Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/G9o86IzOJarmzzt_iL0ynf1H3Ak.roa
File: G9o86IzOJarmzzt_iL0ynf1H3Ak.roa (raw, json)
Hash identifier: B/H532MVJ3PWy/UE9rEg/d0KMQAkVvGulYkixEZOD84=
Subject key identifier: 1B:DA:3C:E8:8C:CE:25:AA:E6:CF:3B:7F:88:BD:32:9D:FD:47:DC:09
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 0194FE727A68EE387577AC00737E95B5A895
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/G9o86IzOJarmzzt_iL0ynf1H3Ak.roa
Signing time: Thu 13 Feb 2025 08:35:02 +0000
ROA not before: Thu 13 Feb 2025 08:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31042
IP address blocks: 5.22.160.0/19 maxlen: 19
94.127.0.0/21 maxlen: 21
94.127.0.0/24 maxlen: 24
217.26.208.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:72:7a:68:ee:38:75:77:ac:00:73:7e:95:b5:a8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Feb 13 08:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bda3ce88cce25aae6cf3b7f88bd329dfd47dc09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6f:83:f3:50:9f:d7:c3:61:e2:34:ae:e0:32:
2e:97:26:93:06:1f:48:54:61:ec:dd:a9:c6:65:3a:
cb:87:fb:e5:bb:81:18:9b:23:2d:a9:2e:4f:13:52:
a6:d1:5d:45:60:fc:3e:7e:58:ba:f1:3a:d9:1d:1d:
d9:b3:f5:3d:a0:08:88:fd:63:59:5e:29:29:f6:8e:
cb:62:d3:3c:a3:d9:8d:de:be:d0:46:2d:09:a5:9e:
02:d7:5e:16:74:e4:8d:56:dd:43:b8:44:0b:c3:27:
ce:3e:04:db:bd:c9:62:1a:6e:2d:25:1c:6c:1d:de:
ec:89:f5:39:2f:51:ea:ca:4c:e8:7d:25:a5:3f:46:
09:2e:28:1f:81:bf:38:63:0b:1d:bf:35:5a:62:3a:
f3:46:04:88:c2:e8:6d:25:ea:1b:3b:af:18:47:fb:
a7:87:1c:96:be:95:62:7b:64:7f:df:ae:bd:f3:51:
5e:33:3c:9d:e4:2c:78:29:7e:b5:83:54:31:fd:a8:
19:ba:69:85:2d:7d:47:f2:45:13:46:46:ec:28:48:
12:d6:fe:91:70:23:95:39:50:2f:76:33:97:e8:d2:
98:80:3f:e5:90:4c:c5:f2:66:72:ad:49:00:3c:ac:
97:c6:92:2d:07:fa:c0:8f:30:f9:25:5a:88:a8:d8:
ce:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DA:3C:E8:8C:CE:25:AA:E6:CF:3B:7F:88:BD:32:9D:FD:47:DC:09
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/G9o86IzOJarmzzt_iL0ynf1H3Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.160.0/19
94.127.0.0/21
217.26.208.0/21
Signature Algorithm: sha256WithRSAEncryption
c8:23:f5:d1:b3:2f:a3:f2:2f:ff:e8:17:bf:14:26:55:c1:d1:
d9:a1:7c:32:38:aa:44:d2:24:89:ab:4b:dc:e2:b7:a0:a7:8b:
ca:5f:ee:3a:e9:79:8a:f3:9a:16:05:b5:df:59:b9:22:17:96:
23:e9:cc:15:2c:36:26:60:25:fa:4d:cc:ba:59:43:6b:8f:df:
45:dc:57:f8:ec:dc:c6:f1:39:85:13:50:79:d7:d8:20:bf:cd:
17:3f:8f:98:c6:b1:02:7c:90:8e:59:fd:60:cf:9a:61:30:e3:
0c:cc:de:a3:ce:76:b2:a0:52:33:6e:c5:15:e0:da:32:c8:cc:
07:a5:8e:eb:03:a7:76:94:1e:ba:d4:59:65:84:d6:3c:fc:cb:
18:98:e2:de:83:f6:2d:7f:ce:27:b1:e7:75:90:a2:08:0b:fd:
43:a8:fc:0b:d7:a1:46:db:a1:3d:40:79:ff:31:35:8b:a4:95:
0b:a2:d0:79:38:5b:26:f9:ec:fc:b5:bd:06:c7:d3:dd:00:0f:
8c:de:ab:d8:33:33:ed:d9:89:71:f6:d6:5d:4c:f7:01:6d:b2:
6a:4a:d6:12:da:ac:56:e2:67:9a:2d:dc:cf:0d:5c:65:5a:fb:
4b:98:a4:5f:ce:ac:76:af:8d:3d:6a:04:d7:d7:f3:4c:1a:ea:
23:41:26:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZT+cnpo7jh1d6wAc36VtaiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjUwMjEzMDgzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmRhM2NlODhjY2UyNWFhZTZjZjNiN2Y4OGJkMzI5ZGZkNDdkYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm+D81Cf18Nh4jSu4DIulyaTBh9I
VGHs3anGZTrLh/vlu4EYmyMtqS5PE1Km0V1FYPw+fli68TrZHR3Zs/U9oAiI/WNZ
Xikp9o7LYtM8o9mN3r7QRi0JpZ4C114WdOSNVt1DuEQLwyfOPgTbvcliGm4tJRxs
Hd7sifU5L1HqykzofSWlP0YJLigfgb84YwsdvzVaYjrzRgSIwuhtJeobO68YR/un
hxyWvpVie2R/366981FeMzyd5Cx4KX61g1Qx/agZummFLX1H8kUTRkbsKEgS1v6R
cCOVOVAvdjOX6NKYgD/lkEzF8mZyrUkAPKyXxpItB/rAjzD5JVqIqNjOlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBvaPOiMziWq5s87f4i9Mp39R9wJMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvRzlvODZJek9KYXJtenp0X2lMMHluZjFIM0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBRagAwQD
Xn8AAwQD2RrQMA0GCSqGSIb3DQEBCwUAA4IBAQDII/XRsy+j8i//6Be/FCZVwdHZ
oXwyOKpE0iSJq0vc4regp4vKX+466XmK85oWBbXfWbkiF5Yj6cwVLDYmYCX6Tcy6
WUNrj99F3Ff47NzG8TmFE1B519ggv80XP4+YxrECfJCOWf1gz5phMOMMzN6jznay
oFIzbsUV4NoyyMwHpY7rA6d2lB661FllhNY8/MsYmOLeg/Ytf84nsed1kKIIC/1D
qPwL16FG26E9QHn/MTWLpJULotB5OFsm+ez8tb0Gx9PdAA+M3qvYMzPt2Ylx9tZd
TPcBbbJqStYS2qxW4meaLdzPDVxlWvtLmKRfzqx2r409agTX1/NMGuojQSZT
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:55:14 2025 by rpki-client on console.sobornost.net