Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/eaacae-377e-457a-900a-f3eaae633a1e/1/xXoDvLCzfRoJB4GWdWLxvsrNdQE.roa
File: xXoDvLCzfRoJB4GWdWLxvsrNdQE.roa (raw, json)
Hash identifier: RkrqVMW2nuj6+gtG8zfIqk3F/I8r7HrDxMHvJpo4Plw=
Subject key identifier: C5:7A:03:BC:B0:B3:7D:1A:09:07:81:96:75:62:F1:BE:CA:CD:75:01
Certificate issuer: /CN=b2af133d4ac34bdcfb7bddc7e11b27054362f709
Certificate serial: 019420686F3D70BC497BCF689D2A6EF94F77
Authority key identifier: B2:AF:13:3D:4A:C3:4B:DC:FB:7B:DD:C7:E1:1B:27:05:43:62:F7:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sq8TPUrDS9z7e93H4RsnBUNi9wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/eaacae-377e-457a-900a-f3eaae633a1e/1/xXoDvLCzfRoJB4GWdWLxvsrNdQE.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198340
IP address blocks: 193.57.218.0/23 maxlen: 23
193.57.218.0/24 maxlen: 24
193.57.219.0/24 maxlen: 24
193.57.220.0/23 maxlen: 23
193.57.220.0/24 maxlen: 24
193.57.221.0/24 maxlen: 24
193.57.241.0/24 maxlen: 24
193.57.244.0/24 maxlen: 24
193.57.245.0/24 maxlen: 24
193.57.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6f:3d:70:bc:49:7b:cf:68:9d:2a:6e:f9:4f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2af133d4ac34bdcfb7bddc7e11b27054362f709
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c57a03bcb0b37d1a090781967562f1becacd7501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f5:fe:de:61:a7:70:52:22:0f:57:7c:0e:77:
07:ee:ac:b9:39:5d:ba:68:f2:1a:c9:93:55:bf:5e:
63:2c:8d:8b:e7:f9:1f:3d:ef:92:cc:b7:98:f1:51:
69:28:9f:a8:96:f7:17:b3:ee:c5:7e:14:30:a3:fd:
7d:4a:63:f9:84:32:c1:6a:01:58:ca:62:9c:b4:5b:
33:fa:71:b1:8f:34:01:85:82:84:a0:5e:fd:6e:f4:
a6:7a:f1:23:47:98:d1:b6:76:d4:35:03:4a:18:d8:
b8:83:96:d0:e3:a8:f8:6d:b5:01:07:7a:82:65:25:
20:c1:12:11:43:63:bc:f9:9c:d2:1d:fa:ca:3e:02:
18:f7:00:65:23:a9:6d:c5:d3:96:1c:87:97:01:50:
bb:02:c4:3f:8a:00:f0:77:1f:53:3d:64:42:ae:71:
03:99:54:ce:4a:bb:ce:90:2e:f2:f6:dc:15:9d:1c:
c4:e1:a4:90:d2:0d:20:00:12:0f:3d:25:25:be:b6:
31:3f:72:c3:68:3c:ed:d4:be:4e:08:be:52:d7:e9:
f4:53:79:9b:9a:1f:49:aa:09:29:32:f3:c0:1d:3c:
b4:31:a5:ff:6f:42:07:ea:3c:4a:4a:e7:d0:43:3a:
05:15:19:4b:dc:3b:b2:25:56:43:25:56:c8:51:9a:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7A:03:BC:B0:B3:7D:1A:09:07:81:96:75:62:F1:BE:CA:CD:75:01
X509v3 Authority Key Identifier:
keyid:B2:AF:13:3D:4A:C3:4B:DC:FB:7B:DD:C7:E1:1B:27:05:43:62:F7:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sq8TPUrDS9z7e93H4RsnBUNi9wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/eaacae-377e-457a-900a-f3eaae633a1e/1/xXoDvLCzfRoJB4GWdWLxvsrNdQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/eaacae-377e-457a-900a-f3eaae633a1e/1/sq8TPUrDS9z7e93H4RsnBUNi9wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.218.0-193.57.221.255
