Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pP2g6FpLOkVZbBxEyKZAbUCa3o4.roa
File: pP2g6FpLOkVZbBxEyKZAbUCa3o4.roa (raw, json)
Hash identifier: 28rHQsVTdhqiyBfHBScYahpaxe6Xjm1hGLhZ64W2RVk=
Subject key identifier: A4:FD:A0:E8:5A:4B:3A:45:59:6C:1C:44:C8:A6:40:6D:40:9A:DE:8E
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01934643D239A1F9CF9A81977D9C46708C95
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pP2g6FpLOkVZbBxEyKZAbUCa3o4.roa
Signing time: Tue 19 Nov 2024 21:11:10 +0000
ROA not before: Tue 19 Nov 2024 21:11:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 46.3.191.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.72.0/21 maxlen: 24
46.232.96.0/21 maxlen: 24
149.126.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:46:43:d2:39:a1:f9:cf:9a:81:97:7d:9c:46:70:8c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Nov 19 21:11:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4fda0e85a4b3a45596c1c44c8a6406d409ade8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f7:36:57:b5:7a:22:ee:7a:e8:de:19:a2:89:
4f:62:3d:52:b6:86:25:9b:e4:0a:f7:f2:6c:c4:9d:
c8:be:fa:2c:60:c7:ca:fc:88:b8:24:10:2a:19:89:
0c:77:15:0e:47:5f:4a:61:9b:60:b6:8d:0e:92:86:
52:d3:b1:90:b2:72:01:71:83:af:8a:4f:ae:f0:04:
12:96:60:65:15:a9:ed:df:66:61:e4:85:c7:30:de:
f2:48:4b:d0:21:d5:bf:2e:d0:7c:48:5f:cd:d2:8e:
a9:d8:17:fd:72:83:3f:25:2a:22:0e:59:55:27:d3:
a9:74:e6:08:8c:cb:f4:9a:4a:71:f4:58:3f:40:6c:
93:25:3a:2e:3d:cd:7d:8c:57:7a:7c:4e:33:cb:11:
a6:39:36:0a:56:90:32:b5:e3:c0:72:cf:28:46:e8:
61:30:8e:18:8c:fd:0d:9e:9a:32:38:f3:0d:6c:e7:
f2:f2:b4:23:f4:fc:96:ef:81:b1:23:c4:57:7d:be:
a4:57:66:18:c2:82:8f:ac:e3:1c:e5:e0:95:82:45:
04:42:9c:8b:ac:27:13:ae:3d:39:c1:da:c8:52:48:
bf:e8:01:a7:1c:8a:3f:e3:f3:5f:bb:25:60:ee:86:
6a:2b:f8:25:57:9a:c2:85:10:5c:f9:a8:f2:09:51:
af:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FD:A0:E8:5A:4B:3A:45:59:6C:1C:44:C8:A6:40:6D:40:9A:DE:8E
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pP2g6FpLOkVZbBxEyKZAbUCa3o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.191.0/24
46.3.200.0/23
46.3.250.0/24
46.232.67.0/24
46.232.72.0/21
46.232.96.0/21
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
26:9f:f8:f6:08:e0:47:c1:b1:e8:38:97:7b:46:9a:13:ec:ce:
7d:b7:a9:cf:73:0f:6c:1b:d7:f1:97:43:60:b7:da:1b:2a:c5:
b2:1c:a8:ed:87:50:b3:68:42:a7:32:7a:12:e7:d7:22:e1:50:
87:f5:b1:79:cb:e3:c6:28:bf:5f:27:3e:fa:4b:6c:81:37:30:
df:d7:15:3d:54:87:52:51:11:43:b1:f0:c0:40:4c:56:31:1c:
1e:5a:3f:6b:16:94:f0:85:35:13:31:31:10:99:7e:ea:c1:66:
7e:a8:07:45:93:88:28:1f:16:43:83:f1:02:81:bf:e8:93:9a:
50:da:b7:b8:b2:2d:33:a6:04:fe:00:3a:e3:7e:14:7c:1e:ba:
92:eb:11:27:15:1a:c7:ff:6b:b5:fc:b9:d6:ed:4d:3e:20:f5:
ca:81:50:52:db:b2:f3:bd:a7:2f:23:a7:25:5e:3a:4c:5c:3b:
4b:6f:2e:e1:35:d5:0e:31:af:d6:1c:26:8f:29:2d:da:a0:11:
72:7e:6d:5c:0e:2f:ba:85:8f:9a:d6:8a:f6:96:87:11:42:33:
43:74:01:fc:fe:98:48:34:12:07:12:26:d9:df:88:17:31:c9:
96:53:43:92:84:65:ae:31:25:d5:fa:9a:a7:fe:26:6d:e1:4d:
0c:0b:38:41
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZNGQ9I5ofnPmoGXfZxGcIyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQxMTE5MjExMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGZkYTBlODVhNGIzYTQ1NTk2YzFjNDRjOGE2NDA2ZDQwOWFkZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vc2V7V6Iu566N4ZoolPYj1StoYl
m+QK9/JsxJ3IvvosYMfK/Ii4JBAqGYkMdxUOR19KYZtgto0OkoZS07GQsnIBcYOv
ik+u8AQSlmBlFant32Zh5IXHMN7ySEvQIdW/LtB8SF/N0o6p2Bf9coM/JSoiDllV
J9OpdOYIjMv0mkpx9Fg/QGyTJTouPc19jFd6fE4zyxGmOTYKVpAytePAcs8oRuhh
MI4YjP0NnpoyOPMNbOfy8rQj9PyW74GxI8RXfb6kV2YYwoKPrOMc5eCVgkUEQpyL
rCcTrj05wdrIUki/6AGnHIo/4/NfuyVg7oZqK/glV5rChRBc+ajyCVGvqQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKT9oOhaSzpFWWwcRMimQG1Amt6OMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvcFAyZzZGcExPa1ZaYkJ4RXlLWkFiVUNhM280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALgO/AwQB
LgPIAwQALgP6AwQALuhDAwQDLuhIAwQDLuhgAwQAlX78MA0GCSqGSIb3DQEBCwUA
A4IBAQAmn/j2COBHwbHoOJd7RpoT7M59t6nPcw9sG9fxl0Ngt9obKsWyHKjth1Cz
aEKnMnoS59ci4VCH9bF5y+PGKL9fJz76S2yBNzDf1xU9VIdSURFDsfDAQExWMRwe
Wj9rFpTwhTUTMTEQmX7qwWZ+qAdFk4goHxZDg/ECgb/ok5pQ2re4si0zpgT+ADrj
fhR8HrqS6xEnFRrH/2u1/LnW7U0+IPXKgVBS27LzvacvI6clXjpMXDtLby7hNdUO
Ma/WHCaPKS3aoBFyfm1cDi+6hY+a1or2locRQjNDdAH8/phINBIHEibZ34gXMcmW
U0OShGWuMSXV+pqn/iZt4U0MCzhB
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:17 2024 by rpki-client on console.sobornost.net