Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/09ad6f-8cb0-4ac7-a5ec-ded2110c4c93/1/XBdx9rb0WNqRUkciqxWRrFmO11U.roa
File: XBdx9rb0WNqRUkciqxWRrFmO11U.roa (raw, json)
Hash identifier: dm5/70ze+IAHCEtJlmu5l/X0T9FpIZZicTHOAgDnhP4=
Subject key identifier: 5C:17:71:F6:B6:F4:58:DA:91:52:47:22:AB:15:91:AC:59:8E:D7:55
Certificate issuer: /CN=3ea11ec3b0b19546d156c236b3f2798d18cb5f20
Certificate serial: 01856BCA2CD1B301A621DFB0B54E0E4DFA1C
Authority key identifier: 3E:A1:1E:C3:B0:B1:95:46:D1:56:C2:36:B3:F2:79:8D:18:CB:5F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PqEew7CxlUbRVsI2s_J5jRjLXyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/09ad6f-8cb0-4ac7-a5ec-ded2110c4c93/1/XBdx9rb0WNqRUkciqxWRrFmO11U.roa
Signing time: Sun 01 Jan 2023 05:24:49 +0000
ROA not before: Sun 01 Jan 2023 05:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202543
IP address blocks: 185.246.170.0/24 maxlen: 24
185.246.169.0/24 maxlen: 24
185.246.168.0/24 maxlen: 24
185.246.171.0/24 maxlen: 24
45.154.178.0/24 maxlen: 24
45.154.177.0/24 maxlen: 24
45.154.176.0/24 maxlen: 24
45.154.179.0/24 maxlen: 24
2a0f:3980::/29 maxlen: 48
2a0f:c300::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:2c:d1:b3:01:a6:21:df:b0:b5:4e:0e:4d:fa:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ea11ec3b0b19546d156c236b3f2798d18cb5f20
Validity
Not Before: Jan 1 05:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c1771f6b6f458da91524722ab1591ac598ed755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bc:d2:ce:ad:ff:60:1e:d3:d8:91:a0:9e:fd:
98:bd:d4:a6:7a:45:06:97:75:ca:76:e7:f1:ab:20:
c8:17:d6:05:b7:93:bd:9c:21:f4:bb:c0:dd:32:18:
f6:83:45:77:83:05:50:da:20:5c:01:4e:2f:be:84:
32:64:3b:73:a3:2a:69:3e:2e:f1:ca:8d:67:f5:c7:
94:12:60:04:5d:6a:19:2a:22:05:f9:2e:af:84:8e:
cb:fa:19:77:c7:30:7d:a2:49:e6:20:b4:52:e9:1a:
3a:c6:cf:ca:1b:0c:9e:ca:d2:41:47:1a:76:af:15:
e1:39:e5:11:26:65:4e:49:5b:0d:96:91:6f:78:8f:
a4:07:c0:00:ac:fd:bb:25:8f:e4:47:91:b0:bd:78:
1e:69:80:40:0f:17:a7:68:62:d7:d1:f0:f2:c0:13:
8b:15:28:56:e5:19:9f:75:ba:68:14:a3:6f:16:70:
6d:d7:ad:13:ba:30:b3:ae:01:14:71:58:03:f7:26:
09:f6:87:b2:bc:2c:30:92:07:a9:f1:56:d2:0c:b9:
36:83:a4:c1:3d:2e:5f:78:09:44:88:2d:54:22:8c:
08:c9:8e:76:e3:f2:6d:dd:16:49:b0:a2:dc:ba:e3:
52:05:cf:32:4f:5d:1d:93:a3:cc:5c:d4:ac:dd:35:
94:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:17:71:F6:B6:F4:58:DA:91:52:47:22:AB:15:91:AC:59:8E:D7:55
X509v3 Authority Key Identifier:
keyid:3E:A1:1E:C3:B0:B1:95:46:D1:56:C2:36:B3:F2:79:8D:18:CB:5F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PqEew7CxlUbRVsI2s_J5jRjLXyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/09ad6f-8cb0-4ac7-a5ec-ded2110c4c93/1/XBdx9rb0WNqRUkciqxWRrFmO11U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/09ad6f-8cb0-4ac7-a5ec-ded2110c4c93/1/PqEew7CxlUbRVsI2s_J5jRjLXyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.176.0/22
