Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/y1zYM4yy-3QuBg13z1YGf9xWwpk.roa
File: y1zYM4yy-3QuBg13z1YGf9xWwpk.roa (raw, json)
Hash identifier: lW1w3r+dZyf/4bdvpUYhWq/Tf2Lb8QSWlESdpkwwnxo=
Subject key identifier: CB:5C:D8:33:8C:B2:FB:74:2E:06:0D:77:CF:56:06:7F:DC:56:C2:99
Certificate issuer: /CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Certificate serial: 01914C322334499194E0392C4374C448EE8E
Authority key identifier: E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/y1zYM4yy-3QuBg13z1YGf9xWwpk.roa
Signing time: Tue 13 Aug 2024 14:43:59 +0000
ROA not before: Tue 13 Aug 2024 14:43:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197075
IP address blocks: 37.77.160.0/21 maxlen: 24
45.156.60.0/23 maxlen: 24
45.156.62.0/23 maxlen: 23
46.31.104.0/21 maxlen: 24
81.29.176.0/22 maxlen: 23
185.25.234.0/23 maxlen: 23
185.37.116.0/22 maxlen: 23
185.47.138.0/24 maxlen: 24
185.59.20.0/22 maxlen: 23
185.186.12.0/22 maxlen: 23
185.246.95.0/24 maxlen: 24
2a02:2420::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:32:23:34:49:91:94:e0:39:2c:43:74:c4:48:ee:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Validity
Not Before: Aug 13 14:43:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb5cd8338cb2fb742e060d77cf56067fdc56c299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:2d:c3:38:8a:48:68:06:03:ee:bf:33:9f:
4f:bd:62:16:e9:4a:62:60:14:d5:32:e8:a9:94:ef:
5b:8e:39:6f:f9:8c:d8:50:6d:c8:17:b5:15:27:76:
ce:0b:1e:a8:9e:0c:4d:19:b6:db:e4:93:b2:a9:38:
ce:c1:d5:5a:ac:af:1f:65:ee:76:ea:8f:22:a4:89:
a4:c7:d2:71:5e:ee:96:87:db:47:3a:21:b6:43:bc:
c9:ba:87:01:3a:08:69:c0:d3:6a:7a:ba:1d:6f:6b:
d5:58:72:75:6e:52:78:eb:4e:a7:c4:f0:38:d3:d6:
7e:e9:29:6e:c3:54:73:b4:11:b9:bb:5f:4f:45:82:
1d:43:19:9f:f1:80:d2:36:0d:9e:cd:4c:ad:70:00:
00:d3:d6:ee:75:20:5c:5d:1a:c7:9d:03:0b:93:d1:
f6:39:8b:41:5e:1c:9a:af:c0:f3:ec:6f:08:56:f6:
cf:52:1c:a8:12:02:9c:d5:fe:27:1a:dd:94:89:78:
90:98:d0:90:85:10:ec:14:57:11:0e:f0:90:53:8a:
e6:ab:89:c1:a8:2c:ec:ed:4a:6a:d9:b1:80:01:17:
fb:28:b6:5c:92:c3:3a:e1:6e:b7:f5:0f:46:ce:16:
36:b5:fd:69:36:97:5b:a2:c5:71:dd:c2:bf:12:40:
56:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5C:D8:33:8C:B2:FB:74:2E:06:0D:77:CF:56:06:7F:DC:56:C2:99
X509v3 Authority Key Identifier:
keyid:E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/y1zYM4yy-3QuBg13z1YGf9xWwpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.160.0/21
45.156.60.0/22
46.31.104.0/21
81.29.176.0/22
185.25.234.0/23
185.37.116.0/22
185.47.138.0/24
185.59.20.0/22
185.186.12.0/22
