Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/xlHcoYULH7mPEmpcqtscwUSRg-k.roa
File: xlHcoYULH7mPEmpcqtscwUSRg-k.roa (raw, json)
Hash identifier: A4kztX9ZPQEUnGsY/7aFwo4jdiC6qf6Ig/R2vXwJcNU=
Subject key identifier: C6:51:DC:A1:85:0B:1F:B9:8F:12:6A:5C:AA:DB:1C:C1:44:91:83:E9
Certificate issuer: /CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Certificate serial: 019421B231C697DC595F4511D1272C1C9EA3
Authority key identifier: BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/xlHcoYULH7mPEmpcqtscwUSRg-k.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25248
IP address blocks: 82.99.128.0/18 maxlen: 18
84.244.64.0/18 maxlen: 18
85.207.0.0/16 maxlen: 16
85.207.220.0/22 maxlen: 22
212.158.128.0/19 maxlen: 19
2a02:a40::/32 maxlen: 32
2a02:a41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:31:c6:97:dc:59:5f:45:11:d1:27:2c:1c:9e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c651dca1850b1fb98f126a5caadb1cc1449183e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bd:cd:f8:62:c9:d5:86:c1:83:91:1d:bd:98:
31:b5:84:2a:c4:d7:7c:8f:d9:2e:98:f4:8f:82:82:
3e:4f:fa:7e:fd:41:a4:77:c5:7c:df:03:ca:88:b9:
07:68:97:80:57:fb:b8:98:69:69:64:79:df:e3:43:
e0:dc:7a:c1:4b:81:d9:bd:67:d1:dc:b0:af:3a:a9:
4a:62:1e:11:d3:3f:39:38:43:55:ed:90:08:a0:12:
3d:b6:fe:af:d1:d8:1d:16:a1:5c:08:d0:59:4d:16:
be:14:dc:a7:c0:6f:c7:2a:ad:d5:95:24:e5:cd:29:
98:33:0d:cd:72:83:b1:b1:73:ae:60:ba:a6:5c:2c:
fd:5e:46:9c:21:82:1f:26:9c:f3:3f:56:8c:3c:22:
3d:cf:9b:d3:2e:90:87:ec:52:f2:b7:b3:15:3f:60:
57:b0:ab:af:a6:a5:28:3b:97:c2:e0:17:20:de:99:
fd:b9:19:7c:ce:90:ea:9e:e7:97:38:50:c1:17:d0:
75:1f:79:c4:b0:89:d6:b1:81:1b:2c:d2:b0:bc:cc:
19:63:4f:b5:a4:18:1d:86:99:b1:a4:62:a5:36:07:
00:b6:58:87:b1:75:1d:e4:60:fc:e5:a9:06:32:c3:
1f:28:94:10:82:bb:e9:a3:38:a5:c1:b1:21:b8:08:
88:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:51:DC:A1:85:0B:1F:B9:8F:12:6A:5C:AA:DB:1C:C1:44:91:83:E9
X509v3 Authority Key Identifier:
keyid:BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/xlHcoYULH7mPEmpcqtscwUSRg-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.99.128.0/18
84.244.64.0/18
85.207.0.0/16
212.158.128.0/19
IPv6:
2a02:a40::/31
Signature Algorithm: sha256WithRSAEncryption
0c:01:18:7e:38:da:9a:61:7a:59:79:78:70:dd:4d:e2:be:23:
49:a8:63:41:b9:67:50:22:e0:58:dd:1f:7b:96:74:41:93:c1:
6a:83:34:cf:9d:6a:b1:ec:d7:80:46:55:58:e7:ce:2f:89:5b:
3e:1f:42:66:b9:51:0d:20:99:64:db:4f:54:fe:80:8b:f1:0b:
12:a8:df:5b:7d:c4:3e:8b:dd:1c:d0:30:e0:c4:88:ee:ab:5b:
80:7a:7e:ad:2f:86:d0:7e:4d:1c:22:54:79:af:1d:8b:3f:dd:
60:66:6c:72:d2:f0:7c:be:a5:82:24:75:89:2b:a9:d2:0f:26:
9d:fe:7d:be:f3:5a:f6:41:a1:4a:ee:7c:32:c8:aa:e3:b9:d0:
39:47:e1:bc:06:43:f9:6f:a8:e2:ab:12:fc:f8:86:df:b2:a4:
28:d3:6e:a1:2d:0c:44:01:56:5a:cd:90:4c:c1:95:fd:b6:be:
f5:71:de:7d:bf:ab:61:00:d6:0c:77:ec:f5:b9:f2:a1:ea:f9:
b5:8e:72:1c:62:c1:9f:38:16:5b:76:ba:5f:0a:a4:5d:00:f9:
40:8f:0b:bb:2c:d0:ec:e8:0b:31:f0:7c:05:eb:65:f6:25:ba:
7b:03:5c:43:78:22:95:83:8d:37:b7:a9:9a:86:09:69:9d:f8:
a2:49:43:e6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQhsjHGl9xZX0UR0ScsHJ6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZjUyNTJjY2FjM2Y2ZGMxNDI2YjU1M2YyYzFjNzIzM2Fj
Yzg5NGIwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjUxZGNhMTg1MGIxZmI5OGYxMjZhNWNhYWRiMWNjMTQ0OTE4M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb3N+GLJ1YbBg5EdvZgxtYQqxNd8
j9kumPSPgoI+T/p+/UGkd8V83wPKiLkHaJeAV/u4mGlpZHnf40Pg3HrBS4HZvWfR
3LCvOqlKYh4R0z85OENV7ZAIoBI9tv6v0dgdFqFcCNBZTRa+FNynwG/HKq3VlSTl
zSmYMw3NcoOxsXOuYLqmXCz9XkacIYIfJpzzP1aMPCI9z5vTLpCH7FLyt7MVP2BX
sKuvpqUoO5fC4Bcg3pn9uRl8zpDqnueXOFDBF9B1H3nEsInWsYEbLNKwvMwZY0+1
pBgdhpmxpGKlNgcAtliHsXUd5GD85akGMsMfKJQQgrvpozilwbEhuAiIHQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMZR3KGFCx+5jxJqXKrbHMFEkYPpMB8GA1UdIwQY
MBaAFL71JSzKw/bcFCa1U/LBxyM6zIlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmIt
MTFlNWY2ZDEyZWYxLzEveGxIY29ZVUxIN21QRW1wY3F0c2N3VVNSZy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmItMTFlNWY2ZDEyZWYx
LzEvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQGUmOAAwQG
VPRAAwMAVc8DBAXUnoAwDQQCAAIwBwMFASoCCkAwDQYJKoZIhvcNAQELBQADggEB
AAwBGH442pphell5eHDdTeK+I0moY0G5Z1Ai4FjdH3uWdEGTwWqDNM+darHs14BG
VVjnzi+JWz4fQma5UQ0gmWTbT1T+gIvxCxKo31t9xD6L3RzQMODEiO6rW4B6fq0v
htB+TRwiVHmvHYs/3WBmbHLS8Hy+pYIkdYkrqdIPJp3+fb7zWvZBoUrufDLIquO5
0DlH4bwGQ/lvqOKrEvz4ht+ypCjTbqEtDEQBVlrNkEzBlf22vvVx3n2/q2EA1gx3
7PW58qHq+bWOchxiwZ84Flt2ul8KpF0A+UCPC7ss0OzoCzHwfAXrZfYlunsDXEN4
IpWDjTe3qZqGCWmd+KJJQ+Y=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:17 2025 by rpki-client on console.sobornost.net