Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8f3fed-2c53-4eca-a332-4579a38f6d08/1/XnDA9NA-XyCm6Rmzwel9OO_EsWs.roa
File: XnDA9NA-XyCm6Rmzwel9OO_EsWs.roa (raw, json)
Hash identifier: fflnPZjqJJGYltNlQXmdxQZ8e+GuCt2t6sEKvT9t+cY=
Subject key identifier: 5E:70:C0:F4:D0:3E:5F:20:A6:E9:19:B3:C1:E9:7D:38:EF:C4:B1:6B
Certificate issuer: /CN=5f4a8f04ef2febe54f9db6a9a2f856594b6e2f08
Certificate serial: 01938C75CA21119A2029E7F6C0C79703A287
Authority key identifier: 5F:4A:8F:04:EF:2F:EB:E5:4F:9D:B6:A9:A2:F8:56:59:4B:6E:2F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X0qPBO8v6-VPnbapovhWWUtuLwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8f3fed-2c53-4eca-a332-4579a38f6d08/1/XnDA9NA-XyCm6Rmzwel9OO_EsWs.roa
Signing time: Tue 03 Dec 2024 12:19:09 +0000
ROA not before: Tue 03 Dec 2024 12:19:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16178
IP address blocks: 46.36.160.0/19 maxlen: 20
79.142.0.0/20 maxlen: 20
85.158.32.0/21 maxlen: 21
85.158.32.0/24 maxlen: 24
85.158.35.0/24 maxlen: 24
85.158.36.0/22 maxlen: 22
178.77.0.0/18 maxlen: 18
178.77.0.0/19 maxlen: 19
178.77.0.0/20 maxlen: 20
178.77.16.0/20 maxlen: 20
178.77.32.0/19 maxlen: 19
185.14.124.0/22 maxlen: 22
217.75.192.0/20 maxlen: 20
217.75.192.0/21 maxlen: 21
217.75.192.0/24 maxlen: 24
217.75.193.0/24 maxlen: 24
217.75.194.0/24 maxlen: 24
217.75.195.0/24 maxlen: 24
217.75.196.0/24 maxlen: 24
217.75.197.0/24 maxlen: 24
217.75.198.0/24 maxlen: 24
217.75.199.0/24 maxlen: 24
217.75.200.0/21 maxlen: 21
217.75.200.0/24 maxlen: 24
217.75.201.0/24 maxlen: 24
217.75.202.0/24 maxlen: 24
217.75.203.0/24 maxlen: 24
217.75.204.0/24 maxlen: 24
217.75.205.0/24 maxlen: 24
217.75.206.0/24 maxlen: 24
217.75.207.0/24 maxlen: 24
2a00:fe8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:75:ca:21:11:9a:20:29:e7:f6:c0:c7:97:03:a2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f4a8f04ef2febe54f9db6a9a2f856594b6e2f08
Validity
Not Before: Dec 3 12:19:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e70c0f4d03e5f20a6e919b3c1e97d38efc4b16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:21:d0:f4:3a:ee:d7:77:28:18:50:88:fe:
79:a6:84:c9:11:89:b5:65:40:6c:a1:71:b7:08:74:
32:58:24:c1:db:62:a2:e2:8f:b0:3f:83:ad:ea:10:
bb:49:d6:8e:bd:1a:8c:dc:ae:6e:f4:27:86:65:ae:
bf:bb:0e:e8:e3:ef:46:c8:83:fb:ef:6d:b3:cc:f7:
ff:87:7c:a2:61:ff:05:40:be:20:b1:82:6d:07:12:
16:52:ae:0d:d3:53:3b:86:63:27:6a:86:f2:ea:4f:
e3:11:c8:63:3a:3e:11:fd:cc:4e:b5:01:bc:29:fd:
75:2c:a7:29:28:d2:55:e0:a2:5d:7e:df:af:07:df:
c0:d0:23:30:73:35:29:95:7f:20:b4:99:29:5d:8e:
7c:12:db:e8:67:84:26:e6:da:69:1b:a1:33:17:c7:
17:10:1f:e7:68:81:15:6f:fb:1b:a8:b5:ad:d2:07:
97:7d:68:ae:19:78:af:50:95:5f:ed:24:2b:49:37:
07:4c:00:61:00:d7:ac:a5:bf:19:4f:07:66:c5:71:
e7:7f:07:09:1c:ef:2c:cf:a6:cd:6a:db:ff:71:f4:
36:be:d2:a3:a0:80:20:fb:a2:91:7d:36:d1:7b:9c:
b8:90:d2:b2:9b:07:12:15:a2:f8:62:dc:0a:79:d3:
36:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:70:C0:F4:D0:3E:5F:20:A6:E9:19:B3:C1:E9:7D:38:EF:C4:B1:6B
X509v3 Authority Key Identifier:
