Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/DXCcZ4az_m9JkulbDZPaw-4fvpY.roa
File: DXCcZ4az_m9JkulbDZPaw-4fvpY.roa (raw, json)
Hash identifier: VA/wtpX9lsdQgqPj9xk6G0iG/tvExRhBfFIkaRdFgSE=
Subject key identifier: 0D:70:9C:67:86:B3:FE:6F:49:92:E9:5B:0D:93:DA:C3:EE:1F:BE:96
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0195609FCBDC40898254651FB3996D31B88D
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/DXCcZ4az_m9JkulbDZPaw-4fvpY.roa
Signing time: Tue 04 Mar 2025 10:07:19 +0000
ROA not before: Tue 04 Mar 2025 10:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 141.226.245.0/24 maxlen: 24
213.137.88.0/24 maxlen: 24
213.137.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:9f:cb:dc:40:89:82:54:65:1f:b3:99:6d:31:b8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Mar 4 10:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d709c6786b3fe6f4992e95b0d93dac3ee1fbe96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:42:38:24:e1:c9:d0:50:08:34:4b:b5:83:
08:0f:e9:76:68:d3:e7:33:60:45:00:95:d9:a0:17:
26:fc:cf:0d:a2:12:2e:42:82:7e:e6:98:b8:df:95:
4e:63:20:a0:b6:42:ab:2e:8e:42:71:df:84:a5:91:
09:09:84:d1:d5:1f:df:ee:d6:dd:c4:08:59:5e:39:
a8:9f:63:ec:01:4e:26:b8:a2:3f:ae:e2:b2:fb:f6:
50:82:3f:51:95:b2:cc:7b:54:77:b6:d0:47:c9:15:
cc:21:78:7a:83:01:05:6f:57:49:5d:a5:53:74:f4:
2e:47:45:5b:00:43:f3:b7:98:b6:68:f2:68:a0:53:
0e:88:a4:45:01:83:c0:9d:53:35:b1:7a:e2:f8:c2:
94:01:ff:68:2c:67:0e:a6:f5:37:72:a0:bc:ef:bd:
6e:79:ce:90:22:7f:5a:c7:5c:27:34:94:07:d8:08:
94:ff:23:19:37:f2:94:6e:15:39:46:c5:2f:7c:14:
45:6b:c5:7b:96:21:21:a1:84:eb:2e:f7:1c:43:cc:
22:52:90:0e:cb:a5:5a:62:60:d0:fc:da:af:79:8a:
61:4b:af:19:2a:91:ed:15:5d:06:28:f7:d9:24:3f:
58:b6:36:78:30:25:40:47:6c:c8:e8:f1:10:64:f4:
07:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:70:9C:67:86:B3:FE:6F:49:92:E9:5B:0D:93:DA:C3:EE:1F:BE:96
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/DXCcZ4az_m9JkulbDZPaw-4fvpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.245.0/24
213.137.88.0/24
213.137.92.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fb:bc:2d:67:15:3a:68:d9:9a:f6:40:9b:02:53:33:27:08:
f7:71:1e:c3:0f:3a:c1:08:bd:04:33:19:3f:18:2f:30:1d:52:
88:df:80:37:61:5b:c9:77:c2:fd:23:24:82:3f:50:40:d0:9e:
46:3a:d9:bf:27:b3:30:a8:d7:75:e4:1f:80:78:17:94:2c:4f:
44:bb:e5:90:af:74:9d:9a:d0:98:98:c1:7f:55:f0:c2:89:bc:
d2:f5:fd:50:8f:bf:eb:6a:fe:04:70:2a:96:6c:f6:c8:f6:ca:
7e:b6:bf:a4:ed:31:aa:bd:b7:16:9d:61:b4:70:6f:99:0f:aa:
68:b2:72:b2:d6:5b:9f:4d:bd:ab:14:2a:d7:5b:ff:61:af:2d:
9b:7e:27:7c:12:fe:db:d9:0e:53:17:bb:5d:ba:f2:ce:50:43:
3c:43:02:8f:69:86:84:29:ec:28:83:f7:f5:eb:99:fd:2e:c4:
03:a1:6c:23:89:a1:34:72:54:75:02:5e:07:56:19:fd:94:e1:
55:6c:98:07:c2:4f:2c:ef:3d:9b:ea:12:a3:5a:7e:45:c2:fa:
e2:c7:2b:56:89:61:f1:ce:dc:01:ad:f5:d8:ba:72:cf:71:cd:
9b:d2:c6:b4:0e:f3:01:30:a2:07:50:2d:52:23:55:ff:e3:88:
da:49:e6:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVgn8vcQImCVGUfs5ltMbiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMzA0MTAwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDcwOWM2Nzg2YjNmZTZmNDk5MmU5NWIwZDkzZGFjM2VlMWZiZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreRCOCThydBQCDRLtYMID+l2aNPn
M2BFAJXZoBcm/M8NohIuQoJ+5pi435VOYyCgtkKrLo5Ccd+EpZEJCYTR1R/f7tbd
xAhZXjmon2PsAU4muKI/ruKy+/ZQgj9RlbLMe1R3ttBHyRXMIXh6gwEFb1dJXaVT
dPQuR0VbAEPzt5i2aPJooFMOiKRFAYPAnVM1sXri+MKUAf9oLGcOpvU3cqC8771u
ec6QIn9ax1wnNJQH2AiU/yMZN/KUbhU5RsUvfBRFa8V7liEhoYTrLvccQ8wiUpAO
y6VaYmDQ/NqveYphS68ZKpHtFV0GKPfZJD9YtjZ4MCVAR2zI6PEQZPQHmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA1wnGeGs/5vSZLpWw2T2sPuH76WMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvRFhDY1o0YXpfbTlKa3VsYkRaUGF3LTRmdnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjeL1AwQA
1YlYAwQA1YlcMA0GCSqGSIb3DQEBCwUAA4IBAQB4+7wtZxU6aNma9kCbAlMzJwj3
cR7DDzrBCL0EMxk/GC8wHVKI34A3YVvJd8L9IySCP1BA0J5GOtm/J7MwqNd15B+A
eBeULE9Eu+WQr3SdmtCYmMF/VfDCibzS9f1Qj7/rav4EcCqWbPbI9sp+tr+k7TGq
vbcWnWG0cG+ZD6posnKy1lufTb2rFCrXW/9hry2bfid8Ev7b2Q5TF7tduvLOUEM8
QwKPaYaEKewog/f165n9LsQDoWwjiaE0clR1Al4HVhn9lOFVbJgHwk8s7z2b6hKj
Wn5FwvrixytWiWHxztwBrfXYunLPcc2b0sa0DvMBMKIHUC1SI1X/44jaSebr
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:13:18 2025 by rpki-client on console.sobornost.net