Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/X1Hk6Afe1QrSetXg0Fl8YXsPzIQ.roa
File: X1Hk6Afe1QrSetXg0Fl8YXsPzIQ.roa (raw, json)
Hash identifier: XOR8QJ4EQ0MnwLrp2DnXgyEFhnN9pPQ9poUD3LAPUHw=
Subject key identifier: 5F:51:E4:E8:07:DE:D5:0A:D2:7A:D5:E0:D0:59:7C:61:7B:0F:CC:84
Certificate issuer: /CN=1792582aa0b18d6073592f121a6e563fec424672
Certificate serial: 019428268D51DDBBAF6391657DBC89B725B8
Authority key identifier: 17:92:58:2A:A0:B1:8D:60:73:59:2F:12:1A:6E:56:3F:EC:42:46:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5JYKqCxjWBzWS8SGm5WP-xCRnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/X1Hk6Afe1QrSetXg0Fl8YXsPzIQ.roa
Signing time: Thu 02 Jan 2025 17:53:22 +0000
ROA not before: Thu 02 Jan 2025 17:53:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51631
IP address blocks: 185.94.31.0/24 maxlen: 24
2a13:2301::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:8d:51:dd:bb:af:63:91:65:7d:bc:89:b7:25:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1792582aa0b18d6073592f121a6e563fec424672
Validity
Not Before: Jan 2 17:53:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f51e4e807ded50ad27ad5e0d0597c617b0fcc84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1a:ce:6f:46:58:51:bb:f9:9b:e8:1f:3f:5b:
50:cc:c6:0d:d9:4f:7a:4f:24:49:7d:74:4b:2c:15:
75:ab:62:2f:cd:84:e8:c4:e9:21:a0:24:5e:4f:de:
c4:33:18:38:8f:e1:47:ae:b5:cf:cc:31:0c:46:5c:
f2:fc:fc:de:02:e0:a0:5a:0c:6a:25:48:7d:05:97:
87:d5:d2:66:a7:81:68:fb:79:26:8e:71:ea:f3:9a:
39:79:f8:a0:20:25:a2:6a:0f:85:ff:ac:57:0a:e9:
ae:ec:60:1e:0f:5d:e9:d7:9d:0d:ff:02:f0:51:35:
67:9d:ed:67:3b:e1:1c:0b:87:95:a7:b2:81:f0:bb:
7b:04:08:cb:ee:52:c4:a6:92:42:c6:1d:85:ad:40:
f4:fe:b3:ae:b8:fc:8a:08:2c:bd:bc:a0:92:e7:97:
b7:d1:ee:7f:31:b0:b5:1a:aa:fe:14:3e:3e:b4:21:
b2:5e:1c:78:43:a8:81:95:41:60:70:0b:33:a9:ca:
e2:5e:35:c8:bd:46:79:5f:38:7c:94:d1:d2:de:af:
59:78:a5:53:f5:2e:fa:af:6e:27:ea:42:54:db:af:
b8:3f:13:e0:a2:4d:ff:35:9e:4b:bc:36:3d:f1:01:
80:ab:68:42:99:b1:63:0d:72:15:9c:40:01:af:ee:
b0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:51:E4:E8:07:DE:D5:0A:D2:7A:D5:E0:D0:59:7C:61:7B:0F:CC:84
X509v3 Authority Key Identifier:
keyid:17:92:58:2A:A0:B1:8D:60:73:59:2F:12:1A:6E:56:3F:EC:42:46:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5JYKqCxjWBzWS8SGm5WP-xCRnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/X1Hk6Afe1QrSetXg0Fl8YXsPzIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2d3607-be58-4a05-9d68-e84f3b4927ad/1/F5JYKqCxjWBzWS8SGm5WP-xCRnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.31.0/24
IPv6:
2a13:2301::/48
