Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/XvvY3J1hR0Gw8hPP5hGnLTokSFQ.roa
File: XvvY3J1hR0Gw8hPP5hGnLTokSFQ.roa (raw, json)
Hash identifier: xcOb3AXIOPfOlPpdizJXfLPrSCW0sXgHIO102iHYn5Q=
Subject key identifier: 5E:FB:D8:DC:9D:61:47:41:B0:F2:13:CF:E6:11:A7:2D:3A:24:48:54
Certificate issuer: /CN=624c494f56193b4e9adf3db72e4f01978c587f18
Certificate serial: 0192A213A0FDF09C31BBE3A29B6D6C25899E
Authority key identifier: 62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/XvvY3J1hR0Gw8hPP5hGnLTokSFQ.roa
Signing time: Sat 19 Oct 2024 00:00:48 +0000
ROA not before: Sat 19 Oct 2024 00:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57363
IP address blocks: 91.231.234.0/24 maxlen: 24
91.231.235.0/24 maxlen: 24
91.231.236.0/24 maxlen: 24
91.231.237.0/24 maxlen: 24
91.231.239.0/24 maxlen: 24
91.238.108.0/24 maxlen: 24
91.238.109.0/24 maxlen: 24
91.238.110.0/24 maxlen: 24
91.240.168.0/24 maxlen: 24
91.240.169.0/24 maxlen: 24
91.240.170.0/24 maxlen: 24
91.240.171.0/24 maxlen: 24
151.236.64.0/24 maxlen: 24
151.236.65.0/24 maxlen: 24
151.236.67.0/24 maxlen: 24
151.236.68.0/24 maxlen: 24
151.236.70.0/24 maxlen: 24
151.236.72.0/24 maxlen: 24
151.236.73.0/24 maxlen: 24
151.236.74.0/24 maxlen: 24
151.236.75.0/24 maxlen: 24
151.236.76.0/24 maxlen: 24
151.236.77.0/24 maxlen: 24
151.236.78.0/24 maxlen: 24
151.236.80.0/24 maxlen: 24
151.236.81.0/24 maxlen: 24
151.236.83.0/24 maxlen: 24
151.236.84.0/24 maxlen: 24
151.236.85.0/24 maxlen: 24
151.236.86.0/24 maxlen: 24
151.236.87.0/24 maxlen: 24
151.236.88.0/24 maxlen: 24
151.236.89.0/24 maxlen: 24
151.236.90.0/24 maxlen: 24
151.236.91.0/24 maxlen: 24
151.236.94.0/24 maxlen: 24
151.236.95.0/24 maxlen: 24
151.236.96.0/24 maxlen: 24
151.236.99.0/24 maxlen: 24
151.236.100.0/24 maxlen: 24
151.236.102.0/24 maxlen: 24
151.236.106.0/24 maxlen: 24
151.236.107.0/24 maxlen: 24
151.236.109.0/24 maxlen: 24
151.236.110.0/23 maxlen: 23
151.236.111.0/24 maxlen: 24
151.236.113.0/24 maxlen: 24
151.236.122.0/23 maxlen: 23
151.236.123.0/24 maxlen: 24
151.236.125.0/24 maxlen: 24
185.31.112.0/24 maxlen: 24
185.31.114.0/24 maxlen: 24
185.31.115.0/24 maxlen: 24
2a02:aec0:1::/48 maxlen: 48
2a02:aec0:2::/48 maxlen: 48
2a02:aec0:3::/48 maxlen: 48
2a02:aec0:5::/48 maxlen: 48
2a02:aec0:6::/48 maxlen: 48
2a02:aec0:7::/48 maxlen: 48
2a02:aec0:8::/48 maxlen: 48
