Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/vhYKMa2Z6sRh78styyEQC2ay13Y.roa
File: vhYKMa2Z6sRh78styyEQC2ay13Y.roa (raw, json)
Hash identifier: q6ISR7QoOYSfixxm6mwluVodtW8Dzcm/t68jGp50cGg=
Subject key identifier: BE:16:0A:31:AD:99:EA:C4:61:EF:CB:2D:CB:21:10:0B:66:B2:D7:76
Certificate issuer: /CN=e4ff5bbf540c65954b9913a68c24d174de97d829
Certificate serial: 019423D6BAB263DA23A5782095F4EB512015
Authority key identifier: E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/vhYKMa2Z6sRh78styyEQC2ay13Y.roa
Signing time: Wed 01 Jan 2025 21:47:42 +0000
ROA not before: Wed 01 Jan 2025 21:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49910
IP address blocks: 45.13.24.0/24 maxlen: 24
77.232.224.0/19 maxlen: 24
185.174.36.0/22 maxlen: 24
2a06:3e40::/29 maxlen: 48
2a12:9940::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ba:b2:63:da:23:a5:78:20:95:f4:eb:51:20:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4ff5bbf540c65954b9913a68c24d174de97d829
Validity
Not Before: Jan 1 21:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be160a31ad99eac461efcb2dcb21100b66b2d776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f0:c7:11:2f:46:40:94:f3:75:ed:ab:1c:24:
9f:73:c3:9c:3f:08:9d:0c:d5:c4:28:b8:c7:3c:2f:
2a:10:13:89:7e:5b:51:b4:c8:2b:ed:50:4d:04:d4:
43:42:5f:b2:29:40:88:8f:10:cd:24:a3:b5:94:df:
ee:83:2c:d1:32:5e:89:5e:2f:35:a7:37:4e:2d:4e:
79:1a:e5:17:da:01:d3:f2:5a:1a:d2:5c:92:0b:ea:
7c:0e:c9:32:a7:7c:a2:65:a6:45:42:c9:99:3d:e7:
0e:d4:43:bf:fe:16:ba:83:e3:0a:06:46:46:a3:e1:
a0:7b:d8:24:67:7c:0a:85:58:2f:6b:5b:c3:a7:b3:
ab:93:38:f1:ef:57:4c:70:52:4e:2f:ee:e9:81:b1:
d9:6c:15:02:37:ec:0a:63:59:27:4b:75:77:aa:2e:
f9:7f:fa:f8:b7:b1:00:c1:08:45:4d:be:d8:fb:97:
1e:36:99:bd:33:d8:d3:2b:7c:a9:19:ea:84:99:89:
7f:f3:f6:16:a4:f9:84:8e:ba:3d:1b:8f:db:e2:ed:
01:37:b3:88:58:4e:68:af:42:2d:c6:74:af:a6:e4:
a6:da:8a:a3:80:1c:60:4a:a8:aa:87:1a:c9:45:74:
19:b8:6c:e9:67:9a:81:fa:9e:78:7e:fb:7e:c9:c7:
b7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:16:0A:31:AD:99:EA:C4:61:EF:CB:2D:CB:21:10:0B:66:B2:D7:76
X509v3 Authority Key Identifier:
keyid:E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/vhYKMa2Z6sRh78styyEQC2ay13Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/5P9bv1QMZZVLmROmjCTRdN6X2Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.24.0/24
77.232.224.0/19
185.174.36.0/22
IPv6:
2a06:3e40::/29
2a12:9940::/29
