Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/4-bLyVZ1a-q-MevOuPAa2x98xNs.roa
File: 4-bLyVZ1a-q-MevOuPAa2x98xNs.roa (raw, json)
Hash identifier: MKPTN/JhMHyMcE1qv6Pm1dV76Yg/ryKLj2Edh2oDVKc=
Subject key identifier: E3:E6:CB:C9:56:75:6B:EA:BE:31:EB:CE:B8:F0:1A:DB:1F:7C:C4:DB
Certificate issuer: /CN=3d2eb4147ee7bfc6ba72fc0349453498f000e581
Certificate serial: 01953A7247629B38360FF04FAFBC03748C66
Authority key identifier: 3D:2E:B4:14:7E:E7:BF:C6:BA:72:FC:03:49:45:34:98:F0:00:E5:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PS60FH7nv8a6cvwDSUU0mPAA5YE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/4-bLyVZ1a-q-MevOuPAa2x98xNs.roa
Signing time: Tue 25 Feb 2025 00:12:02 +0000
ROA not before: Tue 25 Feb 2025 00:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5619
IP address blocks: 146.192.0.0/17 maxlen: 17
153.110.0.0/16 maxlen: 16
192.146.163.0/24 maxlen: 24
192.146.164.0/24 maxlen: 24
192.146.169.0/24 maxlen: 24
192.146.170.0/24 maxlen: 24
212.18.128.0/19 maxlen: 19
217.17.0.0/20 maxlen: 20
2a02:9c8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3a:72:47:62:9b:38:36:0f:f0:4f:af:bc:03:74:8c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d2eb4147ee7bfc6ba72fc0349453498f000e581
Validity
Not Before: Feb 25 00:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3e6cbc956756beabe31ebceb8f01adb1f7cc4db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6e:72:d5:4e:6e:03:58:6c:c3:f2:0e:85:14:
cc:02:cc:64:4b:d5:f0:0e:33:1c:38:11:9d:46:da:
34:7d:ad:df:f7:b4:5c:39:7a:48:c9:20:34:e5:c1:
c6:58:1f:4d:b3:c3:55:60:18:1f:2f:dd:29:ef:f6:
d7:97:29:08:0f:ce:8f:ff:59:a7:28:59:bd:a2:5b:
3c:5a:b5:95:c5:04:b9:c8:5c:36:c5:e1:1c:f0:58:
7c:54:39:49:81:38:63:25:fd:43:ea:79:b3:1b:ad:
7e:c8:09:07:68:11:41:a4:29:00:4c:be:a1:45:0d:
c3:01:65:66:34:27:85:db:11:64:7e:29:83:12:75:
5a:ab:62:f2:de:6e:1c:58:f3:e5:9e:b7:ab:e2:2c:
d3:bd:7f:66:e9:ea:e7:8d:76:6d:fd:d8:a0:43:c7:
e7:17:df:28:a3:b5:09:ce:c1:f4:d4:a2:f1:27:be:
23:1d:4f:e4:db:50:d9:8b:f1:90:f2:ae:48:e5:87:
96:19:79:8e:b9:c3:b7:4e:bd:d5:be:44:05:cf:43:
d5:7f:9a:fe:86:cc:2f:b4:f2:c2:fb:56:6e:59:38:
a1:db:1e:2b:9d:6e:1c:28:fd:92:04:f9:29:94:f8:
4c:2d:15:87:11:4c:5d:74:6a:e6:e0:06:38:05:05:
68:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E6:CB:C9:56:75:6B:EA:BE:31:EB:CE:B8:F0:1A:DB:1F:7C:C4:DB
X509v3 Authority Key Identifier:
keyid:3D:2E:B4:14:7E:E7:BF:C6:BA:72:FC:03:49:45:34:98:F0:00:E5:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PS60FH7nv8a6cvwDSUU0mPAA5YE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/4-bLyVZ1a-q-MevOuPAa2x98xNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b8f53f-467f-45cf-8306-42951c2ca738/1/PS60FH7nv8a6cvwDSUU0mPAA5YE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.192.0.0/17
153.110.0.0/16
