Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/xcYl1ip1RWRZGBpa9ByhUszeVT8.roa
File: xcYl1ip1RWRZGBpa9ByhUszeVT8.roa (raw, json)
Hash identifier: cdNAMHoK0CE7abN8hcq+5ov6S0ZYsN6/p/Fqvd/HU0c=
Subject key identifier: C5:C6:25:D6:2A:75:45:64:59:18:1A:5A:F4:1C:A1:52:CC:DE:55:3F
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 018CC94E15485FE7EA1786F72C85F680FE93
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/xcYl1ip1RWRZGBpa9ByhUszeVT8.roa
Signing time: Tue 02 Jan 2024 08:33:06 +0000
ROA not before: Tue 02 Jan 2024 08:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28748
IP address blocks: 195.190.142.0/24 maxlen: 24
37.26.200.0/21 maxlen: 21
185.23.156.0/22 maxlen: 22
192.105.75.0/24 maxlen: 24
193.22.2.0/24 maxlen: 24
134.97.0.0/16 maxlen: 17
2001:650::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:15:48:5f:e7:ea:17:86:f7:2c:85:f6:80:fe:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 2 08:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5c625d62a75456459181a5af41ca152ccde553f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:48:b9:24:dd:41:d6:b8:72:01:fd:5e:1a:1b:
e9:57:76:34:91:2b:4f:2c:3b:e9:26:3e:cc:d9:b9:
8e:45:41:30:9c:a1:05:0f:87:6f:11:96:27:b0:95:
07:24:1b:2b:31:c8:06:82:36:1b:4f:ef:91:45:93:
a1:a7:ca:86:b5:87:4d:1b:d5:db:ad:28:9c:1d:61:
3c:1e:4c:aa:7f:2b:77:a0:8c:ef:7e:85:5b:53:ee:
33:e8:17:b6:af:eb:f5:1a:88:4f:de:09:71:91:1f:
7e:72:35:75:bc:4d:26:76:b7:e4:1a:c7:d5:31:ef:
51:00:16:b6:b0:55:0f:92:38:16:87:dd:93:ab:9e:
c2:be:9b:08:84:90:ad:db:1d:c2:78:a7:e6:e3:97:
c8:4d:56:8d:77:f3:70:93:94:3a:a6:95:de:d3:07:
d9:c0:ad:c1:6c:81:33:59:a8:3d:f3:88:b4:93:1b:
5c:4e:38:c3:94:5e:e0:47:4c:9a:38:1d:c1:ce:1e:
38:96:25:5b:c3:63:e3:61:49:8a:ff:ac:92:87:5d:
5b:dc:16:fc:e1:0e:cc:f1:39:03:b0:60:37:d3:cc:
f7:9e:44:c3:9b:ec:fc:28:e3:5b:01:70:c6:56:e5:
6a:e7:02:d0:64:51:ab:44:e8:70:d2:3f:25:12:de:
3e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C6:25:D6:2A:75:45:64:59:18:1A:5A:F4:1C:A1:52:CC:DE:55:3F
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/xcYl1ip1RWRZGBpa9ByhUszeVT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.200.0/21
134.97.0.0/16
185.23.156.0/22
192.105.75.0/24
193.22.2.0/24
195.190.142.0/24
IPv6:
2001:650::/29
Signature Algorithm: sha256WithRSAEncryption
6f:33:6b:ec:3e:cf:d4:bf:16:58:8e:67:fe:9b:b4:e1:ab:e9:
5f:fa:75:1f:7e:4a:64:13:5f:35:71:e0:d2:9b:5b:01:b2:ca:
f3:bf:38:91:4b:ca:1b:79:29:24:73:78:44:7e:7f:7a:5e:0b:
e0:4a:95:f2:a4:84:f2:d0:f1:c2:2a:a9:52:99:45:9a:f5:04:
9b:2c:3f:1a:db:b2:b8:aa:c8:16:df:f1:4f:12:c9:10:aa:c4:
84:1c:58:2d:69:62:9f:d4:ad:11:bd:73:13:0e:99:f6:ff:be:
61:e0:23:19:a2:a5:45:27:21:73:2a:1c:20:57:c3:ca:70:81:
55:53:fa:af:86:e1:07:2a:31:9b:e9:1b:60:6e:53:a3:3d:b0:
6f:82:e8:2e:b5:95:52:70:5e:2d:8f:60:aa:d3:fd:2e:fd:af:
97:fd:43:25:e1:a1:ff:39:ab:a9:47:d9:68:b3:89:f4:af:43:
32:2c:c8:c8:27:5d:1f:76:2b:1b:03:2b:21:c7:f7:8d:d8:e5:
58:47:75:62:c7:52:b2:34:66:0e:a0:56:cc:13:2e:f5:8d:19:
6d:3b:6c:60:3c:4c:c8:71:27:42:87:c4:1b:4f:fe:d9:4d:e5:
bc:1d:ba:96:e5:4d:87:a4:3f:df:cf:f3:54:ec:3b:e0:d4:cd:
a8:4a:ab:98
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzJThVIX+fqF4b3LIX2gP6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjQwMTAyMDgzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM2MjVkNjJhNzU0NTY0NTkxODFhNWFmNDFjYTE1MmNjZGU1NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0i5JN1B1rhyAf1eGhvpV3Y0kStP
LDvpJj7M2bmORUEwnKEFD4dvEZYnsJUHJBsrMcgGgjYbT++RRZOhp8qGtYdNG9Xb
rSicHWE8Hkyqfyt3oIzvfoVbU+4z6Be2r+v1GohP3glxkR9+cjV1vE0mdrfkGsfV
Me9RABa2sFUPkjgWh92Tq57CvpsIhJCt2x3CeKfm45fITVaNd/Nwk5Q6ppXe0wfZ
wK3BbIEzWag984i0kxtcTjjDlF7gR0yaOB3Bzh44liVbw2PjYUmK/6ySh11b3Bb8
4Q7M8TkDsGA308z3nkTDm+z8KONbAXDGVuVq5wLQZFGrROhw0j8lEt4+KwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFMXGJdYqdUVkWRgaWvQcoVLM3lU/MB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEveGNZbDFpcDFSV1JaR0JwYTlCeWhVc3plVlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDJRrIAwMA
hmEDBAK5F5wDBADAaUsDBADBFgIDBADDvo4wDQQCAAIwBwMFAyABBlAwDQYJKoZI
hvcNAQELBQADggEBAG8za+w+z9S/FliOZ/6btOGr6V/6dR9+SmQTXzVx4NKbWwGy
yvO/OJFLyht5KSRzeER+f3peC+BKlfKkhPLQ8cIqqVKZRZr1BJssPxrbsriqyBbf
8U8SyRCqxIQcWC1pYp/UrRG9cxMOmfb/vmHgIxmipUUnIXMqHCBXw8pwgVVT+q+G
4QcqMZvpG2BuU6M9sG+C6C61lVJwXi2PYKrT/S79r5f9QyXhof85q6lH2WizifSv
QzIsyMgnXR92KxsDKyHH943Y5VhHdWLHUrI0Zg6gVswTLvWNGW07bGA8TMhxJ0KH
xBtP/tlN5bwdupblTYekP9/P81TsO+DUzahKq5g=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:26:00 2024 by rpki-client on console.sobornost.net