Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/xi12IPMtRFELHYWtjJr4YufGkQA.roa
File: xi12IPMtRFELHYWtjJr4YufGkQA.roa (raw, json)
Hash identifier: QhkRcFPqputToi/TJTBVbZlzaHzFcDSuse3D4N1xAF0=
Subject key identifier: C6:2D:76:20:F3:2D:44:51:0B:1D:85:AD:8C:9A:F8:62:E7:C6:91:00
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 019421B22D63494D0CAAA94B05D753994961
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/xi12IPMtRFELHYWtjJr4YufGkQA.roa
Signing time: Wed 01 Jan 2025 11:48:32 +0000
ROA not before: Wed 01 Jan 2025 11:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199399
IP address blocks: 176.126.38.0/24 maxlen: 24
185.1.123.0/24 maxlen: 24
195.130.66.0/24 maxlen: 24
195.251.247.0/24 maxlen: 24
2001:648:20f0::/48 maxlen: 48
2001:648:2cef::/48 maxlen: 48
2001:7f8:6e::/48 maxlen: 48
2001:7f8:ce::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2d:63:49:4d:0c:aa:a9:4b:05:d7:53:99:49:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 11:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c62d7620f32d44510b1d85ad8c9af862e7c69100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ff:0b:03:7d:39:a8:3e:a2:90:e6:47:31:53:
14:ac:51:3d:1a:ec:91:76:3d:b6:81:50:05:aa:cd:
e6:f3:8e:45:92:82:6d:b7:7e:f1:e7:fd:dd:5b:18:
8f:e9:19:91:fa:c7:8d:56:0a:9c:b0:3e:b4:d8:b2:
73:14:1c:b4:43:1f:ed:44:a7:f0:b5:24:de:ba:3e:
08:3a:0f:e5:36:8c:8f:a2:30:8c:db:f5:63:a8:9a:
c9:5c:2a:ae:0a:17:83:93:14:06:30:75:06:7d:39:
2f:69:7d:90:d7:1a:a2:c6:50:ec:bb:39:57:e1:7d:
46:0a:df:6a:05:0f:cc:12:56:9e:20:e4:59:9f:21:
d5:6c:f6:97:a6:1e:b8:10:3a:56:5e:dc:23:24:a7:
8f:2b:28:2b:50:28:3b:22:b5:8a:99:ec:11:0b:eb:
76:b0:c6:a1:d4:c1:15:b7:bd:f7:8d:92:9f:24:1c:
cf:85:2f:6f:d9:9a:56:3c:a0:67:9a:b1:32:f9:89:
c8:c9:ed:8f:d8:b3:6e:db:e5:c4:ef:c5:c3:fe:29:
8a:3e:5a:0c:7d:4c:75:ce:01:1d:d6:cf:95:2a:cd:
c9:c2:a4:1c:4b:c4:66:5a:2d:be:5e:86:74:68:ba:
bb:ad:d9:13:92:5a:04:b8:64:91:86:1b:f1:9b:e4:
ce:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2D:76:20:F3:2D:44:51:0B:1D:85:AD:8C:9A:F8:62:E7:C6:91:00
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/xi12IPMtRFELHYWtjJr4YufGkQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.38.0/24
185.1.123.0/24
195.130.66.0/24
195.251.247.0/24
IPv6:
2001:648:20f0::/48
2001:648:2cef::/48
2001:7f8:6e::/48
2001:7f8:ce::/48
Signature Algorithm: sha256WithRSAEncryption
6a:0c:2b:40:00:46:40:67:ae:33:91:b7:71:7a:71:05:47:52:
5a:89:a8:d4:36:fe:6c:47:ad:ba:ff:54:3f:91:26:8b:9f:0d:
14:fd:ef:9e:2b:c3:05:6c:ed:67:76:63:3f:ac:61:c3:39:69:
53:8d:12:90:a1:f9:eb:cd:d6:6d:e2:18:81:24:62:b8:f0:ee:
89:c1:be:5c:0f:71:da:7a:7f:21:c2:4a:c6:00:1f:ae:62:6a:
9c:5a:cc:8c:62:be:73:e3:b1:e0:67:56:af:fa:17:72:58:8f:
a5:de:aa:4c:3a:31:db:31:3c:01:97:e8:0f:fa:88:f2:96:92:
6e:17:d5:9f:bc:1b:7e:dc:5e:bd:cb:f2:07:5e:c3:a4:33:40:
0a:fc:e5:3c:3d:2d:4e:d5:86:43:2e:94:f5:3e:91:1a:2e:5d:
53:d4:ba:c4:b4:47:43:56:ac:37:7b:7e:eb:b8:62:8f:04:18:
f0:61:4b:af:c0:b4:8f:3d:43:0b:f2:9c:a9:4f:8a:6a:7c:5b:
c2:cf:ac:df:6b:ef:4e:92:59:32:f5:30:1f:89:73:e2:80:a4:
03:25:a1:58:70:e0:8f:81:6a:a9:bd:50:b6:cd:b0:ad:cf:0b:
1e:ec:17:18:9e:16:b8:04:90:c7:7b:01:ea:91:91:91:a5:9d:
e6:fc:13:66
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQhsi1jSU0MqqlLBddTmUlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjUwMTAxMTE0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjJkNzYyMGYzMmQ0NDUxMGIxZDg1YWQ4YzlhZjg2MmU3YzY5MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7P8LA305qD6ikOZHMVMUrFE9GuyR
dj22gVAFqs3m845FkoJtt37x5/3dWxiP6RmR+seNVgqcsD602LJzFBy0Qx/tRKfw
tSTeuj4IOg/lNoyPojCM2/VjqJrJXCquCheDkxQGMHUGfTkvaX2Q1xqixlDsuzlX
4X1GCt9qBQ/MElaeIORZnyHVbPaXph64EDpWXtwjJKePKygrUCg7IrWKmewRC+t2
sMah1MEVt733jZKfJBzPhS9v2ZpWPKBnmrEy+YnIye2P2LNu2+XE78XD/imKPloM
fUx1zgEd1s+VKs3JwqQcS8RmWi2+XoZ0aLq7rdkTkloEuGSRhhvxm+TO3QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMYtdiDzLURRCx2FrYya+GLnxpEAMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEveGkxMklQTXRSRkVMSFlXdGpKcjRZdWZHa1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAeBAIAATAYAwQAsH4mAwQA
uQF7AwQAw4JCAwQAw/v3MCoEAgACMCQDBwAgAQZIIPADBwAgAQZILO8DBwAgAQf4
AG4DBwAgAQf4AM4wDQYJKoZIhvcNAQELBQADggEBAGoMK0AARkBnrjORt3F6cQVH
UlqJqNQ2/mxHrbr/VD+RJoufDRT9754rwwVs7Wd2Yz+sYcM5aVONEpCh+evN1m3i
GIEkYrjw7onBvlwPcdp6fyHCSsYAH65iapxazIxivnPjseBnVq/6F3JYj6Xeqkw6
MdsxPAGX6A/6iPKWkm4X1Z+8G37cXr3L8gdew6QzQAr85Tw9LU7VhkMulPU+kRou
XVPUusS0R0NWrDd7fuu4Yo8EGPBhS6/AtI89QwvynKlPimp8W8LPrN9r706SWTL1
MB+Jc+KApAMloVhw4I+Baqm9ULbNsK3PCx7sFxieFrgEkMd7AeqRkZGlneb8E2Y=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net