Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XaTrWbIKEMVta8vD9K6CVWZ933g.roa
File: XaTrWbIKEMVta8vD9K6CVWZ933g.roa (raw, json)
Hash identifier: HuL7Beh6jU2j34iU2xp3f0ZchZ0Ix91ZF0/ruWUoy4E=
Subject key identifier: 5D:A4:EB:59:B2:0A:10:C5:6D:6B:CB:C3:F4:AE:82:55:66:7D:DF:78
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01961CE5020B58EA9124771DC65D46CE72CE
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XaTrWbIKEMVta8vD9K6CVWZ933g.roa
Signing time: Wed 09 Apr 2025 23:31:32 +0000
ROA not before: Wed 09 Apr 2025 23:31:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214199
IP address blocks: 5.231.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1c:e5:02:0b:58:ea:91:24:77:1d:c6:5d:46:ce:72:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 9 23:31:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5da4eb59b20a10c56d6bcbc3f4ae8255667ddf78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:16:a7:c5:df:23:2e:03:57:bd:d3:c5:30:81:
98:3c:0f:d8:a0:84:c8:8b:4d:95:69:3d:68:fe:75:
a6:43:d0:49:35:78:8a:45:97:80:b0:84:21:4d:7a:
d3:39:3f:c7:0d:00:60:54:c8:dc:d0:b0:0c:cf:53:
d3:54:31:25:f3:8f:58:c9:71:b2:9f:81:4d:60:9c:
70:f8:86:5f:82:89:d4:ab:ac:fc:46:f5:47:66:e6:
9e:5d:e9:bb:71:fd:3f:4c:46:f6:06:cf:39:50:d2:
bf:ac:0c:1e:0b:b2:67:41:9b:45:43:50:61:a0:ab:
bd:b6:86:6b:d7:9e:d9:1d:4c:35:ad:11:e3:bd:5a:
82:84:d8:b0:83:64:90:37:4b:d2:0e:b7:df:a5:e8:
30:3c:3f:8a:42:88:0f:88:31:60:b9:8c:a6:91:5e:
a9:06:12:bd:74:08:af:92:2c:3a:20:01:ec:45:51:
d6:91:80:78:0a:2b:81:c9:eb:22:ea:4a:2d:90:7f:
0e:15:fe:a8:78:a8:f4:a6:13:10:93:a3:22:ff:76:
6a:46:bd:90:b8:2c:a3:1d:7e:5f:2e:d5:d7:53:fe:
72:c6:aa:22:6f:99:5c:79:ec:4e:74:ec:85:f4:34:
55:8b:3b:c0:e8:dd:69:75:45:27:f7:78:8c:14:13:
70:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A4:EB:59:B2:0A:10:C5:6D:6B:CB:C3:F4:AE:82:55:66:7D:DF:78
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XaTrWbIKEMVta8vD9K6CVWZ933g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.32.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:67:5a:31:7b:2d:f0:12:f4:37:07:9d:d4:90:25:a1:34:04:
96:ac:b0:bf:23:bf:ba:cf:01:d4:2e:e2:f4:8e:ba:98:c9:43:
7a:fc:23:04:26:07:e4:56:36:07:96:80:34:5b:bd:58:aa:76:
69:43:b3:8f:10:95:f5:6f:ff:e0:b5:1f:f7:91:d2:6f:3e:83:
eb:c6:b4:f7:67:65:da:b8:b4:80:1b:6f:1e:37:6f:66:2f:19:
50:94:78:a8:91:af:c3:92:05:d0:d2:71:65:96:d6:68:48:9d:
1e:fd:c4:f4:3d:5f:00:47:b4:d9:cc:be:46:43:2b:15:75:b1:
5f:07:4b:99:d6:e1:3e:cd:28:05:a5:6d:90:d1:6d:84:63:ed:
d7:3e:b4:34:e5:64:9d:f1:e2:29:b1:54:46:f5:29:4a:88:57:
50:2e:fb:75:a3:3d:62:a5:89:8f:0b:c1:2c:c6:ff:89:1e:80:
9f:ac:ba:3a:f5:d2:15:11:7e:41:b9:8e:76:b1:8c:ed:9d:14:
bf:ab:89:bd:0f:3e:25:cb:c1:f9:68:56:be:51:8f:b6:73:13:
7d:01:9a:3d:7f:f5:6f:62:d0:76:3f:40:c3:53:07:6e:7f:24:
35:c1:71:44:f6:17:1c:73:eb:86:e0:76:84:57:cf:7e:01:21:
94:2c:3e:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYc5QILWOqRJHcdxl1GznLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA5MjMzMTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGE0ZWI1OWIyMGExMGM1NmQ2YmNiYzNmNGFlODI1NTY2N2RkZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Banxd8jLgNXvdPFMIGYPA/YoITI
i02VaT1o/nWmQ9BJNXiKRZeAsIQhTXrTOT/HDQBgVMjc0LAMz1PTVDEl849YyXGy
n4FNYJxw+IZfgonUq6z8RvVHZuaeXem7cf0/TEb2Bs85UNK/rAweC7JnQZtFQ1Bh
oKu9toZr157ZHUw1rRHjvVqChNiwg2SQN0vSDrffpegwPD+KQogPiDFguYymkV6p
BhK9dAivkiw6IAHsRVHWkYB4CiuByesi6kotkH8OFf6oeKj0phMQk6Mi/3ZqRr2Q
uCyjHX5fLtXXU/5yxqoib5lceexOdOyF9DRVizvA6N1pdUUn93iMFBNwSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2k61myChDFbWvLw/SuglVmfd94MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWGFUcldiSUtFTVZ0YTh2RDlLNkNWV1o5MzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABecgMA0G
CSqGSIb3DQEBCwUAA4IBAQB8Z1oxey3wEvQ3B53UkCWhNASWrLC/I7+6zwHULuL0
jrqYyUN6/CMEJgfkVjYHloA0W71YqnZpQ7OPEJX1b//gtR/3kdJvPoPrxrT3Z2Xa
uLSAG28eN29mLxlQlHioka/DkgXQ0nFlltZoSJ0e/cT0PV8AR7TZzL5GQysVdbFf
B0uZ1uE+zSgFpW2Q0W2EY+3XPrQ05WSd8eIpsVRG9SlKiFdQLvt1oz1ipYmPC8Es
xv+JHoCfrLo69dIVEX5BuY52sYztnRS/q4m9Dz4ly8H5aFa+UY+2cxN9AZo9f/Vv
YtB2P0DDUwdufyQ1wXFE9hccc+uG4HaEV89+ASGULD7B
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net