2a02:aec0:9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a2:13:a0:fd:f0:9c:31:bb:e3:a2:9b:6d:6c:25:89:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624c494f56193b4e9adf3db72e4f01978c587f18
Validity
Not Before: Oct 19 00:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5efbd8dc9d614741b0f213cfe611a72d3a244854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:81:8d:a3:b9:1f:29:09:17:56:98:99:c3:f2:
1c:db:19:7a:55:6c:f7:d1:75:2b:e8:a6:db:dd:7c:
ca:4b:3b:69:37:b8:16:cd:f8:6b:ad:de:dc:55:83:
fa:7a:fb:90:bc:6c:05:f4:49:7c:3e:31:14:44:80:
d0:c4:e0:7e:69:13:6d:c1:2e:ce:71:88:22:c0:8d:
91:8f:90:9e:a6:f5:13:26:46:08:c8:46:58:c6:c2:
13:92:1f:f2:fe:14:b5:45:94:91:b0:e7:2d:38:ff:
9c:e6:13:f7:e2:aa:28:9f:cc:cd:4d:7b:6d:17:9c:
ea:29:d9:51:09:63:bf:1c:ba:cd:8d:10:f7:c8:f6:
89:9d:48:8c:eb:f7:03:34:49:64:65:2d:5d:6c:8d:
3a:bd:f6:97:9f:8f:d1:49:07:0b:85:6e:ba:26:34:
a3:b5:4a:bd:19:ec:a3:04:d8:87:42:e8:0b:c8:c0:
46:fb:24:0e:7b:42:47:2e:d3:ab:49:53:6e:85:4f:
66:f6:52:1d:e6:94:cb:3b:78:42:77:e8:84:38:63:
26:b4:26:87:29:fc:38:c5:ff:14:38:8e:b8:b4:ac:
94:3f:40:ba:c2:dd:56:2f:54:74:19:be:2a:eb:ef:
18:a9:48:8f:c3:44:29:08:1f:6c:5e:e6:08:60:4f:
47:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FB:D8:DC:9D:61:47:41:B0:F2:13:CF:E6:11:A7:2D:3A:24:48:54
X509v3 Authority Key Identifier:
keyid:62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/XvvY3J1hR0Gw8hPP5hGnLTokSFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.234.0-91.231.237.255
91.231.239.0/24
91.238.108.0-91.238.110.255
91.240.168.0/22
151.236.64.0/23
151.236.67.0-151.236.68.255
151.236.70.0/24
151.236.72.0-151.236.78.255
151.236.80.0/23
151.236.83.0-151.236.91.255
151.236.94.0-151.236.96.255
151.236.99.0-151.236.100.255
151.236.102.0/24
151.236.106.0/23
151.236.109.0-151.236.111.255
151.236.113.0/24
151.236.122.0/23
151.236.125.0/24
185.31.112.0/24
185.31.114.0/23
IPv6:
2a02:aec0:1::-2a02:aec0:3:ffff:ffff:ffff:ffff:ffff
2a02:aec0:5::-2a02:aec0:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:2b:76:89:96:96:e2:53:70:00:d5:be:14:aa:bd:91:0c:45:
0c:bf:0f:b5:8b:f5:6c:76:42:b2:23:46:8c:07:12:1b:46:b4:
02:4a:76:cb:38:a1:c6:32:cb:be:c2:23:86:78:d9:03:21:70:
7b:01:de:b5:c8:54:0e:8c:bf:7f:b5:97:a4:21:73:76:ce:8d:
04:a9:72:f7:d3:75:5a:85:5d:6c:51:6d:c1:02:ed:38:5b:14:
d8:ff:c8:7a:cd:ef:78:04:82:1a:6f:76:21:51:39:dc:4c:b4:
