Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkyRTi83DrHF6W0GS43BmD-TiuE.roa
File: XkyRTi83DrHF6W0GS43BmD-TiuE.roa (raw, json)
Hash identifier: /3vDH+EU57Ijtwd/m0ZEYJQybxBHrhK4Fu38BBZHM3k=
Subject key identifier: 5E:4C:91:4E:2F:37:0E:B1:C5:E9:6D:06:4B:8D:C1:98:3F:93:8A:E1
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 0195715438EBB9BCED01CBD4BE242F05DB65
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkyRTi83DrHF6W0GS43BmD-TiuE.roa
Signing time: Fri 07 Mar 2025 15:58:19 +0000
ROA not before: Fri 07 Mar 2025 15:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4455
IP address blocks: 31.217.128.0/19 maxlen: 24
31.217.128.0/24 maxlen: 24
31.217.129.0/24 maxlen: 24
31.217.130.0/24 maxlen: 24
46.18.168.0/21 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
89.30.58.0/24 maxlen: 24
89.30.68.0/22 maxlen: 24
91.196.184.0/22 maxlen: 24
185.55.16.0/22 maxlen: 24
185.143.244.0/22 maxlen: 22
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
2a02:27f0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:71:54:38:eb:b9:bc:ed:01:cb:d4:be:24:2f:05:db:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Mar 7 15:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e4c914e2f370eb1c5e96d064b8dc1983f938ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cb:69:53:4d:c3:0e:d6:a4:14:4d:d3:b5:80:
f0:4f:16:94:8b:57:81:00:b4:13:b8:58:f5:c7:35:
aa:a8:98:a8:da:cc:e9:d6:c5:ee:79:dd:d7:c1:cb:
ce:00:6a:94:b2:f5:15:74:c4:b7:31:f3:28:b0:66:
f6:0d:6b:a2:aa:90:2b:10:6d:68:4c:03:b1:e2:b8:
cb:3a:4a:f4:d2:1a:61:44:4d:cb:d4:07:df:12:b8:
3d:89:30:99:8e:27:7b:83:d7:24:b0:f3:4c:3a:be:
ba:29:dc:d7:37:70:b4:c2:5a:f8:db:2a:06:19:17:
e7:8a:11:54:1e:f4:68:fc:d4:d3:ca:39:11:4e:2e:
d9:38:12:84:42:10:62:6d:e0:70:7c:b0:64:11:40:
1a:09:c5:9f:44:1e:06:a3:e0:4a:ea:e5:6e:2d:bd:
e7:ab:52:9e:98:d1:e5:ad:e5:06:c3:9a:b1:47:7f:
df:32:5b:26:65:39:8a:07:02:c2:15:40:95:97:f6:
95:11:6e:1f:c6:17:15:4d:92:96:9d:10:9d:32:60:
96:e0:34:21:50:77:b9:b8:d7:dc:4e:ff:38:65:07:
61:c3:79:19:32:2a:5f:34:80:b3:6f:7b:c4:9c:d0:
3a:64:87:49:fb:e2:8e:4f:5c:61:44:06:75:4d:75:
16:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4C:91:4E:2F:37:0E:B1:C5:E9:6D:06:4B:8D:C1:98:3F:93:8A:E1
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkyRTi83DrHF6W0GS43BmD-TiuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.128.0/19
46.18.168.0/21
83.243.16.0/21
89.30.0.0/17
91.196.184.0/22
185.55.16.0/22
185.143.244.0/22
194.126.217.0/24
IPv6:
2a01:8200::/32
2a02:27f0::/32
Signature Algorithm: sha256WithRSAEncryption
10:1b:ab:b2:ce:f7:82:5e:f2:cb:07:43:9a:a7:fd:27:0d:2e:
a5:46:86:ea:60:c6:46:ce:4d:d7:3a:5a:09:c8:81:f5:d6:57:
33:0e:1b:74:d5:66:86:69:2d:0b:55:0c:c5:c5:64:5c:7c:67:
2c:35:73:10:99:b5:dd:bd:c2:e4:dd:d2:64:cf:31:fe:17:7e:
fb:66:2b:fe:96:5e:95:c3:21:26:23:64:b2:7a:0c:0c:45:fd:
51:f3:b9:b2:d8:8f:94:41:42:f2:d5:b9:64:9f:29:d5:13:53:
49:9b:ef:a0:a4:8e:17:a1:64:81:ff:f1:82:82:61:6b:c9:31:
57:47:a1:2e:cf:eb:3f:15:0e:0a:4f:e6:46:2e:f8:9c:03:b3:
74:b8:8a:34:1c:94:45:63:d7:ba:7f:38:2c:df:a0:f1:25:ee:
38:59:0e:db:c5:03:61:6e:02:e1:8a:35:cd:3f:40:6a:6f:b1:
42:9c:bd:a2:f1:8b:06:82:8f:7e:dd:a3:e6:ec:fa:e7:f6:f9:
cb:b2:99:10:32:74:5b:94:4c:11:94:b0:00:1a:a4:c2:e8:69:
0a:da:34:56:b7:ea:62:95:4d:81:1d:64:a2:d0:f6:ae:3e:ca:
06:b2:d5:2d:fb:4d:cf:3d:53:16:a9:0f:ab:98:59:bd:b0:07:
72:3b:08:de
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZVxVDjrubztAcvUviQvBdtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjUwMzA3MTU1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRjOTE0ZTJmMzcwZWIxYzVlOTZkMDY0YjhkYzE5ODNmOTM4YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMtpU03DDtakFE3TtYDwTxaUi1eB
ALQTuFj1xzWqqJio2szp1sXued3XwcvOAGqUsvUVdMS3MfMosGb2DWuiqpArEG1o
TAOx4rjLOkr00hphRE3L1AffErg9iTCZjid7g9cksPNMOr66KdzXN3C0wlr42yoG
GRfnihFUHvRo/NTTyjkRTi7ZOBKEQhBibeBwfLBkEUAaCcWfRB4Go+BK6uVuLb3n
q1KemNHlreUGw5qxR3/fMlsmZTmKBwLCFUCVl/aVEW4fxhcVTZKWnRCdMmCW4DQh
UHe5uNfcTv84ZQdhw3kZMipfNICzb3vEnNA6ZIdJ++KOT1xhRAZ1TXUWIwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFF5MkU4vNw6xxeltBkuNwZg/k4rhMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvWGt5UlRpODNEckhGNlcwR1M0M0JtRC1UaXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQFH9mAAwQD
LhKoAwQDU/MQAwQHWR4AAwQCW8S4AwQCuTcQAwQCuY/0AwQAwn7ZMBQEAgACMA4D
BQAqAYIAAwUAKgIn8DANBgkqhkiG9w0BAQsFAAOCAQEAEBurss73gl7yywdDmqf9
Jw0upUaG6mDGRs5N1zpaCciB9dZXMw4bdNVmhmktC1UMxcVkXHxnLDVzEJm13b3C
5N3SZM8x/hd++2Yr/pZelcMhJiNksnoMDEX9UfO5stiPlEFC8tW5ZJ8p1RNTSZvv
oKSOF6Fkgf/xgoJha8kxV0ehLs/rPxUOCk/mRi74nAOzdLiKNByURWPXun84LN+g
8SXuOFkO28UDYW4C4Yo1zT9Aam+xQpy9ovGLBoKPft2j5uz65/b5y7KZEDJ0W5RM
EZSwABqkwuhpCto0VrfqYpVNgR1kotD2rj7KBrLVLftNzz1TFqkPq5hZvbAHcjsI
3g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net