193.57.241.0/24
193.57.244.0/23
193.57.247.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:01:6c:63:40:fa:26:b1:24:12:fe:b7:d1:78:4f:dd:18:ff:
98:5c:65:d4:ae:00:47:5e:e0:92:b3:39:a0:07:95:c8:ee:9d:
6f:39:4e:32:a3:dc:94:18:71:8e:cd:b2:2f:c7:72:16:53:14:
4e:de:30:7f:1f:8f:cb:1d:b8:30:fe:47:84:8e:b6:77:10:a7:
59:46:4d:7a:98:ab:14:8b:94:e3:40:71:fe:11:1f:d6:79:15:
dc:9e:ec:35:e4:67:ef:8d:fe:3a:90:1e:14:8a:63:fe:db:cb:
2f:f8:9d:b9:7f:75:49:ee:91:40:73:4a:83:e2:6b:f6:78:5e:
d6:43:97:26:17:90:14:1a:27:de:67:89:b4:af:a7:c5:1d:14:
cc:fd:50:c8:ac:85:84:90:a2:ea:19:35:12:b5:03:be:71:f7:
a7:c1:2a:40:0a:67:aa:f3:ca:a8:d4:20:4c:86:cd:dd:72:fb:
71:17:84:2a:3f:36:6f:f2:40:5e:1e:f5:ba:36:0b:7b:26:ae:
41:38:42:b0:58:40:af:4e:90:a2:04:11:d3:7a:d2:5c:74:e3:
92:37:37:ca:99:aa:2b:dc:92:58:99:eb:b7:20:d0:82:7e:ec:
e4:e1:5d:34:19:7f:66:c6:b7:4d:de:77:ff:20:f6:70:bb:b3:
08:c9:fc:d9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQgaG89cLxJe89onSpu+U93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYWYxMzNkNGFjMzRiZGNmYjdiZGRjN2UxMWIyNzA1NDM2
MmY3MDkwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTdhMDNiY2IwYjM3ZDFhMDkwNzgxOTY3NTYyZjFiZWNhY2Q3NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/X+3mGncFIiD1d8DncH7qy5OV26
aPIayZNVv15jLI2L5/kfPe+SzLeY8VFpKJ+olvcXs+7FfhQwo/19SmP5hDLBagFY
ymKctFsz+nGxjzQBhYKEoF79bvSmevEjR5jRtnbUNQNKGNi4g5bQ46j4bbUBB3qC
ZSUgwRIRQ2O8+ZzSHfrKPgIY9wBlI6ltxdOWHIeXAVC7AsQ/igDwdx9TPWRCrnED
mVTOSrvOkC7y9twVnRzE4aSQ0g0gABIPPSUlvrYxP3LDaDzt1L5OCL5S1+n0U3mb
mh9JqgkpMvPAHTy0MaX/b0IH6jxKSufQQzoFFRlL3DuyJVZDJVbIUZoI+wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMV6A7yws30aCQeBlnVi8b7KzXUBMB8GA1UdIwQY
MBaAFLKvEz1Kw0vc+3vdx+EbJwVDYvcJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3E4VFBVckRTOXo3ZTkzSDRSc25CVU5pOXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lYWFjYWUtMzc3ZS00NTdhLTkwMGEt
ZjNlYWFlNjMzYTFlLzEveFhvRHZMQ3pmUm9KQjRHV2RXTHh2c3JOZFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lYWFjYWUtMzc3ZS00NTdhLTkwMGEtZjNlYWFlNjMzYTFl
LzEvc3E4VFBVckRTOXo3ZTkzSDRSc25CVU5pOXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAHBOdoD
BAHBOdwDBADBOfEDBAHBOfQDBADBOfcwDQYJKoZIhvcNAQELBQADggEBAEoBbGNA
+iaxJBL+t9F4T90Y/5hcZdSuAEde4JKzOaAHlcjunW85TjKj3JQYcY7Nsi/HchZT
FE7eMH8fj8sduDD+R4SOtncQp1lGTXqYqxSLlONAcf4RH9Z5Fdye7DXkZ++N/jqQ
HhSKY/7byy/4nbl/dUnukUBzSoPia/Z4XtZDlyYXkBQaJ95nibSvp8UdFMz9UMis
hYSQouoZNRK1A75x96fBKkAKZ6rzyqjUIEyGzd1y+3EXhCo/Nm/yQF4e9bo2C3sm
rkE4QrBYQK9OkKIEEdN60lx045I3N8qZqivckliZ67cg0IJ+7OThXTQZf2bGt03e
d/8g9nC7swjJ/Nk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:00 2025 by rpki-client on console.sobornost.net