Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XhqWQMXP1kSw6bIa3y9zdmDFgLk.roa
File: XhqWQMXP1kSw6bIa3y9zdmDFgLk.roa (raw, json)
Hash identifier: 5+rtjJ49sOCt7EW37uvsBWv0MLIpsdO3BXg+3iZKirw=
Subject key identifier: 5E:1A:96:40:C5:CF:D6:44:B0:E9:B2:1A:DF:2F:73:76:60:C5:80:B9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196220E1BED6DA939C803A212A33BF48B16
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XhqWQMXP1kSw6bIa3y9zdmDFgLk.roa
Signing time: Thu 10 Apr 2025 23:34:32 +0000
ROA not before: Thu 10 Apr 2025 23:34:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 5.175.132.0/24 maxlen: 24
5.175.137.0/24 maxlen: 24
5.175.250.0/24 maxlen: 24
5.230.5.0/24 maxlen: 24
5.230.9.0/24 maxlen: 24
5.231.23.0/24 maxlen: 24
5.231.36.0/24 maxlen: 24
5.231.41.0/24 maxlen: 24
5.231.44.0/24 maxlen: 24
5.231.60.0/24 maxlen: 24
5.231.63.0/24 maxlen: 24
5.231.69.0/24 maxlen: 24
5.231.76.0/24 maxlen: 24
178.18.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:22:0e:1b:ed:6d:a9:39:c8:03:a2:12:a3:3b:f4:8b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 10 23:34:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e1a9640c5cfd644b0e9b21adf2f737660c580b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:42:d1:03:c7:e4:2a:02:1e:6b:f4:43:05:fb:
c7:dd:f4:af:6e:0b:67:4a:83:cd:4d:cf:62:42:38:
19:0d:27:e3:40:65:ec:a3:ad:12:ec:8e:1f:d6:51:
aa:76:ea:5e:06:8b:f0:7f:41:5f:73:01:fd:5d:fd:
39:ab:46:61:61:4a:59:41:93:2f:4d:c1:5d:7c:6d:
40:66:d5:51:7f:8d:16:e2:bb:ca:0d:d5:dc:b8:37:
e3:b2:35:1f:27:ba:f1:3b:63:0d:30:36:a4:88:54:
e4:e1:74:03:a1:88:a3:a2:dd:cc:c7:5d:e4:0c:5d:
1b:f8:7f:7d:23:f4:35:5b:b0:59:0e:3a:73:4c:23:
be:cd:e2:46:2d:74:e3:93:18:8e:01:db:61:7d:9e:
cf:21:52:00:bc:0c:c9:51:24:e3:43:b0:7d:be:a5:
a2:d4:81:c1:f5:e9:4e:ca:3b:7d:b3:ec:3e:2a:80:
c3:48:fc:17:52:6c:dd:13:3c:a5:7e:87:20:1f:cf:
70:ce:7c:7c:d6:42:8a:46:15:e9:25:51:70:39:5c:
e5:87:fd:b8:92:1f:ed:06:fb:2a:1a:bb:41:fc:f3:
d9:3a:69:d5:b3:db:ed:71:c2:59:fa:21:44:ff:af:
1c:f2:fa:45:ee:70:61:8e:c7:6e:32:d5:63:18:cb:
cf:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1A:96:40:C5:CF:D6:44:B0:E9:B2:1A:DF:2F:73:76:60:C5:80:B9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/XhqWQMXP1kSw6bIa3y9zdmDFgLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.132.0/24
5.175.137.0/24
5.175.250.0/24
5.230.5.0/24
5.230.9.0/24
5.231.23.0/24
