Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/4BcmRfIKbtyHA5W50P0xfaSluTc.roa
File: 4BcmRfIKbtyHA5W50P0xfaSluTc.roa (raw, json)
Hash identifier: EUIfaPrgoy0kpcCTAuIPs2vRwCWnSayvJLiSWEhojBk=
Subject key identifier: E0:17:26:45:F2:0A:6E:DC:87:03:95:B9:D0:FD:31:7D:A4:A5:B9:37
Certificate issuer: /CN=7eb4565a32db3c9c8b8b0f7b4c11bd1154e20de9
Certificate serial: 019424B3E72714DD67EFB91D27E2FD4BA98A
Authority key identifier: 7E:B4:56:5A:32:DB:3C:9C:8B:8B:0F:7B:4C:11:BD:11:54:E2:0D:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/frRWWjLbPJyLiw97TBG9EVTiDek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/4BcmRfIKbtyHA5W50P0xfaSluTc.roa
Signing time: Thu 02 Jan 2025 01:49:17 +0000
ROA not before: Thu 02 Jan 2025 01:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52122
IP address blocks: 46.255.184.0/24 maxlen: 24
46.255.185.0/24 maxlen: 24
46.255.186.0/24 maxlen: 24
46.255.187.0/24 maxlen: 24
46.255.188.0/24 maxlen: 24
46.255.189.0/24 maxlen: 24
46.255.190.0/24 maxlen: 24
46.255.191.0/24 maxlen: 24
185.4.184.0/24 maxlen: 24
185.4.185.0/24 maxlen: 24
185.4.186.0/24 maxlen: 24
185.4.187.0/24 maxlen: 24
2a01:9140::/32 maxlen: 32
2a01:9140:cccc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e7:27:14:dd:67:ef:b9:1d:27:e2:fd:4b:a9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7eb4565a32db3c9c8b8b0f7b4c11bd1154e20de9
Validity
Not Before: Jan 2 01:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0172645f20a6edc870395b9d0fd317da4a5b937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:77:e9:dd:fe:3a:b7:0f:3d:85:4f:49:95:cb:
e7:2b:79:4f:3f:3b:81:3f:d6:61:60:a8:c7:ac:2b:
0c:11:3e:41:aa:d0:06:ca:0b:77:53:c7:9a:ea:c1:
af:60:03:ec:49:c9:fa:e0:11:57:9e:d1:97:2c:e8:
14:88:4f:4e:6d:3b:ba:3f:40:9d:ef:47:d9:f4:92:
06:f5:5b:08:b9:80:5e:97:3e:03:92:be:b7:29:2c:
a9:f9:3d:aa:62:b4:79:31:49:bd:73:2e:9f:6f:60:
30:aa:af:db:8f:6a:52:82:26:c5:8d:bf:2f:17:79:
09:fd:f9:84:03:4b:c0:12:8d:e6:47:1d:53:80:d3:
c2:41:76:0e:b0:cc:43:10:5f:d9:07:d1:8b:1c:34:
36:67:8f:14:fe:64:d5:90:03:70:2e:cb:8d:d3:b7:
19:d9:1d:09:03:59:50:56:12:0b:10:ef:14:4b:32:
4e:50:b9:da:25:17:a7:ab:6b:15:43:32:28:3d:5e:
62:2e:62:e7:4e:71:e8:07:9c:fc:d4:ff:ab:0c:0b:
72:40:96:50:d3:9e:0a:ab:86:2d:22:bc:40:78:23:
68:39:d9:6a:63:77:07:15:12:61:f0:4d:64:dd:58:
80:0a:4a:d7:22:c1:2f:ce:80:d4:bc:41:50:b3:ba:
b3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:17:26:45:F2:0A:6E:DC:87:03:95:B9:D0:FD:31:7D:A4:A5:B9:37
X509v3 Authority Key Identifier:
keyid:7E:B4:56:5A:32:DB:3C:9C:8B:8B:0F:7B:4C:11:BD:11:54:E2:0D:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/frRWWjLbPJyLiw97TBG9EVTiDek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/4BcmRfIKbtyHA5W50P0xfaSluTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/frRWWjLbPJyLiw97TBG9EVTiDek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.184.0/21