a7:9e:e4:9a:de:76:39:c7:bf:f9:a4:fe:f4:1a:49:17:c5:04:
09:06:d0:21:52:07:1a:18:b1:62:2c:0a:9b:ea:5e:cd:42:07:
ec:48:b2:3b:77:46:1e:a5:36:16:3d:8e:db:ff:20:83:9e:84:
ab:f9:14:48:44:93:5e:ed:85:0a:0e:80:2f:03:4b:60:11:58:
ac:63:e6:f9:8a:dc:a5:31:77:d2:fb:18:19:8b:50:da:8a:30:
85:32:49:c1:c4:13:92:0e:a5:1f:77:8b:7d:ef:59:9a:f5:c9:
77:c7:99:2f:c5:c0:fc:99:db:28:fc:bb:7e:2c:3b:d9:eb:03:
4b:19:07:33:6c:ef:d1:43:45:79:63:3b:86:0a:6e:c9:37:79:
ec:82:5c:a3
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZKiE6D98Jwxu+Oim21sJYmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGM0OTRmNTYxOTNiNGU5YWRmM2RiNzJlNGYwMTk3OGM1
ODdmMTgwHhcNMjQxMDE5MDAwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZiZDhkYzlkNjE0NzQxYjBmMjEzY2ZlNjExYTcyZDNhMjQ0ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIGNo7kfKQkXVpiZw/Ic2xl6VWz3
0XUr6Kbb3XzKSztpN7gWzfhrrd7cVYP6evuQvGwF9El8PjEURIDQxOB+aRNtwS7O
cYgiwI2Rj5CepvUTJkYIyEZYxsITkh/y/hS1RZSRsOctOP+c5hP34qoon8zNTXtt
F5zqKdlRCWO/HLrNjRD3yPaJnUiM6/cDNElkZS1dbI06vfaXn4/RSQcLhW66JjSj
tUq9GeyjBNiHQugLyMBG+yQOe0JHLtOrSVNuhU9m9lId5pTLO3hCd+iEOGMmtCaH
Kfw4xf8UOI64tKyUP0C6wt1WL1R0Gb4q6+8YqUiPw0QpCB9sXuYIYE9HdwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFF772NydYUdBsPITz+YRpy06JEhUMB8GA1UdIwQY
MBaAFGJMSU9WGTtOmt89ty5PAZeMWH8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2Mt
N2FhYjZlZjk1NWExLzEvWHZ2WTNKMWhSMEd3OGhQUDVoR25MVG9rU0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2MtN2FhYjZlZjk1NWEx
LzEvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwgb8EAgABMIG4MAwD
BAFb5+oDBAFb5+wDBABb5+8wDAMEAlvubAMEAFvubgMEAlvwqAMEAZfsQDAMAwQA
l+xDAwQAl+xEAwQAl+xGMAwDBAOX7EgDBACX7E4DBAGX7FAwDAMEAJfsUwMEApfs
WDAMAwQBl+xeAwQAl+xgMAwDBACX7GMDBACX7GQDBACX7GYDBAGX7GowDAMEAJfs
bQMEBJfsYAMEAJfscQMEAZfsegMEAJfsfQMEALkfcAMEAbkfcjAuBAIAAjAoMBID
BwAqAq7AAAEDBwIqAq7AAAAwEgMHACoCrsAABQMHASoCrsAACDANBgkqhkiG9w0B
AQsFAAOCAQEAlSt2iZaW4lNwANW+FKq9kQxFDL8PtYv1bHZCsiNGjAcSG0a0Akp2
yzihxjLLvsIjhnjZAyFwewHetchUDoy/f7WXpCFzds6NBKly99N1WoVdbFFtwQLt
OFsU2P/Ies3veASCGm92IVE53Ey0p57kmt52Oce/+aT+9BpJF8UECQbQIVIHGhix
YiwKm+pezUIH7EiyO3dGHqU2Fj2O2/8gg56Eq/kUSESTXu2FCg6ALwNLYBFYrGPm
+YrcpTF30vsYGYtQ2oowhTJJwcQTkg6lH3eLfe9ZmvXJd8eZL8XA/JnbKPy7fiw7
2esDSxkHM2zv0UNFeWM7hgpuyTd57IJcow==
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:23 2024 by rpki-client on console.sobornost.net