Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/f7d8ba-7df6-44f4-a6fa-fd82f290431c/1/kA2MTomhiX7HXLoPevv0F1LA0oU.roa
File: kA2MTomhiX7HXLoPevv0F1LA0oU.roa (raw, json)
Hash identifier: kGm2YxUWan96m2Z8Sig309VvNnL8i2FN3Ca+Jg8lOKM=
Subject key identifier: 90:0D:8C:4E:89:A1:89:7E:C7:5C:BA:0F:7A:FB:F4:17:52:C0:D2:85
Certificate issuer: /CN=91bbc51e4541cfbb504ff5ef2a396df6a54b5e6d
Certificate serial: 02530A29
Authority key identifier: 91:BB:C5:1E:45:41:CF:BB:50:4F:F5:EF:2A:39:6D:F6:A5:4B:5E:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kbvFHkVBz7tQT_XvKjlt9qVLXm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/f7d8ba-7df6-44f4-a6fa-fd82f290431c/1/kA2MTomhiX7HXLoPevv0F1LA0oU.roa
Signing time: Wed 26 Jan 2022 16:24:20 +0000
ROA not before: Wed 26 Jan 2022 16:24:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.215.1.0/24 maxlen: 24
178.239.254.0/24 maxlen: 24
31.222.97.0/24 maxlen: 24
31.222.101.0/24 maxlen: 24
31.222.100.0/24 maxlen: 24
31.222.112.0/24 maxlen: 24
31.222.110.0/24 maxlen: 24
31.222.109.0/24 maxlen: 24
31.222.117.0/24 maxlen: 24
31.222.115.0/24 maxlen: 24
31.222.114.0/24 maxlen: 24
31.222.125.0/24 maxlen: 24
31.222.124.0/24 maxlen: 24
31.222.123.0/24 maxlen: 24
31.222.121.0/24 maxlen: 24
31.44.144.0/22 maxlen: 22
178.239.240.0/24 maxlen: 24
31.44.152.0/23 maxlen: 23
31.44.151.0/24 maxlen: 24
178.239.250.0/24 maxlen: 24
178.239.249.0/24 maxlen: 24
31.44.159.0/24 maxlen: 24
185.30.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38996521 (0x2530a29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91bbc51e4541cfbb504ff5ef2a396df6a54b5e6d
Validity
Not Before: Jan 26 16:24:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=900d8c4e89a1897ec75cba0f7afbf41752c0d285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e8:46:79:06:e7:a9:5e:eb:e6:14:0a:bd:de:
36:a0:d1:12:fe:b3:c7:73:5a:30:52:29:37:09:d1:
1f:b1:ef:57:91:84:7d:05:a6:ee:47:a9:bc:64:dc:
b2:66:1a:a8:32:64:d1:c0:a0:6b:bc:c6:a7:ae:95:
61:d9:d5:a7:42:cd:3c:3c:ec:a2:af:76:d7:54:10:
93:fa:7f:97:ff:53:ae:1f:67:b2:0f:18:80:30:d7:
42:49:86:b5:de:bb:3a:fb:0a:12:0d:97:f2:8a:ac:
aa:d4:d9:61:e4:42:72:b0:e1:9e:47:39:13:26:af:
f9:80:55:13:24:24:c9:0d:b4:ac:51:0a:5a:88:40:
11:cd:21:6e:89:f4:60:b5:a9:02:a6:7e:97:4b:fd:
a9:b0:38:6c:af:14:69:e7:f6:1c:95:0d:f5:26:09:
15:1c:c1:1e:04:ac:eb:51:d5:b0:f9:c2:5c:46:88:
6b:d5:19:fd:9f:d1:2a:9f:e0:c6:25:98:b3:f0:a5:
bc:f5:a6:58:b0:2a:24:96:8c:e7:48:1e:3b:8e:ca:
d3:c9:15:bf:80:fa:3c:29:e5:51:4f:d8:66:dd:eb:
09:b6:5a:7c:c2:5d:ad:3a:f8:fe:61:58:14:8b:56:
c5:50:4c:df:d9:7e:0f:c4:87:46:a2:ae:09:72:cb:
b7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0D:8C:4E:89:A1:89:7E:C7:5C:BA:0F:7A:FB:F4:17:52:C0:D2:85
X509v3 Authority Key Identifier:
keyid:91:BB:C5:1E:45:41:CF:BB:50:4F:F5:EF:2A:39:6D:F6:A5:4B:5E:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbvFHkVBz7tQT_XvKjlt9qVLXm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f7d8ba-7df6-44f4-a6fa-fd82f290431c/1/kA2MTomhiX7HXLoPevv0F1LA0oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/f7d8ba-7df6-44f4-a6fa-fd82f290431c/1/kbvFHkVBz7tQT_XvKjlt9qVLXm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.144.0/22
