Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/v4w1l1in0yr2EsXsMhwK7smhe5c.roa
File: v4w1l1in0yr2EsXsMhwK7smhe5c.roa (raw, json)
Hash identifier: 7H5QERbsex398Y/VCrt/sp2Qpj6rfwjWtrt7q4PvQAo=
Subject key identifier: BF:8C:35:97:58:A7:D3:2A:F6:12:C5:EC:32:1C:0A:EE:C9:A1:7B:97
Certificate issuer: /CN=42116774afb5ed1ac9926b0bc2d57f8b8058b3e7
Certificate serial: 0194266C3FECC161301928595848DA0C4C10
Authority key identifier: 42:11:67:74:AF:B5:ED:1A:C9:92:6B:0B:C2:D5:7F:8B:80:58:B3:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhFndK-17RrJkmsLwtV_i4BYs-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/v4w1l1in0yr2EsXsMhwK7smhe5c.roa
Signing time: Thu 02 Jan 2025 09:50:15 +0000
ROA not before: Thu 02 Jan 2025 09:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56724
IP address blocks: 5.149.152.0/23 maxlen: 24
5.149.154.0/24 maxlen: 24
5.149.159.0/24 maxlen: 24
185.61.252.0/22 maxlen: 24
2a04:ee00::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3f:ec:c1:61:30:19:28:59:58:48:da:0c:4c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42116774afb5ed1ac9926b0bc2d57f8b8058b3e7
Validity
Not Before: Jan 2 09:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf8c359758a7d32af612c5ec321c0aeec9a17b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ed:35:c0:cc:72:63:21:2c:05:55:c7:eb:27:
a9:7f:0b:e5:66:c9:8d:68:55:b1:b7:21:ae:b0:c1:
dd:1c:62:bb:43:7c:6a:44:61:f0:a0:32:2c:99:dc:
a4:f1:36:e6:4f:fb:29:43:18:d9:6e:40:3b:56:e1:
74:c7:bd:78:c8:18:b0:c8:db:9d:e9:29:65:0a:40:
4f:d5:df:e2:72:86:4e:ab:77:e4:ab:93:45:99:d0:
d7:d2:7f:e5:13:52:8d:14:8a:5b:25:da:80:f2:00:
74:f2:05:e9:79:21:6e:b1:4b:8b:b6:57:9d:2e:76:
88:9f:42:cf:89:87:75:10:23:6e:30:bb:f2:c0:5f:
13:27:70:5a:fd:9d:0a:6d:13:a8:99:53:25:70:9d:
92:04:3c:b0:c6:47:c5:22:70:88:52:4e:59:92:a6:
4e:34:87:9a:6e:e2:85:8f:9c:b6:da:d2:91:61:c4:
17:6d:ef:7d:30:61:2c:30:ea:93:33:fc:1d:ac:d7:
d1:6c:0c:83:24:2b:a3:dc:ff:cf:bb:ef:b6:d1:f6:
dd:93:7e:14:54:c4:49:25:e0:54:2d:b4:b2:7b:1d:
c0:91:22:a3:a9:c8:57:bb:fb:3c:e8:9c:6c:79:e1:
96:17:1b:1e:fd:4a:44:a1:e4:1e:4f:e8:8c:9e:8e:
c9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8C:35:97:58:A7:D3:2A:F6:12:C5:EC:32:1C:0A:EE:C9:A1:7B:97
X509v3 Authority Key Identifier:
keyid:42:11:67:74:AF:B5:ED:1A:C9:92:6B:0B:C2:D5:7F:8B:80:58:B3:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhFndK-17RrJkmsLwtV_i4BYs-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/v4w1l1in0yr2EsXsMhwK7smhe5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/QhFndK-17RrJkmsLwtV_i4BYs-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.152.0-5.149.154.255
5.149.159.0/24
185.61.252.0/22
