Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/5nBqzPTZjTxY8H3-qgKV-S3P0fY.roa
File: 5nBqzPTZjTxY8H3-qgKV-S3P0fY.roa (raw, json)
Hash identifier: isE1TLXg2PomrhK4vQ02oQVhH8l4Aclth4fUk89uFOQ=
Subject key identifier: E6:70:6A:CC:F4:D9:8D:3C:58:F0:7D:FE:AA:02:95:F9:2D:CF:D1:F6
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 01936E1BB5E36FEBE459C9713551E1D13233
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/5nBqzPTZjTxY8H3-qgKV-S3P0fY.roa
Signing time: Wed 27 Nov 2024 14:52:09 +0000
ROA not before: Wed 27 Nov 2024 14:52:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15435
IP address blocks: 62.238.128.0/17 maxlen: 24
81.172.128.0/17 maxlen: 24
141.224.192.0/18 maxlen: 24
149.143.32.0/19 maxlen: 24
149.143.64.0/18 maxlen: 24
185.200.96.0/22 maxlen: 24
212.92.64.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
213.34.224.0/19 maxlen: 24
217.63.64.0/19 maxlen: 24
217.102.240.0/20 maxlen: 24
2a02:f68::/29 maxlen: 48
2a07:31c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:1b:b5:e3:6f:eb:e4:59:c9:71:35:51:e1:d1:32:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Nov 27 14:52:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6706accf4d98d3c58f07dfeaa0295f92dcfd1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9f:26:6f:98:ee:72:09:87:58:59:3d:d7:07:
ba:99:ef:7a:11:ca:41:23:ba:94:18:f6:bb:be:b5:
8e:ea:17:80:e9:42:6e:2e:a0:b3:c9:b5:2f:0b:24:
dd:3b:39:35:8b:93:c9:3f:a8:f1:f4:85:9c:e8:15:
15:20:a2:fa:62:25:3b:d0:01:1e:93:fc:63:e6:35:
a7:9e:ae:6a:88:15:1b:82:43:d2:75:ea:30:52:d6:
1e:ff:0e:70:c5:48:ea:06:f4:c3:b4:78:95:64:a7:
bf:64:dc:99:88:0d:3e:9f:a8:a2:b7:8b:78:92:a6:
af:c8:cb:a9:d8:b4:32:28:72:a0:ee:29:b1:69:56:
0e:7d:f4:09:ea:6e:90:bf:3a:e0:27:02:8f:ae:23:
bc:51:55:15:b2:dc:84:4e:a7:00:90:d4:4d:0f:f4:
08:fb:c8:80:ed:21:fa:6c:2c:a9:12:a7:ea:fd:c3:
69:c5:cc:8a:4a:07:dc:5e:32:4c:ae:0b:df:b6:f6:
7d:d2:8e:e6:bd:96:7d:4e:b8:74:2f:42:01:9c:52:
81:59:88:fd:99:12:4e:04:e9:f8:e4:6f:2d:ec:ac:
71:4d:b6:1a:b8:cf:24:7c:40:b1:2f:2e:cd:25:ef:
b7:e2:7e:ae:1e:20:ac:78:a5:b9:42:0c:92:12:3f:
fe:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:70:6A:CC:F4:D9:8D:3C:58:F0:7D:FE:AA:02:95:F9:2D:CF:D1:F6
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/5nBqzPTZjTxY8H3-qgKV-S3P0fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.238.128.0/17
81.172.128.0/17
141.224.192.0/18
149.143.32.0-149.143.127.255
185.200.96.0/22
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
2a07:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
49:6e:e0:a2:b6:9f:25:60:0b:a0:8b:af:de:fa:b4:73:a3:c7:
6b:33:19:bb:ce:32:73:2f:ca:19:ff:1f:e0:f6:49:c4:48:21:
09:67:15:88:ae:3c:9b:bc:05:f1:49:63:fa:59:f3:07:d1:09:
05:3e:99:ad:58:0d:6e:f8:5d:d0:ed:62:d0:d3:7b:4a:9f:7c:
e7:fb:a3:08:a3:c7:4e:5b:82:43:e0:9c:4c:c0:a9:13:ec:46:
d6:a9:d3:c5:e0:9c:2a:bd:26:a5:66:a2:32:d6:bf:4f:9b:b8:
d6:a5:6e:83:2d:da:39:d5:f8:2f:3a:dc:71:07:8a:74:9d:88:
80:6a:8f:9b:79:53:e5:32:17:65:10:ad:0d:29:2a:b0:53:79:
06:87:38:31:fa:29:22:3a:08:57:b2:52:cc:c5:6f:5c:2e:f6:
f6:ff:8b:8b:c3:8f:a3:48:7b:ba:b3:0e:25:91:60:61:cb:27:
2c:12:0f:97:53:10:32:b6:a5:6f:f7:00:9b:6e:d1:2e:36:70:
7d:60:0c:be:ed:30:0b:14:34:21:ef:87:db:0f:21:fe:f3:0c:
35:ff:14:df:37:c9:3e:a8:f9:02:26:1b:fe:ec:b9:44:8e:30:
20:5b:7b:e7:f4:50:34:63:bc:63:bb:b4:f6:09:05:62:06:29:
23:11:a8:ea
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZNuG7Xjb+vkWclxNVHh0TIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjQxMTI3MTQ1MjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjcwNmFjY2Y0ZDk4ZDNjNThmMDdkZmVhYTAyOTVmOTJkY2ZkMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ8mb5jucgmHWFk91we6me96EcpB
I7qUGPa7vrWO6heA6UJuLqCzybUvCyTdOzk1i5PJP6jx9IWc6BUVIKL6YiU70AEe
k/xj5jWnnq5qiBUbgkPSdeowUtYe/w5wxUjqBvTDtHiVZKe/ZNyZiA0+n6iit4t4
kqavyMup2LQyKHKg7imxaVYOffQJ6m6QvzrgJwKPriO8UVUVstyETqcAkNRND/QI
+8iA7SH6bCypEqfq/cNpxcyKSgfcXjJMrgvftvZ90o7mvZZ9Trh0L0IBnFKBWYj9
mRJOBOn45G8t7KxxTbYauM8kfECxLy7NJe+34n6uHiCseKW5QgySEj/+YQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOZwasz02Y08WPB9/qoClfktz9H2MB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvNW5CcXpQVFpqVHhZOEgzLXFnS1YtUzNQMGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQHPu6AAwQH
UayAAwQGjeDAMAwDBAWVjyADBAeVjwADBAK5yGADBAXUXEADBAXUc8ADBAXVIuAD
BAXZP0ADBATZZvAwFAQCAAIwDgMFAyoCD2gDBQMqBzHAMA0GCSqGSIb3DQEBCwUA
A4IBAQBJbuCitp8lYAugi6/e+rRzo8drMxm7zjJzL8oZ/x/g9knESCEJZxWIrjyb
vAXxSWP6WfMH0QkFPpmtWA1u+F3Q7WLQ03tKn3zn+6MIo8dOW4JD4JxMwKkT7EbW
qdPF4JwqvSalZqIy1r9Pm7jWpW6DLdo51fgvOtxxB4p0nYiAao+beVPlMhdlEK0N
KSqwU3kGhzgx+ikiOghXslLMxW9cLvb2/4uLw4+jSHu6sw4lkWBhyycsEg+XUxAy
tqVv9wCbbtEuNnB9YAy+7TALFDQh74fbDyH+8ww1/xTfN8k+qPkCJhv+7LlEjjAg
W3vn9FA0Y7xju7T2CQViBikjEajq
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:54 2024 by rpki-client on console.sobornost.net