keyid:5F:4A:8F:04:EF:2F:EB:E5:4F:9D:B6:A9:A2:F8:56:59:4B:6E:2F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X0qPBO8v6-VPnbapovhWWUtuLwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8f3fed-2c53-4eca-a332-4579a38f6d08/1/XnDA9NA-XyCm6Rmzwel9OO_EsWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8f3fed-2c53-4eca-a332-4579a38f6d08/1/X0qPBO8v6-VPnbapovhWWUtuLwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.160.0/19
79.142.0.0/20
85.158.32.0/21
178.77.0.0/18
185.14.124.0/22
217.75.192.0/20
IPv6:
2a00:fe8::/32
Signature Algorithm: sha256WithRSAEncryption
3a:c2:19:e7:a4:cb:59:98:99:18:87:b3:db:ef:f2:7a:fd:6e:
ef:c2:5b:77:f9:0b:bd:7b:7e:78:23:c6:8e:5d:c9:45:55:ba:
c1:30:ce:83:3f:74:81:3d:c0:3f:d9:68:a1:45:bc:c4:82:da:
54:a4:19:76:4a:51:c7:d2:51:a8:4f:af:f6:0d:bb:d1:5d:ea:
e5:72:ec:07:53:0d:a4:1b:dd:2e:bc:24:03:a5:24:98:94:3f:
fe:0e:50:cd:52:7e:b7:75:f6:45:e1:24:b9:75:fd:d4:98:d3:
fd:6d:1a:a6:f7:72:ca:36:6c:d4:45:64:2d:73:9e:6b:2f:71:
ca:7b:61:6f:c7:aa:68:b8:3e:63:1d:7f:82:a8:f0:b0:08:94:
14:e7:15:12:50:d9:40:a2:e4:68:ac:04:0a:0c:8c:fa:2f:e6:
c9:b0:56:6f:68:34:8a:69:02:bd:fe:21:2d:fa:21:75:bf:29:
1a:05:11:39:43:e0:15:97:0c:44:09:2c:48:dc:c7:61:2c:f2:
4d:a9:f6:7c:b0:c9:7f:1f:a0:b6:39:7a:2d:d6:8d:37:2c:ea:
ae:52:fd:de:d9:56:79:e6:a0:f1:58:aa:e0:d1:d6:ca:13:2b:
68:f5:f3:fc:d3:6c:7e:21:c2:42:68:08:27:a9:fc:2e:cd:02:
93:8d:df:f5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZOMdcohEZogKef2wMeXA6KHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNGE4ZjA0ZWYyZmViZTU0ZjlkYjZhOWEyZjg1NjU5NGI2
ZTJmMDgwHhcNMjQxMjAzMTIxOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcwYzBmNGQwM2U1ZjIwYTZlOTE5YjNjMWU5N2QzOGVmYzRiMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMIh0PQ67td3KBhQiP55poTJEYm1
ZUBsoXG3CHQyWCTB22Ki4o+wP4Ot6hC7SdaOvRqM3K5u9CeGZa6/uw7o4+9GyIP7
722zzPf/h3yiYf8FQL4gsYJtBxIWUq4N01M7hmMnaoby6k/jEchjOj4R/cxOtQG8
Kf11LKcpKNJV4KJdft+vB9/A0CMwczUplX8gtJkpXY58EtvoZ4Qm5tppG6EzF8cX
EB/naIEVb/sbqLWt0geXfWiuGXivUJVf7SQrSTcHTABhANespb8ZTwdmxXHnfwcJ
HO8sz6bNatv/cfQ2vtKjoIAg+6KRfTbRe5y4kNKymwcSFaL4YtwKedM2owIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF5wwPTQPl8gpukZs8HpfTjvxLFrMB8GA1UdIwQY
MBaAFF9KjwTvL+vlT522qaL4VllLbi8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDBxUEJPOHY2LVZQbmJhcG92aFdXVXR1THdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZjNmZWQtMmM1My00ZWNhLWEzMzIt
NDU3OWEzOGY2ZDA4LzEvWG5EQTlOQS1YeUNtNlJtendlbDlPT19Fc1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZjNmZWQtMmM1My00ZWNhLWEzMzItNDU3OWEzOGY2ZDA4
LzEvWDBxUEJPOHY2LVZQbmJhcG92aFdXVXR1THdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFLiSgAwQE
T44AAwQDVZ4gAwQGsk0AAwQCuQ58AwQE2UvAMA0EAgACMAcDBQAqAA/oMA0GCSqG
SIb3DQEBCwUAA4IBAQA6whnnpMtZmJkYh7Pb7/J6/W7vwlt3+Qu9e354I8aOXclF
VbrBMM6DP3SBPcA/2WihRbzEgtpUpBl2SlHH0lGoT6/2DbvRXerlcuwHUw2kG90u
vCQDpSSYlD/+DlDNUn63dfZF4SS5df3UmNP9bRqm93LKNmzURWQtc55rL3HKe2Fv
x6pouD5jHX+CqPCwCJQU5xUSUNlAouRorAQKDIz6L+bJsFZvaDSKaQK9/iEt+iF1
vykaBRE5Q+AVlwxECSxI3MdhLPJNqfZ8sMl/H6C2OXot1o03LOquUv3e2VZ55qDx
WKrg0dbKEyto9fP802x+IcJCaAgnqfwuzQKTjd/1
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:06 2024 by rpki-client on console.sobornost.net