Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vfYaTtc4brt0Ov1kx9oCUOHIJXI.roa
File: vfYaTtc4brt0Ov1kx9oCUOHIJXI.roa (raw, json)
Hash identifier: eB+hXGbiqW76z1VHwcXpM+YfyI+lZHNYCy9KL7CJ5lM=
Subject key identifier: BD:F6:1A:4E:D7:38:6E:BB:74:3A:FD:64:C7:DA:02:50:E1:C8:25:72
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 019469D30C5D77E26DABC185A98E6BBB5F25
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vfYaTtc4brt0Ov1kx9oCUOHIJXI.roa
Signing time: Wed 15 Jan 2025 11:57:06 +0000
ROA not before: Wed 15 Jan 2025 11:57:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20552
IP address blocks: 91.199.97.0/24 maxlen: 24
91.216.30.0/24 maxlen: 24
164.40.240.0/21 maxlen: 21
164.40.240.0/24 maxlen: 24
164.40.241.0/24 maxlen: 24
164.40.242.0/24 maxlen: 24
164.40.243.0/24 maxlen: 24
164.40.244.0/24 maxlen: 24
164.40.245.0/24 maxlen: 24
164.40.246.0/24 maxlen: 24
164.40.247.0/24 maxlen: 24
185.24.200.0/22 maxlen: 22
185.52.168.0/22 maxlen: 24
185.52.169.0/24 maxlen: 24
185.52.170.0/24 maxlen: 24
185.52.171.0/24 maxlen: 24
185.119.12.0/22 maxlen: 22
185.119.12.0/24 maxlen: 24
185.119.13.0/24 maxlen: 24
185.119.14.0/24 maxlen: 24
185.119.15.0/24 maxlen: 24
217.168.128.0/20 maxlen: 20
217.168.129.0/24 maxlen: 24
217.168.141.0/24 maxlen: 24
2a02:d88::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:d3:0c:5d:77:e2:6d:ab:c1:85:a9:8e:6b:bb:5f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 15 11:57:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdf61a4ed7386ebb743afd64c7da0250e1c82572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:c6:da:e9:a2:5c:cb:61:e7:d0:17:c1:3b:ef:
16:02:3d:67:ad:06:49:18:32:00:f4:d5:e9:b6:ef:
f4:97:83:f9:f1:41:a9:b8:4d:b9:bc:8d:18:75:e4:
4c:90:c9:8e:f1:c1:b4:e9:28:08:b9:ad:c3:64:ff:
17:ff:57:5e:6d:f8:78:fc:67:42:ca:d3:82:78:ac:
e9:bd:58:ba:22:02:b4:9c:33:23:17:34:51:6b:aa:
a2:4a:44:02:d7:c5:f6:66:93:4c:ba:5b:c0:de:bb:
c9:23:f5:e0:34:15:2b:9c:29:49:42:fa:b8:93:28:
1d:48:23:63:ce:2c:90:12:51:00:01:34:cc:b8:51:
65:0c:44:eb:e0:20:47:b3:f1:bd:d8:d5:5d:5e:c4:
42:18:cc:eb:65:28:5f:01:a2:41:02:de:73:60:c2:
64:d5:96:85:e5:16:a5:2e:cf:23:24:c3:4c:cb:45:
dc:03:dc:77:e9:17:d2:66:86:5b:14:cc:20:bf:30:
7c:0b:0c:0b:a8:94:24:d3:43:4c:8d:22:ce:9e:98:
68:56:ba:dc:60:5f:6d:c1:db:c1:6e:1d:61:69:5e:
71:5c:52:75:7e:a1:0d:da:a7:ac:8d:62:3f:ff:e4:
e5:fe:3c:8f:75:83:9f:b8:c8:cc:9d:27:cb:d5:30:
53:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F6:1A:4E:D7:38:6E:BB:74:3A:FD:64:C7:DA:02:50:E1:C8:25:72
