Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/XH6XsDF8vVMB4yLkTc4gmvEkmhY.roa
File: XH6XsDF8vVMB4yLkTc4gmvEkmhY.roa (raw, json)
Hash identifier: BZ//lXT/BiGxDhs4SPUIq0AZAxNe5OpvjPNDUL8DbFg=
Subject key identifier: 5C:7E:97:B0:31:7C:BD:53:01:E3:22:E4:4D:CE:20:9A:F1:24:9A:16
Certificate issuer: /CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Certificate serial: 0194B1E2026F13BED0CB7D3A8E985F271051
Authority key identifier: AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/XH6XsDF8vVMB4yLkTc4gmvEkmhY.roa
Signing time: Wed 29 Jan 2025 11:46:06 +0000
ROA not before: Wed 29 Jan 2025 11:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2586
IP address blocks: 62.65.192.0/18 maxlen: 18
81.90.112.0/20 maxlen: 23
82.131.0.0/17 maxlen: 17
85.253.0.0/16 maxlen: 16
87.119.160.0/19 maxlen: 21
91.213.43.0/24 maxlen: 24
94.246.216.0/21 maxlen: 22
94.246.224.0/19 maxlen: 19
95.129.192.0/21 maxlen: 23
145.14.16.0/20 maxlen: 20
145.14.32.0/20 maxlen: 20
146.255.176.0/21 maxlen: 23
178.23.112.0/21 maxlen: 23
185.13.16.0/22 maxlen: 24
185.34.36.0/22 maxlen: 22
185.72.28.0/22 maxlen: 24
194.55.8.0/22 maxlen: 22
194.150.64.0/22 maxlen: 24
194.204.0.0/18 maxlen: 20
2001:1530::/32 maxlen: 32
2001:1bf0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:e2:02:6f:13:be:d0:cb:7d:3a:8e:98:5f:27:10:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Validity
Not Before: Jan 29 11:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c7e97b0317cbd5301e322e44dce209af1249a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2c:ff:6a:e0:66:37:4e:91:98:05:8f:c8:20:
2d:fe:80:6a:b1:d4:52:da:cf:31:80:21:53:11:e3:
14:76:0a:68:71:bc:ba:d2:fa:9a:34:7b:d4:1d:97:
fc:f1:4c:6f:b1:14:b3:67:88:38:e4:56:45:c3:66:
cd:76:65:3b:67:04:f0:81:0b:5d:bd:6c:71:43:7e:
4e:c2:02:93:d5:4c:77:5b:1f:87:b3:f5:49:e9:0c:
5d:2e:68:11:8b:d4:e0:96:94:50:c2:94:50:50:5e:
68:fb:b3:6e:f9:aa:ab:eb:f0:43:09:64:21:9d:98:
bb:46:08:7f:83:83:fb:32:76:96:82:af:e3:56:23:
ca:92:8a:d7:8e:47:34:11:de:45:40:16:be:a5:b5:
97:0a:be:72:31:ae:7e:f4:fd:85:81:bf:05:b0:fa:
1c:02:16:7e:b1:0f:d5:be:57:35:53:38:75:76:74:
8b:ff:96:84:1f:77:28:7c:5e:b9:d1:80:a1:d7:ff:
6b:b6:90:e0:1c:66:ef:67:70:b4:0b:2f:ef:d4:60:
89:ac:43:0e:ef:7c:f9:76:e3:bd:49:8c:ba:32:b1:
7d:ef:64:15:02:72:8b:5f:0c:5e:8e:1c:e2:8d:e4:
0b:fd:0d:cb:69:c5:31:de:8d:96:a1:a2:11:28:0a:
a5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7E:97:B0:31:7C:BD:53:01:E3:22:E4:4D:CE:20:9A:F1:24:9A:16
X509v3 Authority Key Identifier:
keyid:AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/XH6XsDF8vVMB4yLkTc4gmvEkmhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/rSzwPkTaKLcxnqe3tbEQubjLenA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.192.0/18
81.90.112.0/20
82.131.0.0/17
85.253.0.0/16
87.119.160.0/19
91.213.43.0/24
94.246.216.0-94.246.255.255
95.129.192.0/21
145.14.16.0-145.14.47.255
146.255.176.0/21
178.23.112.0/21
