Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/Vjm3-4lnYqGT2_klSAyGy-xnuqw.roa
File: Vjm3-4lnYqGT2_klSAyGy-xnuqw.roa (raw, json)
Hash identifier: pSHYqwb4r+fURlw8xbqpq5F53O64RqDQ2I5P+FYPJUg=
Subject key identifier: 56:39:B7:FB:89:67:62:A1:93:DB:F9:25:48:0C:86:CB:EC:67:BA:AC
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 019343DBAB7BD1D1224F76C32CC017A3083E
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/Vjm3-4lnYqGT2_klSAyGy-xnuqw.roa
Signing time: Tue 19 Nov 2024 09:58:09 +0000
ROA not before: Tue 19 Nov 2024 09:58:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15435
IP address blocks: 62.238.128.0/17 maxlen: 24
81.172.128.0/17 maxlen: 24
87.99.128.0/17 maxlen: 24
141.224.192.0/18 maxlen: 24
149.143.32.0/19 maxlen: 24
149.143.64.0/18 maxlen: 24
185.200.96.0/22 maxlen: 24
204.168.128.0/17 maxlen: 24
212.92.64.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
213.34.224.0/19 maxlen: 24
217.63.64.0/19 maxlen: 24
217.102.240.0/20 maxlen: 24
2a02:f68::/29 maxlen: 48
2a07:31c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:db:ab:7b:d1:d1:22:4f:76:c3:2c:c0:17:a3:08:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Nov 19 09:58:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5639b7fb896762a193dbf925480c86cbec67baac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a4:2f:df:cb:62:2b:7b:91:f2:c6:f3:88:ea:
95:8a:7a:46:b9:7c:86:5b:3e:24:f8:25:9d:3f:28:
b0:8a:c3:81:e9:d3:ed:e2:fd:20:c4:91:25:25:1a:
9c:e2:95:98:ff:de:46:8e:b8:62:be:80:33:34:df:
0d:3d:82:48:14:f8:c8:ef:21:d6:f9:02:0f:61:8a:
69:7a:f3:4c:58:45:f5:62:b2:35:65:e4:57:59:6a:
55:80:46:63:47:67:99:e2:7b:8d:20:43:88:3d:cf:
13:4b:dd:56:20:44:4e:72:85:11:49:fb:02:ee:f6:
e3:24:1a:c8:65:b8:af:27:42:b5:d0:39:d6:cd:22:
0d:47:bf:a1:6c:65:34:58:73:4c:02:ae:d3:89:e5:
52:66:03:bb:ff:d4:fc:75:44:d9:ad:e9:55:1b:9b:
55:fe:ea:1f:8e:09:06:e8:06:59:9c:c2:ca:40:19:
12:e2:f6:62:e0:b1:19:fd:5d:3a:d1:08:62:99:f4:
13:40:08:ee:2b:6a:55:97:02:85:6c:11:09:06:b2:
6f:b6:52:c8:34:6f:fa:51:fa:dd:91:31:c2:97:2e:
f7:c4:3e:5e:69:33:64:84:2d:53:0d:82:29:cc:3a:
fa:54:b6:fc:95:86:9d:e6:09:94:49:54:51:1b:67:
66:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:39:B7:FB:89:67:62:A1:93:DB:F9:25:48:0C:86:CB:EC:67:BA:AC
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/Vjm3-4lnYqGT2_klSAyGy-xnuqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.238.128.0/17
81.172.128.0/17
87.99.128.0/17
141.224.192.0/18