31.44.151.0-31.44.153.255
31.44.159.0/24
31.222.97.0/24
31.222.100.0/23
31.222.109.0-31.222.110.255
31.222.112.0/24
31.222.114.0/23
31.222.117.0/24
31.222.121.0/24
31.222.123.0-31.222.125.255
178.239.240.0/24
178.239.249.0-178.239.250.255
178.239.254.0/24
185.30.197.0/24
185.215.1.0/24
Signature Algorithm: sha256WithRSAEncryption
46:74:4d:dc:52:f8:c6:34:76:c3:78:52:aa:3e:59:cd:4a:4c:
60:5f:b5:cb:e4:06:67:65:b7:ef:5f:39:cd:68:62:73:4a:9b:
c6:0d:b2:8b:81:ca:86:21:11:41:e3:80:95:5c:b6:54:5b:3d:
4b:82:a9:a7:13:69:de:77:28:e1:eb:f9:2d:bb:90:ba:c9:1c:
47:66:b8:aa:57:07:5b:80:e2:44:51:f7:b0:3d:19:19:09:71:
09:41:c4:22:12:b5:e9:0b:85:89:d4:b4:0c:11:18:89:7b:28:
76:1a:66:db:02:b9:f2:f5:b6:ca:d8:a5:f4:a1:b7:fa:d2:4c:
88:72:f2:06:b8:92:a0:5e:3c:80:38:b0:36:ef:93:37:94:0e:
5a:07:74:ae:67:c3:97:5b:49:e0:83:21:37:4e:65:83:61:d8:
54:e6:55:49:ae:71:48:a6:7a:a9:84:d9:2d:c7:4c:7f:b5:73:
9c:f2:a3:c6:10:91:6f:71:97:c9:53:53:64:7a:83:0c:a9:3a:
ed:87:6e:c8:1d:72:1e:b9:67:b4:e5:2e:f5:b8:29:a0:a4:5c:
f2:45:89:2e:c6:b8:41:60:e0:69:a5:d5:fb:83:3e:16:48:1b:
81:90:df:1f:fa:a4:84:6d:93:a4:7f:31:0b:58:a1:c9:b3:3a:
82:4d:7e:24
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIEAlMKKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWJiYzUxZTQ1NDFjZmJiNTA0ZmY1ZWYyYTM5NmRmNmE1NGI1ZTZkMB4XDTIyMDEy
NjE2MjQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAwZDhjNGU4OWEx
ODk3ZWM3NWNiYTBmN2FmYmY0MTc1MmMwZDI4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJroRnkG56le6+YUCr3eNqDREv6zx3NaMFIpNwnRH7HvV5GE
fQWm7kepvGTcsmYaqDJk0cCga7zGp66VYdnVp0LNPDzsoq9211QQk/p/l/9Trh9n
sg8YgDDXQkmGtd67OvsKEg2X8oqsqtTZYeRCcrDhnkc5Eyav+YBVEyQkyQ20rFEK
WohAEc0hbon0YLWpAqZ+l0v9qbA4bK8Uaef2HJUN9SYJFRzBHgSs61HVsPnCXEaI
a9UZ/Z/RKp/gxiWYs/ClvPWmWLAqJJaM50geO47K08kVv4D6PCnlUU/YZt3rCbZa
fMJdrTr4/mFYFItWxVBM39l+D8SHRqKuCXLLt/8CAwEAAaOCAogwggKEMB0GA1Ud
DgQWBBSQDYxOiaGJfsdcug96+/QXUsDShTAfBgNVHSMEGDAWgBSRu8UeRUHPu1BP
9e8qOW32pUtebTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tidkZIa1ZCejd0UVRfWHZLamx0OXFWTFhtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvZjdkOGJhLTdkZjYtNDRmNC1hNmZhLWZkODJmMjkwNDMxYy8x
L2tBMk1Ub21oaVg3SFhMb1BldnYwRjFMQTBvVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
ZjdkOGJhLTdkZjYtNDRmNC1hNmZhLWZkODJmMjkwNDMxYy8xL2tidkZIa1ZCejd0
UVRfWHZLamx0OXFWTFhtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAAwQCHyyQMAwDBAAfLJcDBAEf
LJgDBAAfLJ8DBAAf3mEDBAEf3mQwDAMEAB/ebQMEAB/ebgMEAB/ecAMEAR/ecgME
AB/edQMEAB/eeTAMAwQAH957AwQBH958AwQAsu/wMAwDBACy7/kDBACy7/oDBACy
7/4DBAC5HsUDBAC51wEwDQYJKoZIhvcNAQELBQADggEBAEZ0TdxS+MY0dsN4Uqo+
Wc1KTGBftcvkBmdlt+9fOc1oYnNKm8YNsouByoYhEUHjgJVctlRbPUuCqacTad53
KOHr+S27kLrJHEdmuKpXB1uA4kRR97A9GRkJcQlBxCIStekLhYnUtAwRGIl7KHYa
ZtsCufL1tsrYpfSht/rSTIhy8ga4kqBePIA4sDbvkzeUDloHdK5nw5dbSeCDITdO
ZYNh2FTmVUmucUimeqmE2S3HTH+1c5zyo8YQkW9xl8lTU2R6gwypOu2Hbsgdch65
Z7TlLvW4KaCkXPJFiS7GuEFg4Gml1fuDPhZIG4GQ3x/6pIRtk6R/MQtYocmzOoJN
fiQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:04 2023 by rpki-client on console.sobornost.net