Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/vm-ClgML5_3uleEv-rgUmiKQ17Q.roa
File: vm-ClgML5_3uleEv-rgUmiKQ17Q.roa (raw, json)
Hash identifier: wPgFJqtkHxyxEYqmqaIEoSjSPVtpqoL38aKzCAHEwFQ=
Subject key identifier: BE:6F:82:96:03:0B:E7:FD:EE:95:E1:2F:FA:B8:14:9A:22:90:D7:B4
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018F6E6B4EC8CBA3B71CB6B38E68769D681A
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/vm-ClgML5_3uleEv-rgUmiKQ17Q.roa
Signing time: Sun 12 May 2024 20:07:57 +0000
ROA not before: Sun 12 May 2024 20:07:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 95.82.8.0/21 maxlen: 24
95.82.16.0/20 maxlen: 24
109.111.52.0/22 maxlen: 24
109.111.60.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6e:6b:4e:c8:cb:a3:b7:1c:b6:b3:8e:68:76:9d:68:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: May 12 20:07:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be6f8296030be7fdee95e12ffab8149a2290d7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:44:c1:46:bb:a7:01:01:a8:d7:d5:a2:9c:58:
aa:f8:eb:b1:cc:f5:bb:26:b3:30:de:13:e9:42:fa:
a7:46:e7:a7:41:ad:f5:1f:fa:72:f4:d8:6f:00:b9:
a9:40:7c:fc:92:2f:ad:56:0e:b8:41:fd:f4:14:6e:
74:76:21:88:4e:86:4d:e8:40:7f:d2:cd:ec:7c:c8:
58:77:24:61:69:13:10:aa:ac:d3:5a:69:57:ce:e2:
c0:31:11:d5:94:c0:e7:7f:bf:f0:45:f5:8b:f7:c3:
14:2f:ba:dd:c0:6e:6d:dc:a1:a8:86:c4:0a:14:46:
ea:87:ae:c8:8e:ff:59:03:ca:43:76:d2:1a:c3:aa:
5b:a3:db:fd:eb:fd:93:e0:d9:68:53:0d:81:8b:9d:
7e:cf:d1:49:21:dc:9f:2b:03:c3:f7:a0:dd:44:2e:
4b:a5:48:a0:64:53:8a:b3:27:c7:33:de:02:57:a4:
34:b5:9e:98:3d:56:e1:08:8c:a6:4c:8b:81:2f:da:
e3:22:d4:da:2c:a9:fe:56:fa:b3:fc:63:87:ae:06:
65:af:f9:90:b8:58:9f:f5:10:61:65:04:3a:62:f1:
67:ef:5d:95:20:de:7a:36:a5:d7:9f:29:ba:51:7f:
71:58:e7:fe:72:0b:f3:7e:71:a2:41:b1:3a:f2:e1:
b1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6F:82:96:03:0B:E7:FD:EE:95:E1:2F:FA:B8:14:9A:22:90:D7:B4
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/vm-ClgML5_3uleEv-rgUmiKQ17Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.8.0-95.82.31.255
109.111.52.0/22
109.111.60.0/22
Signature Algorithm: sha256WithRSAEncryption
33:7e:eb:f3:26:4b:c2:2d:3a:69:20:49:81:65:fb:88:f9:8c:
28:3b:13:2b:5a:84:26:56:37:4e:c9:98:41:de:37:6c:eb:37:
7e:d8:e2:19:fe:06:29:3b:a5:e8:e5:cd:bf:29:93:d7:68:11:
1a:bd:76:f7:97:40:49:67:b0:b4:eb:66:3b:9a:4f:aa:1e:bb:
1b:ee:39:85:fe:a1:8d:ed:16:28:d9:04:0b:47:6a:d7:ab:e5:
5a:58:1e:0c:87:eb:6c:08:8b:a7:5c:6a:82:3a:13:6b:59:a6:
58:d0:a4:7a:9f:64:29:66:3a:33:78:f2:38:a7:75:ac:c5:a8:
a2:3b:0e:27:3d:2e:7c:18:c9:d9:41:08:81:92:e9:8a:f6:9a:
6e:19:4e:79:3d:72:e4:36:9d:02:ea:3d:49:1a:52:2c:47:b7:
2c:d5:78:40:d6:d5:a3:c0:b7:7a:56:7a:8d:82:6d:44:17:d7:
11:ae:51:6a:36:61:95:13:38:61:7f:78:e0:99:0d:06:e3:d5:
6e:cd:d8:29:d7:08:fc:fb:d2:d7:32:35:e0:ff:4f:80:40:c8:
85:83:47:81:b6:45:8b:af:0b:7c:53:56:d3:7d:e1:25:9b:5f:
6a:3e:3c:7e:8a:4d:38:90:e3:bb:b7:4b:74:0c:af:d0:94:44:
5a:ec:e2:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9ua07Iy6O3HLazjmh2nWgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNTEyMjAwNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTZmODI5NjAzMGJlN2ZkZWU5NWUxMmZmYWI4MTQ5YTIyOTBkN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzETBRrunAQGo19WinFiq+OuxzPW7
JrMw3hPpQvqnRuenQa31H/py9NhvALmpQHz8ki+tVg64Qf30FG50diGIToZN6EB/
0s3sfMhYdyRhaRMQqqzTWmlXzuLAMRHVlMDnf7/wRfWL98MUL7rdwG5t3KGohsQK
FEbqh67Ijv9ZA8pDdtIaw6pbo9v96/2T4NloUw2Bi51+z9FJIdyfKwPD96DdRC5L
pUigZFOKsyfHM94CV6Q0tZ6YPVbhCIymTIuBL9rjItTaLKn+Vvqz/GOHrgZlr/mQ
uFif9RBhZQQ6YvFn712VIN56NqXXnym6UX9xWOf+cgvzfnGiQbE68uGxHQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL5vgpYDC+f97pXhL/q4FJoikNe0MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvdm0tQ2xnTUw1XzN1bGVFdi1yZ1VtaUtRMTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBANfUggD
BAVfUgADBAJtbzQDBAJtbzwwDQYJKoZIhvcNAQELBQADggEBADN+6/MmS8ItOmkg
SYFl+4j5jCg7EytahCZWN07JmEHeN2zrN37Y4hn+Bik7pejlzb8pk9doERq9dveX
QElnsLTrZjuaT6oeuxvuOYX+oY3tFijZBAtHater5VpYHgyH62wIi6dcaoI6E2tZ
pljQpHqfZClmOjN48jindazFqKI7Dic9LnwYydlBCIGS6Yr2mm4ZTnk9cuQ2nQLq
PUkaUixHtyzVeEDW1aPAt3pWeo2CbUQX1xGuUWo2YZUTOGF/eOCZDQbj1W7N2CnX
CPz70tcyNeD/T4BAyIWDR4G2RYuvC3xTVtN94SWbX2o+PH6KTTiQ47u3S3QMr9CU
RFrs4nw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:42 2025 by rpki-client