Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/9ab37d-5a99-4448-8ef5-7b5f98155fe6/1/Xk73csD_xLVUcYgv4YpJ9At08iI.roa
File: Xk73csD_xLVUcYgv4YpJ9At08iI.roa (raw, json)
Hash identifier: cX+hicqcoCtr+jhHeUumSC0JdyUUV0oM4tv+MAaRrss=
Subject key identifier: 5E:4E:F7:72:C0:FF:C4:B5:54:71:88:2F:E1:8A:49:F4:0B:74:F2:22
Certificate issuer: /CN=4309599380c5c59dc06684920b694c3ea6d308a6
Certificate serial: 01941FFA5D4D4423A10D675B20A59E0FE6D5
Authority key identifier: 43:09:59:93:80:C5:C5:9D:C0:66:84:92:0B:69:4C:3E:A6:D3:08:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwlZk4DFxZ3AZoSSC2lMPqbTCKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/9ab37d-5a99-4448-8ef5-7b5f98155fe6/1/Xk73csD_xLVUcYgv4YpJ9At08iI.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49020
IP address blocks: 185.139.12.0/24 maxlen: 24
185.139.13.0/24 maxlen: 24
185.139.14.0/24 maxlen: 24
185.139.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5d:4d:44:23:a1:0d:67:5b:20:a5:9e:0f:e6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4309599380c5c59dc06684920b694c3ea6d308a6
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e4ef772c0ffc4b55471882fe18a49f40b74f222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e0:7f:be:88:58:74:3f:4b:3d:e3:de:89:4c:
e8:a3:af:e9:11:5d:be:90:36:a8:55:16:33:7e:f5:
3f:8e:5a:28:81:0d:4c:d3:de:06:1e:1b:fa:e3:de:
eb:7f:54:03:0a:2c:87:ec:36:f3:94:44:4c:7d:4e:
6d:d5:8a:48:f6:03:c3:fa:35:65:c7:07:43:cb:ca:
d6:68:6a:3e:21:a4:aa:ff:ea:73:a3:00:76:78:94:
9b:c1:55:bc:96:84:82:2d:23:a6:b5:de:30:d2:a1:
4b:62:37:4e:4c:57:f4:3c:23:14:15:24:6d:b0:85:
f2:ee:f0:29:50:56:1e:fe:97:67:74:17:61:e4:22:
33:53:10:64:3a:e3:7e:6c:98:23:5e:86:ca:e7:6e:
26:c5:53:a2:18:37:22:4e:75:d2:9e:8e:11:80:aa:
51:90:d5:cb:60:b8:28:3c:86:42:e8:cd:1b:7f:0f:
fb:20:a2:eb:6e:d5:ba:05:4b:66:6e:83:20:05:3b:
5a:b4:ce:ed:20:74:9f:93:21:48:b2:3b:10:82:76:
98:b2:2d:0e:ac:10:c6:74:a7:ef:a4:c5:88:9c:23:
07:b2:ac:67:6b:33:71:41:aa:15:2f:b8:60:0f:f3:
03:3e:c0:e2:74:73:ae:cf:b8:b5:bb:e1:4e:86:b4:
4a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4E:F7:72:C0:FF:C4:B5:54:71:88:2F:E1:8A:49:F4:0B:74:F2:22
X509v3 Authority Key Identifier:
keyid:43:09:59:93:80:C5:C5:9D:C0:66:84:92:0B:69:4C:3E:A6:D3:08:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwlZk4DFxZ3AZoSSC2lMPqbTCKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9ab37d-5a99-4448-8ef5-7b5f98155fe6/1/Xk73csD_xLVUcYgv4YpJ9At08iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/9ab37d-5a99-4448-8ef5-7b5f98155fe6/1/QwlZk4DFxZ3AZoSSC2lMPqbTCKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.12.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:91:4a:49:db:5a:15:e9:87:f9:c5:88:28:cb:31:f6:96:dc:
