Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/3MJJldIKVmEEHSsX8noEeLmZ2ps.roa
File: 3MJJldIKVmEEHSsX8noEeLmZ2ps.roa (raw, json)
Hash identifier: Z6QIl638tRKUrbVY4c25ciB3lYJX9sbgPDyZWJfSj9s=
Subject key identifier: DC:C2:49:95:D2:0A:56:61:04:1D:2B:17:F2:7A:04:78:B9:99:DA:9B
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 01938BB2C85D1B7EE38C57927716BD8E82F9
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/3MJJldIKVmEEHSsX8noEeLmZ2ps.roa
Signing time: Tue 03 Dec 2024 08:46:09 +0000
ROA not before: Tue 03 Dec 2024 08:46:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12578
IP address blocks: 46.109.0.0/16 maxlen: 24
62.85.0.0/17 maxlen: 24
78.84.0.0/16 maxlen: 24
80.232.128.0/17 maxlen: 24
80.232.147.0/24 maxlen: 24
80.232.150.0/24 maxlen: 24
80.232.150.13/32 maxlen: 32
80.232.195.0/24 maxlen: 24
81.198.0.0/16 maxlen: 24
81.198.95.0/24 maxlen: 24
84.237.128.0/17 maxlen: 24
87.110.0.0/16 maxlen: 24
87.246.144.0/20 maxlen: 24
87.246.160.0/19 maxlen: 24
91.105.0.0/17 maxlen: 24
95.68.0.0/17 maxlen: 24
185.38.56.0/22 maxlen: 24
194.8.16.0/21 maxlen: 24
194.8.24.0/22 maxlen: 24
195.2.96.0/19 maxlen: 24
195.13.128.0/17 maxlen: 24
195.13.200.0/24 maxlen: 24
195.13.201.0/24 maxlen: 24
195.13.215.0/24 maxlen: 24
195.13.228.0/24 maxlen: 24
195.13.237.0/24 maxlen: 24
195.13.245.0/24 maxlen: 24
195.13.249.0/24 maxlen: 24
195.13.251.0/24 maxlen: 24
195.13.253.0/24 maxlen: 24
195.114.32.0/19 maxlen: 24
195.122.0.0/19 maxlen: 24
195.122.26.0/23 maxlen: 24
195.122.28.0/24 maxlen: 24
195.122.29.0/24 maxlen: 24
2a02:2330::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:b2:c8:5d:1b:7e:e3:8c:57:92:77:16:bd:8e:82:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Dec 3 08:46:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcc24995d20a5661041d2b17f27a0478b999da9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fd:a4:1a:12:8a:f7:01:60:b1:f3:6f:33:13:
6e:49:dc:63:11:cf:cc:84:34:5a:b4:c3:f9:a4:2c:
52:3d:5a:5e:a1:7d:02:ca:9d:23:72:ca:35:4b:f5:
43:e3:62:12:b4:86:4f:05:23:72:99:13:39:7a:c1:
01:fc:ad:f0:9f:52:06:8c:a9:54:72:87:4b:25:ba:
3b:84:17:50:38:fb:6d:fa:96:f1:08:c2:1f:9a:47:
a2:ef:47:0c:c3:a0:a2:af:92:02:4b:f7:b2:b6:46:
b0:11:3f:61:e8:c6:e8:dc:44:00:ab:4d:8a:ac:12:
f7:a1:e2:91:99:96:4e:0f:75:93:c2:fd:89:87:e1:
a0:ab:c7:e6:e7:01:54:bf:63:2e:bf:6c:9a:90:36:
f0:3b:8b:37:66:5f:05:8d:87:13:b1:e1:2f:b8:83:
cf:af:fa:18:bc:24:f3:d8:df:76:ff:83:27:be:d8:
7c:84:80:76:b3:40:16:59:93:92:de:e8:77:69:23:
d0:8e:7b:ad:a7:0c:aa:75:9e:61:ce:44:b0:fe:e0:
3c:02:de:29:48:93:90:00:e4:4a:07:2e:46:24:ba:
3f:f9:9d:8c:13:44:99:dd:8e:ea:c5:f2:cd:6b:75:
cc:2d:1e:17:65:89:08:d5:da:e6:9a:e1:e4:8f:44:
7e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C2:49:95:D2:0A:56:61:04:1D:2B:17:F2:7A:04:78:B9:99:DA:9B
