Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/oRZTrnzAbST0bH0ZRHwDeUmWYCg.roa
File: oRZTrnzAbST0bH0ZRHwDeUmWYCg.roa (raw, json)
Hash identifier: Qxq2nHCGoOT6shBBPRXT8P04umr9rMbG/7ooP6EEqIU=
Subject key identifier: A1:16:53:AE:7C:C0:6D:24:F4:6C:7D:19:44:7C:03:79:49:96:60:28
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 01937345BB95F5FB05997B9DAC778065954D
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/oRZTrnzAbST0bH0ZRHwDeUmWYCg.roa
Signing time: Thu 28 Nov 2024 14:56:10 +0000
ROA not before: Thu 28 Nov 2024 14:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.112.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
5.145.115.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.119.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.254.0/24 maxlen: 24
185.24.255.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
2a04:2f00:3::/48 maxlen: 48
2a04:2f00:d::/48 maxlen: 48
2a04:2f00:e::/48 maxlen: 48
2a04:2f00:ff01::/48 maxlen: 48
2a04:2f00:ff02::/48 maxlen: 48
2a04:2f00:ff03::/48 maxlen: 48
2a04:2f00:ff06::/48 maxlen: 48
2a04:2f00:ff08::/48 maxlen: 48
2a04:2f00:ff09::/48 maxlen: 48
2a04:2f01:3::/48 maxlen: 48
2a04:2f01:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:45:bb:95:f5:fb:05:99:7b:9d:ac:77:80:65:95:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Nov 28 14:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a11653ae7cc06d24f46c7d19447c037949966028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:c2:ca:33:7b:cd:fc:07:45:da:9f:10:a8:
1a:af:01:fb:f2:d7:c9:59:a7:86:85:eb:33:56:72:
95:42:7d:7c:36:77:77:06:c9:b6:f2:aa:5a:ac:75:
be:6a:0f:7b:ec:f8:ec:65:0e:22:f5:46:c3:45:1c:
81:86:cd:14:b0:53:f0:09:42:0b:11:1b:7d:22:df:
31:74:c3:17:59:ce:42:9f:98:b9:54:63:60:90:54:
55:51:25:13:cf:f7:9f:4a:8f:b1:d3:1d:a1:86:fd:
9e:85:91:20:45:44:21:0f:8a:c1:d4:1d:82:fb:64:
19:45:8e:bc:6c:4c:02:48:ad:97:85:df:7b:94:73:
df:12:aa:d3:23:1b:29:e7:5c:7d:5a:d3:24:db:84:
e4:59:f6:fd:c7:83:e8:6d:6d:03:c7:f6:53:c9:61:
73:2c:6a:4e:a0:80:dd:c7:7e:0d:cc:58:52:a5:48:
f1:8c:f1:5a:a5:4e:89:c7:da:56:23:1e:4f:0f:f8:
d3:a9:1a:09:c0:58:40:80:b5:b1:ea:e8:6c:f4:70:
e6:5e:8b:60:16:02:1d:72:f7:12:6b:e7:c4:a0:1f:
07:43:bc:f5:fd:92:a2:31:f5:16:28:02:cc:a3:a6:
7f:d5:5d:8f:0a:c4:f1:5e:38:08:cc:92:a7:31:ee:
17:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:16:53:AE:7C:C0:6D:24:F4:6C:7D:19:44:7C:03:79:49:96:60:28
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/oRZTrnzAbST0bH0ZRHwDeUmWYCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.112.0/22
5.145.117.0-5.145.119.255
185.24.252.0/22
IPv6:
2a04:2f00::/48
2a04:2f00:3::/48