192.146.163.0-192.146.164.255
192.146.169.0-192.146.170.255
212.18.128.0/19
217.17.0.0/20
IPv6:
2a02:9c8::/29
Signature Algorithm: sha256WithRSAEncryption
49:fb:81:3f:cb:91:08:41:c9:a0:45:26:92:41:0f:30:67:00:
3b:ef:4e:c6:af:3c:cc:f2:80:93:b3:28:53:64:ad:97:12:5e:
34:6a:e0:bb:60:64:b3:1a:43:e9:12:2c:2f:6f:17:b6:15:e5:
f7:0d:ba:d1:56:a8:e1:40:28:b9:e8:bd:2b:13:94:e4:8f:1a:
5e:0d:7a:98:62:fb:22:28:9f:d8:a9:6f:31:b2:e6:69:b1:22:
63:6c:e7:69:5b:cf:e9:57:84:03:78:c2:a8:c0:8a:cb:02:75:
5a:5c:78:78:9f:13:cb:d7:ee:40:bc:86:f3:04:27:8f:64:b5:
b9:4a:29:f4:b3:45:f7:b1:1b:85:4e:17:30:a7:28:a7:7d:14:
33:ab:dc:05:67:35:a8:98:97:2b:8e:e8:19:aa:9d:c0:8a:14:
18:58:64:28:50:d1:57:6f:b6:16:67:44:ed:32:f5:9e:57:82:
8c:d3:ed:0c:bc:3f:61:83:1c:6d:18:06:d4:3c:42:ae:5a:6a:
e8:dc:d1:23:1b:d2:56:35:f1:67:05:bb:ed:d3:7b:22:e2:9f:
58:80:76:74:77:eb:21:70:ad:3e:53:50:e8:7b:41:99:91:a6:
83:f8:32:62:62:33:ae:8b:98:1f:1b:15:ac:bf:27:dc:2a:4c:
b5:99:f0:63
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZU6ckdimzg2D/BPr7wDdIxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMmViNDE0N2VlN2JmYzZiYTcyZmMwMzQ5NDUzNDk4ZjAw
MGU1ODEwHhcNMjUwMjI1MDAxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U2Y2JjOTU2NzU2YmVhYmUzMWViY2ViOGYwMWFkYjFmN2NjNGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp25y1U5uA1hsw/IOhRTMAsxkS9Xw
DjMcOBGdRto0fa3f97RcOXpIySA05cHGWB9Ns8NVYBgfL90p7/bXlykID86P/1mn
KFm9ols8WrWVxQS5yFw2xeEc8Fh8VDlJgThjJf1D6nmzG61+yAkHaBFBpCkATL6h
RQ3DAWVmNCeF2xFkfimDEnVaq2Ly3m4cWPPlnrer4izTvX9m6ernjXZt/digQ8fn
F98oo7UJzsH01KLxJ74jHU/k21DZi/GQ8q5I5YeWGXmOucO3Tr3VvkQFz0PVf5r+
hswvtPLC+1ZuWTih2x4rnW4cKP2SBPkplPhMLRWHEUxddGrm4AY4BQVoaQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOPmy8lWdWvqvjHrzrjwGtsffMTbMB8GA1UdIwQY
MBaAFD0utBR+57/GunL8A0lFNJjwAOWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFM2MEZIN252OGE2Y3Z3RFNVVTBtUEFBNVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9iOGY1M2YtNDY3Zi00NWNmLTgzMDYt
NDI5NTFjMmNhNzM4LzEvNC1iTHlWWjFhLXEtTWV2T3VQQWEyeDk4eE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9iOGY1M2YtNDY3Zi00NWNmLTgzMDYtNDI5NTFjMmNhNzM4
LzEvUFM2MEZIN252OGE2Y3Z3RFNVVTBtUEFBNVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA5BAIAATAzAwQHksAAAwMA
mW4wDAMEAMCSowMEAMCSpDAMAwQAwJKpAwQAwJKqAwQF1BKAAwQE2REAMA0EAgAC
MAcDBQMqAgnIMA0GCSqGSIb3DQEBCwUAA4IBAQBJ+4E/y5EIQcmgRSaSQQ8wZwA7
707GrzzM8oCTsyhTZK2XEl40auC7YGSzGkPpEiwvbxe2FeX3DbrRVqjhQCi56L0r
E5TkjxpeDXqYYvsiKJ/YqW8xsuZpsSJjbOdpW8/pV4QDeMKowIrLAnVaXHh4nxPL
1+5AvIbzBCePZLW5Sin0s0X3sRuFThcwpyinfRQzq9wFZzWomJcrjugZqp3AihQY
WGQoUNFXb7YWZ0TtMvWeV4KM0+0MvD9hgxxtGAbUPEKuWmro3NEjG9JWNfFnBbvt
03si4p9YgHZ0d+shcK0+U1Doe0GZkaaD+DJiYjOui5gfGxWsvyfcKky1mfBj
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:24:04 2025 by rpki-client on console.sobornost.net