Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/XF9ImwV6WWJIs0xQcjK4t7jAy60.roa
File: XF9ImwV6WWJIs0xQcjK4t7jAy60.roa (raw, json)
Hash identifier: cqd2xtXIiuriNNQV4wixCocQ/6vU5JsRpBkdhH+9z5k=
Subject key identifier: 5C:5F:48:9B:05:7A:59:62:48:B3:4C:50:72:32:B8:B7:B8:C0:CB:AD
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01941FFA72AF5DAAEF05C272E3276ED95059
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/XF9ImwV6WWJIs0xQcjK4t7jAy60.roa
Signing time: Wed 01 Jan 2025 03:48:14 +0000
ROA not before: Wed 01 Jan 2025 03:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12414
IP address blocks: 5.199.144.0/20 maxlen: 24
82.139.64.0/18 maxlen: 24
185.117.108.0/22 maxlen: 24
217.26.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:72:af:5d:aa:ef:05:c2:72:e3:27:6e:d9:50:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 03:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c5f489b057a596248b34c507232b8b7b8c0cbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:e2:f2:ab:2a:f9:92:22:1e:43:c2:b2:b4:
a3:ef:57:68:48:0d:00:d1:23:72:36:a9:7c:63:8b:
b9:c4:a7:80:d5:48:70:25:9a:ed:f6:8d:b3:74:bd:
e1:2e:6d:fa:31:14:9b:cd:31:b8:c4:92:11:72:1a:
84:4c:28:56:7a:77:2e:f5:f5:54:77:61:86:e8:16:
72:16:6c:21:75:98:ba:ea:24:45:21:ca:ea:28:27:
12:4f:55:86:c1:ad:18:99:3d:76:b4:64:f2:b2:e7:
e4:c0:e0:e0:f7:e6:49:19:e0:db:ef:33:f7:8f:15:
df:ce:9f:3e:2e:f1:67:f4:12:cf:2b:57:6b:94:ff:
41:24:c4:75:91:2a:d9:d6:a3:a7:59:7c:3f:e4:c8:
2d:d6:cf:ca:fd:fc:b0:94:38:92:f6:70:83:da:09:
85:ca:bb:50:cc:e4:83:25:91:ee:bc:bf:6c:44:9c:
fd:97:eb:93:3a:fb:39:e7:a3:cf:3b:2b:8d:4f:93:
98:e3:00:fb:87:41:e1:51:52:8c:fc:8b:47:ef:2b:
67:34:b4:09:24:1a:c9:77:1c:39:e3:e3:ed:4c:c6:
ea:96:3e:23:3e:d2:e2:9a:96:bd:51:be:1a:93:cc:
6c:9f:8b:22:07:64:d6:06:42:c0:31:f6:ad:9b:d9:
d6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5F:48:9B:05:7A:59:62:48:B3:4C:50:72:32:B8:B7:B8:C0:CB:AD
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/XF9ImwV6WWJIs0xQcjK4t7jAy60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.144.0/20
82.139.64.0/18
185.117.108.0/22
217.26.96.0/20
Signature Algorithm: sha256WithRSAEncryption
4c:60:51:8c:f7:1f:ae:56:91:99:a8:ac:8d:68:4d:a4:f4:a6:
49:c8:d5:2b:df:0b:a8:23:04:2f:08:2c:44:d6:3d:de:23:ed:
0f:4e:88:7d:35:e6:37:66:0e:a8:ed:1d:40:8c:a6:e0:b6:5e:
17:c5:57:fb:ae:d9:8f:3a:a9:3b:e1:d2:c0:b3:63:94:3f:2b:
89:c9:03:9e:b1:57:19:d3:77:e4:86:1b:82:6a:4a:79:a0:19:
a4:21:a6:e3:6e:52:c6:c3:18:66:78:5d:24:66:74:2f:fe:97:
85:18:3d:8e:82:41:b6:12:bb:30:65:76:0b:25:4a:23:d8:4f:
d6:9a:4e:cb:09:63:1e:f7:e6:14:af:04:42:9a:d8:0b:b4:60:
8a:35:a1:d8:4e:d6:7a:c7:15:1e:4b:d0:ea:9b:49:2e:74:8a:
b4:b7:48:03:03:a7:d2:51:bf:9c:43:73:7a:6d:b0:b3:16:41:
b4:c8:5c:80:ed:c5:2a:96:9c:83:e6:22:cc:f2:16:59:44:ef:
4a:53:5d:13:b5:79:23:f1:93:43:96:1d:61:1b:4d:a1:ea:b7:
34:76:3d:5f:e4:78:a5:c4:43:2c:04:f0:46:d6:70:eb:ba:6f:
8b:d0:10:ec:91:b8:1e:76:b8:1d:0a:7a:ec:99:65:c1:73:9c:
b5:38:16:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+nKvXarvBcJy4ydu2VBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUwMTAxMDM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzVmNDg5YjA1N2E1OTYyNDhiMzRjNTA3MjMyYjhiN2I4YzBjYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLji8qsq+ZIiHkPCsrSj71doSA0A
0SNyNql8Y4u5xKeA1UhwJZrt9o2zdL3hLm36MRSbzTG4xJIRchqETChWencu9fVU
d2GG6BZyFmwhdZi66iRFIcrqKCcST1WGwa0YmT12tGTysufkwODg9+ZJGeDb7zP3
jxXfzp8+LvFn9BLPK1drlP9BJMR1kSrZ1qOnWXw/5Mgt1s/K/fywlDiS9nCD2gmF
yrtQzOSDJZHuvL9sRJz9l+uTOvs556PPOyuNT5OY4wD7h0HhUVKM/ItH7ytnNLQJ
JBrJdxw54+PtTMbqlj4jPtLimpa9Ub4ak8xsn4siB2TWBkLAMfatm9nWGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFxfSJsFelliSLNMUHIyuLe4wMutMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvWEY5SW13VjZXV0pJczB4UWNqSzR0N2pBeTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBceQAwQG
UotAAwQCuXVsAwQE2RpgMA0GCSqGSIb3DQEBCwUAA4IBAQBMYFGM9x+uVpGZqKyN
aE2k9KZJyNUr3wuoIwQvCCxE1j3eI+0PToh9NeY3Zg6o7R1AjKbgtl4XxVf7rtmP
Oqk74dLAs2OUPyuJyQOesVcZ03fkhhuCakp5oBmkIabjblLGwxhmeF0kZnQv/peF
GD2OgkG2ErswZXYLJUoj2E/Wmk7LCWMe9+YUrwRCmtgLtGCKNaHYTtZ6xxUeS9Dq
m0kudIq0t0gDA6fSUb+cQ3N6bbCzFkG0yFyA7cUqlpyD5iLM8hZZRO9KU10TtXkj
8ZNDlh1hG02h6rc0dj1f5HilxEMsBPBG1nDrum+L0BDskbgedrgdCnrsmWXBc5y1
OBYx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net