Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/vHN5MXtzccXdspQhStY4Z57CoPM.roa
File: vHN5MXtzccXdspQhStY4Z57CoPM.roa (raw, json)
Hash identifier: 4HXRwfo/a7HGgHSGpok7A4ldu5noCeEQDTLX8aICufE=
Subject key identifier: BC:73:79:31:7B:73:71:C5:DD:B2:94:21:4A:D6:38:67:9E:C2:A0:F3
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 0195F6A12168631D9242D8711C132414CE8A
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/vHN5MXtzccXdspQhStY4Z57CoPM.roa
Signing time: Wed 02 Apr 2025 13:11:49 +0000
ROA not before: Wed 02 Apr 2025 13:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61026
IP address blocks: 82.196.16.0/21 maxlen: 24
91.232.187.0/24 maxlen: 24
185.9.22.0/23 maxlen: 24
185.20.40.0/22 maxlen: 22
185.20.40.0/24 maxlen: 24
185.20.41.0/24 maxlen: 24
185.20.42.0/24 maxlen: 24
185.20.43.0/24 maxlen: 24
193.38.35.0/24 maxlen: 24
2a04:1500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:a1:21:68:63:1d:92:42:d8:71:1c:13:24:14:ce:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Apr 2 13:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc7379317b7371c5ddb294214ad638679ec2a0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fd:b9:01:36:9a:f1:17:43:6b:6f:74:4f:b3:
f5:f6:16:77:0e:62:06:cb:6c:c8:18:29:3c:9c:4e:
aa:e3:8b:e9:de:99:8c:4c:45:77:0b:1a:dd:78:95:
e9:60:c4:60:9c:e4:12:80:0d:3a:0e:ed:d8:ff:4a:
b5:bf:ad:52:16:cb:76:39:ea:c1:3f:55:46:70:e5:
4f:88:8b:13:57:a8:54:dd:08:6b:66:42:7a:12:bf:
28:14:05:aa:3d:9b:b4:7f:a7:58:c8:ce:06:90:d4:
5d:d5:49:92:67:fc:94:35:b7:e3:bb:4f:9a:93:5a:
bf:31:89:f3:d9:61:1e:fa:58:a7:83:de:3c:18:60:
63:58:da:a6:b7:5d:3f:ed:67:65:14:fb:58:4b:14:
aa:94:b2:a7:ac:81:e8:36:8c:0c:65:48:bc:c8:68:
9f:aa:bc:39:1e:9c:4b:d6:2a:7d:af:af:8e:69:18:
52:18:25:5d:08:1d:38:46:71:6f:24:1c:4c:06:8d:
e6:21:f2:ee:e6:48:17:da:f5:ff:20:1c:f0:f5:e7:
92:b1:9c:76:e1:10:86:bf:de:2f:5f:6f:2a:25:ae:
fc:b2:73:2e:f6:7d:08:57:77:91:bb:28:38:bd:90:
a4:ff:19:96:42:ac:33:c9:a7:07:d6:41:ac:7b:57:
af:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:73:79:31:7B:73:71:C5:DD:B2:94:21:4A:D6:38:67:9E:C2:A0:F3
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/vHN5MXtzccXdspQhStY4Z57CoPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
91.232.187.0/24
185.9.22.0/23
185.20.40.0/22
193.38.35.0/24
IPv6:
2a04:1500::/29
Signature Algorithm: sha256WithRSAEncryption
04:64:5d:c7:50:5b:7a:71:98:7e:3c:10:87:90:85:f7:60:d8:
55:43:52:2a:e0:c3:da:c5:6f:6f:95:4f:1e:ca:4e:fc:a7:1d:
9f:a4:c3:b8:8c:9d:dd:04:b0:37:0e:f1:bf:55:c7:6e:9e:02:
d1:ac:27:97:0a:38:9c:2b:94:a4:52:7e:b0:33:83:c3:43:9d:
bc:a4:37:5b:88:ec:7c:1d:6a:00:0a:8d:ac:e3:a3:4a:04:4e:
18:09:30:58:fb:43:98:11:49:7e:01:07:4c:6c:13:2b:90:d4:
3f:47:c5:97:b8:d9:49:b0:ad:c8:5d:fe:8f:5c:56:20:42:18:
42:2e:1b:a2:ee:72:0d:39:c0:07:8f:40:5c:4f:bb:f1:58:1f:
84:8b:80:da:e0:96:a9:8d:1c:1f:ff:8d:72:10:a3:06:a3:58:
86:9e:67:fe:35:55:97:25:46:e2:f8:1f:04:57:98:5c:a3:b7:
25:58:6d:d4:bb:b1:36:cb:4e:97:e4:07:0e:bc:89:ef:71:55:
5f:21:81:51:61:be:b1:59:26:2d:18:c9:c6:91:d4:3e:10:3a:
de:e6:4d:08:79:e4:ad:4c:18:79:d5:2c:3b:41:92:73:0b:45:
83:b5:13:68:de:99:ea:a9:9d:86:e4:e8:b1:10:9b:42:d9:17:
f8:d9:9c:ad
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZX2oSFoYx2SQthxHBMkFM6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjUwNDAyMTMxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzczNzkzMTdiNzM3MWM1ZGRiMjk0MjE0YWQ2Mzg2NzllYzJhMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/25ATaa8RdDa290T7P19hZ3DmIG
y2zIGCk8nE6q44vp3pmMTEV3CxrdeJXpYMRgnOQSgA06Du3Y/0q1v61SFst2OerB
P1VGcOVPiIsTV6hU3QhrZkJ6Er8oFAWqPZu0f6dYyM4GkNRd1UmSZ/yUNbfju0+a
k1q/MYnz2WEe+ling948GGBjWNqmt10/7WdlFPtYSxSqlLKnrIHoNowMZUi8yGif
qrw5HpxL1ip9r6+OaRhSGCVdCB04RnFvJBxMBo3mIfLu5kgX2vX/IBzw9eeSsZx2
4RCGv94vX28qJa78snMu9n0IV3eRuyg4vZCk/xmWQqwzyacH1kGse1evxQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLxzeTF7c3HF3bKUIUrWOGeewqDzMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvdkhONU1YdHpjY1hkc3BRaFN0WTRaNTdDb1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDUsQQAwQA
W+i7AwQBuQkWAwQCuRQoAwQAwSYjMA0EAgACMAcDBQMqBBUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAEZF3HUFt6cZh+PBCHkIX3YNhVQ1Iq4MPaxW9vlU8eyk78px2fpMO4
jJ3dBLA3DvG/VcdungLRrCeXCjicK5SkUn6wM4PDQ528pDdbiOx8HWoACo2s46NK
BE4YCTBY+0OYEUl+AQdMbBMrkNQ/R8WXuNlJsK3IXf6PXFYgQhhCLhui7nINOcAH
j0BcT7vxWB+Ei4Da4JapjRwf/41yEKMGo1iGnmf+NVWXJUbi+B8EV5hco7clWG3U
u7E2y06X5AcOvInvcVVfIYFRYb6xWSYtGMnGkdQ+EDre5k0IeeStTBh51Sw7QZJz
C0WDtRNo3pnqqZ2G5OixEJtC2Rf42Zyt
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:54 2025 by rpki-client on console.sobornost.net