Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/1dn7ELXpW8q-1n-a28apoStrAW8.roa
File: 1dn7ELXpW8q-1n-a28apoStrAW8.roa (raw, json)
Hash identifier: Uge2F1S1xtB0m/3B3fBEgnfKEq33n/kRlJadk3frEP0=
Subject key identifier: D5:D9:FB:10:B5:E9:5B:CA:BE:D6:7F:9A:DB:C6:A9:A1:2B:6B:01:6F
Certificate issuer: /CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Certificate serial: 0192567B37C42E12932F25F6A09417B1FFD3
Authority key identifier: 89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/1dn7ELXpW8q-1n-a28apoStrAW8.roa
Signing time: Fri 04 Oct 2024 07:42:48 +0000
ROA not before: Fri 04 Oct 2024 07:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207147
IP address blocks: 45.11.68.0/22 maxlen: 24
45.88.128.0/22 maxlen: 24
84.247.4.0/22 maxlen: 24
85.204.148.0/22 maxlen: 24
89.37.228.0/22 maxlen: 24
130.0.88.0/22 maxlen: 24
176.223.176.0/22 maxlen: 24
185.164.212.0/22 maxlen: 24
185.178.88.0/22 maxlen: 24
185.194.120.0/22 maxlen: 24
185.237.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:7b:37:c4:2e:12:93:2f:25:f6:a0:94:17:b1:ff:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Validity
Not Before: Oct 4 07:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5d9fb10b5e95bcabed67f9adbc6a9a12b6b016f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2e:0c:4d:ca:7d:98:17:09:9f:60:8f:fa:9b:
ec:10:3c:a0:78:12:fe:65:c3:18:43:36:ca:b5:50:
6a:58:08:f7:df:a3:65:9f:3c:cb:20:06:e6:dd:f5:
ac:6b:04:8a:72:c1:81:6e:8c:a3:c5:cb:ae:4e:bd:
6b:ea:6b:af:6a:a4:be:73:6d:17:ff:17:da:fe:65:
c9:96:7f:da:22:a4:77:7d:ec:6c:2d:e1:e0:d8:8a:
56:a4:70:aa:7d:9e:bb:30:09:d6:60:70:bc:97:08:
fa:62:a3:c5:49:54:2c:5b:78:6a:29:c1:4d:2d:28:
7f:5e:b2:51:66:c0:3b:8d:d2:5e:66:c1:ba:70:9f:
ea:df:80:cd:29:27:4b:7e:84:16:bf:ce:f0:7f:4e:
f9:d2:24:4d:c6:f2:bf:bb:5c:19:c4:e2:9e:a4:6a:
a2:ee:1e:89:c4:ea:9b:a2:b5:59:20:b6:f0:a5:b9:
07:b8:fc:59:c7:2d:56:ea:a2:1f:b0:f6:bf:2e:c1:
36:b5:c7:c4:0c:c4:5a:c3:4c:9b:c9:37:81:3a:44:
da:d5:d3:3c:9b:28:d7:51:81:93:70:4a:bb:d8:0b:
cc:0f:77:49:d2:a2:1b:3c:d4:35:ba:56:ab:ca:d8:
74:a2:f4:5a:15:bc:f6:a5:08:c7:48:1c:bf:6f:40:
c4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D9:FB:10:B5:E9:5B:CA:BE:D6:7F:9A:DB:C6:A9:A1:2B:6B:01:6F
X509v3 Authority Key Identifier:
keyid:89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/1dn7ELXpW8q-1n-a28apoStrAW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.68.0/22
45.88.128.0/22
84.247.4.0/22
85.204.148.0/22
89.37.228.0/22
130.0.88.0/22
176.223.176.0/22
185.164.212.0/22
185.178.88.0/22
