Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/5EXO9UiepL6Zq1llBjLLIrL5oUg.roa
File: 5EXO9UiepL6Zq1llBjLLIrL5oUg.roa (raw, json)
Hash identifier: f7qlXZI97BeR4x4m6/QuC0gLJcnSYhH/2MDokTxi6Pw=
Subject key identifier: E4:45:CE:F5:48:9E:A4:BE:99:AB:59:65:06:32:CB:22:B2:F9:A1:48
Certificate issuer: /CN=e98e202381c1c88d82f3b70f3be068a1aa372b9d
Certificate serial: 01942068477089EDBAA43BDFBE5404DD1EC6
Authority key identifier: E9:8E:20:23:81:C1:C8:8D:82:F3:B7:0F:3B:E0:68:A1:AA:37:2B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Y4gI4HByI2C87cPO-Booao3K50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/5EXO9UiepL6Zq1llBjLLIrL5oUg.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201076
IP address blocks: 141.226.248.0/24 maxlen: 24
188.64.208.0/24 maxlen: 24
188.64.209.0/24 maxlen: 24
188.64.210.0/24 maxlen: 24
188.64.211.0/24 maxlen: 24
2a07:e7c0::/48 maxlen: 48
2a07:e7c0:1::/48 maxlen: 48
2a07:e7c0:2::/48 maxlen: 48
2a07:e7c0:3::/48 maxlen: 48
2a07:e7c0:147::/48 maxlen: 48
2a07:e7c0:1000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:47:70:89:ed:ba:a4:3b:df:be:54:04:dd:1e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e98e202381c1c88d82f3b70f3be068a1aa372b9d
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e445cef5489ea4be99ab59650632cb22b2f9a148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:6f:91:1f:3b:37:b6:a7:c4:dc:62:f0:d1:c8:
7e:ba:23:c7:6f:eb:34:d4:4d:e6:8b:11:d4:88:e8:
2c:24:eb:59:bd:27:ef:bd:b3:9b:9d:d6:af:f6:1c:
e7:78:57:c4:e1:82:29:c0:9b:4e:57:01:af:05:f4:
5b:7c:45:a9:f1:58:40:72:0b:c8:a2:b7:6c:26:75:
27:e9:fe:b1:e8:69:2d:9f:0d:55:fd:49:28:80:dc:
5d:05:86:f3:18:08:76:82:7c:9a:eb:85:77:c8:c7:
27:99:2b:70:c6:c0:77:d6:12:52:34:8a:81:4a:6b:
51:8f:24:93:99:5d:6d:18:ac:b5:0a:b0:d2:0f:09:
41:f8:7e:ee:e9:23:ec:ce:a6:f9:9f:47:48:35:b7:
b7:19:28:1d:50:24:29:09:a1:1c:60:6e:0b:60:95:
2e:4e:17:8c:f7:c0:ec:0e:94:3e:3c:b4:37:e1:60:
8b:e7:94:7a:04:e8:dd:74:2b:3b:fe:d0:fe:3b:88:
96:44:b0:b4:89:d2:be:44:0a:38:61:10:a8:f5:d2:
c2:4a:19:a6:7c:c4:69:ab:16:b6:55:20:0f:08:f3:
1e:24:19:77:95:ef:3e:72:9a:12:09:ac:a6:37:9d:
1e:b5:50:12:e9:35:6e:81:c5:3e:9d:96:2d:73:d8:
bd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:45:CE:F5:48:9E:A4:BE:99:AB:59:65:06:32:CB:22:B2:F9:A1:48
X509v3 Authority Key Identifier:
keyid:E9:8E:20:23:81:C1:C8:8D:82:F3:B7:0F:3B:E0:68:A1:AA:37:2B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Y4gI4HByI2C87cPO-Booao3K50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/5EXO9UiepL6Zq1llBjLLIrL5oUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/6Y4gI4HByI2C87cPO-Booao3K50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.248.0/24
