Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/v5y-XO_c3BUL4I2vKl0yvM3sR48.roa
File: v5y-XO_c3BUL4I2vKl0yvM3sR48.roa (raw, json)
Hash identifier: job18wRUBRjomyukO0QxaFg1pEdwxYB+4rsX0iFAoJo=
Subject key identifier: BF:9C:BE:5C:EF:DC:DC:15:0B:E0:8D:AF:2A:5D:32:BC:CD:EC:47:8F
Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Certificate serial: 019425218A1882A8D6EE57D8480BDC971385
Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/v5y-XO_c3BUL4I2vKl0yvM3sR48.roa
Signing time: Thu 02 Jan 2025 03:49:02 +0000
ROA not before: Thu 02 Jan 2025 03:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202111
IP address blocks: 46.252.8.0/21 maxlen: 21
46.252.12.0/22 maxlen: 22
2a00:5900::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8a:18:82:a8:d6:ee:57:d8:48:0b:dc:97:13:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd
Validity
Not Before: Jan 2 03:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf9cbe5cefdcdc150be08daf2a5d32bccdec478f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:ac:4c:75:74:f2:85:e7:3e:7e:20:10:b2:
da:ca:4e:aa:60:49:2a:29:e2:a8:40:95:7e:66:7f:
00:8b:c3:52:24:15:fa:50:53:92:a8:df:bd:93:82:
c3:06:8d:c3:a2:31:2d:cd:04:5e:af:ed:cf:ec:3e:
d9:c2:d9:ae:22:44:75:9b:17:e7:96:fd:2e:0b:50:
34:cf:fb:41:5f:8f:55:6b:a3:05:d0:04:08:3d:b6:
cd:a6:3d:ac:e4:3b:a9:e0:ff:d0:4c:3a:e8:14:7f:
01:9d:85:e8:94:63:a0:8f:cc:6b:b9:ba:bf:f1:2e:
e6:9d:17:1e:a0:90:43:43:53:92:2a:0c:cb:cf:20:
40:1f:7d:92:5c:7d:0b:c2:c1:29:66:62:26:70:55:
ff:4c:52:36:e6:c3:51:61:bf:82:82:04:5a:f9:db:
f0:c0:de:64:f6:23:97:84:fe:87:b1:33:1d:d2:8b:
39:73:ee:00:e9:fd:bb:9a:06:36:6d:27:8e:a1:1f:
cc:91:62:21:0e:06:0d:c2:6a:1d:cb:42:31:b6:a6:
94:f2:8b:c2:df:f4:8b:71:3d:f6:b2:eb:67:24:21:
c3:89:b6:21:ce:73:c3:93:d7:e6:45:85:d6:54:98:
29:8a:36:89:c9:87:86:65:d3:0a:35:68:0d:fa:b4:
b0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9C:BE:5C:EF:DC:DC:15:0B:E0:8D:AF:2A:5D:32:BC:CD:EC:47:8F
X509v3 Authority Key Identifier:
keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/v5y-XO_c3BUL4I2vKl0yvM3sR48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.8.0/21
IPv6:
2a00:5900::/32
Signature Algorithm: sha256WithRSAEncryption
c2:96:34:00:6b:4c:a7:3b:3b:66:36:db:ea:19:b7:d2:70:72:
8c:3e:01:a8:6e:98:3a:3a:46:d1:88:1e:ea:aa:b1:c0:42:82:
9a:24:3f:fa:38:77:c3:46:a9:06:2c:bb:ba:0f:4a:99:3a:2e:
e1:dc:02:9e:c5:96:f7:cb:75:c2:2c:81:11:19:90:a4:7b:f1:
ed:1d:ea:12:6c:89:09:8b:2d:a5:52:ac:10:98:3a:78:4c:5a:
17:1e:41:1e:e0:a6:18:32:5f:72:3d:d4:03:cd:d9:25:21:fe:
d6:88:54:51:da:49:40:18:9f:97:88:05:ec:11:b1:de:2a:5e:
70:f2:54:27:ba:5b:c2:27:86:06:1a:55:a9:d5:d2:eb:7d:52:
b4:ca:59:df:cb:42:2e:90:77:a1:ca:d2:02:2b:52:68:18:1f:
1d:80:43:07:90:d1:01:7b:86:65:ac:50:ca:f1:94:4e:66:56:
56:80:34:2e:37:6d:de:3c:43:af:9c:54:93:14:cc:16:95:03:
71:46:65:b4:8f:c7:84:83:8b:0c:66:3c:45:47:eb:7a:91:5e:
1a:bd:3e:9f:a1:72:d7:45:7b:6a:45:71:ec:cf:b3:a1:ba:ce:
8d:2e:46:c2:79:01:4c:74:78:b4:16:e9:db:86:81:52:c5:d1:
cb:34:fc:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIYoYgqjW7lfYSAvclxOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2
YzQwZmQwHhcNMjUwMTAyMDM0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjljYmU1Y2VmZGNkYzE1MGJlMDhkYWYyYTVkMzJiY2NkZWM0NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ+sTHV08oXnPn4gELLayk6qYEkq
KeKoQJV+Zn8Ai8NSJBX6UFOSqN+9k4LDBo3DojEtzQRer+3P7D7ZwtmuIkR1mxfn
lv0uC1A0z/tBX49Va6MF0AQIPbbNpj2s5Dup4P/QTDroFH8BnYXolGOgj8xrubq/
8S7mnRceoJBDQ1OSKgzLzyBAH32SXH0LwsEpZmImcFX/TFI25sNRYb+CggRa+dvw
wN5k9iOXhP6HsTMd0os5c+4A6f27mgY2bSeOoR/MkWIhDgYNwmody0IxtqaU8ovC
3/SLcT32sutnJCHDibYhznPDk9fmRYXWVJgpijaJyYeGZdMKNWgN+rSwnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL+cvlzv3NwVC+CNrypdMrzN7EePMB8GA1UdIwQY
MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt
Yzc4NjkxMjg1ODJjLzEvdjV5LVhPX2MzQlVMNEkydktsMHl2TTNzUjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj
LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvwIMA0E
AgACMAcDBQAqAFkAMA0GCSqGSIb3DQEBCwUAA4IBAQDCljQAa0ynOztmNtvqGbfS
cHKMPgGobpg6OkbRiB7qqrHAQoKaJD/6OHfDRqkGLLu6D0qZOi7h3AKexZb3y3XC
LIERGZCke/HtHeoSbIkJiy2lUqwQmDp4TFoXHkEe4KYYMl9yPdQDzdklIf7WiFRR
2klAGJ+XiAXsEbHeKl5w8lQnulvCJ4YGGlWp1dLrfVK0ylnfy0IukHehytICK1Jo
GB8dgEMHkNEBe4ZlrFDK8ZROZlZWgDQuN23ePEOvnFSTFMwWlQNxRmW0j8eEg4sM
ZjxFR+t6kV4avT6foXLXRXtqRXHsz7Ohus6NLkbCeQFMdHi0FunbhoFSxdHLNPyY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:29 2025 by rpki-client on console.sobornost.net