Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/Xrjs-S2RSbrZu3yjzq9Uz6FE53U.roa
File: Xrjs-S2RSbrZu3yjzq9Uz6FE53U.roa (raw, json)
Hash identifier: BOs1xZvMppiPo1LljXNukiOUbDIO0taZ6bkmR9k5vfQ=
Subject key identifier: 5E:B8:EC:F9:2D:91:49:BA:D9:BB:7C:A3:CE:AF:54:CF:A1:44:E7:75
Certificate issuer: /CN=7d8c74143c2273e201a675715431dfaf28fe17b2
Certificate serial: 019424B3DBCEAC5F12550F042548D3486C22
Authority key identifier: 7D:8C:74:14:3C:22:73:E2:01:A6:75:71:54:31:DF:AF:28:FE:17:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fYx0FDwic-IBpnVxVDHfryj-F7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/Xrjs-S2RSbrZu3yjzq9Uz6FE53U.roa
Signing time: Thu 02 Jan 2025 01:49:14 +0000
ROA not before: Thu 02 Jan 2025 01:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207797
IP address blocks: 194.76.252.0/24 maxlen: 24
2a0f:ab40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:db:ce:ac:5f:12:55:0f:04:25:48:d3:48:6c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d8c74143c2273e201a675715431dfaf28fe17b2
Validity
Not Before: Jan 2 01:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eb8ecf92d9149bad9bb7ca3ceaf54cfa144e775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ec:c9:a7:95:92:0f:fa:9c:55:1e:74:b0:c9:
20:8e:1b:9c:94:17:a6:bd:69:9b:4a:b6:89:f9:37:
1a:d5:b3:a0:7c:5b:90:72:1c:74:f9:58:21:a7:b8:
93:b0:b8:29:39:0d:01:ee:4f:14:9d:b6:7d:55:36:
67:4f:04:16:c8:82:4c:93:32:4d:9a:48:6b:a9:38:
68:be:8b:46:9b:82:2d:f2:a5:0b:80:43:da:2a:42:
df:ed:ca:53:56:56:27:71:40:33:82:07:5a:b6:71:
83:4e:58:bd:9a:74:20:c4:19:4c:84:a5:44:a5:4d:
ee:30:1b:07:c2:44:4a:0f:9e:ab:64:c2:9c:8d:98:
09:c4:bf:d8:7c:ba:75:be:eb:be:3b:dc:12:26:9f:
88:55:6f:d5:8e:e5:eb:12:ca:18:1f:ee:fc:9d:de:
94:3f:76:25:34:d2:4a:15:e0:cf:fb:a3:04:a5:9b:
02:d7:fd:98:c5:4a:20:f3:71:30:ba:de:46:fc:ff:
cc:9f:b9:58:c9:9e:7f:d7:d8:c7:26:a0:56:cf:0e:
bf:23:98:eb:09:d3:97:26:95:d7:f6:2c:ae:4d:98:
6f:13:f9:b9:e0:90:e2:d0:58:41:5c:52:98:e6:44:
ef:06:0b:de:c5:7f:4e:8d:f8:6b:01:d2:58:76:2c:
dc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B8:EC:F9:2D:91:49:BA:D9:BB:7C:A3:CE:AF:54:CF:A1:44:E7:75
X509v3 Authority Key Identifier:
keyid:7D:8C:74:14:3C:22:73:E2:01:A6:75:71:54:31:DF:AF:28:FE:17:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fYx0FDwic-IBpnVxVDHfryj-F7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/Xrjs-S2RSbrZu3yjzq9Uz6FE53U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5c3a4c-9843-4bec-a162-18c0365307bf/1/fYx0FDwic-IBpnVxVDHfryj-F7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.252.0/24
IPv6:
