Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/XrusPaGpGNqoD7iZ531THJ79emU.roa
File: XrusPaGpGNqoD7iZ531THJ79emU.roa (raw, json)
Hash identifier: eySOqFHCiESajlHxeD/xFXpNWpahGrGfQWM0FTNr5MY=
Subject key identifier: 5E:BB:AC:3D:A1:A9:18:DA:A8:0F:B8:99:E7:7D:53:1C:9E:FD:7A:65
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01960EA88F0F66BCD17E80273732EA7F113C
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/XrusPaGpGNqoD7iZ531THJ79emU.roa
Signing time: Mon 07 Apr 2025 05:10:49 +0000
ROA not before: Mon 07 Apr 2025 05:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35367
IP address blocks: 176.236.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0e:a8:8f:0f:66:bc:d1:7e:80:27:37:32:ea:7f:11:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Apr 7 05:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ebbac3da1a918daa80fb899e77d531c9efd7a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e7:8a:2e:1a:dd:b6:a0:11:78:3c:90:25:75:
d3:cc:93:a7:75:b1:a7:bd:d8:fb:4f:37:a7:f9:f1:
30:43:3d:c4:52:3d:f8:32:b1:cb:49:48:f5:88:55:
97:ba:91:c9:f7:a9:f2:7b:ba:ce:1c:26:b3:50:4f:
73:ff:67:b7:fd:07:96:aa:8d:a4:d4:49:8f:61:f1:
1f:47:7f:42:d2:51:3d:51:41:17:73:ef:fd:47:58:
ba:d6:a1:19:0a:8f:61:c0:88:18:f8:a3:be:e0:3f:
e2:d0:cb:19:e0:1b:6f:2e:71:2a:65:87:a7:23:bd:
69:1d:64:33:0f:a8:99:c6:89:12:9e:3d:bf:9a:73:
f9:dd:cb:37:02:9e:71:95:35:10:40:ad:a2:99:c5:
48:c1:22:76:3a:a9:0e:6a:c5:1f:21:64:3e:70:11:
3e:d6:7f:49:d4:59:4c:7f:8f:6b:19:fe:61:9f:58:
a0:f9:b9:82:53:14:66:0e:aa:e7:7f:31:9e:90:36:
cd:82:11:13:f3:b3:f8:86:ed:e3:3b:bd:9d:2a:de:
fb:1a:54:f0:b0:0e:8a:c4:f4:68:f0:4f:e0:77:80:
63:b3:11:c2:64:90:f2:48:e7:8d:f9:54:90:3c:48:
83:e3:5a:0a:b4:e2:1b:c7:dd:92:0d:57:df:11:ab:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BB:AC:3D:A1:A9:18:DA:A8:0F:B8:99:E7:7D:53:1C:9E:FD:7A:65
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/XrusPaGpGNqoD7iZ531THJ79emU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.236.247.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f5:1a:1a:3a:ac:0b:34:21:67:61:8f:01:ce:ee:1e:f5:c3:
87:b6:99:26:be:59:bc:f5:f1:0a:77:34:66:c4:3e:b9:b2:e8:
4a:50:bc:7e:ac:c3:5f:a5:01:cc:73:e4:c7:2c:45:be:38:09:
28:44:f8:35:07:79:ba:9f:7e:57:bf:45:c8:22:bb:3a:19:89:
c8:93:93:c0:c4:02:d7:91:0f:d2:99:da:59:59:34:a0:7b:bb:
42:99:66:72:5f:bd:cf:05:2c:01:27:00:fb:be:59:79:db:1e:
d2:d0:95:13:8b:bd:a2:cb:16:73:b2:d8:c2:f1:d8:06:58:a7:
0d:c1:90:e6:0f:3b:69:67:6d:c5:b3:d5:84:21:4d:55:f7:5a:
68:f3:d5:9c:b5:84:3a:3b:f5:f6:79:e0:b0:0d:80:60:96:2e:
71:8b:3f:c4:6f:df:ab:e8:a1:32:f8:1b:09:ee:80:1b:24:10:
ca:2a:6f:c5:e1:74:01:f4:e7:57:8d:a5:f8:ff:e3:dc:d6:f1:
58:37:34:ec:8c:ff:b5:4a:34:37:08:bc:48:01:34:cb:20:43:
b8:7a:07:e4:87:08:21:c9:39:53:15:00:fc:97:82:14:44:13:
98:55:e3:c5:09:ae:2b:5d:64:9d:74:d9:98:b6:dd:8f:38:82:
be:a5:ee:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYOqI8PZrzRfoAnNzLqfxE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjUwNDA3MDUxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWJiYWMzZGExYTkxOGRhYTgwZmI4OTllNzdkNTMxYzllZmQ3YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneeKLhrdtqAReDyQJXXTzJOndbGn
vdj7Tzen+fEwQz3EUj34MrHLSUj1iFWXupHJ96nye7rOHCazUE9z/2e3/QeWqo2k
1EmPYfEfR39C0lE9UUEXc+/9R1i61qEZCo9hwIgY+KO+4D/i0MsZ4BtvLnEqZYen
I71pHWQzD6iZxokSnj2/mnP53cs3Ap5xlTUQQK2imcVIwSJ2OqkOasUfIWQ+cBE+
1n9J1FlMf49rGf5hn1ig+bmCUxRmDqrnfzGekDbNghET87P4hu3jO72dKt77GlTw
sA6KxPRo8E/gd4BjsxHCZJDySOeN+VSQPEiD41oKtOIbx92SDVffEas9UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF67rD2hqRjaqA+4med9Uxye/XplMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvWHJ1c1BhR3BHTnFvRDdpWjUzMVRISjc5ZW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsOz3MA0G
CSqGSIb3DQEBCwUAA4IBAQAs9RoaOqwLNCFnYY8Bzu4e9cOHtpkmvlm89fEKdzRm
xD65suhKULx+rMNfpQHMc+THLEW+OAkoRPg1B3m6n35Xv0XIIrs6GYnIk5PAxALX
kQ/SmdpZWTSge7tCmWZyX73PBSwBJwD7vll52x7S0JUTi72iyxZzstjC8dgGWKcN
wZDmDztpZ23Fs9WEIU1V91po89WctYQ6O/X2eeCwDYBgli5xiz/Eb9+r6KEy+BsJ
7oAbJBDKKm/F4XQB9OdXjaX4/+Pc1vFYNzTsjP+1SjQ3CLxIATTLIEO4egfkhwgh
yTlTFQD8l4IURBOYVePFCa4rXWSddNmYtt2POIK+pe74
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:42 2025 by rpki-client on console.sobornost.net