188.64.208.0/22
IPv6:
2a07:e7c0::/46
2a07:e7c0:147::/48
2a07:e7c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
78:0e:48:8b:d5:0c:f5:da:41:5b:fe:dd:88:14:51:a3:81:52:
fc:51:d9:2d:26:a9:35:e3:5b:7a:54:6e:2b:ab:84:04:72:11:
aa:78:eb:26:6c:0b:53:a9:b2:09:fb:79:5e:50:7f:4f:58:f0:
d8:1b:45:16:df:7b:16:e7:5a:05:a2:17:cd:0e:f2:fb:d9:82:
9f:30:3d:0a:99:ab:20:ad:05:14:04:65:82:bb:7e:1a:d5:c1:
61:e4:39:23:ae:da:84:98:d8:3d:30:b5:39:b1:d2:4b:08:1a:
3d:8a:d3:c9:0f:1d:c9:0c:13:3b:86:f2:e3:78:65:45:05:0e:
2b:9d:6c:20:8d:91:d9:56:7d:04:82:21:0e:42:e4:da:86:72:
6f:22:3b:bc:79:28:82:9b:25:31:85:0b:87:86:a6:77:0c:4b:
c4:21:3b:86:91:c4:78:53:1c:33:89:51:b2:e5:68:a7:42:ac:
66:f3:3c:24:00:99:17:e8:08:f2:c6:d8:24:04:a1:db:f2:c2:
40:c9:ea:59:e8:8a:e5:76:9c:c6:36:82:6f:76:d0:d0:29:c1:
2a:b2:96:25:b4:a2:c1:ad:80:11:b5:54:46:61:50:f3:b8:88:
ec:e3:dc:b7:ef:2b:77:c4:af:8a:89:67:9e:c1:e3:09:42:ba:
c5:b7:f8:a4
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQgaEdwie26pDvfvlQE3R7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OGUyMDIzODFjMWM4OGQ4MmYzYjcwZjNiZTA2OGExYWEz
NzJiOWQwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQ1Y2VmNTQ4OWVhNGJlOTlhYjU5NjUwNjMyY2IyMmIyZjlhMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9G+RHzs3tqfE3GLw0ch+uiPHb+s0
1E3mixHUiOgsJOtZvSfvvbObndav9hzneFfE4YIpwJtOVwGvBfRbfEWp8VhAcgvI
ordsJnUn6f6x6Gktnw1V/UkogNxdBYbzGAh2gnya64V3yMcnmStwxsB31hJSNIqB
SmtRjySTmV1tGKy1CrDSDwlB+H7u6SPszqb5n0dINbe3GSgdUCQpCaEcYG4LYJUu
TheM98DsDpQ+PLQ34WCL55R6BOjddCs7/tD+O4iWRLC0idK+RAo4YRCo9dLCShmm
fMRpqxa2VSAPCPMeJBl3le8+cpoSCaymN50etVAS6TVugcU+nZYtc9i9EQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFORFzvVInqS+matZZQYyyyKy+aFIMB8GA1UdIwQY
MBaAFOmOICOBwciNgvO3DzvgaKGqNyudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlk0Z0k0SEJ5STJDODdjUE8tQm9vYW8zSzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mNzg5MzctYWVkMy00YjZmLWFhMmQt
YzgzMmVkN2Q1ZmVjLzEvNUVYTzlVaWVwTDZacTFsbEJqTExJckw1b1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mNzg5MzctYWVkMy00YjZmLWFhMmQtYzgzMmVkN2Q1ZmVj
LzEvNlk0Z0k0SEJ5STJDODdjUE8tQm9vYW8zSzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQAjeL4AwQC
vEDQMCEEAgACMBsDBwIqB+fAAAADBwAqB+fAAUcDBwAqB+fAEAAwDQYJKoZIhvcN
AQELBQADggEBAHgOSIvVDPXaQVv+3YgUUaOBUvxR2S0mqTXjW3pUbiurhARyEap4
6yZsC1Opsgn7eV5Qf09Y8NgbRRbfexbnWgWiF80O8vvZgp8wPQqZqyCtBRQEZYK7
fhrVwWHkOSOu2oSY2D0wtTmx0ksIGj2K08kPHckMEzuG8uN4ZUUFDiudbCCNkdlW
fQSCIQ5C5NqGcm8iO7x5KIKbJTGFC4eGpncMS8QhO4aRxHhTHDOJUbLlaKdCrGbz
PCQAmRfoCPLG2CQEodvywkDJ6lnoiuV2nMY2gm920NApwSqyliW0osGtgBG1VEZh
UPO4iOzj3LfvK3fEr4qJZ57B4wlCusW3+KQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net