149.143.32.0-149.143.127.255
185.200.96.0/22
204.168.128.0/17
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
2a07:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
83:10:e8:cc:8e:c0:2e:65:ef:02:1d:0f:ba:59:b9:70:08:7e:
fe:ec:8d:93:a6:a8:48:68:10:f4:9e:67:b4:e8:23:24:db:ab:
a3:bb:21:13:c5:26:56:46:e8:6e:96:e7:5d:f8:50:ab:fb:52:
54:f9:fd:61:e3:64:b7:12:c3:1b:10:ef:f7:6f:d5:23:32:db:
9a:6e:f7:67:2c:bd:ab:66:90:47:d5:9b:c5:d8:41:e5:64:4f:
54:40:7e:61:7a:61:67:56:3d:00:1e:ab:ab:b2:47:12:92:73:
71:4e:4d:c9:8d:bc:48:cb:d7:6a:92:cc:23:47:81:d8:df:e6:
e5:28:33:ca:ce:c0:5f:e0:ca:89:49:d6:7b:b8:28:d4:7b:7d:
7e:2f:56:e7:2a:31:a0:f5:fa:07:05:3e:47:d5:79:29:06:34:
c3:27:68:68:83:6e:29:79:d7:88:ff:67:0c:aa:e1:8d:e6:43:
91:59:d5:4f:d1:ca:f1:f6:7a:92:86:6d:8c:12:bb:a7:40:4b:
de:fd:c1:65:d9:54:4e:2a:b5:b0:12:0f:f3:f7:14:59:39:63:
47:de:fb:e7:82:a6:41:be:f8:2a:ad:54:08:dd:98:5b:d3:0a:
9e:69:0c:46:d2:9b:36:c3:b7:68:33:9d:cb:77:28:93:87:96:
a6:04:ff:da
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZND26t70dEiT3bDLMAXowg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjQxMTE5MDk1ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjM5YjdmYjg5Njc2MmExOTNkYmY5MjU0ODBjODZjYmVjNjdiYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Qv38tiK3uR8sbziOqVinpGuXyG
Wz4k+CWdPyiwisOB6dPt4v0gxJElJRqc4pWY/95GjrhivoAzNN8NPYJIFPjI7yHW
+QIPYYppevNMWEX1YrI1ZeRXWWpVgEZjR2eZ4nuNIEOIPc8TS91WIEROcoURSfsC
7vbjJBrIZbivJ0K10DnWzSINR7+hbGU0WHNMAq7TieVSZgO7/9T8dUTZrelVG5tV
/uofjgkG6AZZnMLKQBkS4vZi4LEZ/V060QhimfQTQAjuK2pVlwKFbBEJBrJvtlLI
NG/6UfrdkTHCly73xD5eaTNkhC1TDYIpzDr6VLb8lYad5gmUSVRRG2dmvwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFFY5t/uJZ2Khk9v5JUgMhsvsZ7qsMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvVmptMy00bG5ZcUdUMl9rbFNBeUd5LXhudXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQHPu6AAwQH
UayAAwQHV2OAAwQGjeDAMAwDBAWVjyADBAeVjwADBAK5yGADBAfMqIADBAXUXEAD
BAXUc8ADBAXVIuADBAXZP0ADBATZZvAwFAQCAAIwDgMFAyoCD2gDBQMqBzHAMA0G
CSqGSIb3DQEBCwUAA4IBAQCDEOjMjsAuZe8CHQ+6WblwCH7+7I2TpqhIaBD0nme0
6CMk26ujuyETxSZWRuhuludd+FCr+1JU+f1h42S3EsMbEO/3b9UjMtuabvdnLL2r
ZpBH1ZvF2EHlZE9UQH5hemFnVj0AHqurskcSknNxTk3JjbxIy9dqkswjR4HY3+bl
KDPKzsBf4MqJSdZ7uCjUe31+L1bnKjGg9foHBT5H1XkpBjTDJ2hog24pedeI/2cM
quGN5kORWdVP0crx9nqShm2MErunQEve/cFl2VROKrWwEg/z9xRZOWNH3vvngqZB
vvgqrVQI3Zhb0wqeaQxG0ps2w7doM53LdyiTh5amBP/a
-----END CERTIFICATE-----
Generated at Thu Nov 21 02:21:10 2024 by rpki-client on console.sobornost.net