Signature Algorithm: sha256WithRSAEncryption
98:d3:b9:6a:10:3a:2a:d5:18:a7:0a:45:da:62:b1:af:a0:4c:
50:93:50:54:de:1c:0f:56:bd:43:d0:b7:d6:f9:1c:9f:a9:ae:
c9:df:e2:7b:e1:73:89:4d:d9:82:70:e4:52:8b:35:e1:12:2b:
b8:1b:e5:41:bc:7b:57:a9:ca:02:89:fd:c5:d0:63:e0:42:96:
06:82:9b:ed:22:f6:ae:69:1f:a1:09:8b:08:eb:42:5b:20:d5:
e5:ca:57:21:a5:54:9a:1a:a8:b7:38:3c:7d:64:d9:50:c3:e8:
75:c0:22:7d:27:96:8c:b2:37:92:8a:8e:d0:c7:10:15:49:be:
b8:77:b3:cd:5b:55:f9:36:1f:c1:39:31:0a:3e:84:25:bc:2e:
21:c8:c2:39:89:aa:c9:34:59:f6:dd:2c:4e:23:b5:9e:72:bb:
b9:96:10:17:c1:90:cc:6e:06:a0:d7:c4:14:3b:8e:b0:fb:f4:
46:a0:75:f7:aa:57:fd:de:33:ec:a2:70:ed:93:96:d7:1b:cc:
21:4c:82:c8:0b:ff:6f:9c:1d:89:30:64:3c:c5:4c:38:0f:18:
31:a7:e6:31:02:1a:d0:64:91:c2:a0:8d:46:1e:d1:93:c0:8f:
e4:a8:47:6e:d3:60:c3:3e:83:e5:87:78:ca:97:e4:0f:43:5a:
4a:a1:78:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQoJo1R3buvY5FlfbyJtyW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTI1ODJhYTBiMThkNjA3MzU5MmYxMjFhNmU1NjNmZWM0
MjQ2NzIwHhcNMjUwMTAyMTc1MzIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUxZTRlODA3ZGVkNTBhZDI3YWQ1ZTBkMDU5N2M2MTdiMGZjYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxrOb0ZYUbv5m+gfP1tQzMYN2U96
TyRJfXRLLBV1q2IvzYToxOkhoCReT97EMxg4j+FHrrXPzDEMRlzy/PzeAuCgWgxq
JUh9BZeH1dJmp4Fo+3kmjnHq85o5efigICWiag+F/6xXCumu7GAeD13p150N/wLw
UTVnne1nO+EcC4eVp7KB8Lt7BAjL7lLEppJCxh2FrUD0/rOuuPyKCCy9vKCS55e3
0e5/MbC1Gqr+FD4+tCGyXhx4Q6iBlUFgcAszqcriXjXIvUZ5Xzh8lNHS3q9ZeKVT
9S76r24n6kJU26+4PxPgok3/NZ5LvDY98QGAq2hCmbFjDXIVnEABr+6wKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF9R5OgH3tUK0nrV4NBZfGF7D8yEMB8GA1UdIwQY
MBaAFBeSWCqgsY1gc1kvEhpuVj/sQkZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVKWUtxQ3hqV0J6V1M4U0dtNVdQLXhDUm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZDM2MDctYmU1OC00YTA1LTlkNjgt
ZTg0ZjNiNDkyN2FkLzEvWDFIazZBZmUxUXJTZXRYZzBGbDhZWHNQeklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZDM2MDctYmU1OC00YTA1LTlkNjgtZTg0ZjNiNDkyN2Fk
LzEvRjVKWUtxQ3hqV0J6V1M4U0dtNVdQLXhDUm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuV4fMA8E
AgACMAkDBwAqEyMBAAAwDQYJKoZIhvcNAQELBQADggEBAJjTuWoQOirVGKcKRdpi
sa+gTFCTUFTeHA9WvUPQt9b5HJ+prsnf4nvhc4lN2YJw5FKLNeESK7gb5UG8e1ep
ygKJ/cXQY+BClgaCm+0i9q5pH6EJiwjrQlsg1eXKVyGlVJoaqLc4PH1k2VDD6HXA
In0nloyyN5KKjtDHEBVJvrh3s81bVfk2H8E5MQo+hCW8LiHIwjmJqsk0WfbdLE4j
tZ5yu7mWEBfBkMxuBqDXxBQ7jrD79EagdfeqV/3eM+yicO2TltcbzCFMgsgL/2+c
HYkwZDzFTDgPGDGn5jECGtBkkcKgjUYe0ZPAj+SoR27TYMM+g+WHeMqX5A9DWkqh
eFk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:11 2025 by rpki-client on console.sobornost.net