Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/XnM69Ta6XBN7hts_Rb3s8aetyF0.roa
File: XnM69Ta6XBN7hts_Rb3s8aetyF0.roa (raw, json)
Hash identifier: NW2wK+uGdcWDDVw4MOzLshQcmX/+Hk+W4cTpAUTOR44=
Subject key identifier: 5E:73:3A:F5:36:BA:5C:13:7B:86:DB:3F:45:BD:EC:F1:A7:AD:C8:5D
Certificate issuer: /CN=eacb96413ac8f2c16b94795689174d7a72201ef5
Certificate serial: 0194266B2D770329E976CD70DA8C787DC34B
Authority key identifier: EA:CB:96:41:3A:C8:F2:C1:6B:94:79:56:89:17:4D:7A:72:20:1E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6suWQTrI8sFrlHlWiRdNenIgHvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/XnM69Ta6XBN7hts_Rb3s8aetyF0.roa
Signing time: Thu 02 Jan 2025 09:49:05 +0000
ROA not before: Thu 02 Jan 2025 09:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20634
IP address blocks: 80.66.224.0/20 maxlen: 20
80.66.224.0/23 maxlen: 23
80.66.226.0/23 maxlen: 23
80.66.228.0/23 maxlen: 23
80.66.230.0/23 maxlen: 23
80.66.232.0/23 maxlen: 23
80.66.234.0/23 maxlen: 23
80.66.236.0/23 maxlen: 23
80.66.238.0/23 maxlen: 23
80.72.48.0/20 maxlen: 20
80.248.192.0/20 maxlen: 20
89.248.144.0/20 maxlen: 20
185.112.48.0/22 maxlen: 22
217.173.224.0/20 maxlen: 20
217.173.224.0/23 maxlen: 23
217.173.226.0/23 maxlen: 23
217.173.228.0/23 maxlen: 23
217.173.230.0/23 maxlen: 23
217.173.232.0/23 maxlen: 23
217.173.234.0/23 maxlen: 23
217.173.236.0/23 maxlen: 23
217.173.238.0/23 maxlen: 23
2a00:ec0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:2d:77:03:29:e9:76:cd:70:da:8c:78:7d:c3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eacb96413ac8f2c16b94795689174d7a72201ef5
Validity
Not Before: Jan 2 09:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e733af536ba5c137b86db3f45bdecf1a7adc85d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2e:48:9e:2e:95:e9:b4:75:b3:fb:42:50:71:
b9:95:27:0f:03:6a:93:b0:8a:31:55:92:9f:68:85:
03:4c:55:33:79:87:5c:da:c2:45:13:41:04:8e:ca:
66:d0:96:9c:90:ea:af:79:ad:94:9e:6d:df:aa:6f:
c6:5c:ae:e5:60:e9:26:43:29:f2:38:72:cb:3e:33:
28:0b:18:91:0a:27:af:5e:22:87:fb:e9:b1:31:93:
4b:8f:20:16:3c:77:f4:bc:ec:1b:5f:b3:70:da:99:
03:62:6a:d6:1c:c4:39:7c:ae:ac:95:59:ed:36:ca:
d0:ab:57:d8:7c:4d:7c:49:b7:5b:74:d9:a9:c2:8d:
72:ce:98:45:5f:f0:c5:c9:a7:8a:e7:d6:cb:71:36:
27:eb:0c:cc:11:1d:0b:90:43:26:2a:0f:12:a3:bb:
03:65:5f:61:d3:c9:04:57:77:54:d7:97:bf:c9:a1:
b7:2a:54:dd:0d:5c:1d:8f:f6:bd:01:ff:ac:24:e4:
9b:35:67:d7:5e:85:e7:23:7a:f9:f4:92:d0:af:e4:
1f:80:c0:64:63:df:01:e0:72:0d:4b:3f:65:38:5b:
b2:b2:f7:c6:e0:bc:16:83:5f:64:f3:43:b0:b8:84:
ca:86:63:99:c0:06:06:1f:33:d0:47:c8:54:02:00:
62:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:73:3A:F5:36:BA:5C:13:7B:86:DB:3F:45:BD:EC:F1:A7:AD:C8:5D
X509v3 Authority Key Identifier:
keyid:EA:CB:96:41:3A:C8:F2:C1:6B:94:79:56:89:17:4D:7A:72:20:1E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6suWQTrI8sFrlHlWiRdNenIgHvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/XnM69Ta6XBN7hts_Rb3s8aetyF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/6suWQTrI8sFrlHlWiRdNenIgHvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.224.0/20
