Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/XA_piEc4HEvUHExh_2CSkkKu2EE.roa
File: XA_piEc4HEvUHExh_2CSkkKu2EE.roa (raw, json)
Hash identifier: o4y+DZ7Kqo85gSPTmaUUa/xs87y4f7OVpkKcmJxleCE=
Subject key identifier: 5C:0F:E9:88:47:38:1C:4B:D4:1C:4C:61:FF:60:92:92:42:AE:D8:41
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 01942748620FB6B64598BC14E9F00879C231
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/XA_piEc4HEvUHExh_2CSkkKu2EE.roa
Signing time: Thu 02 Jan 2025 13:50:42 +0000
ROA not before: Thu 02 Jan 2025 13:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16223
IP address blocks: 5.58.0.0/16 maxlen: 23
185.53.79.0/24 maxlen: 24
217.196.160.0/20 maxlen: 20
2a00:1210:fffd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:62:0f:b6:b6:45:98:bc:14:e9:f0:08:79:c2:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Jan 2 13:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c0fe98847381c4bd41c4c61ff60929242aed841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b3:36:9f:1e:90:7d:f3:6c:83:f7:10:87:e3:
12:c4:4c:cb:5e:16:e4:c2:e8:58:9e:8e:e3:dc:7c:
2d:69:0b:33:c1:59:e3:1f:46:aa:1a:2a:75:9f:9b:
8b:64:11:6a:dc:fa:d4:29:75:05:09:e3:f9:f8:77:
da:38:83:40:94:f1:fa:65:9a:71:b2:b7:e2:04:39:
fa:dc:33:94:72:5f:bb:2b:a5:f2:cc:fa:b1:56:6d:
44:cb:93:5f:dc:ea:39:29:1b:23:b7:37:4b:43:bf:
cc:78:1e:47:f3:14:41:ea:43:b4:83:02:37:af:f9:
b3:4a:12:3e:ef:6b:08:d5:d4:4e:8b:10:77:f3:36:
04:57:1f:fb:6b:2f:00:b5:d7:6b:97:ff:93:e0:e0:
93:9e:30:9a:74:6f:97:8f:1c:4f:f8:d1:33:ae:6d:
54:51:f9:92:30:c2:fe:e7:0a:e7:71:b6:10:31:74:
e0:0c:ca:86:33:f1:8f:42:e1:d4:f8:49:39:2f:06:
56:60:bc:b1:24:aa:25:06:33:6d:52:1f:07:79:1a:
89:1c:dd:29:f8:79:60:1f:9b:3b:27:07:db:41:1c:
8a:f6:88:0f:41:f5:d4:a6:e6:b0:8e:58:11:ff:77:
09:5a:a5:69:87:a5:90:e1:18:fb:76:08:ee:1b:c8:
f9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0F:E9:88:47:38:1C:4B:D4:1C:4C:61:FF:60:92:92:42:AE:D8:41
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/XA_piEc4HEvUHExh_2CSkkKu2EE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.58.0.0/16
185.53.79.0/24
217.196.160.0/20
IPv6:
2a00:1210:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
01:82:d3:16:1b:06:f9:d7:9f:2f:47:4b:61:c4:60:e9:f8:d7:
02:6d:40:13:a8:a4:62:a4:e0:de:6f:86:21:35:78:3d:56:dc:
cb:55:1a:18:6b:54:9c:cd:5d:06:0a:51:0c:dc:75:43:38:5f:
30:2c:96:03:cc:84:69:c9:51:21:a6:47:db:42:e2:59:77:e7:
17:87:e9:9b:4d:8a:81:52:fd:c6:3a:bb:a1:ab:6e:21:d9:ba:
de:02:66:20:33:af:13:5a:15:c9:0b:56:a5:09:9c:47:a1:4a:
ba:b1:ce:cb:e3:86:05:f6:71:43:f5:03:59:95:8f:40:09:f3:
4c:8f:ad:9a:37:03:ac:16:9b:f2:5f:d3:ae:58:87:1c:d3:f4:
77:b7:09:e4:99:f9:6a:66:17:ee:7e:95:73:6a:c8:4b:44:8c:
39:98:3a:58:85:07:4f:34:9e:2c:eb:22:55:84:6f:fb:a3:00:
32:dc:0d:d6:8f:81:c8:7b:0d:7e:8e:ea:a7:8b:dd:30:e2:e3:
8e:ef:5d:94:6a:ce:c8:9d:7f:22:d1:81:26:65:63:f8:5b:68:
ad:a5:4f:d5:99:ee:e3:cf:19:f5:fb:cc:b7:5e:9e:db:c1:74:
f5:82:05:33:9b:71:30:bd:15:d7:a2:1f:11:37:18:3f:b1:05:
d1:60:32:6a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQnSGIPtrZFmLwU6fAIecIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjUwMTAyMTM1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBmZTk4ODQ3MzgxYzRiZDQxYzRjNjFmZjYwOTI5MjQyYWVkODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLM2nx6QffNsg/cQh+MSxEzLXhbk
wuhYno7j3HwtaQszwVnjH0aqGip1n5uLZBFq3PrUKXUFCeP5+HfaOINAlPH6ZZpx
srfiBDn63DOUcl+7K6XyzPqxVm1Ey5Nf3Oo5KRsjtzdLQ7/MeB5H8xRB6kO0gwI3
r/mzShI+72sI1dROixB38zYEVx/7ay8Atddrl/+T4OCTnjCadG+XjxxP+NEzrm1U
UfmSMML+5wrncbYQMXTgDMqGM/GPQuHU+Ek5LwZWYLyxJKolBjNtUh8HeRqJHN0p
+HlgH5s7JwfbQRyK9ogPQfXUpuawjlgR/3cJWqVph6WQ4Rj7dgjuG8j5KwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFwP6YhHOBxL1BxMYf9gkpJCrthBMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvWEFfcGlFYzRIRXZVSEV4aF8yQ1Nra0t1MkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAXBAIAATARAwMABToDBAC5
NU8DBATZxKAwDwQCAAIwCQMHACoAEhD//TANBgkqhkiG9w0BAQsFAAOCAQEAAYLT
FhsG+defL0dLYcRg6fjXAm1AE6ikYqTg3m+GITV4PVbcy1UaGGtUnM1dBgpRDNx1
QzhfMCyWA8yEaclRIaZH20LiWXfnF4fpm02KgVL9xjq7oatuIdm63gJmIDOvE1oV
yQtWpQmcR6FKurHOy+OGBfZxQ/UDWZWPQAnzTI+tmjcDrBab8l/TrliHHNP0d7cJ
5Jn5amYX7n6Vc2rIS0SMOZg6WIUHTzSeLOsiVYRv+6MAMtwN1o+ByHsNfo7qp4vd
MOLjju9dlGrOyJ1/ItGBJmVj+FtoraVP1Znu488Z9fvMt16e28F09YIFM5txML0V
16IfETcYP7EF0WAyag==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net