZkKHZpfx3RGyGIVZQIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFCb1LqlR7YUEuonSHj8pPKgh/TJRMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvSnZVdXFWSHRoUVM2aWRJZVB5azhxQ0g5TWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCBzQQCAAEwgcYD
BAAlEE4DBAMl61gDBAItD8wDBAItWIwDBAItisADBAMuHXgDBAJV0NgDBABb1OwD
BABb5YgDBAJenrQDBANtR4gDBANtxfADBANtzQADBAK5H5QDBAK5J6gDBAK5R5QD
BAK5S4wDBAG5dRIDBAK5oSwDBAC5p0wDBAK5tQQDBAK52tQDBAK53EgDBAK54wAD
BAK55mADBAC59hoDBAK59mADBAK5/JwDBALBsEADBAPCWHADBADCfrIDBALDWnQD
BADDvhswQwQCAAIwPTAOAwUFKgC6YAMFACoAumIDBQAqALpnAwYAKgFmAC4wDgMF
ACoBZgMDBQEqAWYEAwUAKgIhyAMFAyoJjEAwDQYJKoZIhvcNAQELBQADggEBABZW
bLmrWSSruZ2a4xA+oH10uuPcD4mwirk6kCZVt2v5HS9tNLU/vwr0rXMXottxlgys
G7fwzbltjm56kO4x32GTfKm91KLtI19q+TU8BkxMx6MMEnNVdj7cMmC1t9tG6zIY
cONWYpP+reHfoSwZx0kyYe/prFhK6nCcWd5wRnFY1eziXCgR7w/l9OZge5mgKRjb
8HHR2c7Mt6OsoNehtUNEFZCas7OWPj1wi4sm7kvQ6MZbVmxoOtZR+YNpA5jdYIrF
gwstLGX/IWLJAkhb5HmklA3zzVLJEUWsdpmGUztteLn89KdLNklSvK4dI7zmPE53
FQJ94y4eG+utzsKSFK4=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:31 2024 by rpki-client on console.sobornost.net