80.72.48.0/20
80.248.192.0/20
89.248.144.0/20
185.112.48.0/22
217.173.224.0/20
IPv6:
2a00:ec0::/32
Signature Algorithm: sha256WithRSAEncryption
be:f4:11:17:80:5c:97:49:fe:c3:e7:e0:59:9a:00:0f:e8:50:
ab:09:0a:4a:59:22:50:08:ab:9f:ab:d7:93:19:f8:5e:7c:d1:
2b:23:2d:6a:cb:79:88:a5:88:2b:ec:49:ef:d4:40:ac:1f:fe:
1a:ab:af:b0:cc:97:13:b1:39:bf:11:b2:d9:27:e6:da:0d:c6:
4c:0b:ac:41:65:77:70:69:3d:80:a2:0d:dd:fd:78:1b:08:3c:
a3:73:73:63:8e:f0:ce:db:0e:19:3f:7f:32:93:44:de:ec:29:
dd:6b:9c:da:b9:74:3b:b8:a7:20:ae:a3:e8:34:7a:f8:cf:eb:
55:3b:2f:c9:35:1f:86:de:9d:f5:9f:e0:69:eb:a0:11:77:49:
25:b4:d7:fe:ea:b8:92:49:72:b5:b6:1f:7a:c4:7c:32:91:4a:
dd:4e:d6:e6:25:81:e2:92:f6:3a:07:89:49:1b:de:6f:18:ed:
eb:87:c5:96:bf:5d:9b:ae:5d:3a:c1:a9:05:e8:bd:7e:6a:f7:
f7:06:4c:ab:fe:ae:0d:31:42:ce:26:57:e0:fa:02:a3:46:3f:
be:4e:5e:5f:9d:cd:19:86:12:63:62:b5:4a:f9:1d:46:aa:59:
e5:4c:1a:b5:a9:97:8e:d0:79:0f:29:c2:c3:66:4b:9d:9f:1a:
9b:66:19:da
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQmay13Aynpds1w2ox4fcNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhY2I5NjQxM2FjOGYyYzE2Yjk0Nzk1Njg5MTc0ZDdhNzIy
MDFlZjUwHhcNMjUwMTAyMDk0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTczM2FmNTM2YmE1YzEzN2I4NmRiM2Y0NWJkZWNmMWE3YWRjODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC5Ini6V6bR1s/tCUHG5lScPA2qT
sIoxVZKfaIUDTFUzeYdc2sJFE0EEjspm0JackOqvea2Unm3fqm/GXK7lYOkmQyny
OHLLPjMoCxiRCievXiKH++mxMZNLjyAWPHf0vOwbX7Nw2pkDYmrWHMQ5fK6slVnt
NsrQq1fYfE18SbdbdNmpwo1yzphFX/DFyaeK59bLcTYn6wzMER0LkEMmKg8So7sD
ZV9h08kEV3dU15e/yaG3KlTdDVwdj/a9Af+sJOSbNWfXXoXnI3r59JLQr+QfgMBk
Y98B4HINSz9lOFuysvfG4LwWg19k80OwuITKhmOZwAYGHzPQR8hUAgBitQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF5zOvU2ulwTe4bbP0W97PGnrchdMB8GA1UdIwQY
MBaAFOrLlkE6yPLBa5R5VokXTXpyIB71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnN1V1FUckk4c0ZybEhsV2lSZE5lbklnSHZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kNDFkZjctOTQxZC00N2FlLWIxNWMt
MzdmZTZiNjVmNjhmLzEvWG5NNjlUYTZYQk43aHRzX1JiM3M4YWV0eUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kNDFkZjctOTQxZC00N2FlLWIxNWMtMzdmZTZiNjVmNjhm
LzEvNnN1V1FUckk4c0ZybEhsV2lSZE5lbklnSHZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUELgAwQE
UEgwAwQEUPjAAwQEWfiQAwQCuXAwAwQE2a3gMA0EAgACMAcDBQAqAA7AMA0GCSqG
SIb3DQEBCwUAA4IBAQC+9BEXgFyXSf7D5+BZmgAP6FCrCQpKWSJQCKufq9eTGfhe
fNErIy1qy3mIpYgr7Env1ECsH/4aq6+wzJcTsTm/EbLZJ+baDcZMC6xBZXdwaT2A
og3d/XgbCDyjc3NjjvDO2w4ZP38yk0Te7Cnda5zauXQ7uKcgrqPoNHr4z+tVOy/J
NR+G3p31n+Bp66ARd0kltNf+6riSSXK1th96xHwykUrdTtbmJYHikvY6B4lJG95v
GO3rh8WWv12brl06wakF6L1+avf3Bkyr/q4NMULOJlfg+gKjRj++Tl5fnc0ZhhJj
YrVK+R1GqlnlTBq1qZeO0HkPKcLDZkudnxqbZhna
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:11 2025 by rpki-client on console.sobornost.net