Signature Algorithm: sha256WithRSAEncryption
6b:5b:57:a8:89:39:bf:69:d9:a2:ee:62:e5:2d:cc:12:50:00:
8b:fc:39:51:15:e5:c3:34:4a:f9:8c:59:92:1d:59:fc:4a:e1:
90:87:3a:8c:b6:1c:4b:49:3a:4d:39:0a:ac:b1:3e:58:e2:ca:
ec:24:99:b6:92:d4:5f:50:3f:fd:99:d8:ec:54:40:88:16:cb:
a2:25:65:0f:08:41:5f:81:3b:b4:bb:52:51:31:75:d8:d4:a5:
15:91:14:4e:d9:8e:13:c3:ae:a6:9c:b7:88:9e:10:02:12:c3:
32:25:e5:99:0f:87:b3:8e:71:0b:1d:50:0f:87:f9:89:36:10:
5d:0a:6f:ec:28:19:0a:d7:39:e6:d5:a6:79:2b:fc:73:b2:2f:
8d:8c:ad:8f:ec:0a:0d:31:35:cb:47:4c:80:4e:92:03:c9:d7:
b8:01:57:be:25:b1:ed:a7:c0:96:78:f9:26:9d:b5:ae:8c:a6:
46:c4:ba:e3:f0:e0:97:e3:8f:9f:09:b0:06:f1:ce:b7:1f:20:
29:9f:4c:9f:09:5d:d8:97:39:91:a7:26:3f:10:6e:97:64:84:
e6:b0:82:43:3a:64:d8:71:5f:4d:8c:51:7e:65:53:e6:8e:08:
19:be:3c:cc:e0:81:d3:eb:5d:4f:b9:1a:37:b9:e9:2a:e0:fc:
36:d9:91:c3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQj1rqyY9ojpXgglfTrUSAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZmY1YmJmNTQwYzY1OTU0Yjk5MTNhNjhjMjRkMTc0ZGU5
N2Q4MjkwHhcNMjUwMTAxMjE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTE2MGEzMWFkOTllYWM0NjFlZmNiMmRjYjIxMTAwYjY2YjJkNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvDHES9GQJTzde2rHCSfc8OcPwid
DNXEKLjHPC8qEBOJfltRtMgr7VBNBNRDQl+yKUCIjxDNJKO1lN/ugyzRMl6JXi81
pzdOLU55GuUX2gHT8loa0lySC+p8Dskyp3yiZaZFQsmZPecO1EO//ha6g+MKBkZG
o+Gge9gkZ3wKhVgva1vDp7Orkzjx71dMcFJOL+7pgbHZbBUCN+wKY1knS3V3qi75
f/r4t7EAwQhFTb7Y+5ceNpm9M9jTK3ypGeqEmYl/8/YWpPmEjro9G4/b4u0BN7OI
WE5or0ItxnSvpuSm2oqjgBxgSqiqhxrJRXQZuGzpZ5qB+p54fvt+yce3IwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFL4WCjGtmerEYe/LLcshEAtmstd2MB8GA1UdIwQY
MBaAFOT/W79UDGWVS5kTpowk0XTel9gpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgt
NWMwYzQ2ZDA0ZWUxLzEvdmhZS01hMlo2c1JoNzhzdHl5RVFDMmF5MTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgtNWMwYzQ2ZDA0ZWUx
LzEvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALQ0YAwQF
TejgAwQCua4kMBQEAgACMA4DBQMqBj5AAwUDKhKZQDANBgkqhkiG9w0BAQsFAAOC
AQEAa1tXqIk5v2nZou5i5S3MElAAi/w5URXlwzRK+YxZkh1Z/ErhkIc6jLYcS0k6
TTkKrLE+WOLK7CSZtpLUX1A//ZnY7FRAiBbLoiVlDwhBX4E7tLtSUTF12NSlFZEU
TtmOE8Ouppy3iJ4QAhLDMiXlmQ+Hs45xCx1QD4f5iTYQXQpv7CgZCtc55tWmeSv8
c7IvjYytj+wKDTE1y0dMgE6SA8nXuAFXviWx7afAlnj5Jp21roymRsS64/Dgl+OP
nwmwBvHOtx8gKZ9Mnwld2Jc5kacmPxBul2SE5rCCQzpk2HFfTYxRfmVT5o4IGb48
zOCB0+tdT7kaN7npKuD8NtmRww==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:53 2025 by rpki-client on console.sobornost.net