Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xNpETnG4xYSKenzmRRS7lJxILiU.roa
File: xNpETnG4xYSKenzmRRS7lJxILiU.roa (raw, json)
Hash identifier: rysXDGRcpk/iACSksmScnaHoO7AcY/3D8XpcuXaPuwI=
Subject key identifier: C4:DA:44:4E:71:B8:C5:84:8A:7A:7C:E6:45:14:BB:94:9C:48:2E:25
Certificate issuer: /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Certificate serial: 0194258FBF167FDBC9DC595523DDD85B6C85
Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xNpETnG4xYSKenzmRRS7lJxILiU.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397688
IP address blocks: 2.58.8.0/24 maxlen: 24
2.58.9.0/24 maxlen: 24
2.58.10.0/24 maxlen: 24
31.222.58.0/24 maxlen: 24
147.189.164.0/24 maxlen: 24
147.189.165.0/24 maxlen: 24
147.189.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:bf:16:7f:db:c9:dc:59:55:23:dd:d8:5b:6c:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4da444e71b8c5848a7a7ce64514bb949c482e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:47:1d:27:ad:44:3e:81:ae:80:23:81:45:ae:
07:d4:53:eb:e4:3b:a1:e1:80:92:97:a6:75:76:d7:
0a:a8:92:73:61:3c:a7:58:92:28:6a:1a:07:a5:4e:
0b:3a:7f:75:1a:cf:c2:24:31:44:5c:f4:b6:a4:bb:
a8:70:ed:3f:68:5a:29:77:5a:7b:0a:10:47:cc:7d:
dc:50:cd:4b:52:5d:06:75:00:c3:e5:b4:a1:b1:55:
dd:87:bb:b4:8d:66:a8:61:6d:b5:0a:50:f8:19:e4:
25:97:be:11:29:bf:d2:d4:1f:e2:2e:70:35:a4:0e:
f9:73:50:bd:fd:f6:37:93:ec:9a:63:8e:08:7f:8a:
f8:2a:23:f2:2a:cc:d5:a5:34:8c:de:e2:5c:d1:d2:
bc:58:e0:f5:a1:b9:f8:07:74:8b:0a:a8:f8:e2:83:
63:df:93:73:09:4b:3b:db:95:8a:07:b4:2b:e3:5e:
13:89:ad:8b:5a:48:b8:57:bf:b6:05:1a:78:cc:4d:
23:a3:35:a1:97:b3:fa:a7:53:ad:72:c3:6b:d3:0a:
c9:55:0c:0d:a3:86:05:43:c4:08:b3:49:02:69:3d:
ec:57:3c:d6:6a:43:20:49:35:0b:c2:78:ec:23:8f:
61:ea:37:e1:78:fa:f3:b5:5e:50:ed:e2:9f:b3:bd:
6f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DA:44:4E:71:B8:C5:84:8A:7A:7C:E6:45:14:BB:94:9C:48:2E:25
X509v3 Authority Key Identifier:
keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xNpETnG4xYSKenzmRRS7lJxILiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.8.0-2.58.10.255
31.222.58.0/24
147.189.164.0-147.189.166.255
Signature Algorithm: sha256WithRSAEncryption
75:9e:89:b7:03:2d:25:a2:0c:38:44:8b:96:cf:44:2c:62:a5:
36:27:0c:39:9f:6d:32:e5:0a:41:eb:88:66:7b:8c:e2:5a:70:
90:2c:4b:ad:56:58:60:6d:b9:5a:2b:27:94:76:5b:ce:ac:04:
91:12:52:77:c1:a2:48:1d:15:3f:40:53:9d:79:8b:38:53:29:
00:e2:76:0f:25:13:5c:ee:39:84:e3:bc:fe:95:34:95:32:1d:
8a:c8:48:22:a6:ac:f1:0d:84:14:a9:8e:b1:85:83:5e:41:85:
ff:dc:d6:c1:8e:23:3c:1d:0c:63:2c:85:37:84:d2:29:47:78:
f9:19:bc:1b:9c:3a:eb:5e:41:64:a9:fc:4d:aa:b7:04:fc:a3:
d1:a4:6e:a4:9a:06:d2:bb:71:cf:28:e3:a5:cc:42:ba:4b:68:
90:d5:0f:1f:10:73:5b:42:f5:a1:25:d2:b4:3d:df:30:92:3c:
15:70:fb:c5:9c:2b:8c:36:9e:86:1c:e7:12:a7:96:e3:ee:4b:
4f:bc:98:b7:cd:90:95:87:8d:39:80:73:ed:5d:cf:ec:bb:b1:
c6:ef:fd:49:2e:36:65:e4:bd:0f:6a:c0:43:a5:ee:50:76:6b:
80:a6:78:0a:5e:a8:bf:53:4a:d6:05:ff:dd:1a:ed:b5:6c:db:
11:0a:03:ff
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQlj78Wf9vJ3FlVI93YW2yFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4
Y2NkNjcwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGRhNDQ0ZTcxYjhjNTg0OGE3YTdjZTY0NTE0YmI5NDljNDgyZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUcdJ61EPoGugCOBRa4H1FPr5Duh
4YCSl6Z1dtcKqJJzYTynWJIoahoHpU4LOn91Gs/CJDFEXPS2pLuocO0/aFopd1p7
ChBHzH3cUM1LUl0GdQDD5bShsVXdh7u0jWaoYW21ClD4GeQll74RKb/S1B/iLnA1
pA75c1C9/fY3k+yaY44If4r4KiPyKszVpTSM3uJc0dK8WOD1obn4B3SLCqj44oNj
35NzCUs725WKB7Qr414Tia2LWki4V7+2BRp4zE0jozWhl7P6p1OtcsNr0wrJVQwN
o4YFQ8QIs0kCaT3sVzzWakMgSTULwnjsI49h6jfhePrztV5Q7eKfs71vDwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMTaRE5xuMWEinp85kUUu5ScSC4lMB8GA1UdIwQY
MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt
MTA5NTlhYWE4YjNlLzEveE5wRVRuRzR4WVNLZW56bVJSUzdsSnhJTGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl
LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAMCOggD
BAACOgoDBAAf3jowDAMEApO9pAMEAJO9pjANBgkqhkiG9w0BAQsFAAOCAQEAdZ6J
twMtJaIMOESLls9ELGKlNicMOZ9tMuUKQeuIZnuM4lpwkCxLrVZYYG25WisnlHZb
zqwEkRJSd8GiSB0VP0BTnXmLOFMpAOJ2DyUTXO45hOO8/pU0lTIdishIIqas8Q2E
FKmOsYWDXkGF/9zWwY4jPB0MYyyFN4TSKUd4+Rm8G5w6615BZKn8Taq3BPyj0aRu
pJoG0rtxzyjjpcxCuktokNUPHxBzW0L1oSXStD3fMJI8FXD7xZwrjDaehhznEqeW
4+5LT7yYt82QlYeNOYBz7V3P7Luxxu/9SS42ZeS9D2rAQ6XuUHZrgKZ4Cl6ov1NK
1gX/3RrttWzbEQoD/w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:48 2025 by rpki-client on console.sobornost.net