2a04:2f00:d::-2a04:2f00:e:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff01::-2a04:2f00:ff03:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff06::/48
2a04:2f00:ff08::/47
2a04:2f01:3::-2a04:2f01:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c6:3c:3a:9b:a7:97:8d:47:1b:b0:45:be:64:bc:88:1c:07:9e:
16:d2:49:55:f9:bf:66:30:1e:d2:00:cf:31:d6:2c:f9:db:8d:
3c:1a:67:63:06:23:da:84:df:55:bb:75:42:56:9c:a4:64:80:
82:f0:34:fa:6d:43:92:07:a6:cc:0c:85:d5:cb:fd:c5:29:c1:
b1:95:3d:23:a4:e7:c4:fa:ac:e3:98:a3:7f:2e:95:b9:b8:85:
73:fe:fa:65:35:e2:80:fc:e3:c6:f8:6e:6a:5f:15:dd:92:f5:
61:db:e0:98:14:ec:3b:f9:e0:40:c5:c7:b7:44:14:47:de:54:
51:0d:45:f6:a3:05:ec:a4:a6:fb:62:7a:24:9b:7d:10:50:c9:
a1:f6:b3:ea:c1:f7:74:61:7f:06:f2:3f:29:48:2e:b2:ee:dc:
a7:14:e7:28:c8:a0:ef:51:77:a9:96:aa:22:cc:c5:50:25:b9:
b1:ef:13:e4:34:b7:22:b2:0d:9e:4b:7f:01:52:13:d6:3c:7e:
97:47:1c:82:6c:26:ae:a0:8d:c7:68:f8:d2:04:fc:2c:ba:14:
5d:c0:df:fd:34:ee:32:00:fb:38:62:d1:4c:cc:b8:17:ec:a2:
71:47:a9:1b:81:e4:c9:b7:ba:64:d0:10:6c:eb:05:ba:5d:c0:
41:d7:f6:bb
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZNzRbuV9fsFmXudrHeAZZVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjQxMTI4MTQ1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE2NTNhZTdjYzA2ZDI0ZjQ2YzdkMTk0NDdjMDM3OTQ5OTY2MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTnCyjN7zfwHRdqfEKgarwH78tfJ
WaeGheszVnKVQn18Nnd3Bsm28qparHW+ag977PjsZQ4i9UbDRRyBhs0UsFPwCUIL
ERt9It8xdMMXWc5Cn5i5VGNgkFRVUSUTz/efSo+x0x2hhv2ehZEgRUQhD4rB1B2C
+2QZRY68bEwCSK2Xhd97lHPfEqrTIxsp51x9WtMk24TkWfb9x4PobW0Dx/ZTyWFz
LGpOoIDdx34NzFhSpUjxjPFapU6Jx9pWIx5PD/jTqRoJwFhAgLWx6uhs9HDmXotg
FgIdcvcSa+fEoB8HQ7z1/ZKiMfUWKALMo6Z/1V2PCsTxXjgIzJKnMe4XvwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFKEWU658wG0k9Gx9GUR8A3lJlmAoMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvb1JaVHJuekFiU1QwYkgwWlJId0RlVW1XWUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijAgBAIAATAaAwQCBZFw
MAwDBAAFkXUDBAMFkXADBAK5GPwwZgQCAAIwYAMHACoELwAAAAMHACoELwAAAzAS
AwcAKgQvAAANAwcAKgQvAAAOMBIDBwAqBC8A/wEDBwIqBC8A/wADBwAqBC8A/wYD
BwEqBC8A/wgwEgMHACoELwEAAwMHACoELwEABDANBgkqhkiG9w0BAQsFAAOCAQEA
xjw6m6eXjUcbsEW+ZLyIHAeeFtJJVfm/ZjAe0gDPMdYs+duNPBpnYwYj2oTfVbt1
QlacpGSAgvA0+m1DkgemzAyF1cv9xSnBsZU9I6TnxPqs45ijfy6VubiFc/76ZTXi
gPzjxvhual8V3ZL1YdvgmBTsO/ngQMXHt0QUR95UUQ1F9qMF7KSm+2J6JJt9EFDJ
ofaz6sH3dGF/BvI/KUgusu7cpxTnKMig71F3qZaqIszFUCW5se8T5DS3IrINnkt/
AVIT1jx+l0ccgmwmrqCNx2j40gT8LLoUXcDf/TTuMgD7OGLRTMy4F+yicUepG4Hk
ybe6ZNAQbOsFul3AQdf2uw==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:42 2024 by rpki-client on console.sobornost.net