Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/NHAzAZ5RPzBQmiQrwlooBTke68A.roa
File: NHAzAZ5RPzBQmiQrwlooBTke68A.roa (raw, json)
Hash identifier: ueGqVwdqlZ5blEp67qo7FpLkVjNJPWI3GBUG4Kontsc=
Subject key identifier: 34:70:33:01:9E:51:3F:30:50:9A:24:2B:C2:5A:28:05:39:1E:EB:C0
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 019325912705190176246AE522DBDEDBDE34
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/NHAzAZ5RPzBQmiQrwlooBTke68A.roa
Signing time: Wed 13 Nov 2024 12:48:09 +0000
ROA not before: Wed 13 Nov 2024 12:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.64.0/24 maxlen: 24
217.76.65.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:27::/48 maxlen: 48
2a03:32c0:28::/48 maxlen: 48
2a03:32c0:29::/48 maxlen: 48
2a03:32c0:2a::/48 maxlen: 48
2a03:32c0:2b::/48 maxlen: 48
2a03:32c0:2c::/48 maxlen: 48
2a03:32c0:2d::/48 maxlen: 48
2a03:32c0:2e::/48 maxlen: 48
2a03:32c0:2f::/48 maxlen: 48
2a03:32c0:30::/48 maxlen: 48
2a03:32c0:31::/48 maxlen: 48
2a03:32c0:32::/48 maxlen: 48
2a03:32c0:33::/48 maxlen: 48
2a03:32c0:300a::/48 maxlen: 48
2a03:32c0:300b::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
2a03:32c0:3011::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:91:27:05:19:01:76:24:6a:e5:22:db:de:db:de:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Nov 13 12:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=347033019e513f30509a242bc25a2805391eebc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5a:e7:4e:cb:cc:a5:77:cb:53:d6:f8:9b:a5:
c7:b9:9a:87:89:07:4f:c4:f3:b7:83:99:ac:71:cf:
c2:9b:c0:a2:fd:4e:b3:29:24:96:4e:06:ec:25:39:
1b:a8:10:1d:f8:76:22:5d:41:d4:15:39:87:a6:81:
1f:1f:65:d4:f2:d2:4d:a6:53:16:1f:e0:77:16:c8:
4e:a2:6d:7b:ca:cb:0d:85:be:98:02:5b:c5:f9:77:
90:7c:dd:10:4e:05:34:e8:48:b9:2f:57:42:5a:cb:
db:90:b0:38:c5:4b:21:79:23:c5:1c:63:37:d3:c1:
4b:9d:f4:bf:26:50:47:50:cf:59:09:e0:27:0c:eb:
31:d4:89:b5:e7:a7:eb:20:61:4f:0a:ad:93:27:1a:
db:20:cd:9d:53:9f:92:67:5c:1c:85:8f:68:47:5a:
79:75:9a:55:af:27:d4:ff:3a:3d:76:85:99:a1:6f:
f7:f8:8d:fd:d7:63:e8:d3:6f:64:83:0e:ba:3b:7b:
4a:44:34:a1:2e:af:d6:4b:82:cb:e5:53:10:9f:f8:
16:ac:af:66:c5:66:ef:e4:84:f1:2d:7e:3a:98:9d:
7b:2e:76:b2:f3:f0:1f:30:3c:e9:e4:0c:b3:4f:96:
43:e8:74:f7:2a:f7:63:5a:57:4c:b4:bd:66:89:d0:
b7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:70:33:01:9E:51:3F:30:50:9A:24:2B:C2:5A:28:05:39:1E:EB:C0
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/NHAzAZ5RPzBQmiQrwlooBTke68A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.64.0/23
