Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xNPqn5SIMHiXARXbHfFajMtKxBg.roa
File: xNPqn5SIMHiXARXbHfFajMtKxBg.roa (raw, json)
Hash identifier: dT+L/nzcJBKc6owxGRNwZ+MkdqrDMpSlMlQezZcEb8g=
Subject key identifier: C4:D3:EA:9F:94:88:30:78:97:01:15:DB:1D:F1:5A:8C:CB:4A:C4:18
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B9664C8ED8C107F567100592F38DB
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xNPqn5SIMHiXARXbHfFajMtKxBg.roa
Signing time: Thu 02 Jan 2025 09:49:32 +0000
ROA not before: Thu 02 Jan 2025 09:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199952
IP address blocks: 5.154.19.0/24 maxlen: 24
84.232.18.0/23 maxlen: 23
94.76.154.0/24 maxlen: 24
178.156.86.0/24 maxlen: 24
178.156.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:96:64:c8:ed:8c:10:7f:56:71:00:59:2f:38:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4d3ea9f94883078970115db1df15a8ccb4ac418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:45:d4:f8:d6:02:ec:3c:8f:b9:08:5b:d8:9c:
23:89:fb:44:44:6d:e8:e9:0d:29:58:3e:6a:c9:7e:
ba:37:7d:b8:63:18:93:a1:90:37:dd:d6:79:59:32:
34:65:7f:38:05:53:c8:bf:fb:de:a6:60:9d:1a:f8:
74:04:ca:94:81:8b:61:c5:0e:15:c8:d8:b5:1e:2a:
93:6f:39:44:00:fd:52:0e:1c:8b:76:ec:50:67:3c:
d0:54:c0:f3:8a:05:4c:7f:4a:0b:cf:d9:41:ec:aa:
dd:e8:d7:e0:59:61:71:3d:09:69:00:79:36:5a:c9:
8e:4d:83:09:54:bd:11:06:00:f0:75:68:5c:e9:c3:
ba:22:ad:c4:90:a3:45:4f:e7:50:93:32:f3:e7:05:
39:5e:f7:2d:cd:c3:f4:f4:85:6b:98:15:49:87:db:
a6:2f:d3:42:d7:3c:59:12:06:db:e9:24:f1:29:61:
3e:55:47:3e:bf:1a:0b:53:09:e3:43:98:6b:77:e1:
f5:7f:57:49:be:17:e0:c3:a4:22:ab:35:f9:3b:46:
e1:9b:d0:fd:6f:bc:3d:d1:4e:60:5e:50:84:03:25:
81:3b:d8:c7:6c:39:e8:6d:98:b4:49:13:b9:5e:79:
21:19:56:03:df:44:51:a2:b1:00:fd:b0:57:34:6f:
05:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D3:EA:9F:94:88:30:78:97:01:15:DB:1D:F1:5A:8C:CB:4A:C4:18
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xNPqn5SIMHiXARXbHfFajMtKxBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.19.0/24
84.232.18.0/23
94.76.154.0/24
178.156.86.0/24
178.156.91.0/24
Signature Algorithm: sha256WithRSAEncryption
04:6d:57:9b:1e:55:27:54:48:da:e7:f1:04:a0:1d:4b:a6:cf:
7c:1c:4b:18:d7:87:81:12:cc:a7:55:6a:4a:f2:84:04:05:d7:
c7:26:29:df:a2:c2:b6:19:5e:ef:9e:ff:cb:ab:67:31:ae:e3:
03:62:56:36:07:82:ed:e4:20:28:23:6d:9c:87:ba:dd:92:55:
5d:5a:96:1d:7d:6d:06:6b:be:8e:e7:c8:19:13:d3:a4:23:78:
17:d4:b4:a2:e1:a8:62:64:65:d3:63:4d:cb:c1:a3:df:0f:83:
51:7c:7f:28:06:2a:2a:c3:69:99:ca:33:47:2d:ce:bb:8a:6a:
64:4f:b1:24:d5:2b:93:8a:74:64:6f:45:a9:3e:e9:cd:75:26:
c6:d5:68:1a:a9:2b:13:50:3d:ca:7a:25:fa:b8:c7:2a:fd:14:
dd:2f:bc:92:89:2a:ea:86:f6:b7:56:e8:d8:68:23:22:ca:92:
5b:a0:9e:26:c3:95:05:ab:e0:b1:25:ed:f7:6b:d5:8f:4b:32:
9b:dd:96:93:25:ec:1d:9c:13:db:fb:c9:c5:e8:aa:35:1e:1b:
e6:21:52:90:c8:3a:bb:c3:2d:81:32:2d:34:88:1b:9b:a4:b9:
b4:a5:55:10:7b:b9:1f:65:03:16:87:7f:8d:61:80:e4:55:a6:
58:12:98:1a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQma5ZkyO2MEH9WcQBZLzjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQzZWE5Zjk0ODgzMDc4OTcwMTE1ZGIxZGYxNWE4Y2NiNGFjNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0XU+NYC7DyPuQhb2JwjiftERG3o
6Q0pWD5qyX66N324YxiToZA33dZ5WTI0ZX84BVPIv/vepmCdGvh0BMqUgYthxQ4V
yNi1HiqTbzlEAP1SDhyLduxQZzzQVMDzigVMf0oLz9lB7Krd6NfgWWFxPQlpAHk2
WsmOTYMJVL0RBgDwdWhc6cO6Iq3EkKNFT+dQkzLz5wU5XvctzcP09IVrmBVJh9um
L9NC1zxZEgbb6STxKWE+VUc+vxoLUwnjQ5hrd+H1f1dJvhfgw6QiqzX5O0bhm9D9
b7w90U5gXlCEAyWBO9jHbDnobZi0SRO5XnkhGVYD30RRorEA/bBXNG8FCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMTT6p+UiDB4lwEV2x3xWozLSsQYMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEveE5QcW41U0lNSGlYQVJYYkhmRmFqTXRLeEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZoTAwQB
VOgSAwQAXkyaAwQAspxWAwQAspxbMA0GCSqGSIb3DQEBCwUAA4IBAQAEbVebHlUn
VEja5/EEoB1Lps98HEsY14eBEsynVWpK8oQEBdfHJinfosK2GV7vnv/Lq2cxruMD
YlY2B4Lt5CAoI22ch7rdklVdWpYdfW0Ga76O58gZE9OkI3gX1LSi4ahiZGXTY03L
waPfD4NRfH8oBioqw2mZyjNHLc67impkT7Ek1SuTinRkb0WpPunNdSbG1WgaqSsT
UD3KeiX6uMcq/RTdL7ySiSrqhva3VujYaCMiypJboJ4mw5UFq+CxJe33a9WPSzKb
3ZaTJewdnBPb+8nF6Ko1HhvmIVKQyDq7wy2BMi00iBubpLm0pVUQe7kfZQMWh3+N
YYDkVaZYEpga
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net