Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/XlsfqVnPq85M-ZJSh02UMv7bAq8.roa
File: XlsfqVnPq85M-ZJSh02UMv7bAq8.roa (raw, json)
Hash identifier: RvxcNQlHBl5xgY24wu2zM7ZcwbvvsV992ncfxEdC62I=
Subject key identifier: 5E:5B:1F:A9:59:CF:AB:CE:4C:F9:92:52:87:4D:94:32:FE:DB:02:AF
Certificate issuer: /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial: 019420D5F0B125DB0DCC662BAB9722C7DEA6
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/XlsfqVnPq85M-ZJSh02UMv7bAq8.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61287
IP address blocks: 185.12.128.0/22 maxlen: 22
185.12.128.0/23 maxlen: 23
185.12.130.0/23 maxlen: 23
2a03:8d40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f0:b1:25:db:0d:cc:66:2b:ab:97:22:c7:de:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e5b1fa959cfabce4cf99252874d9432fedb02af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6c:38:0a:38:69:1b:36:07:d4:e1:f8:62:df:
36:f0:5b:98:21:8d:4b:aa:d7:01:d5:4b:39:cd:3e:
8f:f3:16:8a:60:d2:46:18:90:6c:db:0e:7e:0a:87:
d0:71:8c:c6:5a:56:19:4b:1e:ea:c6:dc:43:fb:22:
d4:b8:a8:c5:31:4b:38:65:31:cc:00:8c:54:0c:2e:
72:a0:19:53:62:d5:cd:60:f8:e3:a0:f2:b3:f0:6b:
97:a6:52:88:1b:9d:77:d0:0d:90:4f:75:94:10:51:
fc:76:ff:63:85:bb:97:7c:f1:ae:a9:97:6e:aa:4a:
24:3a:3e:05:54:f8:88:94:1b:5e:ed:3c:00:27:90:
52:4b:1e:50:0f:ac:9b:0a:7b:10:a0:cb:0f:c8:a4:
e9:02:10:67:e7:6b:60:e1:ed:8c:85:6f:36:cc:d9:
ae:79:5e:40:e0:b6:c7:77:10:65:23:c7:4f:9e:e3:
da:25:7d:13:33:f6:f5:2a:4f:6e:ee:ff:92:44:df:
2c:22:a7:90:3c:4f:af:95:76:3f:64:ef:f7:31:59:
94:38:9d:fe:a8:9e:24:01:8e:84:e6:ed:46:ae:14:
d8:07:88:ba:e5:9a:f3:aa:2b:d7:af:35:58:e3:2b:
22:85:7c:12:d1:18:25:f9:21:f9:9f:1b:a2:c2:72:
1d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5B:1F:A9:59:CF:AB:CE:4C:F9:92:52:87:4D:94:32:FE:DB:02:AF
X509v3 Authority Key Identifier:
keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/XlsfqVnPq85M-ZJSh02UMv7bAq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.128.0/22
IPv6:
2a03:8d40::/32
Signature Algorithm: sha256WithRSAEncryption
54:4f:af:be:a7:b4:ca:04:96:b3:61:33:fa:5d:a7:71:2d:f0:
c0:32:c0:00:ef:1e:1a:fe:ef:62:d3:d2:90:7f:d6:dc:25:4c:
9e:ec:c6:32:ba:f3:f0:42:9d:34:63:f1:7d:0c:21:8d:aa:43:
c6:a2:4c:02:2c:47:53:0e:cc:27:48:c0:37:83:c7:c9:22:46:
c0:81:2d:62:04:d8:71:54:d7:d5:f4:c6:c6:d3:02:98:0c:24:
23:23:30:d4:a9:25:31:c2:ef:0a:28:80:19:30:00:94:99:e6:
c3:a7:8b:ba:de:b3:1e:cc:61:9f:21:b8:1a:52:64:f4:a5:36:
e9:f3:83:c3:16:7c:d9:75:37:d1:2c:55:07:4b:97:41:d6:62:
ae:8f:22:1b:23:b0:22:28:f2:79:b2:cb:54:fb:e6:f5:2e:76:
f5:4e:7b:6c:2a:36:86:8a:98:af:61:b5:c9:42:74:a4:55:50:
96:73:0e:ae:97:4c:9f:d9:b8:28:f0:2f:9f:17:ab:ec:11:48:
da:6f:04:28:b9:f8:62:01:45:e3:cf:be:db:88:01:ed:94:80:
2c:50:ee:83:37:62:6f:49:36:26:25:2d:2a:39:9b:e6:5d:64:
ff:4e:d0:f4:d8:ed:9d:15:65:5a:78:be:00:cd:da:1c:0e:a4:
20:79:a5:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1fCxJdsNzGYrq5cix96mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDk0MzZkMjEzNWMwODQ4OTdiNzRjNmFkMzZkYTE3MDBh
N2E5OGQwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTViMWZhOTU5Y2ZhYmNlNGNmOTkyNTI4NzRkOTQzMmZlZGIwMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGw4CjhpGzYH1OH4Yt828FuYIY1L
qtcB1Us5zT6P8xaKYNJGGJBs2w5+CofQcYzGWlYZSx7qxtxD+yLUuKjFMUs4ZTHM
AIxUDC5yoBlTYtXNYPjjoPKz8GuXplKIG5130A2QT3WUEFH8dv9jhbuXfPGuqZdu
qkokOj4FVPiIlBte7TwAJ5BSSx5QD6ybCnsQoMsPyKTpAhBn52tg4e2MhW82zNmu
eV5A4LbHdxBlI8dPnuPaJX0TM/b1Kk9u7v+SRN8sIqeQPE+vlXY/ZO/3MVmUOJ3+
qJ4kAY6E5u1GrhTYB4i65ZrzqivXrzVY4ysihXwS0Rgl+SH5nxuiwnId8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF5bH6lZz6vOTPmSUodNlDL+2wKvMB8GA1UdIwQY
MBaAFDvZQ20hNcCEiXt0xq022hcAp6mNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTIt
MjYzN2QxMzMzOGYxLzEvWGxzZnFWblBxODVNLVpKU2gwMlVNdjdiQXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTItMjYzN2QxMzMzOGYx
LzEvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQyAMA0E
AgACMAcDBQAqA41AMA0GCSqGSIb3DQEBCwUAA4IBAQBUT6++p7TKBJazYTP6Xadx
LfDAMsAA7x4a/u9i09KQf9bcJUye7MYyuvPwQp00Y/F9DCGNqkPGokwCLEdTDswn
SMA3g8fJIkbAgS1iBNhxVNfV9MbG0wKYDCQjIzDUqSUxwu8KKIAZMACUmebDp4u6
3rMezGGfIbgaUmT0pTbp84PDFnzZdTfRLFUHS5dB1mKujyIbI7AiKPJ5sstU++b1
Lnb1TntsKjaGipivYbXJQnSkVVCWcw6ul0yf2bgo8C+fF6vsEUjabwQoufhiAUXj
z77biAHtlIAsUO6DN2JvSTYmJS0qOZvmXWT/TtD02O2dFWVaeL4AzdocDqQgeaXC
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:00 2025 by rpki-client on console.sobornost.net