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vfYaTtc4brt0Ov1kx9oCUOHIJXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.97.0/24
91.216.30.0/24
164.40.240.0/21
185.24.200.0/22
185.52.168.0/22
185.119.12.0/22
217.168.128.0/20
IPv6:
2a02:d88::/32
Signature Algorithm: sha256WithRSAEncryption
4d:e0:e9:41:e3:b8:67:d1:2d:73:ba:d7:20:0d:06:93:f7:8e:
91:5e:b3:8d:f9:6f:a6:a7:d1:34:a2:94:a6:2a:42:e7:e2:d1:
f7:e1:41:4d:8a:23:3d:93:ea:7c:76:79:9d:23:83:a8:79:09:
10:8a:57:4c:5b:19:d2:dd:bb:4d:0c:23:cf:03:81:04:ef:91:
d3:97:a6:b1:f9:91:0c:7c:ad:b3:60:27:0b:74:3c:ca:9a:75:
bd:f6:4c:92:70:58:75:8c:23:83:6f:95:35:72:ce:55:f2:69:
51:ff:4f:00:08:0f:dc:07:80:4d:b0:90:6f:82:bd:3a:73:42:
d4:bd:0e:29:94:fc:e3:80:b3:fd:b9:15:19:56:1f:76:9d:f6:
21:5f:68:62:1f:68:55:31:2c:38:15:79:e3:57:71:27:20:4e:
6e:77:37:f0:5a:f0:0b:43:3d:20:84:96:63:48:72:46:34:f6:
78:b5:7a:c3:31:46:ca:53:74:65:66:75:0b:4d:98:1a:e0:04:
8d:46:ef:dc:f9:d9:ba:b8:2e:3a:d2:79:ed:f4:92:b4:72:0c:
c7:a1:1e:61:d5:d6:4a:ab:82:aa:85:14:d2:1b:c1:b5:0b:0e:
79:3a:c3:9d:d1:50:89:33:3f:86:80:1e:75:c4:1b:21:0f:53:
aa:da:70:a9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZRp0wxdd+Jtq8GFqY5ru18lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjUwMTE1MTE1NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGY2MWE0ZWQ3Mzg2ZWJiNzQzYWZkNjRjN2RhMDI1MGUxYzgyNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8cba6aJcy2Hn0BfBO+8WAj1nrQZJ
GDIA9NXptu/0l4P58UGpuE25vI0YdeRMkMmO8cG06SgIua3DZP8X/1debfh4/GdC
ytOCeKzpvVi6IgK0nDMjFzRRa6qiSkQC18X2ZpNMulvA3rvJI/XgNBUrnClJQvq4
kygdSCNjziyQElEAATTMuFFlDETr4CBHs/G92NVdXsRCGMzrZShfAaJBAt5zYMJk
1ZaF5RalLs8jJMNMy0XcA9x36RfSZoZbFMwgvzB8CwwLqJQk00NMjSLOnphoVrrc
YF9twdvBbh1haV5xXFJ1fqEN2qesjWI//+Tl/jyPdYOfuMjMnSfL1TBTwwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFL32Gk7XOG67dDr9ZMfaAlDhyCVyMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvdmZZYVR0YzRicnQwT3Yxa3g5b0NVT0hJSlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAW8dhAwQA
W9geAwQDpCjwAwQCuRjIAwQCuTSoAwQCuXcMAwQE2aiAMA0EAgACMAcDBQAqAg2I
MA0GCSqGSIb3DQEBCwUAA4IBAQBN4OlB47hn0S1zutcgDQaT946RXrON+W+mp9E0
opSmKkLn4tH34UFNiiM9k+p8dnmdI4OoeQkQildMWxnS3btNDCPPA4EE75HTl6ax
+ZEMfK2zYCcLdDzKmnW99kyScFh1jCODb5U1cs5V8mlR/08ACA/cB4BNsJBvgr06
c0LUvQ4plPzjgLP9uRUZVh92nfYhX2hiH2hVMSw4FXnjV3EnIE5udzfwWvALQz0g
hJZjSHJGNPZ4tXrDMUbKU3RlZnULTZga4ASNRu/c+dm6uC460nnt9JK0cgzHoR5h
1dZKq4KqhRTSG8G1Cw55OsOd0VCJMz+GgB51xBshD1Oq2nCp
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:35 2025 by rpki-client on console.sobornost.net