Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/VZHW6rjyqFUw5PpJCfG7Llm9K04.roa
File: VZHW6rjyqFUw5PpJCfG7Llm9K04.roa (raw, json)
Hash identifier: p7+PhrcC7nR208puZ46Q39WDPHfZNGz6H7XAAAtxhuw=
Subject key identifier: 55:91:D6:EA:B8:F2:A8:55:30:E4:FA:49:09:F1:BB:2E:59:BD:2B:4E
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194221FFCB99C168B3B2B2AE147810CC813
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/VZHW6rjyqFUw5PpJCfG7Llm9K04.roa
Signing time: Wed 01 Jan 2025 13:48:28 +0000
ROA not before: Wed 01 Jan 2025 13:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.183.252.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
45.10.164.0/24 maxlen: 24
45.10.165.0/24 maxlen: 24
45.10.167.0/24 maxlen: 24
77.220.192.0/24 maxlen: 24
77.220.195.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.225.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
141.98.84.0/24 maxlen: 24
141.98.87.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
185.77.220.0/22 maxlen: 24
185.88.36.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
194.104.8.0/24 maxlen: 24
194.104.9.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
213.108.0.0/24 maxlen: 24
213.108.1.0/24 maxlen: 24
213.108.3.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fc:b9:9c:16:8b:3b:2b:2a:e1:47:81:0c:c8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5591d6eab8f2a85530e4fa4909f1bb2e59bd2b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9b:cd:63:75:e7:0d:16:2f:7b:f7:00:11:2b:
9a:49:43:5f:26:8b:2a:a8:05:fb:72:16:6d:a0:6c:
92:81:df:8b:0a:04:49:13:58:1a:58:06:c2:d8:a4:
32:cb:46:ff:3f:9d:65:89:ad:9e:7a:36:49:5b:24:
e3:b7:6a:c2:c4:0e:15:54:8d:07:fd:69:71:9f:da:
9e:32:52:a8:bd:6c:2a:65:b9:6d:00:92:a3:7f:f9:
3d:c8:78:c3:16:da:9e:71:44:64:25:f5:6d:d7:b3:
df:df:f2:12:3e:3d:f9:c5:58:48:70:e8:17:7a:17:
e5:4e:d2:79:0e:55:b0:3c:0d:b7:a8:69:8d:97:21:
7c:2f:77:36:76:41:7b:87:2a:ec:dc:70:22:c2:2d:
c5:71:19:e9:8e:6b:0d:9e:21:39:7c:bc:a0:93:17:
6f:ef:91:bb:15:0c:4e:6d:11:3c:31:f1:85:d7:49:
39:9a:cf:4a:43:7f:ab:96:6c:27:67:07:86:fa:0b:
b1:fb:56:51:12:5e:d5:f0:88:c7:87:89:02:55:90:
fe:69:68:44:ed:da:f0:4f:14:36:45:a3:ef:28:66:
b6:f9:1a:2f:43:2a:3c:3a:a0:61:32:23:62:a3:49:
bb:d1:91:f5:06:2f:b4:89:1b:3f:c3:2f:33:01:57:
cb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:91:D6:EA:B8:F2:A8:55:30:E4:FA:49:09:F1:BB:2E:59:BD:2B:4E
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/VZHW6rjyqFUw5PpJCfG7Llm9K04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.252.0/24
