Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ab0df1-df4c-4872-98c5-864fe3bbdefd/1/XTu5vjEexW769xTu81kG0hu1WhA.roa
File: XTu5vjEexW769xTu81kG0hu1WhA.roa (raw, json)
Hash identifier: Ne41d2x1Hfl8GjUz/n/mltRHcHp7ZxByOWAV8Ao4X7o=
Subject key identifier: 5D:3B:B9:BE:31:1E:C5:6E:FA:F7:14:EE:F3:59:06:D2:1B:B5:5A:10
Certificate issuer: /CN=9acb289959a2ec4f8a2841915442ccbd34424938
Certificate serial: 0195EAD4CDF33F52DEAA74FD3390A510F6A5
Authority key identifier: 9A:CB:28:99:59:A2:EC:4F:8A:28:41:91:54:42:CC:BD:34:42:49:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mssomVmi7E-KKEGRVELMvTRCSTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ab0df1-df4c-4872-98c5-864fe3bbdefd/1/XTu5vjEexW769xTu81kG0hu1WhA.roa
Signing time: Mon 31 Mar 2025 06:12:49 +0000
ROA not before: Mon 31 Mar 2025 06:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 786
IP address blocks: 148.88.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ea:d4:cd:f3:3f:52:de:aa:74:fd:33:90:a5:10:f6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9acb289959a2ec4f8a2841915442ccbd34424938
Validity
Not Before: Mar 31 06:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d3bb9be311ec56efaf714eef35906d21bb55a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:98:3f:39:91:ec:1e:84:b3:ea:dc:43:85:1d:
6f:c0:d9:17:62:e1:27:44:4b:e8:0a:b3:7a:55:fd:
ef:b2:56:9a:26:2e:67:fd:c4:ad:15:88:c2:2a:1a:
b0:95:f9:e4:dd:20:b4:27:5a:e0:a2:7d:d8:44:0c:
96:05:dc:8a:b3:43:54:ea:8b:0c:89:ff:5e:14:04:
b5:6b:6b:34:8a:df:ba:84:55:85:b3:b0:96:9c:98:
29:1c:20:52:c2:9e:71:96:9b:f1:b0:ee:1c:44:62:
1f:6e:1e:b7:29:37:d5:34:22:a9:2c:d2:50:84:c5:
93:59:99:d6:00:df:96:75:94:45:c9:6e:38:e9:b8:
f5:8f:2f:64:64:14:75:97:93:a2:6c:c5:e3:53:63:
34:0e:42:60:46:4a:9d:7a:83:5a:5f:ec:22:ba:f5:
3b:3b:42:1e:df:52:69:68:68:87:02:16:06:d3:4b:
aa:c4:b5:a3:11:ae:4c:0d:51:42:39:6c:63:b7:bd:
2e:dc:67:db:bf:56:f8:40:67:43:ff:61:af:e5:87:
e4:04:96:9d:e6:d5:d3:09:c0:ba:ea:b1:23:c7:b9:
30:11:27:2c:4d:e2:68:b1:8b:5a:b1:2e:0a:94:ff:
0c:03:5a:dd:54:a4:7d:96:b5:3d:a1:d8:a2:d4:a8:
5e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3B:B9:BE:31:1E:C5:6E:FA:F7:14:EE:F3:59:06:D2:1B:B5:5A:10
X509v3 Authority Key Identifier:
keyid:9A:CB:28:99:59:A2:EC:4F:8A:28:41:91:54:42:CC:BD:34:42:49:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mssomVmi7E-KKEGRVELMvTRCSTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ab0df1-df4c-4872-98c5-864fe3bbdefd/1/XTu5vjEexW769xTu81kG0hu1WhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ab0df1-df4c-4872-98c5-864fe3bbdefd/1/mssomVmi7E-KKEGRVELMvTRCSTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:89:76:98:65:d2:86:fd:80:e1:f8:52:a0:8a:35:2e:cc:77:
