Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/XExZy3xfPa1cjEoGNup9lp-X8-0.roa
File: XExZy3xfPa1cjEoGNup9lp-X8-0.roa (raw, json)
Hash identifier: 2iOx91qP9fUpsmi2JFq2RvxeQJsiSVTDFwUu6ATpiUM=
Subject key identifier: 5C:4C:59:CB:7C:5F:3D:AD:5C:8C:4A:06:36:EA:7D:96:9F:97:F3:ED
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 019425FD82BB9687B24B74C6CBF621B453E7
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/XExZy3xfPa1cjEoGNup9lp-X8-0.roa
Signing time: Thu 02 Jan 2025 07:49:18 +0000
ROA not before: Thu 02 Jan 2025 07:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209342
IP address blocks: 86.60.49.0/24 maxlen: 24
86.60.50.0/24 maxlen: 24
86.60.51.0/24 maxlen: 24
86.60.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:82:bb:96:87:b2:4b:74:c6:cb:f6:21:b4:53:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Jan 2 07:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c4c59cb7c5f3dad5c8c4a0636ea7d969f97f3ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ec:3c:ed:b7:6b:b9:bc:d5:0b:50:0e:40:92:
be:cc:76:3d:0c:04:97:a2:c2:2f:89:5c:c5:05:dd:
19:5f:06:18:7a:b1:1f:55:58:ae:28:34:fc:17:e7:
f4:b3:a3:04:9a:fc:0e:07:97:db:5e:95:43:a2:b9:
ab:6a:39:f0:38:e3:45:f5:cd:3d:7f:21:8e:09:f9:
3b:d1:0f:3f:2d:26:ca:0c:64:47:34:c3:30:5e:c0:
60:1d:be:99:65:e2:6a:1c:1a:90:7c:07:70:ce:4c:
2a:86:43:79:81:77:2d:37:ca:c0:6d:9f:bb:19:51:
17:38:ab:4b:4a:61:cb:bf:e7:c7:7e:10:01:88:35:
bc:49:e9:ea:06:47:62:81:47:73:82:b4:cc:03:74:
72:4e:c4:bd:09:99:08:4c:9c:72:c5:76:09:32:c3:
b9:04:6b:a2:1b:69:b5:b8:4d:78:bf:6d:e1:e7:d7:
5d:09:cf:26:19:29:0b:f1:86:83:03:66:92:7e:d1:
56:ec:11:2e:d4:f2:57:21:c7:dd:2b:db:5a:bf:fa:
3c:0f:bc:51:c4:db:76:fa:54:a7:f3:78:be:ed:8c:
69:63:ff:1d:e5:ef:ec:f2:30:cf:11:ec:fc:67:c7:
a7:56:8d:be:ca:93:b4:c3:86:a7:05:b6:b0:c5:e0:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4C:59:CB:7C:5F:3D:AD:5C:8C:4A:06:36:EA:7D:96:9F:97:F3:ED
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/XExZy3xfPa1cjEoGNup9lp-X8-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.60.49.0-86.60.51.255
86.60.96.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d7:4f:5b:38:3d:0f:e9:f2:c3:aa:11:38:19:54:14:de:87:
47:26:95:e6:81:36:a2:76:54:e0:09:f5:95:96:c7:91:37:ab:
ac:f0:8b:ad:a5:75:c6:b5:4c:b4:6b:06:42:19:bd:49:f4:4f:
69:a8:5f:be:25:1a:0e:cf:c5:45:a1:3a:2b:7f:a8:35:0c:ff:
88:cb:4b:2a:c0:8e:bc:24:54:0b:38:f6:ac:34:1e:4e:7d:43:
1f:98:5d:9f:71:c7:fb:ad:ab:55:a2:42:1f:59:33:ed:fa:0f:
3e:80:80:ee:17:2c:8b:0c:92:62:a0:fd:81:d2:d6:5c:8b:e2:
78:e4:66:89:cf:02:e2:41:be:7a:12:cb:43:ce:1a:c0:c7:e7:
b9:67:84:e7:af:a4:79:f7:ae:6d:ba:1d:75:04:6b:30:91:5b:
e2:3f:98:bd:7f:ca:c0:62:72:82:24:67:70:cc:cd:03:6a:af:
53:0c:73:6f:23:2f:1c:04:b5:25:e1:93:17:11:c8:79:b9:2e:
62:b0:5c:53:33:f1:16:34:28:13:7b:3f:ef:c1:00:4d:31:04:
93:36:ac:96:97:c9:bf:71:cb:3a:0e:83:8f:6c:1b:ee:7d:e8:
19:95:93:c4:f6:54:32:ce:4f:fb:41:77:41:4e:53:2e:f6:a6:
83:49:ba:5f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQl/YK7loeyS3TGy/YhtFPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjUwMTAyMDc0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRjNTljYjdjNWYzZGFkNWM4YzRhMDYzNmVhN2Q5NjlmOTdmM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuw87bdrubzVC1AOQJK+zHY9DASX
osIviVzFBd0ZXwYYerEfVViuKDT8F+f0s6MEmvwOB5fbXpVDormrajnwOONF9c09
fyGOCfk70Q8/LSbKDGRHNMMwXsBgHb6ZZeJqHBqQfAdwzkwqhkN5gXctN8rAbZ+7
GVEXOKtLSmHLv+fHfhABiDW8SenqBkdigUdzgrTMA3RyTsS9CZkITJxyxXYJMsO5
BGuiG2m1uE14v23h59ddCc8mGSkL8YaDA2aSftFW7BEu1PJXIcfdK9tav/o8D7xR
xNt2+lSn83i+7YxpY/8d5e/s8jDPEez8Z8enVo2+ypO0w4anBbawxeCCDwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFxMWct8Xz2tXIxKBjbqfZafl/PtMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvWEV4WnkzeGZQYTFjakVvR051cDlscC1YOC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABWPDED
BAJWPDADBABWPGAwDQYJKoZIhvcNAQELBQADggEBADLXT1s4PQ/p8sOqETgZVBTe
h0cmleaBNqJ2VOAJ9ZWWx5E3q6zwi62ldca1TLRrBkIZvUn0T2moX74lGg7PxUWh
Oit/qDUM/4jLSyrAjrwkVAs49qw0Hk59Qx+YXZ9xx/utq1WiQh9ZM+36Dz6AgO4X
LIsMkmKg/YHS1lyL4njkZonPAuJBvnoSy0POGsDH57lnhOevpHn3rm26HXUEazCR
W+I/mL1/ysBicoIkZ3DMzQNqr1MMc28jLxwEtSXhkxcRyHm5LmKwXFMz8RY0KBN7
P+/BAE0xBJM2rJaXyb9xyzoOg49sG+596BmVk8T2VDLOT/tBd0FOUy72poNJul8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:44 2025 by rpki-client on console.sobornost.net