Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/xOQ7AmZa9_C69z9KUz6w5PLIpQA.roa
File: xOQ7AmZa9_C69z9KUz6w5PLIpQA.roa (raw, json)
Hash identifier: 8+VSRj7tw2mCh7Z/e6KhYhg5OTkoPLOgLEVa0Q5ZizM=
Subject key identifier: C4:E4:3B:02:66:5A:F7:F0:BA:F7:3F:4A:53:3E:B0:E4:F2:C8:A5:00
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 01942825C1ACC8BBB223FC3379E5B640DEBB
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/xOQ7AmZa9_C69z9KUz6w5PLIpQA.roa
Signing time: Thu 02 Jan 2025 17:52:30 +0000
ROA not before: Thu 02 Jan 2025 17:52:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47297
IP address blocks: 31.25.45.0/24 maxlen: 24
31.25.46.0/23 maxlen: 24
37.60.168.0/21 maxlen: 24
37.228.176.0/20 maxlen: 24
93.184.176.0/20 maxlen: 24
185.6.96.0/22 maxlen: 24
193.238.104.0/22 maxlen: 24
2a03:b880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:c1:ac:c8:bb:b2:23:fc:33:79:e5:b6:40:de:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Jan 2 17:52:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4e43b02665af7f0baf73f4a533eb0e4f2c8a500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:02:94:22:cd:c4:0a:8a:31:eb:50:31:85:67:
04:6b:27:56:bc:15:7c:69:0a:50:bf:f3:41:bc:21:
86:d9:30:4e:d4:9e:b2:b0:f2:3d:99:24:ed:28:08:
ff:ba:2d:78:e7:67:a3:93:f2:61:75:93:1a:d3:40:
9b:c4:06:5d:ac:a1:81:f9:28:cb:41:6b:bf:2d:da:
00:6e:57:b5:7b:27:2c:46:f4:32:05:e8:43:ff:4f:
fb:f9:6e:7f:95:f2:22:4c:9e:83:cb:94:ae:b1:b7:
27:b5:30:fe:49:45:63:d5:20:0d:cf:05:3c:58:5e:
95:03:f3:74:7c:42:6b:de:7e:37:34:8c:7c:51:85:
90:6f:98:a3:a2:ad:73:73:f2:5b:ee:bd:d1:32:b2:
c6:63:2b:43:46:3a:3f:61:7c:a7:ca:ad:d5:1a:ab:
30:af:17:21:7b:17:02:c1:1e:96:61:80:40:7f:eb:
9f:c4:04:16:88:71:4e:54:c5:1c:9f:b0:f5:9e:da:
6c:2e:f2:35:0e:a8:6f:9d:50:b0:82:ee:ae:6e:28:
9d:36:39:48:e8:fa:81:17:f4:8b:89:bc:08:71:5f:
63:47:ac:da:dc:96:ac:94:6d:d6:a5:4a:5d:6c:8b:
c3:4b:58:f9:28:87:a9:b4:2c:16:95:1d:53:42:12:
32:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E4:3B:02:66:5A:F7:F0:BA:F7:3F:4A:53:3E:B0:E4:F2:C8:A5:00
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/xOQ7AmZa9_C69z9KUz6w5PLIpQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.45.0-31.25.47.255
37.60.168.0/21
37.228.176.0/20
93.184.176.0/20
185.6.96.0/22
193.238.104.0/22
IPv6:
2a03:b880::/29
Signature Algorithm: sha256WithRSAEncryption
0b:73:03:09:88:41:a6:90:86:a8:73:1e:04:83:be:01:8b:08:
59:89:0c:75:f9:8f:ae:02:92:b7:d2:d8:ff:6f:32:27:35:f8:
0b:49:76:ad:b1:38:16:5b:9a:d3:b2:45:c9:e2:a8:09:94:bf:
86:bb:ae:76:80:65:a1:a1:3e:ff:bc:32:1b:36:2f:05:6a:e5:
be:6a:23:9a:02:08:2a:91:d1:d6:d2:72:c1:6e:49:b2:2b:0b:
07:44:0d:2d:a8:dc:a2:ef:d6:38:e0:82:19:6a:26:fc:40:8d:
37:96:39:a7:12:76:09:b4:00:8f:98:e7:b9:4c:22:6f:5b:f3:
0d:d3:6f:2b:9a:98:20:aa:6e:44:9b:e6:36:75:b8:d1:19:60:
8a:e3:09:52:3a:f7:00:b7:7d:e2:75:c6:54:ed:a2:b8:fe:08:
46:b9:5e:41:e2:7e:41:48:dd:ba:76:4d:00:d0:29:d0:ac:ef:
0f:fa:d0:2d:ba:01:27:50:07:d7:34:9f:82:d9:1a:4c:9a:4d:
2b:9e:c0:c8:f9:4b:ec:36:1e:d6:b6:04:7a:ca:59:0c:a3:12:
a4:8e:13:fe:42:e8:26:eb:18:0a:79:bb:ff:d6:b8:c9:6c:7e:
9a:ec:24:50:bd:8c:34:9e:05:c3:8c:bb:78:f7:6e:80:92:52:
7d:cb:9a:ec
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQoJcGsyLuyI/wzeeW2QN67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjUwMTAyMTc1MjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU0M2IwMjY2NWFmN2YwYmFmNzNmNGE1MzNlYjBlNGYyYzhhNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QKUIs3ECoox61AxhWcEaydWvBV8
aQpQv/NBvCGG2TBO1J6ysPI9mSTtKAj/ui1452ejk/JhdZMa00CbxAZdrKGB+SjL
QWu/LdoAble1eycsRvQyBehD/0/7+W5/lfIiTJ6Dy5SusbcntTD+SUVj1SANzwU8
WF6VA/N0fEJr3n43NIx8UYWQb5ijoq1zc/Jb7r3RMrLGYytDRjo/YXynyq3VGqsw
rxchexcCwR6WYYBAf+ufxAQWiHFOVMUcn7D1ntpsLvI1DqhvnVCwgu6ubiidNjlI
6PqBF/SLibwIcV9jR6za3JaslG3WpUpdbIvDS1j5KIeptCwWlR1TQhIyrwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFMTkOwJmWvfwuvc/SlM+sOTyyKUAMB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEveE9RN0FtWmE5X0M2OXo5S1V6Nnc1UExJcFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsMAwDBAAfGS0D
BAQfGSADBAMlPKgDBAQl5LADBARduLADBAK5BmADBALB7mgwDQQCAAIwBwMFAyoD
uIAwDQYJKoZIhvcNAQELBQADggEBAAtzAwmIQaaQhqhzHgSDvgGLCFmJDHX5j64C
krfS2P9vMic1+AtJdq2xOBZbmtOyRcniqAmUv4a7rnaAZaGhPv+8Mhs2LwVq5b5q
I5oCCCqR0dbScsFuSbIrCwdEDS2o3KLv1jjgghlqJvxAjTeWOacSdgm0AI+Y57lM
Im9b8w3TbyuamCCqbkSb5jZ1uNEZYIrjCVI69wC3feJ1xlTtorj+CEa5XkHifkFI
3bp2TQDQKdCs7w/60C26ASdQB9c0n4LZGkyaTSuewMj5S+w2Hta2BHrKWQyjEqSO
E/5C6CbrGAp5u//WuMlsfprsJFC9jDSeBcOMu3j3boCSUn3Lmuw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:00 2025 by rpki-client on console.sobornost.net