Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/4wGntNc85Yvx0ypR88J1OukuDr4.roa
File: 4wGntNc85Yvx0ypR88J1OukuDr4.roa (raw, json)
Hash identifier: pBVnEWBMMIGiHwfDW8kLnJrA2UUG/riqaCBWB/OBtY4=
Subject key identifier: E3:01:A7:B4:D7:3C:E5:8B:F1:D3:2A:51:F3:C2:75:3A:E9:2E:0E:BE
Certificate issuer: /CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Certificate serial: 01942521A85517043784442FA67EC0FC353D
Authority key identifier: 5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/4wGntNc85Yvx0ypR88J1OukuDr4.roa
Signing time: Thu 02 Jan 2025 03:49:10 +0000
ROA not before: Thu 02 Jan 2025 03:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204650
IP address blocks: 185.110.253.0/24 maxlen: 24
185.110.254.0/24 maxlen: 24
185.118.154.0/24 maxlen: 24
185.119.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a8:55:17:04:37:84:44:2f:a6:7e:c0:fc:35:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b7a905e25a4d5cccb2eebe4e2d5c3920819758e
Validity
Not Before: Jan 2 03:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e301a7b4d73ce58bf1d32a51f3c2753ae92e0ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:89:02:cb:e6:3a:e7:bf:61:53:b2:da:aa:98:
fc:c8:71:43:2d:19:c4:6d:05:dc:5c:79:64:40:8b:
7a:ac:ab:b1:2a:ce:3e:c4:2d:1d:65:25:4f:5a:25:
65:fe:e3:7b:46:25:4e:7f:94:10:35:c2:c5:92:f3:
fa:e4:ff:ab:75:7d:87:c7:a0:e4:ca:4d:93:2e:fe:
b3:73:2e:83:5a:f3:90:1f:8c:ef:da:a9:e0:ea:74:
91:d5:98:9f:eb:ac:0f:ca:ad:39:bd:29:f6:f3:c2:
8b:bf:4d:8a:71:7b:a1:2c:7e:6e:a4:3b:c1:7d:bc:
39:0a:ab:62:eb:30:73:99:8c:f1:5f:37:bf:34:37:
97:4a:ac:cc:0a:85:ce:d5:0a:53:cf:26:88:0f:20:
bf:0b:69:bd:ca:c4:de:11:54:52:e8:81:ba:bf:cb:
4f:91:93:5f:63:d0:66:75:d7:2c:3c:04:c6:c9:dc:
5e:fb:6d:d4:99:28:92:9c:2f:c8:fc:95:0f:3f:38:
c6:d2:bc:8a:7c:aa:31:f6:7c:cd:6e:31:23:94:c7:
20:32:0f:c3:5d:32:e5:bd:0b:3f:36:14:7a:b6:a4:
a2:8a:48:74:f8:c0:39:b0:ec:34:6b:d5:30:a9:8a:
14:b8:4f:f8:23:2d:65:3e:93:06:e6:ee:9d:b1:75:
63:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:01:A7:B4:D7:3C:E5:8B:F1:D3:2A:51:F3:C2:75:3A:E9:2E:0E:BE
X509v3 Authority Key Identifier:
keyid:5B:7A:90:5E:25:A4:D5:CC:CB:2E:EB:E4:E2:D5:C3:92:08:19:75:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3qQXiWk1czLLuvk4tXDkggZdY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/4wGntNc85Yvx0ypR88J1OukuDr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c12395-c0f8-4e05-8cb1-73a3d07d2c31/1/W3qQXiWk1czLLuvk4tXDkggZdY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.253.0-185.110.254.255