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/3MJJldIKVmEEHSsX8noEeLmZ2ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.85.0.0/17
78.84.0.0/16
80.232.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
95.68.0.0/17
185.38.56.0/22
194.8.16.0-194.8.27.255
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
IPv6:
2a02:2330::/29
Signature Algorithm: sha256WithRSAEncryption
42:a2:6b:8b:c7:cf:b0:54:6d:72:b3:22:36:f6:cb:47:4b:5d:
8d:3e:cd:7b:f3:40:55:ce:ce:5f:9a:f5:b5:53:9e:e0:61:db:
35:2b:ae:19:b8:db:94:e9:7e:33:44:d3:14:e1:20:ac:04:d1:
94:a6:7e:e3:49:94:f2:f1:92:63:99:c3:c8:70:99:1b:0b:7d:
dd:f3:a1:2d:53:ef:a3:67:6a:b5:29:e0:b6:bc:4d:0c:09:e9:
dd:17:b3:80:c0:9e:e1:88:ae:0a:cb:8c:82:c1:b6:3a:07:f8:
b1:fc:5a:24:9e:c7:37:5c:c2:94:65:23:fe:4a:c8:e0:99:a4:
1b:7c:e3:b7:ba:ec:55:f4:b9:a1:28:03:4d:e2:c1:9f:d4:b6:
22:e1:17:79:c1:9a:95:18:19:bd:08:5f:00:62:2b:f1:5f:55:
44:0c:74:35:f0:1b:9b:6d:a2:bf:b2:58:97:e6:1b:ce:d1:53:
3f:46:cf:dd:83:5a:d0:f9:8a:4f:a9:24:64:a2:59:00:f4:24:
82:2b:bc:79:d9:fe:b9:e6:9a:07:6d:62:26:17:5f:49:1d:bd:
c7:8a:01:29:76:e2:5b:2b:3d:c3:32:78:4b:06:73:09:a5:c7:
ae:ee:ea:69:b8:b8:86:ac:0e:98:44:f2:a0:14:04:3d:1a:ad:
49:79:13:a4
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZOLsshdG37jjFeSdxa9joL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjQxMjAzMDg0NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2MyNDk5NWQyMGE1NjYxMDQxZDJiMTdmMjdhMDQ3OGI5OTlkYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv2kGhKK9wFgsfNvMxNuSdxjEc/M
hDRatMP5pCxSPVpeoX0Cyp0jcso1S/VD42IStIZPBSNymRM5esEB/K3wn1IGjKlU
codLJbo7hBdQOPtt+pbxCMIfmkei70cMw6Cir5ICS/eytkawET9h6Mbo3EQAq02K
rBL3oeKRmZZOD3WTwv2Jh+Ggq8fm5wFUv2Muv2yakDbwO4s3Zl8FjYcTseEvuIPP
r/oYvCTz2N92/4Mnvth8hIB2s0AWWZOS3uh3aSPQjnutpwyqdZ5hzkSw/uA8At4p
SJOQAORKBy5GJLo/+Z2ME0SZ3Y7qxfLNa3XMLR4XZYkI1drmmuHkj0R+jwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFNzCSZXSClZhBB0rF/J6BHi5mdqbMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvM01KSmxkSUtWbUVFSFNzWDhub0VlTG1aMnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwMALm0D
BAc+VQADAwBOVAMEB1DogAMDAFHGAwQHVO2AAwMAV24wDAMEBFf2kAMEBlf2gAME
B1tpAAMEB19EAAMEArkmODAMAwQEwggQAwQCwggYAwQFwwJgAwQHww2AAwQFw3Ig
AwQFw3oAMA0EAgACMAcDBQMqAiMwMA0GCSqGSIb3DQEBCwUAA4IBAQBComuLx8+w
VG1ysyI29stHS12NPs1780BVzs5fmvW1U57gYds1K64ZuNuU6X4zRNMU4SCsBNGU
pn7jSZTy8ZJjmcPIcJkbC33d86EtU++jZ2q1KeC2vE0MCendF7OAwJ7hiK4Ky4yC
wbY6B/ix/Foknsc3XMKUZSP+SsjgmaQbfOO3uuxV9LmhKANN4sGf1LYi4Rd5wZqV
GBm9CF8AYivxX1VEDHQ18BubbaK/sliX5hvO0VM/Rs/dg1rQ+YpPqSRkolkA9CSC
K7x52f655poHbWImF19JHb3HigEpduJbKz3DMnhLBnMJpceu7uppuLiGrA6YRPKg
FAQ9Gq1JeROk
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:38 2024 by rpki-client on console.sobornost.net