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:27::-2a03:32c0:33:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300a::/47
2a03:32c0:300e::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
25:23:3a:ef:72:da:12:28:da:74:61:07:40:27:12:49:fe:a5:
19:cb:83:d0:32:f6:aa:19:0b:1f:7c:24:0d:ca:e5:05:34:ae:
66:55:ec:91:4d:84:2f:ab:f8:e6:9a:36:1e:d2:94:71:65:5f:
41:c2:be:da:3b:4d:d5:7e:41:bc:60:0c:0e:8a:42:16:4c:00:
95:81:3f:e5:6d:07:58:72:80:3e:32:52:41:56:95:2e:f5:41:
55:6a:90:23:81:bd:a1:29:05:ea:a4:ee:42:02:18:c4:ad:a6:
b6:e7:67:62:a6:46:d7:00:ac:c7:0d:a7:0b:5d:5d:94:f6:76:
8c:8b:9b:a1:49:94:fc:a8:c6:30:a5:22:b1:bd:40:d7:e5:77:
8c:39:5c:88:31:dd:2a:5c:58:e0:72:75:93:83:0e:50:83:2d:
6c:ae:ac:f9:3c:4b:e7:e2:b3:de:26:19:f6:b2:3d:a6:69:7c:
13:d3:4f:de:b7:97:20:1a:06:0f:33:ac:41:44:c2:43:e0:a6:
b0:d8:e0:2d:0c:b5:18:e4:3b:9b:40:1a:5d:42:f5:72:18:35:
00:40:d8:f4:0d:83:2a:89:d7:74:32:49:85:37:7e:8b:cc:33:
15:bd:36:f0:db:02:40:df:86:52:1e:f7:68:ef:aa:e3:87:d7:
82:9f:61:f0
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZMlkScFGQF2JGrlItve2940MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQxMTEzMTI0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDcwMzMwMTllNTEzZjMwNTA5YTI0MmJjMjVhMjgwNTM5MWVlYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1rnTsvMpXfLU9b4m6XHuZqHiQdP
xPO3g5mscc/Cm8Ci/U6zKSSWTgbsJTkbqBAd+HYiXUHUFTmHpoEfH2XU8tJNplMW
H+B3FshOom17yssNhb6YAlvF+XeQfN0QTgU06Ei5L1dCWsvbkLA4xUsheSPFHGM3
08FLnfS/JlBHUM9ZCeAnDOsx1Im156frIGFPCq2TJxrbIM2dU5+SZ1wchY9oR1p5
dZpVryfU/zo9doWZoW/3+I3912Po029kgw66O3tKRDShLq/WS4LL5VMQn/gWrK9m
xWbv5ITxLX46mJ17Lnay8/AfMDzp5AyzT5ZD6HT3KvdjWldMtL1midC3WwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFDRwMwGeUT8wUJokK8JaKAU5HuvAMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvTkhBekFaNVJQekJRbWlRcndsb29CVGtlNjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTA6BAIAATA0AwQFVXVg
AwQCuTlIAwQB2UxAAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBf
BAIAAjBZMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGDAS
AwcAKgMywAAnAwcCKgMywAAwAwcBKgMywDAKMBIDBwEqAzLAMA4DBwEqAzLAMBAw
DQYJKoZIhvcNAQELBQADggEBACUjOu9y2hIo2nRhB0AnEkn+pRnLg9Ay9qoZCx98
JA3K5QU0rmZV7JFNhC+r+OaaNh7SlHFlX0HCvto7TdV+QbxgDA6KQhZMAJWBP+Vt
B1hygD4yUkFWlS71QVVqkCOBvaEpBeqk7kICGMStprbnZ2KmRtcArMcNpwtdXZT2
doyLm6FJlPyoxjClIrG9QNfld4w5XIgx3SpcWOBydZODDlCDLWyurPk8S+fis94m
GfayPaZpfBPTT963lyAaBg8zrEFEwkPgprDY4C0MtRjkO5tAGl1C9XIYNQBA2PQN
gyqJ13QySYU3fovMMxW9NvDbAkDfhlIe92jvquOH14KfYfA=
-----END CERTIFICATE-----
Generated at Thu Nov 14 14:11:26 2024 by rpki-client on console.sobornost.net