2a0f:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
6e:1e:41:0e:16:17:93:ae:7e:e0:c8:83:7a:ee:40:44:13:d5:
fc:c9:6b:3f:80:7c:ad:06:1b:96:54:22:93:e8:8d:bf:8a:14:
7d:ee:4f:1c:c3:da:3f:50:5c:9a:88:4f:e5:eb:f0:ad:68:a7:
1e:4a:9a:f0:0d:05:66:fc:8c:f4:74:8d:f5:4a:18:91:46:24:
b6:0c:ed:d4:99:e8:2a:35:e3:6b:7e:6e:58:a8:37:b1:67:5e:
33:b6:51:60:ea:3c:8b:3c:3c:62:65:55:eb:17:3f:d9:8a:59:
0a:fd:2d:2b:75:d4:0e:d3:ba:cb:cb:83:74:2e:32:b2:d0:99:
8d:ef:95:22:43:c0:79:2f:9d:d5:11:6c:bb:39:56:be:6e:94:
bb:ac:b7:19:a2:28:8b:e6:8c:71:b0:83:b9:90:63:11:cc:bc:
96:d3:71:12:08:aa:7e:d9:52:67:04:86:34:6f:1f:88:e3:87:
c3:32:34:9b:fa:66:5c:c7:1b:f2:34:7d:e2:34:cc:5c:d9:2f:
92:5a:69:06:fe:cf:89:df:f2:80:93:38:43:b9:81:d5:c9:da:
86:71:2f:cf:be:89:4b:9b:88:0f:0b:72:85:9b:2f:0f:db:2e:
f2:36:0e:b9:c2:09:07:a7:94:cc:d4:b4:80:16:1e:41:11:26:
91:c2:d1:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks9vOrF8SVQ8EJUjTSGwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOGM3NDE0M2MyMjczZTIwMWE2NzU3MTU0MzFkZmFmMjhm
ZTE3YjIwHhcNMjUwMTAyMDE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWI4ZWNmOTJkOTE0OWJhZDliYjdjYTNjZWFmNTRjZmExNDRlNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuzJp5WSD/qcVR50sMkgjhuclBem
vWmbSraJ+Tca1bOgfFuQchx0+Vghp7iTsLgpOQ0B7k8UnbZ9VTZnTwQWyIJMkzJN
mkhrqThovotGm4It8qULgEPaKkLf7cpTVlYncUAzggdatnGDTli9mnQgxBlMhKVE
pU3uMBsHwkRKD56rZMKcjZgJxL/YfLp1vuu+O9wSJp+IVW/VjuXrEsoYH+78nd6U
P3YlNNJKFeDP+6MEpZsC1/2YxUog83Ewut5G/P/Mn7lYyZ5/19jHJqBWzw6/I5jr
CdOXJpXX9iyuTZhvE/m54JDi0FhBXFKY5kTvBgvexX9OjfhrAdJYdizcnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF647PktkUm62bt8o86vVM+hROd1MB8GA1UdIwQY
MBaAFH2MdBQ8InPiAaZ1cVQx368o/heyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZll4MEZEd2ljLUlCcG5WeFZESGZyeWotRjdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81YzNhNGMtOTg0My00YmVjLWExNjIt
MThjMDM2NTMwN2JmLzEvWHJqcy1TMlJTYnJadTN5anpxOVV6NkZFNTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS81YzNhNGMtOTg0My00YmVjLWExNjItMThjMDM2NTMwN2Jm
LzEvZll4MEZEd2ljLUlCcG5WeFZESGZyeWotRjdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwkz8MA0E
AgACMAcDBQAqD6tAMA0GCSqGSIb3DQEBCwUAA4IBAQBuHkEOFheTrn7gyIN67kBE
E9X8yWs/gHytBhuWVCKT6I2/ihR97k8cw9o/UFyaiE/l6/CtaKceSprwDQVm/Iz0
dI31ShiRRiS2DO3UmegqNeNrfm5YqDexZ14ztlFg6jyLPDxiZVXrFz/ZilkK/S0r
ddQO07rLy4N0LjKy0JmN75UiQ8B5L53VEWy7OVa+bpS7rLcZoiiL5oxxsIO5kGMR
zLyW03ESCKp+2VJnBIY0bx+I44fDMjSb+mZcxxvyNH3iNMxc2S+SWmkG/s+J3/KA
kzhDuYHVydqGcS/PvolLm4gPC3KFmy8P2y7yNg65wgkHp5TM1LSAFh5BESaRwtEP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:10 2025 by rpki-client on console.sobornost.net