4d:60:e1:17:0c:ca:9d:6d:71:e7:a1:e2:d7:c0:0a:c7:c8:7f:
ee:f5:6e:3a:d9:8c:9f:5b:68:f4:33:7d:73:25:54:a8:27:49:
9b:69:44:c8:77:75:a5:4a:5a:7a:88:89:18:b4:06:7d:19:4a:
ed:8b:ba:99:28:b5:93:92:2c:22:e4:e6:48:da:3c:14:da:97:
23:c6:08:72:58:27:e5:6d:8f:28:f9:bc:41:29:e5:b4:3d:e3:
3d:d4:26:9c:ee:3d:95:6a:32:b4:cf:7a:d5:65:23:79:29:ab:
b5:35:9d:1e:79:1c:bf:d4:35:e6:34:ec:9e:e8:e6:0d:c0:cf:
36:d5:42:d5:be:26:69:b8:80:c5:bd:ec:f5:05:fd:50:55:c0:
86:54:4d:2c:0a:65:6c:69:89:7f:98:13:5d:09:c6:fa:fa:ff:
af:6b:dd:9b:7e:fc:a6:57:78:79:45:b1:0f:8d:40:4c:48:23:
31:60:ac:b0:be:58:6c:88:82:de:8e:fe:e8:57:5e:ab:83:fa:
94:fe:c1:3f:38:bc:91:54:ea:39:10:ee:8f:78:35:0a:29:59:
19:19:94:f6:50:a6:51:44:c3:34:f6:4b:28:9b:93:f7:66:3b:
06:5d:48:ed
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZXq1M3zP1LeqnT9M5ClEPalMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhY2IyODk5NTlhMmVjNGY4YTI4NDE5MTU0NDJjY2JkMzQ0
MjQ5MzgwHhcNMjUwMzMxMDYxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNiYjliZTMxMWVjNTZlZmFmNzE0ZWVmMzU5MDZkMjFiYjU1YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45g/OZHsHoSz6txDhR1vwNkXYuEn
REvoCrN6Vf3vslaaJi5n/cStFYjCKhqwlfnk3SC0J1rgon3YRAyWBdyKs0NU6osM
if9eFAS1a2s0it+6hFWFs7CWnJgpHCBSwp5xlpvxsO4cRGIfbh63KTfVNCKpLNJQ
hMWTWZnWAN+WdZRFyW446bj1jy9kZBR1l5OibMXjU2M0DkJgRkqdeoNaX+wiuvU7
O0Ie31JpaGiHAhYG00uqxLWjEa5MDVFCOWxjt70u3Gfbv1b4QGdD/2Gv5YfkBJad
5tXTCcC66rEjx7kwEScsTeJosYtasS4KlP8MA1rdVKR9lrU9odii1KhejwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFF07ub4xHsVu+vcU7vNZBtIbtVoQMB8GA1UdIwQY
MBaAFJrLKJlZouxPiihBkVRCzL00Qkk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXNzb21WbWk3RS1LS0VHUlZFTE12VFJDU1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hYjBkZjEtZGY0Yy00ODcyLTk4YzUt
ODY0ZmUzYmJkZWZkLzEvWFR1NXZqRWV4Vzc2OXhUdTgxa0cwaHUxV2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hYjBkZjEtZGY0Yy00ODcyLTk4YzUtODY0ZmUzYmJkZWZk
LzEvbXNzb21WbWk3RS1LS0VHUlZFTE12VFJDU1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAlFgwDQYJ
KoZIhvcNAQELBQADggEBAFWJdphl0ob9gOH4UqCKNS7Md01g4RcMyp1tceeh4tfA
CsfIf+71bjrZjJ9baPQzfXMlVKgnSZtpRMh3daVKWnqIiRi0Bn0ZSu2LupkotZOS
LCLk5kjaPBTalyPGCHJYJ+Vtjyj5vEEp5bQ94z3UJpzuPZVqMrTPetVlI3kpq7U1
nR55HL/UNeY07J7o5g3AzzbVQtW+Jmm4gMW97PUF/VBVwIZUTSwKZWxpiX+YE10J
xvr6/69r3Zt+/KZXeHlFsQ+NQExIIzFgrLC+WGyIgt6O/uhXXquD+pT+wT84vJFU
6jkQ7o94NQopWRkZlPZQplFEwzT2Syibk/dmOwZdSO0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:48 2025 by rpki-client on console.sobornost.net