35:b7:1b:31:1f:2d:65:01:3c:1a:eb:13:b8:e3:33:5e:fa:ea:
fc:d3:50:09:2f:fe:6a:4b:a3:60:16:93:d3:63:dd:7a:fe:c9:
a1:ce:23:e5:b1:39:ff:bc:3a:94:95:10:52:a6:e3:2c:89:f6:
d3:eb:14:1d:fe:c9:41:ce:28:ff:57:d0:bb:6c:21:9d:30:17:
ad:99:8c:63:a0:7f:b1:80:89:26:84:ab:33:31:1e:e7:64:ab:
6a:4f:66:fd:87:20:80:2b:c4:1c:a2:bd:a7:7b:cc:1c:27:e1:
6b:84:bf:a6:02:a8:9d:27:c8:1f:b5:17:e8:3e:46:f0:35:36:
9b:37:ba:44:cc:83:9f:5b:46:6c:59:31:f1:25:e7:12:aa:12:
20:ce:d3:64:0b:de:b6:40:7a:c6:0e:57:88:ec:a4:33:ef:62:
fe:fc:01:23:de:3d:a1:4c:c3:ec:9c:6a:db:79:95:b2:2e:66:
83:ad:42:31:ab:0a:88:79:98:03:8d:10:9b:99:3f:68:01:6d:
66:f5:ab:68:1f:a1:cd:a9:dd:6d:e2:17:cb:90:59:64:0e:0e:
4b:3c:ff:7d:de:00:24:83:b6:83:dd:16:58:09:71:63:24:78:
c3:42:e5:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+l1NRCOhDWdbIKWeD+bVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDk1OTkzODBjNWM1OWRjMDY2ODQ5MjBiNjk0YzNlYTZk
MzA4YTYwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRlZjc3MmMwZmZjNGI1NTQ3MTg4MmZlMThhNDlmNDBiNzRmMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+B/vohYdD9LPePeiUzoo6/pEV2+
kDaoVRYzfvU/jloogQ1M094GHhv6497rf1QDCiyH7DbzlERMfU5t1YpI9gPD+jVl
xwdDy8rWaGo+IaSq/+pzowB2eJSbwVW8loSCLSOmtd4w0qFLYjdOTFf0PCMUFSRt
sIXy7vApUFYe/pdndBdh5CIzUxBkOuN+bJgjXobK524mxVOiGDciTnXSno4RgKpR
kNXLYLgoPIZC6M0bfw/7IKLrbtW6BUtmboMgBTtatM7tIHSfkyFIsjsQgnaYsi0O
rBDGdKfvpMWInCMHsqxnazNxQaoVL7hgD/MDPsDidHOuz7i1u+FOhrRKlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5O93LA/8S1VHGIL+GKSfQLdPIiMB8GA1UdIwQY
MBaAFEMJWZOAxcWdwGaEkgtpTD6m0wimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdsWms0REZ4WjNBWm9TU0MybE1QcWJUQ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85YWIzN2QtNWE5OS00NDQ4LThlZjUt
N2I1Zjk4MTU1ZmU2LzEvWGs3M2NzRF94TFZVY1lndjRZcEo5QXQwOGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85YWIzN2QtNWE5OS00NDQ4LThlZjUtN2I1Zjk4MTU1ZmU2
LzEvUXdsWms0REZ4WjNBWm9TU0MybE1QcWJUQ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYsMMA0G
CSqGSIb3DQEBCwUAA4IBAQCckUpJ21oV6Yf5xYgoyzH2ltw1txsxHy1lATwa6xO4
4zNe+ur801AJL/5qS6NgFpPTY916/smhziPlsTn/vDqUlRBSpuMsifbT6xQd/slB
zij/V9C7bCGdMBetmYxjoH+xgIkmhKszMR7nZKtqT2b9hyCAK8Qcor2ne8wcJ+Fr
hL+mAqidJ8gftRfoPkbwNTabN7pEzIOfW0ZsWTHxJecSqhIgztNkC962QHrGDleI
7KQz72L+/AEj3j2hTMPsnGrbeZWyLmaDrUIxqwqIeZgDjRCbmT9oAW1m9atoH6HN
qd1t4hfLkFlkDg5LPP993gAkg7aD3RZYCXFjJHjDQuXZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net