Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/K0JBUfzeHu81r5VAbCzlYiXIqwo.roa
File: K0JBUfzeHu81r5VAbCzlYiXIqwo.roa (raw, json)
Hash identifier: mOjC3txDIIh+W9X/TA9xnAuEGhHaa6bfuhpRUoptIxs=
Subject key identifier: 2B:42:41:51:FC:DE:1E:EF:35:AF:95:40:6C:2C:E5:62:25:C8:AB:0A
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 0193AFCE232F0644CA7CD8590F8B437E53D5
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/K0JBUfzeHu81r5VAbCzlYiXIqwo.roa
Signing time: Tue 10 Dec 2024 09:02:22 +0000
ROA not before: Tue 10 Dec 2024 09:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41275
IP address blocks: 5.35.112.0/22 maxlen: 22
5.35.113.0/24 maxlen: 24
62.217.184.0/21 maxlen: 21
85.198.104.0/23 maxlen: 23
89.169.48.0/22 maxlen: 22
89.207.216.0/21 maxlen: 21
89.207.221.0/24 maxlen: 24
93.157.244.0/22 maxlen: 22
95.131.144.0/21 maxlen: 21
185.136.76.0/22 maxlen: 22
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
217.150.200.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:ce:23:2f:06:44:ca:7c:d8:59:0f:8b:43:7e:53:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: Dec 10 09:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b424151fcde1eef35af95406c2ce56225c8ab0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:12:c6:6b:87:8f:44:e7:47:8e:db:98:0e:
a1:e7:49:65:00:51:72:49:7f:f9:b0:e5:95:8c:7f:
31:6a:1c:21:79:52:59:09:bf:e0:13:c1:5d:d4:a2:
87:91:9a:53:c0:7e:43:06:e5:7c:0f:ae:f7:8b:4d:
68:ad:99:3f:17:53:50:c0:54:de:f6:91:ef:91:60:
1a:74:a6:6b:aa:e0:14:4d:1f:26:da:cd:52:e2:38:
3c:a0:8b:45:d1:71:b6:31:58:36:7a:d4:b5:9d:b4:
79:55:18:16:e3:0c:6e:c6:36:d2:76:f4:2d:6a:4d:
d4:3e:95:99:3d:bb:d2:5d:5d:33:1f:c5:ca:0f:8e:
cf:f6:69:79:0b:61:f5:ce:7f:3b:2c:f6:11:de:67:
9b:92:a5:48:6a:63:54:ac:fc:ec:39:40:eb:e4:fc:
b5:26:da:f8:00:aa:16:11:8e:04:ec:be:59:c9:5a:
3d:5a:fa:b9:b6:2e:a2:c1:e3:e9:2d:56:13:f9:6c:
46:d1:69:64:53:82:91:51:1f:a2:65:05:93:00:79:
83:58:a2:08:71:bc:86:ae:28:40:b2:d1:dc:87:21:
0d:5b:ff:25:2e:4d:8f:00:71:9e:eb:dd:43:87:42:
b6:a0:02:0e:34:ba:28:9a:44:0c:2e:4a:b7:9e:7d:
63:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:42:41:51:FC:DE:1E:EF:35:AF:95:40:6C:2C:E5:62:25:C8:AB:0A
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/K0JBUfzeHu81r5VAbCzlYiXIqwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.112.0/22
62.217.184.0/21
85.198.104.0/23
89.169.48.0/22
89.207.216.0/21
93.157.244.0/22
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
217.150.200.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:fd:46:21:7d:37:15:6e:db:8d:38:89:9e:ab:09:15:fd:62:
d4:64:7c:cd:78:9b:aa:b1:2a:98:f4:aa:d1:4a:37:cf:69:86:
3d:43:c9:be:b5:76:4b:9c:74:bd:38:05:6e:89:4b:47:68:25:
15:fc:e7:d8:a4:84:9b:60:76:08:66:15:82:76:80:62:ee:e0:
7f:c3:c2:b6:b5:30:bf:dd:ca:ad:b6:69:55:22:0f:3c:e4:ad:
88:88:28:8c:f5:fb:5e:ee:d1:f2:3e:94:73:e0:12:99:33:49:
84:49:f7:b0:a2:60:a9:7b:d8:2e:67:e0:2b:f4:e1:89:6e:b5:
77:aa:70:ed:bc:94:b0:66:4c:be:f5:2c:56:42:90:07:d2:90:
8c:41:3a:51:a5:39:e8:99:dc:6f:97:96:b3:f3:86:3d:c8:85:
91:be:db:0f:80:a3:1f:78:71:21:32:21:89:63:9a:69:86:62:
e2:5e:a8:9d:3a:08:10:ca:07:4c:a2:fd:47:13:99:59:1a:f5:
62:3a:b0:11:51:52:6b:0f:63:0c:2f:c2:fb:03:c2:2d:6d:33:
b3:c4:02:37:e0:2b:c0:d4:38:06:50:00:c7:4b:cd:70:2b:0d:
eb:53:97:08:6b:3f:c1:d2:49:97:f4:63:3d:e1:da:fb:2d:3f:
ed:3d:96:0b
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZOvziMvBkTKfNhZD4tDflPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjQxMjEwMDkwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQyNDE1MWZjZGUxZWVmMzVhZjk1NDA2YzJjZTU2MjI1YzhhYjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgESxmuHj0TnR47bmA6h50llAFFy
SX/5sOWVjH8xahwheVJZCb/gE8Fd1KKHkZpTwH5DBuV8D673i01orZk/F1NQwFTe
9pHvkWAadKZrquAUTR8m2s1S4jg8oItF0XG2MVg2etS1nbR5VRgW4wxuxjbSdvQt
ak3UPpWZPbvSXV0zH8XKD47P9ml5C2H1zn87LPYR3mebkqVIamNUrPzsOUDr5Py1
Jtr4AKoWEY4E7L5ZyVo9Wvq5ti6iwePpLVYT+WxG0WlkU4KRUR+iZQWTAHmDWKII
cbyGrihAstHchyENW/8lLk2PAHGe691Dh0K2oAIONLoomkQMLkq3nn1jKwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCtCQVH83h7vNa+VQGws5WIlyKsKMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvSzBKQlVmemVIdTgxcjVWQWJDemxZaVhJcXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCBSNwAwQD
Ptm4AwQBVcZoAwQCWakwAwQDWc/YAwQCXZ30AwQDX4OQAwQCuYhMMAwDBAC5mxED
BAK5mxADBAHZlsgwDQYJKoZIhvcNAQELBQADggEBAKD9RiF9NxVu2404iZ6rCRX9
YtRkfM14m6qxKpj0qtFKN89phj1Dyb61dkucdL04BW6JS0doJRX859ikhJtgdghm
FYJ2gGLu4H/Dwra1ML/dyq22aVUiDzzkrYiIKIz1+17u0fI+lHPgEpkzSYRJ97Ci
YKl72C5n4Cv04YlutXeqcO28lLBmTL71LFZCkAfSkIxBOlGlOeiZ3G+XlrPzhj3I
hZG+2w+Aox94cSEyIYljmmmGYuJeqJ06CBDKB0yi/UcTmVka9WI6sBFRUmsPYwwv
wvsDwi1tM7PEAjfgK8DUOAZQAMdLzXArDetTlwhrP8HSSZf0Yz3h2vstP+09lgs=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:57 2024 by rpki-client on console.sobornost.net