Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4hsnepskMSm6UJnf9uyajDXQBgY.roa
File: 4hsnepskMSm6UJnf9uyajDXQBgY.roa (raw, json)
Hash identifier: Tq56wqTljnucbMTG6PkdQyY7e/8bipLiIr4qnaVdd5Q=
Subject key identifier: E2:1B:27:7A:9B:24:31:29:BA:50:99:DF:F6:EC:9A:8C:35:D0:06:06
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6936CA3CA973D96E960DFD927BCA
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4hsnepskMSm6UJnf9uyajDXQBgY.roa
Signing time: Thu 02 Jan 2025 09:50:26 +0000
ROA not before: Thu 02 Jan 2025 09:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25531
IP address blocks: 89.17.32.0/24 maxlen: 24
89.17.34.0/24 maxlen: 24
89.17.36.0/22 maxlen: 22
89.17.40.0/22 maxlen: 22
89.17.44.0/24 maxlen: 24
89.17.47.0/24 maxlen: 24
89.17.50.0/24 maxlen: 24
217.15.48.0/22 maxlen: 22
217.15.52.0/24 maxlen: 24
217.15.54.0/23 maxlen: 23
217.15.58.0/23 maxlen: 23
217.15.60.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:69:36:ca:3c:a9:73:d9:6e:96:0d:fd:92:7b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e21b277a9b243129ba5099dff6ec9a8c35d00606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bd:fa:6b:e0:35:11:fa:a8:6e:dd:e4:bf:35:
85:f7:48:ea:b6:09:84:ba:21:4c:57:94:66:c2:5d:
2d:55:db:bb:d5:03:55:8b:ca:68:73:8d:4f:ca:47:
de:84:54:81:4f:fa:ab:de:93:7d:69:46:a7:9a:aa:
e8:e2:54:da:2c:ff:74:b7:80:a8:d6:48:f6:4a:4f:
19:14:6b:8d:08:b2:ee:e8:14:37:44:c0:cf:e5:0b:
1d:cf:02:50:af:34:2d:6a:42:39:03:64:75:84:d8:
9c:1e:c5:41:7a:12:5e:c9:51:54:9a:58:b3:d7:40:
39:b7:d3:7f:f7:10:d8:34:56:cb:81:63:ad:7a:86:
11:bb:26:63:ff:e4:24:3f:e5:20:55:78:b3:50:e5:
bd:6d:91:65:1c:de:40:fb:10:d8:1f:12:33:98:c5:
ba:9d:38:90:5c:a3:6a:28:70:45:97:77:c2:2b:fd:
6d:1e:ac:b7:02:e4:4e:26:ca:71:f9:3e:60:92:61:
22:58:cb:c7:6d:9a:0d:94:60:98:52:83:23:a1:d2:
e0:8c:22:4b:d5:7a:b0:b7:4d:71:28:bb:a6:a9:47:
6d:18:7f:0e:2e:fa:0b:d3:43:a6:95:76:63:0d:0e:
27:92:d3:ca:ee:c2:64:2c:ae:2c:eb:19:6e:fc:8f:
15:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1B:27:7A:9B:24:31:29:BA:50:99:DF:F6:EC:9A:8C:35:D0:06:06
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4hsnepskMSm6UJnf9uyajDXQBgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.17.32.0/24
89.17.34.0/24
89.17.36.0-89.17.44.255
89.17.47.0/24
89.17.50.0/24
217.15.48.0-217.15.52.255
217.15.54.0/23
217.15.58.0-217.15.61.255
Signature Algorithm: sha256WithRSAEncryption
1e:96:59:3c:52:6a:7b:40:37:9f:39:d3:25:47:9f:e2:36:19:
a4:bb:5b:e6:4e:13:98:64:ce:65:cf:33:30:3e:21:ff:16:01:
c4:b1:15:b4:a3:80:b9:46:cd:ea:05:c4:d7:0b:c8:56:b4:b8:
08:d0:80:08:27:c8:bf:f6:ac:3a:f8:2f:f4:b2:ef:b5:dd:cc:
e9:23:08:56:03:58:c4:ce:1b:86:af:35:54:25:f0:f9:e8:81:
cc:55:f0:97:09:05:c3:89:0b:fd:aa:cf:db:a0:62:6b:73:ef:
98:a7:23:5d:1e:7e:83:eb:30:22:0e:87:ae:53:d4:7a:ac:0f:
af:de:a1:a0:c3:4c:dd:d0:da:6e:a4:0e:d2:e3:c9:ac:2d:a2:
05:80:6d:d6:28:b3:cf:b6:ae:98:75:bb:28:b0:69:8e:4b:bd:
6c:48:0c:b5:33:10:0e:e6:5c:af:8c:ff:c5:8f:0b:6c:6a:78:
0a:4f:b4:b7:21:79:45:e4:6a:9a:01:29:49:dc:fa:0a:10:8a:
e8:e2:17:29:de:37:13:40:35:e5:ee:27:a2:a6:42:94:a8:fd:
1f:3a:7b:b1:84:c1:75:7c:e1:0c:62:2b:0e:42:86:fd:5b:9c:
59:e5:41:ef:cb:a7:99:a5:5a:c0:53:98:52:4c:78:a6:d7:a0:
cf:bb:f3:65
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQmbGk2yjypc9lulg39knvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFiMjc3YTliMjQzMTI5YmE1MDk5ZGZmNmVjOWE4YzM1ZDAwNjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx736a+A1Efqobt3kvzWF90jqtgmE
uiFMV5Rmwl0tVdu71QNVi8poc41PykfehFSBT/qr3pN9aUanmqro4lTaLP90t4Co
1kj2Sk8ZFGuNCLLu6BQ3RMDP5QsdzwJQrzQtakI5A2R1hNicHsVBehJeyVFUmliz
10A5t9N/9xDYNFbLgWOteoYRuyZj/+QkP+UgVXizUOW9bZFlHN5A+xDYHxIzmMW6
nTiQXKNqKHBFl3fCK/1tHqy3AuROJspx+T5gkmEiWMvHbZoNlGCYUoMjodLgjCJL
1Xqwt01xKLumqUdtGH8OLvoL00OmlXZjDQ4nktPK7sJkLK4s6xlu/I8VCQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOIbJ3qbJDEpulCZ3/bsmow10AYGMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNGhzbmVwc2tNU202VUpuZjl1eWFqRFhRQmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAWREgAwQA
WREiMAwDBAJZESQDBABZESwDBABZES8DBABZETIwDAMEBNkPMAMEANkPNAMEAdkP
NjAMAwQB2Q86AwQB2Q88MA0GCSqGSIb3DQEBCwUAA4IBAQAellk8Ump7QDefOdMl
R5/iNhmku1vmThOYZM5lzzMwPiH/FgHEsRW0o4C5Rs3qBcTXC8hWtLgI0IAIJ8i/
9qw6+C/0su+13czpIwhWA1jEzhuGrzVUJfD56IHMVfCXCQXDiQv9qs/boGJrc++Y
pyNdHn6D6zAiDoeuU9R6rA+v3qGgw0zd0NpupA7S48msLaIFgG3WKLPPtq6Ydbso
sGmOS71sSAy1MxAO5lyvjP/FjwtsangKT7S3IXlF5GqaASlJ3PoKEIro4hcp3jcT
QDXl7ieipkKUqP0fOnuxhMF1fOEMYisOQob9W5xZ5UHvy6eZpVrAU5hSTHim16DP
u/Nl
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:07 2025 by rpki-client on console.sobornost.net