Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/Ae-diP3rVk-4sa-PXAYgbcBanm4.roa
File: Ae-diP3rVk-4sa-PXAYgbcBanm4.roa (raw, json)
Hash identifier: u0iGxdBhci5JERVXq9GDeBfY++asc/728T5ZMln1pyE=
Subject key identifier: 01:EF:9D:88:FD:EB:56:4F:B8:B1:AF:8F:5C:06:20:6D:C0:5A:9E:6E
Certificate issuer: /CN=be1a887e7653a2de44f13163e187037326a29a03
Certificate serial: 0195282CD9D4447A4565F554EBC5D345D202
Authority key identifier: BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/Ae-diP3rVk-4sa-PXAYgbcBanm4.roa
Signing time: Fri 21 Feb 2025 11:03:02 +0000
ROA not before: Fri 21 Feb 2025 11:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39398
IP address blocks: 5.199.228.0/24 maxlen: 24
5.199.229.0/24 maxlen: 24
5.199.230.0/24 maxlen: 24
5.199.231.0/24 maxlen: 24
185.119.248.0/22 maxlen: 24
185.119.248.0/24 maxlen: 24
185.119.249.0/24 maxlen: 24
185.119.250.0/24 maxlen: 24
185.119.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:2c:d9:d4:44:7a:45:65:f5:54:eb:c5:d3:45:d2:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be1a887e7653a2de44f13163e187037326a29a03
Validity
Not Before: Feb 21 11:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01ef9d88fdeb564fb8b1af8f5c06206dc05a9e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7e:de:ef:c2:e3:6e:e0:8a:ee:ed:8f:8d:00:
6d:d2:8f:fe:31:f1:f3:b4:3e:c5:c3:c0:e3:4b:de:
3a:27:44:ad:f8:00:69:33:80:d9:cb:bc:66:55:69:
df:a2:dd:f7:89:cb:e7:a9:06:82:db:45:82:e9:94:
f5:9a:a5:ce:f9:13:a6:88:0a:db:e5:5e:de:d0:59:
1f:8f:aa:57:2d:19:90:00:5e:9b:c7:10:ab:02:3c:
a0:ce:cd:9c:dc:7a:f8:65:90:9a:9b:79:53:96:26:
2f:41:00:2e:a7:d7:bb:48:6b:3c:06:45:49:30:a7:
07:f5:a0:e5:ca:51:ea:fd:21:12:0f:f7:ba:b2:b3:
1d:ba:2c:9f:01:f4:bb:58:5e:d5:23:59:20:d9:e9:
f9:e5:b5:0a:69:5c:4f:38:e6:dc:98:68:7a:6b:86:
8d:fe:5c:ce:09:0c:8a:3a:92:a9:45:a9:be:99:4e:
d8:9b:7c:0b:09:8a:29:95:8a:77:4b:32:29:dd:84:
99:67:c7:fc:d0:49:ca:9f:e2:10:92:d8:dd:32:f9:
d2:f6:ad:93:0c:a3:48:ed:07:67:2f:a8:fa:bc:44:
78:b6:09:2a:eb:9b:24:9f:0c:4e:76:a0:d2:02:e7:
f3:35:d2:6f:db:15:6b:ef:15:9c:05:ff:18:b7:55:
f8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:EF:9D:88:FD:EB:56:4F:B8:B1:AF:8F:5C:06:20:6D:C0:5A:9E:6E
X509v3 Authority Key Identifier:
keyid:BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/Ae-diP3rVk-4sa-PXAYgbcBanm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/vhqIfnZTot5E8TFj4YcDcyaimgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.228.0/22
