Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/xf4c83s9BhHDRES5-deoHo90fx8.roa
File: xf4c83s9BhHDRES5-deoHo90fx8.roa (raw, json)
Hash identifier: Nc+I2Laa6OeGUM7r8e6LlLMHSt+btJK/FMAVLnkCxPk=
Subject key identifier: C5:FE:1C:F3:7B:3D:06:11:C3:44:44:B9:F9:D7:A8:1E:8F:74:7F:1F
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 01941F8C75C067542D39EF4D74B0D6B67881
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/xf4c83s9BhHDRES5-deoHo90fx8.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207353
IP address blocks: 77.220.216.0/21 maxlen: 24
185.62.100.0/24 maxlen: 24
2a03:220:f001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:75:c0:67:54:2d:39:ef:4d:74:b0:d6:b6:78:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5fe1cf37b3d0611c34444b9f9d7a81e8f747f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:84:3e:b6:b7:f7:6e:ed:70:a9:e9:08:bc:12:
ba:fe:62:e6:68:4d:b2:27:a1:28:6d:aa:32:6a:26:
1f:68:43:9c:a7:8c:e6:66:62:5b:d3:b1:c9:bd:77:
22:5e:1d:4b:f6:8a:cf:1e:8b:1a:2c:5b:ac:14:e1:
3b:a8:c4:bb:5f:2b:f3:38:38:7c:2e:bd:2c:05:de:
98:0a:5c:6a:39:ae:4b:80:0b:66:c4:1a:f1:5f:04:
4b:13:01:ab:5d:80:02:61:bf:ed:65:f3:f3:14:d3:
2d:6f:57:2b:65:c4:bf:af:77:17:b6:28:03:b8:12:
68:d5:29:76:4c:05:56:ad:13:32:9e:35:d1:ba:d4:
79:d1:48:82:16:97:c4:48:f9:98:9a:69:0f:ac:76:
f8:b0:ca:22:83:12:77:fe:09:2a:e4:be:81:89:6c:
66:8c:0c:d3:c4:87:2f:43:82:90:ca:f1:95:4b:4e:
8e:6f:77:b3:06:c3:58:07:81:92:40:42:05:56:05:
be:e1:03:97:a2:35:14:83:70:6c:ca:af:dc:57:e1:
14:a7:97:f7:aa:3a:b1:f2:be:9d:23:85:c5:99:b8:
d8:93:5c:6f:8d:01:35:eb:41:3f:b5:de:a8:a6:e7:
9c:53:6f:c8:13:2a:77:96:0f:1b:8d:4b:1c:b0:07:
5f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FE:1C:F3:7B:3D:06:11:C3:44:44:B9:F9:D7:A8:1E:8F:74:7F:1F
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/xf4c83s9BhHDRES5-deoHo90fx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.216.0/21
185.62.100.0/24
IPv6:
2a03:220:f001::/48
Signature Algorithm: sha256WithRSAEncryption
0c:12:ec:38:fb:53:cb:a4:e1:05:57:4b:3c:fa:05:ce:4b:56:
1c:84:41:93:7d:3d:56:09:f5:ea:37:36:3b:20:d5:99:a5:5d:
fb:2a:25:bf:cf:a6:a0:68:22:91:cd:b1:5e:aa:b7:fd:28:64:
79:0a:f7:5c:c0:56:4a:b8:35:10:66:69:3c:c0:61:ae:0e:b3:
ad:7e:ab:59:f2:b3:b2:c3:b7:6c:e1:ae:5e:6c:8a:94:e2:da:
07:5c:26:35:e4:95:2a:fd:20:a7:e0:3c:f4:db:29:0b:44:b5:
c6:ea:cc:17:37:54:17:e3:4b:7e:e6:cb:0d:a8:aa:be:5e:d9:
54:fd:0e:2b:31:97:19:4a:25:20:24:48:c4:d8:68:4e:5e:ef:
cd:2f:bb:c1:0b:41:73:6e:55:b1:97:95:50:06:0a:75:93:bb:
9f:a8:6a:a8:bd:7f:8e:ae:13:71:08:28:0b:7b:46:b1:b3:55:
e6:6f:af:e8:fa:72:f0:1b:49:3f:18:cb:32:31:d0:1a:c1:af:
9e:ed:a2:97:4e:26:8f:f9:1b:f3:ae:36:a3:98:b5:a9:be:8b:
7b:7f:15:b8:47:12:42:b5:8a:39:9e:55:87:00:ec:cc:41:cb:
c8:c6:df:a7:9f:3a:35:56:29:7b:af:6c:3d:e1:b9:ad:d1:3f:
10:38:89:a3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQfjHXAZ1QtOe9NdLDWtniBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZlMWNmMzdiM2QwNjExYzM0NDQ0YjlmOWQ3YTgxZThmNzQ3ZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIQ+trf3bu1wqekIvBK6/mLmaE2y
J6EobaoyaiYfaEOcp4zmZmJb07HJvXciXh1L9orPHosaLFusFOE7qMS7XyvzODh8
Lr0sBd6YClxqOa5LgAtmxBrxXwRLEwGrXYACYb/tZfPzFNMtb1crZcS/r3cXtigD
uBJo1Sl2TAVWrRMynjXRutR50UiCFpfESPmYmmkPrHb4sMoigxJ3/gkq5L6BiWxm
jAzTxIcvQ4KQyvGVS06Ob3ezBsNYB4GSQEIFVgW+4QOXojUUg3Bsyq/cV+EUp5f3
qjqx8r6dI4XFmbjYk1xvjQE160E/td6opuecU2/IEyp3lg8bjUscsAdfOQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMX+HPN7PQYRw0REufnXqB6PdH8fMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEveGY0YzgzczlCaEhEUkVTNS1kZW9IbzkwZng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDTdzYAwQA
uT5kMA8EAgACMAkDBwAqAwIg8AEwDQYJKoZIhvcNAQELBQADggEBAAwS7Dj7U8uk
4QVXSzz6Bc5LVhyEQZN9PVYJ9eo3Njsg1ZmlXfsqJb/PpqBoIpHNsV6qt/0oZHkK
91zAVkq4NRBmaTzAYa4Os61+q1nys7LDt2zhrl5sipTi2gdcJjXklSr9IKfgPPTb
KQtEtcbqzBc3VBfjS37myw2oqr5e2VT9DisxlxlKJSAkSMTYaE5e780vu8ELQXNu
VbGXlVAGCnWTu5+oaqi9f46uE3EIKAt7RrGzVeZvr+j6cvAbST8YyzIx0BrBr57t
opdOJo/5G/OuNqOYtam+i3t/FbhHEkK1ijmeVYcA7MxBy8jG36efOjVWKXuvbD3h
ua3RPxA4iaM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:44 2025 by rpki-client on console.sobornost.net