Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/xeu-hzKDc-eVglHB1miGTXbF6zQ.roa
File: xeu-hzKDc-eVglHB1miGTXbF6zQ.roa (raw, json)
Hash identifier: 7N/3XZ9fPFor9GoNoZEe3bW+7pgd2BnLOdmvwn7ql7o=
Subject key identifier: C5:EB:BE:87:32:83:73:E7:95:82:51:C1:D6:68:86:4D:76:C5:EB:34
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01961AD4BE04DE658B6EE44C5FF2F35ACE12
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/xeu-hzKDc-eVglHB1miGTXbF6zQ.roa
Signing time: Wed 09 Apr 2025 13:54:31 +0000
ROA not before: Wed 09 Apr 2025 13:54:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 188.209.128.0/24 maxlen: 24
188.209.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:d4:be:04:de:65:8b:6e:e4:4c:5f:f2:f3:5a:ce:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Apr 9 13:54:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5ebbe87328373e7958251c1d668864d76c5eb34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a5:54:2f:34:00:60:3c:c0:97:26:aa:12:6a:
47:76:5a:22:67:77:ed:1d:49:25:3a:7a:98:34:6b:
0d:ac:88:1f:b0:a6:f7:f1:04:70:23:a6:65:8b:34:
21:39:86:2a:26:b4:58:6a:44:be:b2:22:2b:1f:d8:
b1:b5:f8:0d:e4:02:de:22:b8:33:12:67:1f:d5:c2:
35:40:a7:0c:d4:93:36:d1:4c:e8:f4:4c:77:4e:f6:
68:59:c6:23:2d:29:f4:1d:e0:f1:63:10:da:98:d6:
7e:f8:1a:83:95:28:c9:9d:02:1a:9b:81:5e:41:a6:
c8:f6:67:e9:f5:f2:9c:5a:86:f9:6c:18:c8:0a:eb:
7d:4d:60:83:fe:c5:a1:e4:c1:7d:63:70:1c:90:e6:
82:fc:75:c5:7e:57:61:6b:df:f6:20:dd:f7:cb:ad:
14:e7:28:4c:8a:3e:ad:e8:62:c9:21:44:ff:fc:5d:
41:fd:ca:aa:fc:fa:f5:77:6b:6c:01:52:cb:d9:8d:
e9:a2:60:33:5a:26:d9:cb:32:bc:cd:63:61:ad:94:
d4:38:e5:dd:1e:8a:6e:4b:71:1f:a3:d6:e9:4d:df:
4f:05:52:d8:84:1d:d1:04:56:89:b0:04:ac:3c:e6:
62:09:d0:40:ca:a0:b8:b3:58:e9:25:e6:58:80:fb:
14:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:EB:BE:87:32:83:73:E7:95:82:51:C1:D6:68:86:4D:76:C5:EB:34
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/xeu-hzKDc-eVglHB1miGTXbF6zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/24
188.209.140.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ce:2a:6a:d6:37:c1:8a:55:19:47:6c:3b:aa:c5:8b:48:a9:
f5:79:e1:ac:2b:96:28:60:67:b3:88:15:83:c0:d9:7d:de:d4:
29:88:8a:b1:72:16:32:08:4f:44:9b:c4:6a:5c:23:72:f8:d8:
d3:e0:78:06:4c:1d:55:64:12:e4:ab:99:8b:52:3b:cf:50:e4:
0f:d2:ca:46:e7:5b:cf:04:51:d5:ad:2a:71:f1:5d:24:ea:ae:
3b:2e:22:d7:3b:fc:76:65:7a:f7:9b:a2:c0:be:3d:00:c9:6b:
f3:d1:0e:fb:9d:f1:ea:65:a4:57:73:b8:38:dd:3b:4b:8a:c8:
2d:ae:ef:73:7a:fd:9f:91:dc:0d:ff:51:d9:f4:3a:8e:72:4f:
23:b3:e3:64:10:20:da:35:74:e5:f5:20:57:3b:1a:ad:75:3f:
21:af:6c:77:05:e7:af:21:68:a7:10:78:75:a2:6a:e3:a5:01:
d9:b3:87:c7:21:cf:ae:44:56:ae:7f:65:3e:e3:06:fc:23:5a:
95:cc:a5:8c:77:20:00:c1:e9:0e:77:0f:06:17:51:93:c6:99:
45:ad:37:23:96:78:88:f0:74:5d:ce:c3:03:01:2d:e4:9c:10:
40:67:c4:99:92:e6:fd:bf:a5:25:5b:62:49:3b:8a:b8:27:97:
28:6f:e5:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYa1L4E3mWLbuRMX/LzWs4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNDA5MTM1NDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWViYmU4NzMyODM3M2U3OTU4MjUxYzFkNjY4ODY0ZDc2YzVlYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6VULzQAYDzAlyaqEmpHdloiZ3ft
HUklOnqYNGsNrIgfsKb38QRwI6ZlizQhOYYqJrRYakS+siIrH9ixtfgN5ALeIrgz
Emcf1cI1QKcM1JM20Uzo9Ex3TvZoWcYjLSn0HeDxYxDamNZ++BqDlSjJnQIam4Fe
QabI9mfp9fKcWob5bBjICut9TWCD/sWh5MF9Y3AckOaC/HXFfldha9/2IN33y60U
5yhMij6t6GLJIUT//F1B/cqq/Pr1d2tsAVLL2Y3pomAzWibZyzK8zWNhrZTUOOXd
HopuS3Efo9bpTd9PBVLYhB3RBFaJsASsPOZiCdBAyqC4s1jpJeZYgPsUswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMXrvocyg3PnlYJRwdZohk12xes0MB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEveGV1LWh6S0RjLWVWZ2xIQjFtaUdUWGJGNnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNGAAwQA
vNGMMA0GCSqGSIb3DQEBCwUAA4IBAQBozipq1jfBilUZR2w7qsWLSKn1eeGsK5Yo
YGeziBWDwNl93tQpiIqxchYyCE9Em8RqXCNy+NjT4HgGTB1VZBLkq5mLUjvPUOQP
0spG51vPBFHVrSpx8V0k6q47LiLXO/x2ZXr3m6LAvj0AyWvz0Q77nfHqZaRXc7g4
3TtLisgtru9zev2fkdwN/1HZ9DqOck8js+NkECDaNXTl9SBXOxqtdT8hr2x3Beev
IWinEHh1omrjpQHZs4fHIc+uRFauf2U+4wb8I1qVzKWMdyAAwekOdw8GF1GTxplF
rTcjlniI8HRdzsMDAS3knBBAZ8SZkub9v6UlW2JJO4q4J5cob+XH
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:00 2025 by rpki-client on console.sobornost.net