185.119.248.0/22
Signature Algorithm: sha256WithRSAEncryption
09:4b:83:47:b7:a2:ad:0e:4c:c7:69:ce:4f:b8:af:44:46:e2:
fe:35:16:95:3a:34:2e:f0:f6:a7:2e:f4:2d:65:81:1e:b6:db:
f8:d6:d6:7e:3e:e5:a7:39:f4:14:24:b6:e3:79:b9:3a:ef:d8:
1f:c0:19:ed:30:e9:13:6e:b4:bf:0b:29:b7:23:5f:b4:44:05:
c3:d6:ed:c3:07:99:53:cf:26:f6:b1:90:a3:3a:cc:ea:08:e3:
30:0d:19:ed:a2:9b:ce:4c:7f:04:41:62:4a:13:9d:28:0e:d8:
f6:eb:03:a7:ee:73:ff:2e:a1:98:9b:13:40:f6:e8:6f:ac:e9:
41:0e:e5:67:c0:c4:3d:d0:12:5b:cd:7d:14:48:fb:33:1a:9a:
1f:93:7f:1f:68:2b:e2:ad:00:dd:76:59:f7:81:f5:22:95:34:
ca:e1:23:d0:31:51:db:4b:6d:ba:2d:87:48:eb:f7:8c:29:2d:
24:30:64:c3:ef:08:0e:5e:6d:68:a4:b5:a7:86:7e:bc:3e:89:
f7:82:26:f3:34:60:f3:bc:30:90:d4:55:ac:28:cb:93:eb:71:
f9:74:8a:e2:94:80:a6:7a:49:ce:35:3c:54:b5:2d:9f:b8:67:
60:95:e3:ea:fc:bf:99:9e:db:13:d8:4a:ed:73:47:d3:63:2a:
20:89:56:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUoLNnURHpFZfVU68XTRdICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMWE4ODdlNzY1M2EyZGU0NGYxMzE2M2UxODcwMzczMjZh
MjlhMDMwHhcNMjUwMjIxMTEwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWVmOWQ4OGZkZWI1NjRmYjhiMWFmOGY1YzA2MjA2ZGMwNWE5ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX7e78LjbuCK7u2PjQBt0o/+MfHz
tD7Fw8DjS946J0St+ABpM4DZy7xmVWnfot33icvnqQaC20WC6ZT1mqXO+ROmiArb
5V7e0Fkfj6pXLRmQAF6bxxCrAjygzs2c3Hr4ZZCam3lTliYvQQAup9e7SGs8BkVJ
MKcH9aDlylHq/SESD/e6srMduiyfAfS7WF7VI1kg2en55bUKaVxPOObcmGh6a4aN
/lzOCQyKOpKpRam+mU7Ym3wLCYoplYp3SzIp3YSZZ8f80EnKn+IQktjdMvnS9q2T
DKNI7QdnL6j6vER4tgkq65sknwxOdqDSAufzNdJv2xVr7xWcBf8Yt1X4DQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAHvnYj961ZPuLGvj1wGIG3AWp5uMB8GA1UdIwQY
MBaAFL4aiH52U6LeRPExY+GHA3MmopoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYt
ODZjNTQxY2E5ZDcxLzEvQWUtZGlQM3JWay00c2EtUFhBWWdiY0Jhbm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYtODZjNTQxY2E5ZDcx
LzEvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBcfkAwQC
uXf4MA0GCSqGSIb3DQEBCwUAA4IBAQAJS4NHt6KtDkzHac5PuK9ERuL+NRaVOjQu
8PanLvQtZYEettv41tZ+PuWnOfQUJLbjebk679gfwBntMOkTbrS/Cym3I1+0RAXD
1u3DB5lTzyb2sZCjOszqCOMwDRntopvOTH8EQWJKE50oDtj26wOn7nP/LqGYmxNA
9uhvrOlBDuVnwMQ90BJbzX0USPszGpofk38faCvirQDddln3gfUilTTK4SPQMVHb
S226LYdI6/eMKS0kMGTD7wgOXm1opLWnhn68Pon3gibzNGDzvDCQ1FWsKMuT63H5
dIrilICmeknONTxUtS2fuGdglePq/L+ZntsT2Ertc0fTYyogiVYK
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:35 2025 by rpki-client on console.sobornost.net