Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/XDbrvNT86ISN_spCbo4xvAzpVp4.roa
File: XDbrvNT86ISN_spCbo4xvAzpVp4.roa (raw, json)
Hash identifier: VdcMI142dXyMiD8Y0gV4McGw1NiqJuUGtwcS5l0geTI=
Subject key identifier: 5C:36:EB:BC:D4:FC:E8:84:8D:FE:CA:42:6E:8E:31:BC:0C:E9:56:9E
Certificate issuer: /CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Certificate serial: 0194236A41AB679459A4C9B1D6FD61CF9F12
Authority key identifier: 7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/XDbrvNT86ISN_spCbo4xvAzpVp4.roa
Signing time: Wed 01 Jan 2025 19:49:13 +0000
ROA not before: Wed 01 Jan 2025 19:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60703
IP address blocks: 185.26.220.0/24 maxlen: 24
185.26.221.0/24 maxlen: 24
185.26.222.0/24 maxlen: 24
2a04:3a00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:41:ab:67:94:59:a4:c9:b1:d6:fd:61:cf:9f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Validity
Not Before: Jan 1 19:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c36ebbcd4fce8848dfeca426e8e31bc0ce9569e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f8:5c:c0:ab:0c:e3:17:55:23:01:de:b7:6d:
0a:f8:76:99:58:90:06:42:19:bd:ac:d1:8b:24:2d:
df:99:4c:3a:0e:80:90:1c:20:49:03:c9:e0:d4:ec:
a2:58:56:0a:ab:86:82:46:69:b7:5f:5a:c9:cc:30:
6e:52:aa:86:1a:dc:b9:3b:f6:a5:22:f2:57:9f:b9:
f2:d2:00:44:84:d3:f1:ab:ef:76:e3:5d:b7:61:f1:
c6:ca:8d:a7:c7:e1:04:ac:47:fe:fb:b0:de:4e:02:
fb:f0:a9:89:6c:6c:9b:e4:42:01:62:5d:36:40:f5:
7f:ef:c2:0f:74:6a:05:7d:b1:91:be:b9:be:b6:63:
c3:cf:ef:cf:5d:e6:51:4b:4c:e4:25:a7:e3:c0:19:
63:86:10:2e:85:65:f9:34:0d:cd:f9:66:8a:7d:f3:
f7:c5:75:f3:0b:16:1b:c4:12:07:e7:0d:c1:5c:ba:
11:71:3d:5f:8e:17:db:1e:ce:98:91:ae:7a:42:f7:
6b:a9:21:07:e4:50:87:44:71:64:ce:d7:1d:f7:f3:
ec:ce:80:29:ef:04:c6:0e:aa:86:d9:1b:3c:0c:0b:
f0:54:01:3f:13:e9:02:04:de:68:7d:d5:d4:39:5d:
6d:0b:3f:64:35:4f:6e:16:f1:c4:c4:d3:8b:6a:36:
d7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:36:EB:BC:D4:FC:E8:84:8D:FE:CA:42:6E:8E:31:BC:0C:E9:56:9E
X509v3 Authority Key Identifier:
keyid:7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/XDbrvNT86ISN_spCbo4xvAzpVp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/fCOA12SpYR3-L7wM4MxASW7B6D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.220.0-185.26.222.255
IPv6:
2a04:3a00::/29
Signature Algorithm: sha256WithRSAEncryption
09:95:5c:0f:be:45:e1:80:47:c6:2a:b6:02:3b:98:f9:41:ba:
4b:40:2c:af:5e:20:1a:10:37:7b:ef:ec:0b:84:f3:52:d0:92:
3a:5c:cf:09:22:76:7e:09:93:a7:a6:0b:6f:9d:45:14:ad:50:
57:76:d2:5d:bd:17:03:d6:50:2c:c5:37:70:b9:9f:21:46:bf:
61:16:76:77:99:2e:65:c6:15:05:ad:f4:58:f1:3f:c9:67:69:
0f:b3:a3:3a:02:73:9d:d1:c4:27:f3:99:f3:25:9f:4e:6d:5d:
55:cf:06:15:da:97:2f:ec:11:ea:bd:88:d5:fa:31:64:69:31:
99:78:17:0b:bb:60:2f:60:eb:e1:6b:c3:f3:cb:f6:f0:fe:89:
86:0f:ca:c2:b1:59:c1:48:6b:9c:fa:6b:1a:ff:40:fd:e0:bc:
01:bb:ea:cc:18:02:a1:91:5b:f9:7d:b5:ca:c8:40:b8:c6:f9:
3a:5c:3b:ce:6f:67:cf:8f:2c:ea:e0:b1:8c:3c:ee:47:10:ee:
9a:f4:64:53:59:54:5d:48:08:40:bb:2a:6e:f2:f4:ea:d3:06:
a3:ff:56:56:4c:91:9e:2f:7e:ed:45:7d:bd:a5:18:54:61:06:
31:86:6e:50:ea:24:c8:66:e4:f7:7b:86:43:e7:ae:2d:59:db:
8b:47:a0:3d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQjakGrZ5RZpMmx1v1hz58SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMjM4MGQ3NjRhOTYxMWRmZTJmYmMwY2UwY2M0MDQ5NmVj
MWU4M2UwHhcNMjUwMTAxMTk0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM2ZWJiY2Q0ZmNlODg0OGRmZWNhNDI2ZThlMzFiYzBjZTk1NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufhcwKsM4xdVIwHet20K+HaZWJAG
Qhm9rNGLJC3fmUw6DoCQHCBJA8ng1OyiWFYKq4aCRmm3X1rJzDBuUqqGGty5O/al
IvJXn7ny0gBEhNPxq+924123YfHGyo2nx+EErEf++7DeTgL78KmJbGyb5EIBYl02
QPV/78IPdGoFfbGRvrm+tmPDz+/PXeZRS0zkJafjwBljhhAuhWX5NA3N+WaKffP3
xXXzCxYbxBIH5w3BXLoRcT1fjhfbHs6Yka56QvdrqSEH5FCHRHFkztcd9/PszoAp
7wTGDqqG2Rs8DAvwVAE/E+kCBN5ofdXUOV1tCz9kNU9uFvHExNOLajbXXQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFw267zU/OiEjf7KQm6OMbwM6VaeMB8GA1UdIwQY
MBaAFHwjgNdkqWEd/i+8DODMQEluweg+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMt
NWQ4Y2E2MzY4MWFkLzEvWERicnZOVDg2SVNOX3NwQ2JvNHh2QXpwVnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMtNWQ4Y2E2MzY4MWFk
LzEvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5GtwD
BAC5Gt4wDQQCAAIwBwMFAyoEOgAwDQYJKoZIhvcNAQELBQADggEBAAmVXA++ReGA
R8YqtgI7mPlBuktALK9eIBoQN3vv7AuE81LQkjpczwkidn4Jk6emC2+dRRStUFd2
0l29FwPWUCzFN3C5nyFGv2EWdneZLmXGFQWt9FjxP8lnaQ+zozoCc53RxCfzmfMl
n05tXVXPBhXaly/sEeq9iNX6MWRpMZl4Fwu7YC9g6+Frw/PL9vD+iYYPysKxWcFI
a5z6axr/QP3gvAG76swYAqGRW/l9tcrIQLjG+TpcO85vZ8+PLOrgsYw87kcQ7pr0
ZFNZVF1ICEC7Km7y9OrTBqP/VlZMkZ4vfu1Ffb2lGFRhBjGGblDqJMhm5Pd7hkPn
ri1Z24tHoD0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net