Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/VjMPHeJDKYGawcvbQkGRY-IGbRw.roa
File: VjMPHeJDKYGawcvbQkGRY-IGbRw.roa (raw, json)
Hash identifier: U2Wh3/ktayWnH5Ju+3oCrYV1vRV7bDQpKkdbX5Ys83Y=
Subject key identifier: 56:33:0F:1D:E2:43:29:81:9A:C1:CB:DB:42:41:91:63:E2:06:6D:1C
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 0194228D7CEFA511653B061E0CF0A5E80F10
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/VjMPHeJDKYGawcvbQkGRY-IGbRw.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211261
IP address blocks: 5.253.156.0/24 maxlen: 24
5.253.157.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
91.210.126.0/24 maxlen: 24
185.146.67.0/24 maxlen: 24
185.210.192.0/24 maxlen: 24
185.210.193.0/24 maxlen: 24
185.210.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7c:ef:a5:11:65:3b:06:1e:0c:f0:a5:e8:0f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56330f1de24329819ac1cbdb42419163e2066d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ec:30:75:1b:d4:a8:81:63:f7:11:17:41:6a:
b3:50:46:e9:05:f3:72:6c:02:c3:11:13:c8:04:d4:
c1:02:e3:54:1f:ab:32:f3:e9:83:ba:02:95:35:1a:
d2:6c:63:d1:43:62:80:ee:b5:bc:20:48:1e:28:a6:
9b:1d:49:06:80:db:a6:18:26:3f:5b:d4:4b:ff:dc:
d0:82:ea:e1:8b:cc:c0:d7:0c:da:8a:cb:3c:f2:cc:
7c:2c:13:c1:6f:c6:a0:bc:ac:be:a6:f3:b3:8c:b6:
aa:00:62:ed:f4:1f:d1:4f:a8:24:3d:34:27:82:82:
06:15:1e:98:d8:d9:d4:36:0d:d5:d1:1f:e0:e9:04:
4f:0c:90:94:4e:f2:bd:6d:ad:c2:e7:18:6c:09:58:
b0:ad:42:d3:25:d9:bb:1f:18:d2:4c:c3:93:27:59:
e9:57:3e:44:b8:46:39:14:6d:2d:04:16:57:bb:f1:
76:bd:a3:52:e0:7d:ed:fa:d3:df:9c:a9:d4:b4:bd:
f8:42:3c:63:57:4c:71:16:59:5c:27:24:25:7e:0b:
6d:d7:09:d9:3d:11:90:a2:4e:39:10:26:45:53:33:
cb:f9:88:5c:c8:25:2e:bf:98:23:60:b1:4a:bc:b6:
11:40:3e:94:78:1a:c6:1a:47:30:98:49:32:62:77:
e9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:33:0F:1D:E2:43:29:81:9A:C1:CB:DB:42:41:91:63:E2:06:6D:1C
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/VjMPHeJDKYGawcvbQkGRY-IGbRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.156.0/23
5.253.159.0/24
91.210.126.0/24
185.146.67.0/24
185.210.192.0/23
185.210.195.0/24
Signature Algorithm: sha256WithRSAEncryption
04:24:d2:c1:46:45:63:3f:12:1a:17:2f:96:f9:72:97:e2:cd:
ba:e7:48:a0:63:9e:3b:ee:d0:82:9a:32:0e:03:57:f4:12:41:
ee:08:fe:f6:3a:88:f0:2e:d3:6b:3b:39:82:bf:0f:ae:6a:f2:
2f:aa:02:0d:92:b9:ec:d6:a3:ca:ee:07:94:51:59:98:fc:a1:
a5:30:12:3c:dd:71:3a:6b:fb:06:94:aa:f9:05:1e:c5:5c:a0:
7b:ba:7c:41:d4:12:f0:4b:fd:c7:95:34:27:31:24:07:99:57:
56:51:6f:bc:43:83:6c:15:73:4e:5b:fc:be:d0:ca:e2:76:92:
8a:c9:6b:f3:58:9a:61:94:bc:8f:f8:e0:e1:bf:05:97:c9:0e:
15:d4:f0:a5:3e:c8:9f:28:90:27:50:f6:62:7b:ea:c7:5f:13:
b6:db:fc:dc:fa:c9:2c:a1:21:6a:a4:76:77:0b:fd:75:5b:52:
60:78:d7:d0:17:a4:86:ef:d8:bc:e5:3d:5c:d4:e6:e8:1e:09:
e9:9c:0a:85:1b:3a:53:89:c6:3a:dd:5f:16:74:b4:c6:82:aa:
9d:fd:55:42:66:f5:ad:cd:4a:ec:4e:70:fc:ca:0c:ee:36:c6:
d7:91:56:34:f0:96:11:ec:ed:db:05:f7:cb:83:5d:8f:ef:b1:
d9:57:96:38
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQijXzvpRFlOwYeDPCl6A8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjMzMGYxZGUyNDMyOTgxOWFjMWNiZGI0MjQxOTE2M2UyMDY2ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyewwdRvUqIFj9xEXQWqzUEbpBfNy
bALDERPIBNTBAuNUH6sy8+mDugKVNRrSbGPRQ2KA7rW8IEgeKKabHUkGgNumGCY/
W9RL/9zQgurhi8zA1wzaiss88sx8LBPBb8agvKy+pvOzjLaqAGLt9B/RT6gkPTQn
goIGFR6Y2NnUNg3V0R/g6QRPDJCUTvK9ba3C5xhsCViwrULTJdm7HxjSTMOTJ1np
Vz5EuEY5FG0tBBZXu/F2vaNS4H3t+tPfnKnUtL34QjxjV0xxFllcJyQlfgtt1wnZ
PRGQok45ECZFUzPL+YhcyCUuv5gjYLFKvLYRQD6UeBrGGkcwmEkyYnfpnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFYzDx3iQymBmsHL20JBkWPiBm0cMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvVmpNUEhlSkRLWUdhd2N2YlFrR1JZLUlHYlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBf2cAwQA
Bf2fAwQAW9J+AwQAuZJDAwQBudLAAwQAudLDMA0GCSqGSIb3DQEBCwUAA4IBAQAE
JNLBRkVjPxIaFy+W+XKX4s2650igY5477tCCmjIOA1f0EkHuCP72OojwLtNrOzmC
vw+uavIvqgINkrns1qPK7geUUVmY/KGlMBI83XE6a/sGlKr5BR7FXKB7unxB1BLw
S/3HlTQnMSQHmVdWUW+8Q4NsFXNOW/y+0MridpKKyWvzWJphlLyP+ODhvwWXyQ4V
1PClPsifKJAnUPZie+rHXxO22/zc+sksoSFqpHZ3C/11W1JgeNfQF6SG79i85T1c
1OboHgnpnAqFGzpTicY63V8WdLTGgqqd/VVCZvWtzUrsTnD8ygzuNsbXkVY08JYR
7O3bBffLg12P77HZV5Y4
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:51:37 2025 by rpki-client on console.sobornost.net