Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/lQlGRFU7YloqaH68phMkLsHgSlI.roa
File: lQlGRFU7YloqaH68phMkLsHgSlI.roa (raw, json)
Hash identifier: Q3tQJFNyTShUGpAv0OjKZ0ZLq9HmRIF8TS6Rt3KwqZY=
Subject key identifier: 95:09:46:44:55:3B:62:5A:2A:68:7E:BC:A6:13:24:2E:C1:E0:4A:52
Certificate issuer: /CN=ded353e2f5d318c348772a8ff105aa70719e4135
Certificate serial: 019377B153304526D554831F7F294F7E8967
Authority key identifier: DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/lQlGRFU7YloqaH68phMkLsHgSlI.roa
Signing time: Fri 29 Nov 2024 11:32:10 +0000
ROA not before: Fri 29 Nov 2024 11:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25627
IP address blocks: 79.170.64.0/22 maxlen: 22
79.170.64.0/23 maxlen: 23
79.170.65.0/24 maxlen: 24
79.170.66.0/23 maxlen: 23
79.170.68.0/22 maxlen: 22
79.170.68.0/23 maxlen: 23
79.170.70.0/23 maxlen: 23
79.170.70.0/24 maxlen: 24
79.170.71.0/24 maxlen: 24
87.237.80.0/23 maxlen: 23
87.237.80.0/24 maxlen: 24
87.237.81.0/24 maxlen: 24
87.237.82.0/23 maxlen: 23
87.237.82.0/24 maxlen: 24
87.237.83.0/24 maxlen: 24
87.237.84.0/22 maxlen: 22
87.237.84.0/24 maxlen: 24
87.237.86.0/24 maxlen: 24
87.237.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:b1:53:30:45:26:d5:54:83:1f:7f:29:4f:7e:89:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded353e2f5d318c348772a8ff105aa70719e4135
Validity
Not Before: Nov 29 11:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95094644553b625a2a687ebca613242ec1e04a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:4a:8e:f1:0d:fa:35:6f:ce:aa:38:f3:90:
ae:cc:d0:f0:40:c3:66:88:4d:39:ab:05:1c:47:90:
13:6f:c6:e6:5f:df:37:64:b5:cd:51:ce:82:ee:eb:
0a:65:8e:85:59:2b:77:ab:51:04:b9:d4:f8:f3:8e:
47:ca:c3:b2:88:a7:4d:fb:c6:0f:e4:ce:57:85:c2:
f2:20:90:06:52:0f:05:1d:19:73:c7:13:e9:9b:4f:
76:78:6f:c1:6c:f6:9a:e2:ea:b2:1d:d3:55:38:00:
4e:00:cc:fc:fe:96:79:b6:a6:b0:5d:e5:a0:81:fa:
de:75:e7:65:cb:ce:a5:76:a0:e7:56:56:d1:de:20:
de:3f:ed:a4:4e:1d:67:bb:af:af:a9:6d:94:a5:e0:
d7:d8:ac:df:60:3c:3d:02:45:5c:75:4a:54:31:f5:
33:67:36:d3:ac:62:98:ff:ea:54:ea:36:39:81:dd:
8b:fa:c0:9d:04:4e:c6:bf:e0:d4:e2:e1:cf:4c:aa:
99:e3:1e:bd:5f:35:ba:0b:38:7a:33:58:33:bc:49:
a8:4a:bd:7b:80:29:7d:b0:f0:c0:2d:1d:a5:bb:d8:
14:93:b8:09:26:9b:b2:54:71:ce:94:e6:03:d1:5a:
b2:32:45:09:4e:e1:f9:47:57:e2:3f:80:4a:1e:40:
f9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:09:46:44:55:3B:62:5A:2A:68:7E:BC:A6:13:24:2E:C1:E0:4A:52
X509v3 Authority Key Identifier:
keyid:DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/lQlGRFU7YloqaH68phMkLsHgSlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/3tNT4vXTGMNIdyqP8QWqcHGeQTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.64.0/21
87.237.80.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:10:44:d6:1f:0e:24:d4:ea:7e:1f:f5:d0:fc:94:56:09:93:
b3:5d:c0:42:14:4a:dc:ca:80:0a:eb:d4:3c:fc:76:29:04:9d:
8f:f2:dc:0f:34:6c:13:16:84:96:b6:f7:29:1b:c0:67:81:b9:
63:8a:d0:fc:26:09:f3:ca:ca:f6:94:2e:ed:26:8a:dd:f9:ba:
9a:cb:b9:cb:26:b7:a0:ad:61:69:09:66:96:2e:fd:61:84:3b:
1b:cb:46:e3:6f:50:67:83:4b:28:5a:33:c4:79:c6:92:94:db:
e2:bd:3c:86:00:10:eb:57:56:42:5b:b8:63:2a:89:43:29:62:
58:16:42:0a:b1:e1:f5:23:71:61:0b:27:b9:20:ff:12:e6:e6:
ef:5a:b9:64:d8:6b:b5:ce:ac:45:c6:15:f2:6f:bd:c4:d1:1c:
e7:d5:6f:a4:46:0f:d0:2d:09:89:22:e8:2b:ac:fc:0c:56:4f:
07:d6:18:d3:e7:e5:8c:7b:b0:50:f9:22:a2:59:a6:ce:1c:24:
12:fa:cf:2c:e3:09:39:09:0e:fa:cd:ce:a6:a3:ea:38:df:3e:
f3:98:83:8a:08:e9:e1:f1:0a:51:f4:3d:f3:d8:55:49:61:4e:
cf:09:65:8c:b2:24:7f:ff:86:eb:e7:11:15:60:49:2a:93:4f:
f4:b4:e8:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZN3sVMwRSbVVIMffylPfolnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDM1M2UyZjVkMzE4YzM0ODc3MmE4ZmYxMDVhYTcwNzE5
ZTQxMzUwHhcNMjQxMTI5MTEzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTA5NDY0NDU1M2I2MjVhMmE2ODdlYmNhNjEzMjQyZWMxZTA0YTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZRKjvEN+jVvzqo485CuzNDwQMNm
iE05qwUcR5ATb8bmX983ZLXNUc6C7usKZY6FWSt3q1EEudT4845HysOyiKdN+8YP
5M5XhcLyIJAGUg8FHRlzxxPpm092eG/BbPaa4uqyHdNVOABOAMz8/pZ5tqawXeWg
gfrededly86ldqDnVlbR3iDeP+2kTh1nu6+vqW2UpeDX2KzfYDw9AkVcdUpUMfUz
ZzbTrGKY/+pU6jY5gd2L+sCdBE7Gv+DU4uHPTKqZ4x69XzW6Czh6M1gzvEmoSr17
gCl9sPDALR2lu9gUk7gJJpuyVHHOlOYD0VqyMkUJTuH5R1fiP4BKHkD5EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUJRkRVO2JaKmh+vKYTJC7B4EpSMB8GA1UdIwQY
MBaAFN7TU+L10xjDSHcqj/EFqnBxnkE1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgt
NGU4NWRhYmQ2NDc0LzEvbFFsR1JGVTdZbG9xYUg2OHBoTWtMc0hnU2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jYmFjY2UtZWZiZi00ZjMyLThkODgtNGU4NWRhYmQ2NDc0
LzEvM3ROVDR2WFRHTU5JZHlxUDhRV3FjSEdlUVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDT6pAAwQD
V+1QMA0GCSqGSIb3DQEBCwUAA4IBAQBcEETWHw4k1Op+H/XQ/JRWCZOzXcBCFErc
yoAK69Q8/HYpBJ2P8twPNGwTFoSWtvcpG8BngbljitD8Jgnzysr2lC7tJord+bqa
y7nLJregrWFpCWaWLv1hhDsby0bjb1Bng0soWjPEecaSlNvivTyGABDrV1ZCW7hj
KolDKWJYFkIKseH1I3FhCye5IP8S5ubvWrlk2Gu1zqxFxhXyb73E0Rzn1W+kRg/Q
LQmJIugrrPwMVk8H1hjT5+WMe7BQ+SKiWabOHCQS+s8s4wk5CQ76zc6mo+o43z7z
mIOKCOnh8QpR9D3z2FVJYU7PCWWMsiR//4br5xEVYEkqk0/0tOi9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:25 2025 by rpki-client