IPv6:
2a04:ee00::/29
Signature Algorithm: sha256WithRSAEncryption
85:8f:8d:8c:b0:38:1e:db:35:d5:ae:15:99:c2:9b:80:0e:99:
3e:42:8f:40:2b:5e:e5:96:f4:99:fa:94:e8:7a:60:a0:ee:75:
34:a9:e8:fd:46:01:7b:db:84:e4:4a:94:d0:28:17:30:ba:42:
da:c0:64:0d:ab:d0:ef:84:13:20:c7:97:85:55:f4:cb:e2:bc:
ab:1d:ea:98:a2:8d:34:69:26:99:5e:de:36:bc:45:95:67:46:
fb:41:b9:31:26:03:c5:bb:5d:3d:2f:01:da:a2:5f:a9:1a:cd:
39:80:7c:71:60:8c:0d:16:5a:a0:93:db:b5:12:45:9a:d8:cd:
10:db:fd:28:75:02:35:bc:3a:ff:d0:f4:02:4f:dd:1c:e5:71:
63:90:e0:3b:fe:7e:f5:a7:88:eb:b6:94:da:7f:15:d9:62:bd:
05:2c:f8:81:65:35:18:bc:6f:98:1f:d0:6a:8b:d1:d8:99:1c:
57:69:d4:e4:85:d6:71:73:d2:71:71:9a:fc:f9:0b:fc:5b:82:
e5:08:c7:c6:d1:61:45:77:0f:a8:f9:1a:bc:a1:52:d7:b6:4b:
2f:0d:4f:cb:07:fc:9e:f8:9b:58:ad:a2:76:d1:2f:10:95:dc:
d5:31:b9:d4:3b:42:54:d3:b6:1d:bf:e5:bf:0e:61:5d:6b:a2:
ca:65:5b:0d
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQmbD/swWEwGShZWEjaDEwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTE2Nzc0YWZiNWVkMWFjOTkyNmIwYmMyZDU3ZjhiODA1
OGIzZTcwHhcNMjUwMTAyMDk1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhjMzU5NzU4YTdkMzJhZjYxMmM1ZWMzMjFjMGFlZWM5YTE3Yjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+01wMxyYyEsBVXH6yepfwvlZsmN
aFWxtyGusMHdHGK7Q3xqRGHwoDIsmdyk8TbmT/spQxjZbkA7VuF0x714yBiwyNud
6SllCkBP1d/icoZOq3fkq5NFmdDX0n/lE1KNFIpbJdqA8gB08gXpeSFusUuLtled
LnaIn0LPiYd1ECNuMLvywF8TJ3Ba/Z0KbROomVMlcJ2SBDywxkfFInCIUk5ZkqZO
NIeabuKFj5y22tKRYcQXbe99MGEsMOqTM/wdrNfRbAyDJCuj3P/Pu++20fbdk34U
VMRJJeBULbSyex3AkSKjqchXu/s86JxseeGWFxse/UpEoeQeT+iMno7JOwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFL+MNZdYp9Mq9hLF7DIcCu7JoXuXMB8GA1UdIwQY
MBaAFEIRZ3Svte0ayZJrC8LVf4uAWLPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhGbmRLLTE3UnJKa21zTHd0Vl9pNEJZcy1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNzQ2MjctZTUyZi00ZmE2LWIzMzEt
ZTk3Y2QzYWQ0ZGEzLzEvdjR3MWwxaW4weXIyRXNYc01od0s3c21oZTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNzQ2MjctZTUyZi00ZmE2LWIzMzEtZTk3Y2QzYWQ0ZGEz
LzEvUWhGbmRLLTE3UnJKa21zTHd0Vl9pNEJZcy1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAMFlZgD
BAAFlZoDBAAFlZ8DBAK5PfwwDQQCAAIwBwMFAyoE7gAwDQYJKoZIhvcNAQELBQAD
ggEBAIWPjYywOB7bNdWuFZnCm4AOmT5Cj0ArXuWW9Jn6lOh6YKDudTSp6P1GAXvb
hORKlNAoFzC6QtrAZA2r0O+EEyDHl4VV9MvivKsd6piijTRpJple3ja8RZVnRvtB
uTEmA8W7XT0vAdqiX6kazTmAfHFgjA0WWqCT27USRZrYzRDb/Sh1AjW8Ov/Q9AJP
3RzlcWOQ4Dv+fvWniOu2lNp/FdlivQUs+IFlNRi8b5gf0GqL0diZHFdp1OSF1nFz
0nFxmvz5C/xbguUIx8bRYUV3D6j5GryhUte2Sy8NT8sH/J74m1itonbRLxCV3NUx
udQ7QlTTth2/5b8OYV1rosplWw0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:01 2025 by rpki-client on console.sobornost.net