185.118.154.0/24
185.119.164.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4b:1e:71:96:ee:5b:f4:cf:ae:f8:4d:b2:2f:97:98:ee:3f:
c6:15:02:f2:4f:bf:3e:af:ff:cc:60:a4:05:5a:92:9d:12:2b:
f4:d4:b8:92:39:e2:5d:9c:7b:f6:6f:8e:45:42:df:4d:18:7e:
4b:f1:ee:27:e1:7a:9b:ea:f5:da:ce:de:4b:7f:d5:1d:58:f4:
1f:27:5e:b1:25:5b:63:82:7c:4f:0e:82:87:9c:32:a5:ee:02:
be:9e:93:37:00:f8:d5:16:4a:f0:ba:5b:08:b7:6e:9b:b8:9e:
76:05:83:ff:b8:7e:8a:9e:2c:7d:c0:fd:c5:c1:62:31:14:77:
a0:cc:c0:88:e3:0c:eb:4d:f5:b6:62:7a:6b:2a:ca:5c:9c:b4:
03:5b:15:59:f3:7a:e7:2f:bc:7d:df:02:23:02:08:77:93:0a:
d6:b4:07:55:fb:34:ed:f2:41:bd:6e:f9:99:20:42:83:ae:5c:
4f:01:5a:e1:dd:ca:cc:c3:cb:38:8e:02:43:aa:1d:cc:9d:ce:
34:ec:41:ac:9e:47:90:3f:cb:25:47:05:86:e0:3c:a9:76:ec:
7a:fc:dc:61:2b:6e:98:b8:f0:e9:f6:34:82:75:d5:73:34:8b:
9d:06:02:84:93:01:05:48:34:e3:b5:25:9e:71:27:fc:d0:40:
22:42:35:ef
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQlIahVFwQ3hEQvpn7A/DU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViN2E5MDVlMjVhNGQ1Y2NjYjJlZWJlNGUyZDVjMzkyMDgx
OTc1OGUwHhcNMjUwMTAyMDM0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzAxYTdiNGQ3M2NlNThiZjFkMzJhNTFmM2MyNzUzYWU5MmUwZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4kCy+Y6579hU7Laqpj8yHFDLRnE
bQXcXHlkQIt6rKuxKs4+xC0dZSVPWiVl/uN7RiVOf5QQNcLFkvP65P+rdX2Hx6Dk
yk2TLv6zcy6DWvOQH4zv2qng6nSR1Zif66wPyq05vSn288KLv02KcXuhLH5upDvB
fbw5Cqti6zBzmYzxXze/NDeXSqzMCoXO1QpTzyaIDyC/C2m9ysTeEVRS6IG6v8tP
kZNfY9BmddcsPATGydxe+23UmSiSnC/I/JUPPzjG0ryKfKox9nzNbjEjlMcgMg/D
XTLlvQs/NhR6tqSiikh0+MA5sOw0a9UwqYoUuE/4Iy1lPpMG5u6dsXVjNwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOMBp7TXPOWL8dMqUfPCdTrpLg6+MB8GA1UdIwQY
MBaAFFt6kF4lpNXMyy7r5OLVw5IIGXWOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEt
NzNhM2QwN2QyYzMxLzEvNHdHbnROYzg1WXZ4MHlwUjg4SjFPdWt1RHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jMTIzOTUtYzBmOC00ZTA1LThjYjEtNzNhM2QwN2QyYzMx
LzEvVzNxUVhpV2sxY3pMTHV2azR0WERrZ2daZFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC5bv0D
BAC5bv4DBAC5dpoDBAC5d6QwDQYJKoZIhvcNAQELBQADggEBAExLHnGW7lv0z674
TbIvl5juP8YVAvJPvz6v/8xgpAVakp0SK/TUuJI54l2ce/ZvjkVC300Yfkvx7ifh
epvq9drO3kt/1R1Y9B8nXrElW2OCfE8OgoecMqXuAr6ekzcA+NUWSvC6Wwi3bpu4
nnYFg/+4foqeLH3A/cXBYjEUd6DMwIjjDOtN9bZiemsqylyctANbFVnzeucvvH3f
AiMCCHeTCta0B1X7NO3yQb1u+ZkgQoOuXE8BWuHdyszDyziOAkOqHcydzjTsQaye
R5A/yyVHBYbgPKl27Hr83GErbpi48On2NIJ11XM0i50GAoSTAQVINOO1JZ5xJ/zQ
QCJCNe8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net