Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KhwpaBxpqM_BdvLvmXMqYWleZp8.roa
File: KhwpaBxpqM_BdvLvmXMqYWleZp8.roa (raw, json)
Hash identifier: fiU5DakwGUNvHwt34cj1GK0WGhyLEQLXNLEjtsWb/FI=
Subject key identifier: 2A:1C:29:68:1C:69:A8:CF:C1:76:F2:EF:99:73:2A:61:69:5E:66:9F
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019489CA08DFD64F5EC181DE53E93C232D7F
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KhwpaBxpqM_BdvLvmXMqYWleZp8.roa
Signing time: Tue 21 Jan 2025 16:55:06 +0000
ROA not before: Tue 21 Jan 2025 16:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.147.192.0/24 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:89:ca:08:df:d6:4f:5e:c1:81:de:53:e9:3c:23:2d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 21 16:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a1c29681c69a8cfc176f2ef99732a61695e669f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8a:aa:f9:1e:11:b2:95:74:13:4c:28:7f:17:
0b:66:ae:c9:d0:c4:46:93:8e:29:97:fd:12:8d:c6:
21:b8:b2:cb:e3:e0:e7:06:c7:12:cc:8d:ed:ba:00:
e8:ea:89:5c:dc:02:2b:3c:34:5b:c4:4a:40:7a:2f:
ff:37:00:62:61:c7:94:84:3d:d4:83:64:35:9b:4b:
57:9c:e2:9a:d8:90:f3:53:18:c9:d9:93:86:2d:ba:
f6:e2:66:d9:a3:40:22:97:ec:62:bf:f8:66:60:49:
f8:e9:c9:ea:5d:68:52:50:d9:a2:ac:a2:6e:93:5a:
5f:12:cb:cf:58:1b:ee:38:81:16:9d:07:f9:71:85:
57:39:a4:97:4d:38:f3:89:d3:a8:70:bd:6c:42:32:
7d:93:5a:27:c7:69:d7:ca:6e:9d:7c:98:c5:0b:1e:
4e:62:a6:e3:72:9f:0f:5b:14:ae:39:42:d5:da:51:
43:e5:3c:00:0d:66:e4:d8:7f:27:03:40:7a:b4:0a:
de:ed:5b:8b:0c:e9:7c:de:2b:17:d0:13:b5:51:64:
34:c7:fd:84:af:51:0a:c2:a0:b7:ae:67:69:3b:f1:
05:12:96:89:c6:ec:ef:2c:74:3c:62:9a:77:00:ae:
1d:3e:0a:cd:0b:25:9e:b3:7c:c6:3e:d8:af:48:60:
ee:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1C:29:68:1C:69:A8:CF:C1:76:F2:EF:99:73:2A:61:69:5E:66:9F
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/KhwpaBxpqM_BdvLvmXMqYWleZp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0/24
83.147.232.0/22
83.147.244.0/22
91.186.200.0/21
94.241.168.0/21
178.253.31.0/24
Signature Algorithm: sha256WithRSAEncryption
43:7d:a8:a9:d1:8a:f9:52:35:18:98:0e:07:d3:56:d8:a8:6a:
d1:4f:02:4b:63:f8:62:b1:69:0d:36:c7:05:88:80:d9:cf:51:
0c:35:56:1d:e0:f4:d1:aa:86:4f:f9:3a:98:61:16:ee:11:cc:
64:59:21:15:92:84:be:d3:b4:66:c1:e7:0f:31:7d:cb:5e:ce:
36:6e:d5:a9:f2:a5:d8:60:4c:6e:66:32:9c:7c:46:71:e5:5e:
91:88:f9:d5:20:6b:1c:02:42:9f:28:9d:2e:4f:a2:62:e4:ee:
2a:c7:3f:02:be:68:a6:56:b9:9a:a9:c6:07:46:98:ff:ba:2e:
cf:ce:38:b6:fd:03:55:37:79:31:b4:39:13:b7:58:0c:d3:ec:
20:6f:58:81:84:97:c9:58:c8:9c:8a:4f:d4:7d:73:fd:c3:38:
40:3b:dc:9c:ba:2e:23:c4:ca:3d:4d:0e:6d:d6:d7:f8:07:b3:
16:51:6c:df:09:7a:74:cd:4b:53:b6:bd:59:d3:96:25:66:fb:
5f:42:ac:2b:80:64:2f:81:89:97:e1:ca:45:e5:bd:cc:1c:df:
33:3c:28:e0:88:b9:ac:55:57:b1:50:ee:fd:24:c2:1a:85:67:
f3:d9:0b:03:09:ef:e1:2f:74:a5:5a:81:c7:f1:12:89:83:09:
5d:d8:be:49
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSJygjf1k9ewYHeU+k8Iy1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTIxMTY1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTFjMjk2ODFjNjlhOGNmYzE3NmYyZWY5OTczMmE2MTY5NWU2NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYqq+R4RspV0E0wofxcLZq7J0MRG
k44pl/0SjcYhuLLL4+DnBscSzI3tugDo6olc3AIrPDRbxEpAei//NwBiYceUhD3U
g2Q1m0tXnOKa2JDzUxjJ2ZOGLbr24mbZo0Ail+xiv/hmYEn46cnqXWhSUNmirKJu
k1pfEsvPWBvuOIEWnQf5cYVXOaSXTTjzidOocL1sQjJ9k1onx2nXym6dfJjFCx5O
Yqbjcp8PWxSuOULV2lFD5TwADWbk2H8nA0B6tAre7VuLDOl83isX0BO1UWQ0x/2E
r1EKwqC3rmdpO/EFEpaJxuzvLHQ8Ypp3AK4dPgrNCyWes3zGPtivSGDuxwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCocKWgcaajPwXby75lzKmFpXmafMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvS2h3cGFCeHBxTV9CZHZMdm1YTXFZV2xlWnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU5PAAwQC
U5PoAwQCU5P0AwQDW7rIAwQDXvGoAwQAsv0fMA0GCSqGSIb3DQEBCwUAA4IBAQBD
faip0Yr5UjUYmA4H01bYqGrRTwJLY/hisWkNNscFiIDZz1EMNVYd4PTRqoZP+TqY
YRbuEcxkWSEVkoS+07RmwecPMX3LXs42btWp8qXYYExuZjKcfEZx5V6RiPnVIGsc
AkKfKJ0uT6Ji5O4qxz8CvmimVrmaqcYHRpj/ui7Pzji2/QNVN3kxtDkTt1gM0+wg
b1iBhJfJWMicik/UfXP9wzhAO9ycui4jxMo9TQ5t1tf4B7MWUWzfCXp0zUtTtr1Z
05YlZvtfQqwrgGQvgYmX4cpF5b3MHN8zPCjgiLmsVVexUO79JMIahWfz2QsDCe/h
L3SlWoHH8RKJgwld2L5J
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:16:12 2025 by rpki-client on console.sobornost.net