185.4.184.0/22
IPv6:
2a01:9140::/32
Signature Algorithm: sha256WithRSAEncryption
62:ce:9b:c6:b2:f3:02:6f:c7:6c:09:f2:b7:73:3c:31:ae:0f:
27:ef:0b:bf:02:5e:55:0f:41:43:1c:3e:94:d7:f2:c6:4e:44:
9c:cc:69:3a:22:8c:1a:19:16:84:93:e1:c6:50:f1:b9:0c:04:
09:e4:4e:d2:45:a7:a0:2d:d7:27:11:bc:3a:1c:5c:c7:f3:8b:
a3:a1:f7:11:68:9d:af:fa:6e:33:02:a4:9a:2d:95:8c:d1:56:
59:9d:96:e4:f2:a0:bc:72:a8:42:3b:04:86:cf:9d:f3:6e:59:
cc:40:5c:51:da:30:45:f2:66:03:32:04:38:3c:08:5e:5f:12:
66:5e:40:44:3a:23:e5:73:02:72:57:2a:3f:a5:0c:c9:43:fe:
4d:2c:34:cf:9c:c7:37:cc:40:40:d2:77:77:df:91:97:cb:14:
93:e5:8d:4b:42:bb:17:3f:2f:08:10:ff:8a:61:6b:fe:bd:d9:
f1:c0:29:e4:78:82:03:bc:22:08:47:ff:7e:a3:56:8f:55:28:
73:76:ec:50:36:b6:6b:29:49:05:34:e6:7c:11:13:d2:30:58:
f1:29:9d:fe:9d:73:62:15:4b:b3:38:62:a3:fa:31:75:3f:f7:
10:2d:bd:c9:c4:97:5a:c2:b5:72:f0:8a:86:c6:19:9b:7f:73:
3a:90:a1:f5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks+cnFN1n77kdJ+L9S6mKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYjQ1NjVhMzJkYjNjOWM4YjhiMGY3YjRjMTFiZDExNTRl
MjBkZTkwHhcNMjUwMTAyMDE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDE3MjY0NWYyMGE2ZWRjODcwMzk1YjlkMGZkMzE3ZGE0YTViOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nfp3f46tw89hU9JlcvnK3lPPzuB
P9ZhYKjHrCsMET5BqtAGygt3U8ea6sGvYAPsScn64BFXntGXLOgUiE9ObTu6P0Cd
70fZ9JIG9VsIuYBelz4Dkr63KSyp+T2qYrR5MUm9cy6fb2Awqq/bj2pSgibFjb8v
F3kJ/fmEA0vAEo3mRx1TgNPCQXYOsMxDEF/ZB9GLHDQ2Z48U/mTVkANwLsuN07cZ
2R0JA1lQVhILEO8USzJOULnaJRenq2sVQzIoPV5iLmLnTnHoB5z81P+rDAtyQJZQ
054Kq4YtIrxAeCNoOdlqY3cHFRJh8E1k3ViACkrXIsEvzoDUvEFQs7qzpwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOAXJkXyCm7chwOVudD9MX2kpbk3MB8GA1UdIwQY
MBaAFH60Vloy2zyci4sPe0wRvRFU4g3pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJSV1dqTGJQSnlMaXc5N1RCRzlFVlRpRGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81YjUzNWUtYjE0My00YjRhLTkwZTgt
MGU3OTQ5OTM1ZDgxLzEvNEJjbVJmSUtidHlIQTVXNTBQMHhmYVNsdVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81YjUzNWUtYjE0My00YjRhLTkwZTgtMGU3OTQ5OTM1ZDgx
LzEvZnJSV1dqTGJQSnlMaXc5N1RCRzlFVlRpRGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv+4AwQC
uQS4MA0EAgACMAcDBQAqAZFAMA0GCSqGSIb3DQEBCwUAA4IBAQBizpvGsvMCb8ds
CfK3czwxrg8n7wu/Al5VD0FDHD6U1/LGTkSczGk6IowaGRaEk+HGUPG5DAQJ5E7S
RaegLdcnEbw6HFzH84ujofcRaJ2v+m4zAqSaLZWM0VZZnZbk8qC8cqhCOwSGz53z
blnMQFxR2jBF8mYDMgQ4PAheXxJmXkBEOiPlcwJyVyo/pQzJQ/5NLDTPnMc3zEBA
0nd335GXyxST5Y1LQrsXPy8IEP+KYWv+vdnxwCnkeIIDvCIIR/9+o1aPVShzduxQ
NrZrKUkFNOZ8ERPSMFjxKZ3+nXNiFUuzOGKj+jF1P/cQLb3JxJdawrVy8IqGxhmb
f3M6kKH1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:44 2025 by rpki-client on console.sobornost.net