185.246.168.0/22
IPv6:
2a0f:3980::/29
2a0f:c300::/29
Signature Algorithm: sha256WithRSAEncryption
7e:ac:17:53:a6:c0:b6:bd:ec:4a:88:9c:26:ad:17:26:4b:eb:
3a:23:63:4d:7e:2a:4c:84:a6:da:37:6c:6b:85:7d:6c:ab:dd:
a7:32:2b:0d:0f:fb:7c:d3:3a:8e:dd:b7:94:0b:c0:39:57:81:
fb:63:b0:0e:4f:e3:55:b4:f2:35:63:42:fc:06:8e:37:aa:94:
b4:06:13:a9:cb:1d:2e:7c:9c:e8:74:92:43:66:13:8b:af:9f:
ae:27:0a:77:7a:87:ef:b0:61:d1:86:90:9b:8f:27:5d:84:c0:
dc:b6:01:18:ee:d6:ad:92:d6:0e:e8:c0:15:81:a7:d1:e4:a6:
8d:fb:c9:08:00:37:ec:13:e9:94:9b:6c:78:50:23:50:15:f3:
4a:d1:ed:3d:68:13:19:fc:27:ab:4b:6c:22:c7:97:6f:af:0b:
ca:3d:0b:fc:48:24:d8:c2:e8:6a:f4:1c:d0:1e:05:f2:d7:40:
6c:a2:41:44:86:06:08:5a:cd:76:46:a6:19:6a:c6:c4:75:60:
42:8d:16:d4:67:a6:43:d2:2c:6b:b7:eb:53:0f:d7:ab:95:98:
bd:51:ab:04:65:ee:ce:d7:5a:7e:b0:31:88:2c:ea:01:6e:94:
46:c5:16:7b:30:57:77:25:9d:ac:f8:97:b0:dc:ff:37:c3:52:
aa:bc:25:77
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVryizRswGmId+wtU4OTfocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYTExZWMzYjBiMTk1NDZkMTU2YzIzNmIzZjI3OThkMThj
YjVmMjAwHhcNMjMwMTAxMDUyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzE3NzFmNmI2ZjQ1OGRhOTE1MjQ3MjJhYjE1OTFhYzU5OGVkNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLzSzq3/YB7T2JGgnv2YvdSmekUG
l3XKdufxqyDIF9YFt5O9nCH0u8DdMhj2g0V3gwVQ2iBcAU4vvoQyZDtzoyppPi7x
yo1n9ceUEmAEXWoZKiIF+S6vhI7L+hl3xzB9oknmILRS6Ro6xs/KGwyeytJBRxp2
rxXhOeURJmVOSVsNlpFveI+kB8AArP27JY/kR5GwvXgeaYBADxenaGLX0fDywBOL
FShW5RmfdbpoFKNvFnBt160TujCzrgEUcVgD9yYJ9oeyvCwwkgep8VbSDLk2g6TB
PS5feAlEiC1UIowIyY524/Jt3RZJsKLcuuNSBc8yT10dk6PMXNSs3TWUywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFwXcfa29FjakVJHIqsVkaxZjtdVMB8GA1UdIwQY
MBaAFD6hHsOwsZVG0VbCNrPyeY0Yy18gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHFFZXc3Q3hsVWJSVnNJMnNfSjVqUmpMWHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8wOWFkNmYtOGNiMC00YWM3LWE1ZWMt
ZGVkMjExMGM0YzkzLzEvWEJkeDlyYjBXTnFSVWtjaXF4V1JyRm1PMTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8wOWFkNmYtOGNiMC00YWM3LWE1ZWMtZGVkMjExMGM0Yzkz
LzEvUHFFZXc3Q3hsVWJSVnNJMnNfSjVqUmpMWHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLZqwAwQC
ufaoMBQEAgACMA4DBQMqDzmAAwUDKg/DADANBgkqhkiG9w0BAQsFAAOCAQEAfqwX
U6bAtr3sSoicJq0XJkvrOiNjTX4qTISm2jdsa4V9bKvdpzIrDQ/7fNM6jt23lAvA
OVeB+2OwDk/jVbTyNWNC/AaON6qUtAYTqcsdLnyc6HSSQ2YTi6+fricKd3qH77Bh
0YaQm48nXYTA3LYBGO7WrZLWDujAFYGn0eSmjfvJCAA37BPplJtseFAjUBXzStHt
PWgTGfwnq0tsIseXb68Lyj0L/Egk2MLoavQc0B4F8tdAbKJBRIYGCFrNdkamGWrG
xHVgQo0W1GemQ9Isa7frUw/Xq5WYvVGrBGXuztdafrAxiCzqAW6URsUWezBXdyWd
rPiXsNz/N8NSqrwldw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:20 2023 by rpki-client on console.sobornost.net