Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Xxc5UdQU-JYimPOW9smWfc18X2w.roa
File: Xxc5UdQU-JYimPOW9smWfc18X2w.roa (raw, json)
Hash identifier: 3N40b3wquChzQuj10yBCgKDTlj3F8fIiYsKkNMP5+a8=
Subject key identifier: 5F:17:39:51:D4:14:F8:96:22:98:F3:96:F6:C9:96:7D:CD:7C:5F:6C
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CAE7F3E892D6C75931663C925F995
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Xxc5UdQU-JYimPOW9smWfc18X2w.roa
Signing time: Wed 01 Jan 2025 01:48:20 +0000
ROA not before: Wed 01 Jan 2025 01:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51223
IP address blocks: 89.32.80.0/21 maxlen: 24
176.113.84.0/22 maxlen: 24
178.237.128.0/20 maxlen: 24
185.26.4.0/22 maxlen: 24
185.139.60.0/22 maxlen: 24
212.119.48.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:ae:7f:3e:89:2d:6c:75:93:16:63:c9:25:f9:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f173951d414f8962298f396f6c9967dcd7c5f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b2:c9:11:20:a4:ef:54:cd:51:1e:79:96:55:
14:d3:fd:a1:25:08:ca:91:b6:03:0a:16:23:fd:b0:
f9:67:83:9b:10:5d:5d:8b:87:9d:85:34:5a:d6:96:
ae:1f:57:ac:d8:03:fd:29:48:2f:72:e8:89:92:67:
1a:c0:32:f8:2a:22:26:e7:7b:53:12:a7:62:89:db:
0f:e1:ea:73:16:89:4b:93:cd:87:a1:33:04:ea:1d:
95:8c:e1:76:a5:5f:31:6b:d6:7b:9c:e7:a6:6a:4f:
83:7b:d6:a3:8f:74:ab:8b:06:31:18:fc:7c:c1:27:
88:68:83:ea:bb:c5:75:c0:1c:a4:44:a7:fe:4b:21:
a4:48:55:04:a8:c1:6d:04:0f:cb:52:18:d1:cb:68:
a6:1e:b3:e6:f5:1e:d1:32:9b:43:6c:04:7a:42:5d:
e0:69:2e:65:36:bf:c0:6a:14:c8:f3:0b:c7:8e:1e:
be:eb:ff:72:7a:c9:d7:ed:ba:23:ee:20:f5:91:ce:
9b:d0:a2:89:db:41:3c:88:bf:72:e4:b9:21:57:51:
2e:63:2c:83:c5:b9:cf:01:2b:12:7e:5b:6f:aa:ee:
8d:56:b7:01:be:4c:07:c0:81:bb:1f:56:b8:61:b7:
cc:7f:8b:cf:a6:17:f2:8e:72:69:3e:4b:0b:f9:e8:
dc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:17:39:51:D4:14:F8:96:22:98:F3:96:F6:C9:96:7D:CD:7C:5F:6C
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Xxc5UdQU-JYimPOW9smWfc18X2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.80.0/21
176.113.84.0/22
178.237.128.0/20
185.26.4.0/22
185.139.60.0/22
212.119.48.0/22
Signature Algorithm: sha256WithRSAEncryption
56:25:60:3d:4e:0a:fb:fe:59:f5:61:09:16:47:b8:68:62:15:
c9:e0:33:c8:6a:96:88:18:41:de:4e:fa:b5:5d:6d:ce:bc:aa:
c2:20:43:5d:76:88:40:16:eb:e8:b0:47:4f:8f:74:29:19:c6:
21:ce:a8:0b:a4:64:81:f3:67:50:17:68:11:62:75:3f:98:5c:
a7:ab:b7:1f:62:d1:cc:80:56:6f:0a:68:18:76:c5:fc:76:4b:
e6:13:d5:cf:c5:9c:17:19:13:73:34:11:73:4e:f3:64:a7:bc:
aa:cb:93:11:66:f1:89:cc:6e:e9:d0:4c:42:e9:52:6c:fc:8d:
96:b7:48:bd:3b:5e:7f:78:71:50:12:09:22:04:df:c7:de:1b:
40:bf:1f:5d:6b:d9:76:6b:e4:98:33:0f:22:8a:bd:da:1c:bd:
91:5e:8e:c8:e1:82:f8:f5:5d:5f:d6:27:17:8b:27:1d:3e:d7:
90:b2:3c:cc:22:8e:c0:f6:b4:a0:14:37:f3:0e:89:31:d0:80:
34:c9:eb:36:dc:e2:c9:71:ea:31:6a:5c:cf:45:b9:10:32:c8:
8e:9b:2c:6a:48:3f:1f:f3:09:fc:74:58:26:1b:cf:27:e0:f4:
c7:33:5e:dd:48:2f:06:1c:55:74:c7:94:f6:45:97:d6:e8:96:
c7:13:2e:c4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQfjK5/PoktbHWTFmPJJfmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjE3Mzk1MWQ0MTRmODk2MjI5OGYzOTZmNmM5OTY3ZGNkN2M1ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubLJESCk71TNUR55llUU0/2hJQjK
kbYDChYj/bD5Z4ObEF1di4edhTRa1pauH1es2AP9KUgvcuiJkmcawDL4KiIm53tT
EqdiidsP4epzFolLk82HoTME6h2VjOF2pV8xa9Z7nOemak+De9ajj3SriwYxGPx8
wSeIaIPqu8V1wBykRKf+SyGkSFUEqMFtBA/LUhjRy2imHrPm9R7RMptDbAR6Ql3g
aS5lNr/AahTI8wvHjh6+6/9yesnX7boj7iD1kc6b0KKJ20E8iL9y5LkhV1EuYyyD
xbnPASsSfltvqu6NVrcBvkwHwIG7H1a4YbfMf4vPphfyjnJpPksL+ejczQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF8XOVHUFPiWIpjzlvbJln3NfF9sMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWHhjNVVkUVUtSllpbVBPVzlzbVdmYzE4WDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDWSBQAwQC
sHFUAwQEsu2AAwQCuRoEAwQCuYs8AwQC1HcwMA0GCSqGSIb3DQEBCwUAA4IBAQBW
JWA9Tgr7/ln1YQkWR7hoYhXJ4DPIapaIGEHeTvq1XW3OvKrCIENddohAFuvosEdP
j3QpGcYhzqgLpGSB82dQF2gRYnU/mFynq7cfYtHMgFZvCmgYdsX8dkvmE9XPxZwX
GRNzNBFzTvNkp7yqy5MRZvGJzG7p0ExC6VJs/I2Wt0i9O15/eHFQEgkiBN/H3htA
vx9da9l2a+SYMw8iir3aHL2RXo7I4YL49V1f1icXiycdPteQsjzMIo7A9rSgFDfz
Dokx0IA0yes23OLJceoxalzPRbkQMsiOmyxqSD8f8wn8dFgmG88n4PTHM17dSC8G
HFV0x5T2RZfW6JbHEy7E
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:54:59 2025 by rpki-client on console.sobornost.net