Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/D7wvDXUsXUNReHXB-ElMhZdvj4w.roa
File: D7wvDXUsXUNReHXB-ElMhZdvj4w.roa (raw, json)
Hash identifier: YElp4tNhBybnsgMrPzJJrWGgoM31szDQK/CjgNi5G0I=
Subject key identifier: 0F:BC:2F:0D:75:2C:5D:43:51:78:75:C1:F8:49:4C:85:97:6F:8F:8C
Certificate issuer: /CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Certificate serial: 019425FDCE53889A0B4E81F583BE7FBE2475
Authority key identifier: 5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/D7wvDXUsXUNReHXB-ElMhZdvj4w.roa
Signing time: Thu 02 Jan 2025 07:49:37 +0000
ROA not before: Thu 02 Jan 2025 07:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43926
IP address blocks: 46.253.40.0/24 maxlen: 24
46.253.41.0/24 maxlen: 24
46.253.42.0/24 maxlen: 24
46.253.43.0/24 maxlen: 24
46.253.44.0/24 maxlen: 24
46.253.45.0/24 maxlen: 24
46.253.46.0/24 maxlen: 24
46.253.47.0/24 maxlen: 24
185.182.152.0/24 maxlen: 24
185.182.153.0/24 maxlen: 24
185.182.154.0/24 maxlen: 24
185.182.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ce:53:88:9a:0b:4e:81:f5:83:be:7f:be:24:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Validity
Not Before: Jan 2 07:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fbc2f0d752c5d43517875c1f8494c85976f8f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:56:f9:d7:82:cc:5f:49:dd:19:6a:bd:47:b7:
8f:aa:4e:d3:dc:61:53:0c:62:10:84:f4:21:78:73:
3a:89:75:72:32:b9:26:b7:86:38:eb:7c:ff:ba:f8:
9c:72:6b:e5:d5:a0:4d:3e:3c:e2:f3:78:0a:d7:60:
bc:45:97:3f:c8:07:d1:70:96:fa:61:39:a3:6b:51:
19:5e:4a:25:f4:2e:29:ef:f0:e6:af:e5:b7:98:06:
b0:7e:40:e6:96:a9:de:f6:bf:34:0c:fb:50:89:15:
8e:a2:ae:55:6b:03:9f:01:56:12:2b:6b:67:bd:6f:
76:39:8c:da:5d:89:be:f8:78:91:50:92:e5:72:01:
23:87:8a:d5:4a:af:78:cd:7d:a2:34:a1:2f:9f:9b:
7b:15:ed:7a:53:4b:dc:d2:63:7a:80:16:fa:ea:d6:
81:d6:d5:25:5d:ac:32:a6:da:94:43:b4:94:7b:aa:
7e:86:b2:fd:d9:f2:73:6a:9f:3d:b0:5f:3c:db:ca:
18:75:bb:25:65:39:27:22:a5:44:7d:42:fa:fd:20:
92:b2:5c:6c:5f:65:20:d0:c6:03:93:48:67:24:0d:
94:e0:e0:83:49:9a:92:6c:e5:c9:06:2b:93:39:19:
3f:f1:c4:4d:cc:21:98:0b:67:a9:31:0c:a5:5f:d8:
45:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BC:2F:0D:75:2C:5D:43:51:78:75:C1:F8:49:4C:85:97:6F:8F:8C
X509v3 Authority Key Identifier:
keyid:5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/D7wvDXUsXUNReHXB-ElMhZdvj4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.40.0/21
185.182.152.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:62:69:86:d1:44:b6:13:a4:e2:b3:d1:1d:74:37:a0:59:94:
71:31:7b:88:b0:fa:4a:14:30:e2:98:49:05:c0:67:32:59:e0:
71:d8:1e:e5:e9:dd:87:3f:0e:08:b1:74:e4:9d:ef:32:d9:f4:
82:b7:6f:03:8b:36:ce:8e:35:ad:40:82:f7:96:9f:96:6c:fc:
a9:87:cd:a6:6a:7c:89:1f:f6:84:65:91:c7:39:b1:a0:75:c2:
ed:ff:35:5e:12:ec:dd:bc:d6:c8:b5:9c:2f:29:1a:c4:3c:7d:
93:e9:56:20:f7:ff:3d:f5:6d:34:67:c1:ed:79:a2:bd:f7:f8:
97:bb:fc:3b:39:40:f8:0a:2c:73:b0:88:61:b6:40:7c:23:53:
64:41:18:98:e7:6c:71:71:3e:fb:4c:23:ae:43:d0:66:21:b4:
32:cc:ec:6c:f9:42:90:d8:d7:7e:a3:cb:a6:23:ea:65:bd:3a:
d5:ef:a3:6d:dc:82:c1:c8:e7:40:f8:08:7b:b2:96:01:c4:04:
24:15:4a:26:d9:d7:36:7e:9b:f5:0a:d8:10:03:18:24:4a:bd:
7f:48:20:a4:33:1d:65:ef:4e:3f:d6:a2:c1:f0:ea:0f:61:26:
93:b5:8b:dc:8d:c3:bd:43:1d:0d:95:a0:0a:fa:89:d0:05:82:
ea:75:d6:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/c5TiJoLToH1g75/viR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYWEzNTQwMWU1Mjk3YjNiNTI3ZTg0ZjkzZWE4YWExMTBk
OTdiOTUwHhcNMjUwMTAyMDc0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJjMmYwZDc1MmM1ZDQzNTE3ODc1YzFmODQ5NGM4NTk3NmY4ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylb514LMX0ndGWq9R7ePqk7T3GFT
DGIQhPQheHM6iXVyMrkmt4Y463z/uviccmvl1aBNPjzi83gK12C8RZc/yAfRcJb6
YTmja1EZXkol9C4p7/Dmr+W3mAawfkDmlqne9r80DPtQiRWOoq5VawOfAVYSK2tn
vW92OYzaXYm++HiRUJLlcgEjh4rVSq94zX2iNKEvn5t7Fe16U0vc0mN6gBb66taB
1tUlXawyptqUQ7SUe6p+hrL92fJzap89sF8828oYdbslZTknIqVEfUL6/SCSslxs
X2Ug0MYDk0hnJA2U4OCDSZqSbOXJBiuTORk/8cRNzCGYC2epMQylX9hFMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA+8Lw11LF1DUXh1wfhJTIWXb4+MMB8GA1UdIwQY
MBaAFFuqNUAeUpeztSfoT5PqiqEQ2XuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2Et
NDQwMDE3MDBiOGNhLzEvRDd3dkRYVXNYVU5SZUhYQi1FbE1oWmR2ajR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2EtNDQwMDE3MDBiOGNh
LzEvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv0oAwQC
ubaYMA0GCSqGSIb3DQEBCwUAA4IBAQAdYmmG0US2E6Tis9EddDegWZRxMXuIsPpK
FDDimEkFwGcyWeBx2B7l6d2HPw4IsXTkne8y2fSCt28DizbOjjWtQIL3lp+WbPyp
h82manyJH/aEZZHHObGgdcLt/zVeEuzdvNbItZwvKRrEPH2T6VYg9/899W00Z8Ht
eaK99/iXu/w7OUD4CixzsIhhtkB8I1NkQRiY52xxcT77TCOuQ9BmIbQyzOxs+UKQ
2Nd+o8umI+plvTrV76Nt3ILByOdA+Ah7spYBxAQkFUom2dc2fpv1CtgQAxgkSr1/
SCCkMx1l704/1qLB8OoPYSaTtYvcjcO9Qx0NlaAK+onQBYLqddZn
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:58 2025 by rpki-client on console.sobornost.net