Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/pDI-AyHHpcT85HQLKLRzJrapGqw.roa
File: pDI-AyHHpcT85HQLKLRzJrapGqw.roa (raw, json)
Hash identifier: Pkap4cfbmgdz72e7q6oJsFpX2qnRLRPhy45wQsidzKs=
Subject key identifier: A4:32:3E:03:21:C7:A5:C4:FC:E4:74:0B:28:B4:73:26:B6:A9:1A:AC
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01935688AAA3002428DE92B1338F36E7E7BA
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/pDI-AyHHpcT85HQLKLRzJrapGqw.roa
Signing time: Sat 23 Nov 2024 01:00:17 +0000
ROA not before: Sat 23 Nov 2024 01:00:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64200
IP address blocks: 45.67.147.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.149.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
185.198.88.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
192.145.68.0/24 maxlen: 24
212.60.18.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:56:88:aa:a3:00:24:28:de:92:b1:33:8f:36:e7:e7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 23 01:00:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4323e0321c7a5c4fce4740b28b47326b6a91aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:2c:71:fa:77:cf:f6:c2:96:8f:fd:a6:58:
5c:26:b7:f3:f2:5c:91:c2:6d:78:dd:3a:a8:cd:56:
05:b1:d9:cd:c4:aa:51:a3:7a:e8:00:95:19:7c:63:
74:78:cb:a7:9b:1d:4b:0b:bf:d7:28:97:95:bd:da:
b5:58:b9:75:84:a8:f1:78:17:17:09:a9:ed:65:2d:
fc:f3:f1:97:e6:44:6c:56:53:68:d5:59:39:7c:73:
b3:ed:37:b9:e5:9d:de:de:a4:42:66:27:72:e0:b8:
b9:3e:77:d0:c1:cc:b1:94:de:3a:49:04:b2:ae:97:
72:99:ea:19:74:e0:c0:ed:48:6f:cd:14:69:07:1e:
82:53:46:d3:a2:da:37:0f:47:c6:89:f9:24:e3:95:
0d:7b:07:1a:b6:8c:96:bc:e4:f4:51:15:46:6f:a8:
84:c5:ea:3b:67:36:eb:de:d6:52:61:f8:65:d7:25:
ce:b0:13:9d:dd:64:a6:5b:ca:c0:16:e5:b1:f3:b2:
15:da:e1:36:44:c1:c1:6f:e9:f2:dc:cb:81:13:15:
41:ad:f6:ce:5b:9c:21:6f:d6:f5:f2:69:59:c6:71:
f1:53:d3:63:44:b0:3e:57:35:5c:c6:a4:65:a3:a4:
98:6b:47:c5:23:c2:d6:fd:02:fc:f4:df:66:79:34:
55:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:32:3E:03:21:C7:A5:C4:FC:E4:74:0B:28:B4:73:26:B6:A9:1A:AC
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/pDI-AyHHpcT85HQLKLRzJrapGqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.147.0/24
63.246.136.0/24
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.147.255
63.246.149.0/24
185.171.124.0/23
185.171.127.0/24
185.198.88.0/24
185.205.206.0/24
192.145.68.0/24
212.60.18.0/23
Signature Algorithm: sha256WithRSAEncryption
95:a3:2a:1d:da:ca:62:8b:28:43:ff:0d:0d:64:2f:b3:c2:4a:
b0:57:50:17:a5:19:a2:20:ab:c4:f7:95:ac:70:d9:37:e1:dc:
5a:6a:0c:5b:31:23:75:29:d5:9d:e0:73:29:b6:47:27:02:20:
c3:84:d3:90:47:3e:77:d1:6b:30:50:60:1f:23:e0:86:8f:9c:
c9:17:3a:e1:e7:35:49:6f:fc:b1:67:de:82:42:ed:b4:92:37:
d4:7b:a8:18:99:02:ba:8c:fc:4c:b9:62:e1:52:ce:67:62:4d:
ec:b2:e1:14:85:af:c7:92:9e:e7:ab:1f:c7:93:e6:56:4b:54:
b0:72:d8:40:9b:7d:5e:cd:7a:c7:10:d0:93:8c:63:cf:a5:39:
6d:ab:62:c5:ff:64:92:47:a4:2f:3c:39:06:41:1c:51:ac:ff:
cd:1c:74:d0:e9:d0:7b:de:35:24:cf:e2:21:59:3a:4a:6a:31:
e3:25:8f:24:f6:e0:ad:7e:53:f2:b3:a8:82:6c:7d:5d:83:24:
5d:52:46:e4:47:65:4c:f2:3d:f5:1e:2a:41:0f:a7:b0:0b:87:
96:09:35:77:73:cd:36:02:c5:31:b9:23:fe:3a:f2:ee:23:3b:
e4:e3:42:db:fa:03:15:82:72:43:91:74:aa:de:12:7a:b7:46:
69:2e:b3:dd
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZNWiKqjACQo3pKxM4825+e6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMTIzMDEwMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMyM2UwMzIxYzdhNWM0ZmNlNDc0MGIyOGI0NzMyNmI2YTkxYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmIscfp3z/bClo/9plhcJrfz8lyR
wm143TqozVYFsdnNxKpRo3roAJUZfGN0eMunmx1LC7/XKJeVvdq1WLl1hKjxeBcX
CantZS388/GX5kRsVlNo1Vk5fHOz7Te55Z3e3qRCZidy4Li5PnfQwcyxlN46SQSy
rpdymeoZdODA7UhvzRRpBx6CU0bToto3D0fGifkk45UNewcatoyWvOT0URVGb6iE
xeo7Zzbr3tZSYfhl1yXOsBOd3WSmW8rAFuWx87IV2uE2RMHBb+ny3MuBExVBrfbO
W5whb9b18mlZxnHxU9NjRLA+VzVcxqRlo6SYa0fFI8LW/QL89N9meTRViQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKQyPgMhx6XE/OR0Cyi0cya2qRqsMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvcERJLUF5SEhwY1Q4NUhRTEtMUnpKcmFwR3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALUOTAwQA
P/aIAwQAP/aLAwQAP/aOMAwDBAA/9pEDBAI/9pADBAA/9pUDBAG5q3wDBAC5q38D
BAC5xlgDBAC5zc4DBADAkUQDBAHUPBIwDQYJKoZIhvcNAQELBQADggEBAJWjKh3a
ymKLKEP/DQ1kL7PCSrBXUBelGaIgq8T3laxw2Tfh3FpqDFsxI3Up1Z3gcym2RycC
IMOE05BHPnfRazBQYB8j4IaPnMkXOuHnNUlv/LFn3oJC7bSSN9R7qBiZArqM/Ey5
YuFSzmdiTeyy4RSFr8eSnuerH8eT5lZLVLBy2ECbfV7NescQ0JOMY8+lOW2rYsX/
ZJJHpC88OQZBHFGs/80cdNDp0HveNSTP4iFZOkpqMeMljyT24K1+U/KzqIJsfV2D
JF1SRuRHZUzyPfUeKkEPp7ALh5YJNXdzzTYCxTG5I/468u4jO+TjQtv6AxWCckOR
dKreEnq3Rmkus90=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:52 2024 by rpki-client on console.sobornost.net