Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/S1ShC4K1nMOP5S9d3HRWFJ0Me5Q.roa
File: S1ShC4K1nMOP5S9d3HRWFJ0Me5Q.roa (raw, json)
Hash identifier: MprpCeSo16ODncuB5S0FeRAAeA0AgqIv3soK96dgM8M=
Subject key identifier: 4B:54:A1:0B:82:B5:9C:C3:8F:E5:2F:5D:DC:74:56:14:9D:0C:7B:94
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 01931FC343589310059395F4CD0DBE90BACB
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/S1ShC4K1nMOP5S9d3HRWFJ0Me5Q.roa
Signing time: Tue 12 Nov 2024 09:45:10 +0000
ROA not before: Tue 12 Nov 2024 09:45:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15542
IP address blocks: 62.238.0.0/16 maxlen: 24
62.238.128.0/17 maxlen: 24
185.200.96.0/22 maxlen: 24
212.92.64.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
213.34.224.0/19 maxlen: 24
217.63.64.0/19 maxlen: 24
217.102.240.0/20 maxlen: 24
2a02:f68::/29 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:c3:43:58:93:10:05:93:95:f4:cd:0d:be:90:ba:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Nov 12 09:45:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b54a10b82b59cc38fe52f5ddc7456149d0c7b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dd:87:1a:80:b3:3c:21:76:56:84:46:33:ae:
1d:09:c2:5c:19:66:19:93:be:1e:80:8d:6a:a3:17:
8d:93:7a:a9:28:d6:23:fd:4e:82:0f:12:5e:92:ed:
f8:c1:3f:eb:22:00:57:59:29:22:3c:58:5f:46:9e:
80:34:f4:58:bf:b0:fa:91:5c:32:a6:16:61:5a:b6:
c5:03:84:73:63:03:78:99:c4:cd:ad:ea:cd:28:8f:
b9:b0:07:13:4d:de:c6:ad:94:17:0b:68:5e:c1:f0:
2e:5a:3e:cd:04:f3:e4:72:68:7b:9f:15:9d:76:d4:
2c:00:ee:f8:98:57:1b:9b:9a:84:14:a2:8f:89:ba:
05:a9:60:7b:4e:db:c0:76:c2:b9:d7:b6:1c:51:b1:
47:c9:bb:aa:63:01:17:3f:4a:a7:e3:2c:f5:5a:e8:
6d:f8:35:ce:e1:26:b0:a0:0a:ab:5f:0e:99:56:e9:
a9:33:eb:6a:42:1d:aa:fa:25:ac:74:d4:d5:b6:a5:
5d:cf:4a:74:5c:a5:8b:57:8d:56:8d:11:5b:4e:86:
24:5f:2f:c2:5c:3b:54:70:3e:f3:bf:65:70:cf:84:
2f:15:dd:23:1b:d6:5e:06:d8:05:5e:dc:9e:b9:ab:
ec:07:14:5d:e0:46:e3:42:cf:14:e7:cd:aa:15:67:
02:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:54:A1:0B:82:B5:9C:C3:8F:E5:2F:5D:DC:74:56:14:9D:0C:7B:94
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/S1ShC4K1nMOP5S9d3HRWFJ0Me5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.238.0.0/16
185.200.96.0/22
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
Signature Algorithm: sha256WithRSAEncryption
34:f2:8a:65:1e:79:88:d1:f9:61:fc:49:af:23:2b:5c:13:bd:
72:aa:c4:17:b2:a6:aa:a7:fc:8f:39:55:03:03:11:aa:e9:36:
dc:cc:43:df:0f:f3:fe:f8:f1:57:7a:28:33:eb:00:46:c7:fb:
8e:61:00:31:74:e1:ee:5a:42:0b:e3:04:c6:bb:00:b9:75:52:
0f:e9:cb:7c:90:6f:da:fe:0e:b0:95:36:a0:06:e7:c2:85:ba:
be:ae:88:ef:45:ab:14:31:5b:69:dc:c5:36:01:80:e9:86:31:
86:fc:6e:6f:75:01:6b:bc:e9:bf:30:98:b0:8d:af:e9:c5:ca:
17:e7:1c:be:9a:b3:53:ce:2e:5a:bc:2e:6a:95:fb:10:50:b5:
6e:66:d9:bd:b8:2c:ef:a0:ad:f9:b5:ba:78:60:19:07:1d:22:
8a:12:60:3b:94:27:e8:d5:85:28:a5:23:97:1d:3a:d7:cd:64:
4f:1f:b2:21:b0:60:1d:78:b6:74:10:db:97:2d:34:f2:8b:4d:
c1:a4:71:e7:1e:23:8f:de:c4:fc:b2:1c:2f:a9:e3:8d:c7:e5:
37:15:2c:16:af:f8:59:bf:8b:bf:5b:d1:c3:a6:6b:03:31:42:
30:04:b5:9e:26:2d:19:5b:02:5f:07:4a:f3:19:e8:e5:e4:97:
a2:e7:db:24
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZMfw0NYkxAFk5X0zQ2+kLrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjQxMTEyMDk0NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU0YTEwYjgyYjU5Y2MzOGZlNTJmNWRkYzc0NTYxNDlkMGM3Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod2HGoCzPCF2VoRGM64dCcJcGWYZ
k74egI1qoxeNk3qpKNYj/U6CDxJeku34wT/rIgBXWSkiPFhfRp6ANPRYv7D6kVwy
phZhWrbFA4RzYwN4mcTNrerNKI+5sAcTTd7GrZQXC2hewfAuWj7NBPPkcmh7nxWd
dtQsAO74mFcbm5qEFKKPiboFqWB7TtvAdsK517YcUbFHybuqYwEXP0qn4yz1Wuht
+DXO4SawoAqrXw6ZVumpM+tqQh2q+iWsdNTVtqVdz0p0XKWLV41WjRFbToYkXy/C
XDtUcD7zv2Vwz4QvFd0jG9ZeBtgFXtyeuavsBxRd4EbjQs8U582qFWcCGwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEtUoQuCtZzDj+UvXdx0VhSdDHuUMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvUzFTaEM0SzFuTU9QNVM5ZDNIUldGSjBNZTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwMAPu4DBAK5
yGADBAXUXEADBAXUc8ADBAXVIuADBAXZP0ADBATZZvAwDQQCAAIwBwMFAyoCD2gw
DQYJKoZIhvcNAQELBQADggEBADTyimUeeYjR+WH8Sa8jK1wTvXKqxBeypqqn/I85
VQMDEarpNtzMQ98P8/748Vd6KDPrAEbH+45hADF04e5aQgvjBMa7ALl1Ug/py3yQ
b9r+DrCVNqAG58KFur6uiO9FqxQxW2ncxTYBgOmGMYb8bm91AWu86b8wmLCNr+nF
yhfnHL6as1POLlq8LmqV+xBQtW5m2b24LO+grfm1unhgGQcdIooSYDuUJ+jVhSil
I5cdOtfNZE8fsiGwYB14tnQQ25ctNPKLTcGkceceI4/exPyyHC+p443H5TcVLBav
+Fm/i79b0cOmawMxQjAEtZ4mLRlbAl8HSvMZ6OXkl6Ln2yQ=
-----END CERTIFICATE-----
Generated at Thu Nov 14 14:11:11 2024 by rpki-client on console.sobornost.net