Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/0iaEDbHfX9oXqraC20IJ2-sJvs0.roa
File: 0iaEDbHfX9oXqraC20IJ2-sJvs0.roa (raw, json)
Hash identifier: M1xO2HqDLdEQ6UxVJ0lOjg0IiKOC0iXaFuA2M4QLoJI=
Subject key identifier: D2:26:84:0D:B1:DF:5F:DA:17:AA:B6:82:DB:42:09:DB:EB:09:BE:CD
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 019397046E8A82990A972FD01D445048D3D0
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/0iaEDbHfX9oXqraC20IJ2-sJvs0.roa
Signing time: Thu 05 Dec 2024 13:31:10 +0000
ROA not before: Thu 05 Dec 2024 13:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20880
IP address blocks: 62.117.0.0/19 maxlen: 20
62.117.0.0/20 maxlen: 24
62.117.0.128/26 maxlen: 26
62.117.0.192/28 maxlen: 28
62.117.16.0/20 maxlen: 20
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
86.56.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
158.181.68.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
185.9.224.0/22 maxlen: 22
2a02:2450::/29 maxlen: 29
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:97:04:6e:8a:82:99:0a:97:2f:d0:1d:44:50:48:d3:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Dec 5 13:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d226840db1df5fda17aab682db4209dbeb09becd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ea:69:8c:2e:a4:e8:dc:6c:f3:9a:6d:bf:df:
bf:4d:7e:a6:99:0d:bf:c5:85:79:b4:02:70:19:95:
5e:64:5a:ef:be:f2:57:05:b5:55:d6:fe:f3:6d:7b:
14:a7:85:32:1f:42:2c:ff:14:06:03:48:da:3d:87:
7e:ae:3c:2c:e9:3a:62:ca:10:1c:7d:fb:31:be:be:
6e:d0:fd:e6:f5:4e:33:99:c4:56:e0:f7:db:30:28:
9c:7e:4b:cd:de:23:9b:c8:77:30:0f:bf:7b:05:66:
c3:fc:8d:98:12:5b:62:96:29:5e:2f:e3:d1:53:ee:
8c:71:00:9c:c6:09:88:91:a6:9d:29:29:b4:9e:81:
aa:c1:b7:f9:c1:46:84:1d:a1:25:5a:3a:68:b2:f6:
6d:c2:3c:ad:f0:a6:a0:6e:5e:9f:56:bc:2c:fe:9f:
d9:26:00:f2:19:2b:2d:94:4e:84:94:3d:43:fc:b0:
43:ff:a2:0e:d6:a2:60:66:a0:9d:da:e0:3b:e9:42:
cb:4e:46:8c:1a:05:f2:17:aa:a7:7a:5f:97:89:a5:
23:eb:82:6a:6f:db:4c:bf:2f:0d:db:84:3c:07:97:
c7:fb:fb:0a:4a:29:58:14:7c:19:03:e4:35:7e:47:
46:83:10:39:02:60:3d:9a:87:5b:78:06:45:17:48:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:26:84:0D:B1:DF:5F:DA:17:AA:B6:82:DB:42:09:DB:EB:09:BE:CD
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/0iaEDbHfX9oXqraC20IJ2-sJvs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
ad:57:d9:c6:86:44:11:99:c9:d4:03:7a:98:9c:41:9b:97:ff:
e4:01:06:d6:60:b6:08:a4:08:20:51:a1:a1:7a:46:df:34:60:
8e:65:fb:24:85:8b:ed:9d:4e:e3:71:ee:4a:4c:b2:92:b2:57:
24:3d:65:c4:95:42:60:07:c8:1c:25:e7:ef:18:7f:24:9d:2d:
ed:52:40:52:1b:47:64:39:fe:f3:fd:c1:ca:b1:1a:cf:4f:91:
67:cd:39:32:f4:d3:d2:ad:4a:05:30:6f:4e:3e:59:40:c8:a7:
cc:03:09:76:7c:0a:82:85:6a:09:3a:58:83:25:5e:e3:66:1e:
ff:c9:62:fc:3f:62:bb:8c:a5:4b:28:e6:91:d0:fa:0d:ce:c5:
61:64:57:9c:6c:a0:3e:31:e7:33:60:1c:c3:7a:ac:6f:75:89:
26:40:c9:40:37:90:bc:db:9c:2d:fa:f1:77:4e:e6:91:48:11:
01:30:52:75:dd:b0:8c:12:12:5c:04:6a:53:e6:16:4b:8c:e4:
6f:28:36:fa:9a:7c:3c:15:8f:df:c5:ba:3d:94:3a:e2:1d:fa:
5c:c0:79:18:f9:23:fe:2b:c9:38:74:f5:0c:3c:8e:eb:52:8c:
3d:af:ce:34:11:49:6f:55:ef:ca:31:29:0e:19:31:4e:22:af:
c7:19:d1:17
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZOXBG6KgpkKly/QHURQSNPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQxMjA1MTMzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI2ODQwZGIxZGY1ZmRhMTdhYWI2ODJkYjQyMDlkYmViMDliZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOppjC6k6Nxs85ptv9+/TX6mmQ2/
xYV5tAJwGZVeZFrvvvJXBbVV1v7zbXsUp4UyH0Is/xQGA0jaPYd+rjws6TpiyhAc
ffsxvr5u0P3m9U4zmcRW4PfbMCicfkvN3iObyHcwD797BWbD/I2YEltilileL+PR
U+6McQCcxgmIkaadKSm0noGqwbf5wUaEHaElWjposvZtwjyt8Kagbl6fVrws/p/Z
JgDyGSstlE6ElD1D/LBD/6IO1qJgZqCd2uA76ULLTkaMGgXyF6qnel+XiaUj64Jq
b9tMvy8N24Q8B5fH+/sKSilYFHwZA+Q1fkdGgxA5AmA9modbeAZFF0iGvQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNImhA2x31/aF6q2gttCCdvrCb7NMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvMGlhRURiSGZYOW9YcXJhQzIwSUoyLXNKdnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFPnUAAwQF
UncAAwQHVjgAAwQFWRCAAwQFnrVAAwQCuQngMA0EAgACMAcDBQMqAiRQMA0GCSqG
SIb3DQEBCwUAA4IBAQCtV9nGhkQRmcnUA3qYnEGbl//kAQbWYLYIpAggUaGhekbf
NGCOZfskhYvtnU7jce5KTLKSslckPWXElUJgB8gcJefvGH8knS3tUkBSG0dkOf7z
/cHKsRrPT5FnzTky9NPSrUoFMG9OPllAyKfMAwl2fAqChWoJOliDJV7jZh7/yWL8
P2K7jKVLKOaR0PoNzsVhZFecbKA+MeczYBzDeqxvdYkmQMlAN5C825wt+vF3TuaR
SBEBMFJ13bCMEhJcBGpT5hZLjORvKDb6mnw8FY/fxbo9lDriHfpcwHkY+SP+K8k4
dPUMPI7rUow9r840EUlvVe/KMSkOGTFOIq/HGdEX
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:38 2024 by rpki-client on console.sobornost.net