185.13.16.0/22
185.34.36.0/22
185.72.28.0/22
194.55.8.0/22
194.150.64.0/22
194.204.0.0/18
IPv6:
2001:1530::/32
2001:1bf0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:dd:89:48:f2:ab:f8:7e:f1:5f:0b:3e:7f:ad:71:1f:ae:cc:
95:66:d8:ba:42:46:fe:04:5e:bb:f0:ae:8b:f3:69:aa:1f:99:
ad:0e:ab:ab:de:fe:6c:c9:d0:4a:f6:50:a9:9d:2e:76:15:30:
38:5e:2f:a5:d8:d7:b1:fa:0d:dc:3c:5a:14:62:41:f9:e3:1f:
f4:02:54:77:bd:7f:48:ba:aa:e9:e6:3b:e9:27:16:10:f4:a7:
76:15:0f:51:60:56:fc:43:11:cc:85:8d:8d:bd:5f:76:20:7b:
b7:ad:c2:c8:c6:a5:31:cc:70:f0:bd:c5:e9:8e:21:55:b4:1a:
c7:04:87:4f:2b:69:7b:34:4b:89:96:57:b8:04:7c:5c:b5:03:
37:72:56:9b:6c:55:b5:fe:52:13:b4:eb:dd:8b:5c:1b:d7:23:
22:d4:15:46:2d:9c:2d:c7:e4:a0:41:77:b3:e2:8c:44:99:20:
d9:8b:ae:93:85:76:5a:eb:46:f8:07:51:45:84:1d:dc:dd:14:
d8:1e:fb:6a:44:be:26:70:f6:bd:26:83:55:b0:e1:5c:91:01:
57:66:83:e4:72:8f:75:26:f7:14:79:16:d7:24:a5:5e:e5:4f:
bc:a7:0d:2b:63:cc:e7:be:b1:d4:80:d2:a2:94:06:e2:95:3b:
08:37:85:9e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZSx4gJvE77Qy306jphfJxBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNmMDNlNDRkYTI4YjczMTllYTdiN2I1YjExMGI5Yjhj
YjdhNzAwHhcNMjUwMTI5MTE0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdlOTdiMDMxN2NiZDUzMDFlMzIyZTQ0ZGNlMjA5YWYxMjQ5YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSz/auBmN06RmAWPyCAt/oBqsdRS
2s8xgCFTEeMUdgpocby60vqaNHvUHZf88UxvsRSzZ4g45FZFw2bNdmU7ZwTwgQtd
vWxxQ35OwgKT1Ux3Wx+Hs/VJ6QxdLmgRi9TglpRQwpRQUF5o+7Nu+aqr6/BDCWQh
nZi7Rgh/g4P7MnaWgq/jViPKkorXjkc0Ed5FQBa+pbWXCr5yMa5+9P2Fgb8FsPoc
AhZ+sQ/Vvlc1Uzh1dnSL/5aEH3cofF650YCh1/9rtpDgHGbvZ3C0Cy/v1GCJrEMO
73z5duO9SYy6MrF972QVAnKLXwxejhzijeQL/Q3LacUx3o2WoaIRKAqlHwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFFx+l7AxfL1TAeMi5E3OIJrxJJoWMB8GA1UdIwQY
MBaAFK0s8D5E2ii3MZ6nt7WxELm4y3pwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6d1BrVGFLTGN4bnFlM3RiRVF1YmpMZW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYWUzMTktNTU3MS00NmY5LWI1N2Qt
YmUwNjVlMWFjMDY3LzEvWEg2WHNERjh2Vk1CNHlMa1RjNGdtdkVrbWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jYWUzMTktNTU3MS00NmY5LWI1N2QtYmUwNjVlMWFjMDY3
LzEvclN6d1BrVGFLTGN4bnFlM3RiRVF1YmpMZW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjB6BAIAATB0AwQGPkHA
AwQEUVpwAwQHUoMAAwMAVf0DBAVXd6ADBABb1SswCwMEA1722AMDAF72AwQDX4HA
MAwDBASRDhADBASRDiADBAOS/7ADBAOyF3ADBAK5DRADBAK5IiQDBAK5SBwDBALC
NwgDBALClkADBAbCzAAwFAQCAAIwDgMFACABFTADBQMgARvwMA0GCSqGSIb3DQEB
CwUAA4IBAQBt3YlI8qv4fvFfCz5/rXEfrsyVZti6Qkb+BF678K6L82mqH5mtDqur
3v5sydBK9lCpnS52FTA4Xi+l2Nex+g3cPFoUYkH54x/0AlR3vX9Iuqrp5jvpJxYQ
9Kd2FQ9RYFb8QxHMhY2NvV92IHu3rcLIxqUxzHDwvcXpjiFVtBrHBIdPK2l7NEuJ
lle4BHxctQM3clabbFW1/lITtOvdi1wb1yMi1BVGLZwtx+SgQXez4oxEmSDZi66T
hXZa60b4B1FFhB3c3RTYHvtqRL4mcPa9JoNVsOFckQFXZoPkco91JvcUeRbXJKVe
5U+8pw0rY8znvrHUgNKilAbilTsIN4We
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:03 2025 by rpki-client on console.sobornost.net