185.194.120.0/22
185.237.40.0/22
Signature Algorithm: sha256WithRSAEncryption
92:26:ae:c5:af:99:f8:7f:25:11:e9:20:90:c7:3c:00:ab:4f:
e1:87:f3:fe:2e:4d:13:cf:fb:6c:60:55:86:7f:4a:44:e4:67:
d9:c9:9a:2a:51:34:25:a5:c2:33:c7:1b:55:08:df:39:9e:27:
02:4b:63:65:6e:b5:e0:62:6b:32:08:c2:41:57:6a:31:97:d4:
f8:ba:00:74:cb:64:fc:26:a4:e7:71:50:80:bb:37:44:62:b1:
cc:0d:99:2b:3d:44:3b:8d:0c:10:5a:29:e7:a3:95:16:d6:e7:
c5:d0:6f:2c:a0:a0:b6:fd:6b:56:ca:2c:13:1e:e1:c3:ed:b3:
ea:6c:d4:eb:b4:cb:6e:c6:81:52:7f:2d:91:49:4e:0e:be:10:
f4:7a:1c:3d:e7:a2:e6:65:ac:76:db:3c:b1:3f:65:60:4f:45:
80:48:27:94:52:ee:a3:19:90:dd:06:e8:5f:18:9e:b6:55:1d:
8a:8a:e6:b9:19:87:19:95:91:d3:5b:ee:80:2d:ca:e8:8c:b0:
6c:1c:69:09:d3:0e:d4:19:30:71:ad:6b:75:dc:bc:5b:1e:82:
1d:0d:85:1e:6c:41:db:b3:0f:77:37:27:6b:1d:3e:62:25:41:
5f:67:57:b6:d4:5b:5b:1c:27:24:68:3b:f5:85:55:ec:eb:f3:
fe:4a:15:6d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZJWezfELhKTLyX2oJQXsf/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzhmZjVkYWIzM2M0MmRhNjVmZTRlMWFiZmJjYTRlYWZi
ZGQyYWEwHhcNMjQxMDA0MDc0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ5ZmIxMGI1ZTk1YmNhYmVkNjdmOWFkYmM2YTlhMTJiNmIwMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i4MTcp9mBcJn2CP+pvsEDygeBL+
ZcMYQzbKtVBqWAj336NlnzzLIAbm3fWsawSKcsGBboyjxcuuTr1r6muvaqS+c20X
/xfa/mXJln/aIqR3fexsLeHg2IpWpHCqfZ67MAnWYHC8lwj6YqPFSVQsW3hqKcFN
LSh/XrJRZsA7jdJeZsG6cJ/q34DNKSdLfoQWv87wf0750iRNxvK/u1wZxOKepGqi
7h6JxOqborVZILbwpbkHuPxZxy1W6qIfsPa/LsE2tcfEDMRaw0ybyTeBOkTa1dM8
myjXUYGTcEq72AvMD3dJ0qIbPNQ1ularyth0ovRaFbz2pQjHSBy/b0DE6QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNXZ+xC16VvKvtZ/mtvGqaErawFvMB8GA1UdIwQY
MBaAFIl4/12rM8Qtpl/k4av7yk6vvdKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQt
ZDAyZDk2YzM2Y2EzLzEvMWRuN0VMWHBXOHEtMW4tYTI4YXBvU3RyQVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQtZDAyZDk2YzM2Y2Ez
LzEvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLQtEAwQC
LViAAwQCVPcEAwQCVcyUAwQCWSXkAwQCggBYAwQCsN+wAwQCuaTUAwQCubJYAwQC
ucJ4AwQCue0oMA0GCSqGSIb3DQEBCwUAA4IBAQCSJq7Fr5n4fyUR6SCQxzwAq0/h
h/P+Lk0Tz/tsYFWGf0pE5GfZyZoqUTQlpcIzxxtVCN85nicCS2NlbrXgYmsyCMJB
V2oxl9T4ugB0y2T8JqTncVCAuzdEYrHMDZkrPUQ7jQwQWinno5UW1ufF0G8soKC2
/WtWyiwTHuHD7bPqbNTrtMtuxoFSfy2RSU4OvhD0ehw956LmZax22zyxP2VgT0WA
SCeUUu6jGZDdBuhfGJ62VR2Kiua5GYcZlZHTW+6ALcrojLBsHGkJ0w7UGTBxrWt1
3LxbHoIdDYUebEHbsw93NydrHT5iJUFfZ1e21FtbHCckaDv1hVXs6/P+ShVt
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:13 2024 by rpki-client on console.sobornost.net