5.231.36.0/24
5.231.41.0/24
5.231.44.0/24
5.231.60.0/24
5.231.63.0/24
5.231.69.0/24
5.231.76.0/24
178.18.146.0/24
Signature Algorithm: sha256WithRSAEncryption
61:2f:88:fe:65:01:c4:e5:7a:37:ce:e0:cb:de:54:75:16:c4:
05:f5:30:1b:68:50:e6:3f:bc:4f:77:74:9b:2f:75:95:89:e8:
08:94:3b:0e:d1:29:75:62:1b:b8:17:f9:c8:e3:e5:78:76:60:
28:ab:4d:0f:9c:ea:5e:32:a7:a8:42:40:90:f3:dd:43:26:85:
37:42:00:e3:88:bd:9b:9a:60:34:63:e8:e5:8d:9c:16:28:bc:
db:7a:cd:f3:72:ad:32:6d:a3:48:37:23:5d:1d:48:db:f0:32:
4e:94:f3:e4:e3:0b:7a:2d:82:f7:72:ca:a2:93:0b:3c:71:84:
0d:6d:f5:08:df:92:61:33:86:c2:a7:ee:ae:65:77:ef:8a:d7:
31:4c:cc:61:76:88:0c:e2:35:70:25:77:51:fc:20:2c:e2:73:
86:66:0c:d1:5e:05:e7:17:c6:6d:e8:a1:4c:10:85:4a:7c:2f:
18:90:9b:7f:d2:7b:53:36:e0:07:8f:d2:92:2d:42:02:35:a2:
83:fb:d9:d8:9b:e3:2c:6a:60:36:15:7c:d7:dd:18:49:78:9d:
2b:cb:30:be:d8:e0:a1:77:56:c4:f5:d8:56:0a:ea:6a:29:d1:
09:65:d0:cd:4e:ab:ee:14:77:d7:5d:79:6a:28:9a:5b:a3:7a:
ed:e2:4a:29
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZYiDhvtbak5yAOiEqM79IsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDEwMjMzNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFhOTY0MGM1Y2ZkNjQ0YjBlOWIyMWFkZjJmNzM3NjYwYzU4MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsELRA8fkKgIea/RDBfvH3fSvbgtn
SoPNTc9iQjgZDSfjQGXso60S7I4f1lGqdupeBovwf0FfcwH9Xf05q0ZhYUpZQZMv
TcFdfG1AZtVRf40W4rvKDdXcuDfjsjUfJ7rxO2MNMDakiFTk4XQDoYijot3Mx13k
DF0b+H99I/Q1W7BZDjpzTCO+zeJGLXTjkxiOAdthfZ7PIVIAvAzJUSTjQ7B9vqWi
1IHB9elOyjt9s+w+KoDDSPwXUmzdEzylfocgH89wznx81kKKRhXpJVFwOVzlh/24
kh/tBvsqGrtB/PPZOmnVs9vtccJZ+iFE/68c8vpF7nBhjsduMtVjGMvPCQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFF4alkDFz9ZEsOmyGt8vc3ZgxYC5MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWGhxV1FNWFAxa1N3NmJJYTN5OXpkbURGZ0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABa+EAwQA
Ba+JAwQABa/6AwQABeYFAwQABeYJAwQABecXAwQABeckAwQABecpAwQABecsAwQA
Bec8AwQABec/AwQABedFAwQABedMAwQAshKSMA0GCSqGSIb3DQEBCwUAA4IBAQBh
L4j+ZQHE5Xo3zuDL3lR1FsQF9TAbaFDmP7xPd3SbL3WViegIlDsO0Sl1Yhu4F/nI
4+V4dmAoq00PnOpeMqeoQkCQ891DJoU3QgDjiL2bmmA0Y+jljZwWKLzbes3zcq0y
baNINyNdHUjb8DJOlPPk4wt6LYL3csqikws8cYQNbfUI35JhM4bCp+6uZXfvitcx
TMxhdogM4jVwJXdR/CAs4nOGZgzRXgXnF8Zt6KFMEIVKfC8YkJt/0ntTNuAHj9KS
LUICNaKD+9nYm+MsamA2FXzX3RhJeJ0ryzC+2OChd1bE9dhWCupqKdEJZdDNTqvu
FHfXXXlqKJpbo3rt4kop
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net