Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/xuTFaPBZlRCNPxPmstQBZKmKPnU.roa
File: xuTFaPBZlRCNPxPmstQBZKmKPnU.roa (raw, json)
Hash identifier: sRHH2//YW4/9Ra0qA3kCbbxZqx+E6+W61I8MRO4kS6I=
Subject key identifier: C6:E4:C5:68:F0:59:95:10:8D:3F:13:E6:B2:D4:01:64:A9:8A:3E:75
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 01941F8BFF0CBE963D0F15C03CD5AD927194
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/xuTFaPBZlRCNPxPmstQBZKmKPnU.roa
Signing time: Wed 01 Jan 2025 01:47:35 +0000
ROA not before: Wed 01 Jan 2025 01:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209236
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.47.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:ff:0c:be:96:3d:0f:15:c0:3c:d5:ad:92:71:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Jan 1 01:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6e4c568f05995108d3f13e6b2d40164a98a3e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9e:c9:ef:75:5b:fa:53:b5:bc:e6:aa:85:fe:
86:3f:39:1d:1e:ab:7e:51:c4:3b:91:db:08:41:ae:
c3:8b:ba:10:88:36:33:b5:da:cf:04:bc:7f:49:11:
b1:7d:4a:62:64:43:68:22:02:be:4e:27:3e:a5:bd:
e2:0b:77:4c:d3:a9:ad:f1:a7:da:06:f1:52:f8:5f:
b4:58:5a:36:c3:52:4f:52:53:b3:71:8f:f8:86:31:
ec:1b:14:3b:dc:e8:1a:30:6e:14:e3:3c:18:65:9f:
0b:76:94:9e:d8:d1:9b:f2:65:16:b4:ba:de:9c:5c:
7c:4b:5b:73:f3:06:ca:a3:8d:28:81:d3:e6:38:df:
3f:d1:f1:82:25:aa:74:8f:c4:0e:e3:b6:8d:80:2a:
f4:3f:95:92:da:d9:f8:8b:84:ee:cc:6b:bf:2d:15:
63:ed:15:b0:0a:e9:62:96:67:79:a1:b4:99:69:d7:
ed:bf:68:ee:d9:ab:30:fd:9c:35:70:c6:78:52:26:
dd:1d:a1:c8:f2:33:cd:ee:dc:49:24:67:27:ab:b3:
e5:76:f2:3a:8e:7b:08:ea:83:04:ae:11:6e:6a:7b:
c9:b3:99:36:55:c6:50:f1:87:82:31:57:be:a8:24:
69:2d:35:0e:62:41:4a:15:d1:b0:c6:7f:85:23:6e:
35:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E4:C5:68:F0:59:95:10:8D:3F:13:E6:B2:D4:01:64:A9:8A:3E:75
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/xuTFaPBZlRCNPxPmstQBZKmKPnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.36.0/23
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
58:b9:f9:f5:af:62:31:5b:c0:15:ed:47:f8:90:8c:08:17:b8:
6a:92:76:35:4b:62:ef:2c:3d:c3:8b:4d:5e:95:ca:ee:20:78:
0d:60:5f:97:65:b6:98:77:aa:68:62:44:33:01:cc:65:fb:b7:
7b:5d:bb:1a:88:a5:ff:bb:e0:cd:be:19:f1:d4:28:88:11:b4:
47:60:df:fe:2a:98:98:90:ac:ed:ed:0e:e0:0e:f6:73:97:83:
23:8a:51:33:32:23:9b:00:d1:cc:c4:62:56:83:be:d0:0d:7d:
27:a5:35:58:69:eb:92:d1:ee:9f:06:ee:cd:20:3e:8a:a0:1c:
60:ec:5e:a5:8d:aa:32:57:7c:b2:03:ab:fa:86:0c:6e:c5:3f:
ac:59:2b:23:65:31:97:79:dc:8c:3b:87:c0:36:bd:02:69:67:
fb:63:9c:69:18:fb:00:60:cf:7b:37:6a:72:b5:9b:03:63:e8:
06:f4:ec:da:31:52:97:a7:68:99:9e:1f:d6:8f:fd:5a:18:e5:
0d:76:a7:5a:f5:5d:89:9b:98:ff:a1:e2:79:59:cf:c3:85:0b:
7e:cf:ff:c7:54:43:ff:4d:93:31:f3:a7:0b:92:89:b0:cf:d4:
66:7b:e3:b0:f6:91:af:75:fa:55:1e:b9:38:45:30:f9:32:4c:
e2:96:34:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQfi/8MvpY9DxXAPNWtknGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjUwMTAxMDE0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmU0YzU2OGYwNTk5NTEwOGQzZjEzZTZiMmQ0MDE2NGE5OGEzZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2p7J73Vb+lO1vOaqhf6GPzkdHqt+
UcQ7kdsIQa7Di7oQiDYztdrPBLx/SRGxfUpiZENoIgK+Tic+pb3iC3dM06mt8afa
BvFS+F+0WFo2w1JPUlOzcY/4hjHsGxQ73OgaMG4U4zwYZZ8LdpSe2NGb8mUWtLre
nFx8S1tz8wbKo40ogdPmON8/0fGCJap0j8QO47aNgCr0P5WS2tn4i4TuzGu/LRVj
7RWwCulilmd5obSZadftv2ju2asw/Zw1cMZ4UibdHaHI8jPN7txJJGcnq7PldvI6
jnsI6oMErhFuanvJs5k2VcZQ8YeCMVe+qCRpLTUOYkFKFdGwxn+FI241nwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMbkxWjwWZUQjT8T5rLUAWSpij51MB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEveHVURmFQQlpsUkNOUHhQbXN0UUJaS21LUG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDqxmAAwQA
wd0cAwQBwd0kAwQAwd0vAwQBwd00AwQAwd07MA0GCSqGSIb3DQEBCwUAA4IBAQBY
ufn1r2IxW8AV7Uf4kIwIF7hqknY1S2LvLD3Di01elcruIHgNYF+XZbaYd6poYkQz
Acxl+7d7XbsaiKX/u+DNvhnx1CiIEbRHYN/+KpiYkKzt7Q7gDvZzl4MjilEzMiOb
ANHMxGJWg77QDX0npTVYaeuS0e6fBu7NID6KoBxg7F6ljaoyV3yyA6v6hgxuxT+s
WSsjZTGXedyMO4fANr0CaWf7Y5xpGPsAYM97N2pytZsDY+gG9OzaMVKXp2iZnh/W
j/1aGOUNdqda9V2Jm5j/oeJ5Wc/DhQt+z//HVEP/TZMx86cLkomwz9Rme+Ow9pGv
dfpVHrk4RTD5MkziljSA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:27 2025 by rpki-client on console.sobornost.net