Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/XY1Eges0ofwvvFCGnxnMTZuzqq0.roa
File: XY1Eges0ofwvvFCGnxnMTZuzqq0.roa (raw, json)
Hash identifier: 4lDMbdxSfWLvbOB4pHjSTKQ4KFN1x9vtL2R0MqxD430=
Subject key identifier: 5D:8D:44:81:EB:34:A1:FC:2F:BC:50:86:9F:19:CC:4D:9B:B3:AA:AD
Certificate issuer: /CN=c4402c55758faee473938f8067a889ad5e271261
Certificate serial: 0194266BCB47C15E26D6A520D11462411545
Authority key identifier: C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/XY1Eges0ofwvvFCGnxnMTZuzqq0.roa
Signing time: Thu 02 Jan 2025 09:49:46 +0000
ROA not before: Thu 02 Jan 2025 09:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207995
IP address blocks: 194.24.162.0/23 maxlen: 24
194.24.176.0/23 maxlen: 24
212.221.128.0/17 maxlen: 24
2a10:340::/30 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:cb:47:c1:5e:26:d6:a5:20:d1:14:62:41:15:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4402c55758faee473938f8067a889ad5e271261
Validity
Not Before: Jan 2 09:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d8d4481eb34a1fc2fbc50869f19cc4d9bb3aaad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f3:a3:f4:95:b7:87:46:47:b7:30:0c:a4:42:
db:cc:8c:ce:89:70:a2:f1:ab:4a:f7:cb:f5:bb:45:
0b:e8:62:e1:92:5d:5d:65:65:b0:f1:f7:ce:db:36:
db:7a:d1:3d:54:f9:8c:59:86:05:9c:4f:90:2e:6e:
8c:46:f9:64:0d:4c:71:d9:38:3b:10:35:15:3d:e9:
84:ce:f2:92:d9:82:56:b0:66:da:e0:9f:b6:05:0f:
0d:7f:37:24:f5:25:58:ab:6e:8b:b8:c4:39:1a:ee:
b5:2e:1a:88:6f:bb:61:02:10:cc:bb:44:cd:ca:3e:
12:65:a3:26:53:a4:b2:f7:f2:5a:84:c5:26:9b:ae:
c8:6e:ec:8c:b8:ee:f9:b2:d2:54:6a:d2:44:5d:78:
3b:6f:56:ab:f7:a7:64:c1:37:6e:ae:54:20:29:b2:
aa:9e:5a:0d:09:3a:81:85:c0:b4:bf:ec:ad:f2:89:
b7:ea:6e:51:53:87:80:f4:36:61:64:bd:2f:73:87:
7e:1e:08:c0:36:74:1d:ae:25:f1:45:24:fa:29:8a:
2d:75:e9:5b:89:11:a6:ea:9d:75:47:6e:11:7a:91:
b7:4c:7e:b8:0f:aa:d5:af:ec:d7:de:ab:99:67:c2:
55:d2:3f:d0:16:b4:8c:0e:e4:49:6f:11:d8:8e:59:
0e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8D:44:81:EB:34:A1:FC:2F:BC:50:86:9F:19:CC:4D:9B:B3:AA:AD
X509v3 Authority Key Identifier:
keyid:C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/XY1Eges0ofwvvFCGnxnMTZuzqq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/xEAsVXWPruRzk4-AZ6iJrV4nEmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.162.0/23
194.24.176.0/23
212.221.128.0/17
IPv6:
2a10:340::/30
Signature Algorithm: sha256WithRSAEncryption
8f:ae:f2:88:df:a5:96:ae:2f:70:f0:f0:26:19:ef:3e:06:f2:
9a:dc:3d:12:0d:a5:fb:ea:25:f0:dc:09:6d:06:4f:a1:24:10:
57:b8:d4:e1:03:20:c9:a3:92:79:a4:f6:11:3e:ea:de:7e:c6:
82:6f:59:20:2b:ba:f8:ea:43:5a:6f:ca:14:00:6d:c2:b5:cc:
e0:de:0c:ad:9d:3c:1d:5c:19:a5:af:bb:1b:7e:f9:93:11:aa:
19:97:20:e8:91:fd:6a:1c:18:3f:e5:1e:0c:14:df:bd:6b:3f:
98:bb:ad:38:f1:b1:0f:b5:31:c6:10:10:9c:4f:82:18:1b:a7:
bf:99:2d:28:6c:9e:00:ed:16:03:50:3d:57:f4:58:b4:de:b4:
b2:a3:66:c9:56:0b:6a:e0:94:bc:3b:4a:02:ed:69:21:6c:26:
03:ec:a2:4c:0d:48:30:a0:97:77:62:21:a3:98:8c:7e:9b:39:
42:ec:f0:69:c3:63:ec:f1:ce:71:a3:c4:be:82:82:9a:88:9c:
6d:bd:9b:1a:7b:a3:7e:93:41:7d:47:00:5f:25:4e:48:a8:6e:
ea:3d:56:28:1c:9f:6c:7a:ef:33:28:f2:f1:4b:b6:1f:71:86:
c4:3b:76:07:4c:95:94:32:5c:6c:76:80:3f:4b:cc:ac:1c:55:
ba:a9:75:35
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQma8tHwV4m1qUg0RRiQRVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDAyYzU1NzU4ZmFlZTQ3MzkzOGY4MDY3YTg4OWFkNWUy
NzEyNjEwHhcNMjUwMTAyMDk0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhkNDQ4MWViMzRhMWZjMmZiYzUwODY5ZjE5Y2M0ZDliYjNhYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/Oj9JW3h0ZHtzAMpELbzIzOiXCi
8atK98v1u0UL6GLhkl1dZWWw8ffO2zbbetE9VPmMWYYFnE+QLm6MRvlkDUxx2Tg7
EDUVPemEzvKS2YJWsGba4J+2BQ8Nfzck9SVYq26LuMQ5Gu61LhqIb7thAhDMu0TN
yj4SZaMmU6Sy9/JahMUmm67IbuyMuO75stJUatJEXXg7b1ar96dkwTdurlQgKbKq
nloNCTqBhcC0v+yt8om36m5RU4eA9DZhZL0vc4d+HgjANnQdriXxRST6KYotdelb
iRGm6p11R24RepG3TH64D6rVr+zX3quZZ8JV0j/QFrSMDuRJbxHYjlkOVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF2NRIHrNKH8L7xQhp8ZzE2bs6qtMB8GA1UdIwQY
MBaAFMRALFV1j67kc5OPgGeoia1eJxJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVBc1ZYV1BydVJ6azQtQVo2aUpyVjRuRW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NjRjM2MtYjU3MC00MTEzLWI0YWEt
Y2ZkZjAzMTFhZDhjLzEvWFkxRWdlczBvZnd2dkZDR254bk1UWnV6cXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NjRjM2MtYjU3MC00MTEzLWI0YWEtY2ZkZjAzMTFhZDhj
LzEveEVBc1ZYV1BydVJ6azQtQVo2aUpyVjRuRW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwhiiAwQB
whiwAwQH1N2AMA0EAgACMAcDBQIqEANAMA0GCSqGSIb3DQEBCwUAA4IBAQCPrvKI
36WWri9w8PAmGe8+BvKa3D0SDaX76iXw3AltBk+hJBBXuNThAyDJo5J5pPYRPure
fsaCb1kgK7r46kNab8oUAG3Ctczg3gytnTwdXBmlr7sbfvmTEaoZlyDokf1qHBg/
5R4MFN+9az+Yu6048bEPtTHGEBCcT4IYG6e/mS0obJ4A7RYDUD1X9Fi03rSyo2bJ
Vgtq4JS8O0oC7WkhbCYD7KJMDUgwoJd3YiGjmIx+mzlC7PBpw2Ps8c5xo8S+goKa
iJxtvZsae6N+k0F9RwBfJU5IqG7qPVYoHJ9seu8zKPLxS7YfcYbEO3YHTJWUMlxs
doA/S8ysHFW6qXU1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net