185.246.95.0/24
IPv6:
2a02:2420::/32
Signature Algorithm: sha256WithRSAEncryption
0c:63:85:52:b9:94:34:e8:78:f6:fd:3a:73:0b:29:8d:cb:a8:
62:dc:9a:5c:a8:5c:c7:0d:37:76:b9:92:49:ed:33:f9:46:af:
8b:34:62:bd:c8:3a:59:52:f9:09:88:28:2d:4d:5d:4e:2f:99:
a4:6e:ec:22:3f:2c:4c:82:d3:3e:80:e9:62:19:d2:12:03:2d:
4c:80:06:72:2a:c6:f5:a4:40:cb:6c:fe:72:7b:4d:35:06:ea:
8d:0a:e8:59:b5:de:91:d3:ac:0f:7c:bf:33:f5:8c:07:18:8c:
70:62:87:d7:7a:30:e0:c7:f9:2d:aa:d3:16:e7:7c:f3:52:2f:
db:68:0e:6d:01:74:fc:6b:de:b2:3e:6e:e0:ab:05:ff:d5:be:
97:cc:77:77:27:c1:25:5e:68:91:61:7a:07:6d:24:6e:17:3c:
87:95:33:27:c5:3f:1a:f2:8f:10:3b:af:ea:d9:26:1e:61:3c:
87:33:aa:73:0c:10:2e:5f:32:ca:77:63:32:52:50:3f:7b:c6:
09:62:de:76:1e:fd:92:13:67:64:c1:ad:dd:df:d4:62:c0:ca:
e1:d0:6c:47:0a:0f:e9:fd:b6:2c:86:28:80:ab:97:d2:5b:6b:
73:f5:65:fa:fa:e6:a9:8b:31:3e:9a:d6:23:53:88:64:f9:9b:
68:4e:aa:2b
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZFMMiM0SZGU4DksQ3TESO6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZmFhMGQyZjVkZWMwMjAxZjU1ZTQwOTc5YzE5MDliNmRi
NzdjM2IwHhcNMjQwODEzMTQ0MzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjVjZDgzMzhjYjJmYjc0MmUwNjBkNzdjZjU2MDY3ZmRjNTZjMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5ctwziKSGgGA+6/M59PvWIW6Upi
YBTVMuiplO9bjjlv+YzYUG3IF7UVJ3bOCx6ongxNGbbb5JOyqTjOwdVarK8fZe52
6o8ipImkx9JxXu6Wh9tHOiG2Q7zJuocBOghpwNNqerodb2vVWHJ1blJ4606nxPA4
09Z+6Sluw1RztBG5u19PRYIdQxmf8YDSNg2ezUytcAAA09budSBcXRrHnQMLk9H2
OYtBXhyar8Dz7G8IVvbPUhyoEgKc1f4nGt2UiXiQmNCQhRDsFFcRDvCQU4rmq4nB
qCzs7Upq2bGAARf7KLZcksM64W639Q9GzhY2tf1pNpdbosVx3cK/EkBWKQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFMtc2DOMsvt0LgYNd89WBn/cVsKZMB8GA1UdIwQY
MBaAFOb6oNL13sAgH1XkCXnBkJttt3w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmIt
OGM4ZDEwZThlYWJjLzEveTF6WU00eXktM1F1QmcxM3oxWUdmOXhXd3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmItOGM4ZDEwZThlYWJj
LzEvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDJU2gAwQC
LZw8AwQDLh9oAwQCUR2wAwQBuRnqAwQCuSV0AwQAuS+KAwQCuTsUAwQCuboMAwQA
ufZfMA0EAgACMAcDBQAqAiQgMA0GCSqGSIb3DQEBCwUAA4IBAQAMY4VSuZQ06Hj2
/TpzCymNy6hi3JpcqFzHDTd2uZJJ7TP5Rq+LNGK9yDpZUvkJiCgtTV1OL5mkbuwi
PyxMgtM+gOliGdISAy1MgAZyKsb1pEDLbP5ye001BuqNCuhZtd6R06wPfL8z9YwH
GIxwYofXejDgx/ktqtMW53zzUi/baA5tAXT8a96yPm7gqwX/1b6XzHd3J8ElXmiR
YXoHbSRuFzyHlTMnxT8a8o8QO6/q2SYeYTyHM6pzDBAuXzLKd2MyUlA/e8YJYt52
Hv2SE2dkwa3d39RiwMrh0GxHCg/p/bYshiiAq5fSW2tz9WX6+uapizE+mtYjU4hk
+ZtoTqor
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:22:03 2024 by rpki-client on console.sobornost.net