5.183.255.0/24
45.10.164.0/23
45.10.167.0/24
77.220.192.0/24
77.220.195.0/24
83.171.224.0/22
141.98.84.0/24
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.77.220.0/22
185.88.36.0/24
185.89.42.0/23
194.104.8.0-194.104.10.255
213.108.0.0/23
213.108.3.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
01:67:8d:dc:2e:ef:dd:86:14:df:6c:35:46:19:f7:a3:7b:f0:
ec:6e:ce:0a:f6:ee:a7:5e:d4:d9:45:e4:61:66:ec:df:be:a4:
7f:84:f7:2f:2d:3c:8e:57:96:fe:c6:68:99:92:a4:a1:ef:4f:
02:18:81:0b:5d:b1:eb:35:a8:38:1b:c5:fd:dd:d9:28:be:be:
d5:2c:13:43:a4:a8:6c:b7:35:4b:20:71:89:31:9f:6e:1e:71:
a1:fd:f3:1a:33:6c:97:93:20:f6:8d:39:da:50:ca:19:00:56:
6b:5d:ea:cb:48:50:22:f5:0f:6c:92:1b:01:dd:2f:18:2a:fe:
e2:e1:93:e4:a4:4d:d4:dd:f9:52:e5:e6:0d:61:57:85:b1:a4:
35:8d:88:21:fa:8f:fb:84:2a:ac:70:26:3b:0a:43:bb:fd:01:
87:07:24:df:4a:75:d0:c8:5d:54:0a:37:cf:38:36:a8:13:24:
90:cd:23:d9:e1:a2:2a:43:d2:8f:f9:74:d9:6f:e4:85:7b:21:
67:a7:27:eb:13:1b:45:e6:31:33:3b:ca:d9:d1:e6:a3:2f:07:
25:88:81:f8:02:94:b3:fe:35:df:c5:35:60:16:21:a0:87:26:
ee:31:4e:3a:30:2e:88:0c:f6:4d:cc:c5:39:16:df:cd:f3:53:
2a:ee:7b:5d
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZQiH/y5nBaLOysq4UeBDMgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTkxZDZlYWI4ZjJhODU1MzBlNGZhNDkwOWYxYmIyZTU5YmQyYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5vNY3XnDRYve/cAESuaSUNfJosq
qAX7chZtoGySgd+LCgRJE1gaWAbC2KQyy0b/P51lia2eejZJWyTjt2rCxA4VVI0H
/Wlxn9qeMlKovWwqZbltAJKjf/k9yHjDFtqecURkJfVt17Pf3/ISPj35xVhIcOgX
ehflTtJ5DlWwPA23qGmNlyF8L3c2dkF7hyrs3HAiwi3FcRnpjmsNniE5fLygkxdv
75G7FQxObRE8MfGF10k5ms9KQ3+rlmwnZweG+gux+1ZREl7V8IjHh4kCVZD+aWhE
7drwTxQ2RaPvKGa2+RovQyo8OqBhMiNio0m70ZH1Bi+0iRs/wy8zAVfLpQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFFWR1uq48qhVMOT6SQnxuy5ZvStOMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvVlpIVzZyanlxRlV3NVBwSkNmRzdMbG05SzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAEF
tagDBAAFt/wDBAAFt/8DBAEtCqQDBAAtCqcDBABN3MADBABN3MMDBAJTq+ADBACN
YlQDBACNYlcDBAC5RLgDBAG5RPYDBAK5TdwDBAC5WCQDBAG5WSowDAMEA8JoCAME
AMJoCgMEAdVsAAMEANVsAwMEANXoeAMEANXoejANBgkqhkiG9w0BAQsFAAOCAQEA
AWeN3C7v3YYU32w1Rhn3o3vw7G7OCvbup17U2UXkYWbs376kf4T3Ly08jleW/sZo
mZKkoe9PAhiBC12x6zWoOBvF/d3ZKL6+1SwTQ6SobLc1SyBxiTGfbh5xof3zGjNs
l5Mg9o052lDKGQBWa13qy0hQIvUPbJIbAd0vGCr+4uGT5KRN1N35UuXmDWFXhbGk
NY2IIfqP+4QqrHAmOwpDu/0Bhwck30p10MhdVAo3zzg2qBMkkM0j2eGiKkPSj/l0
2W/khXshZ6cn6xMbReYxMzvK2dHmoy8HJYiB+AKUs/4138U1YBYhoIcm7jFOOjAu
iAz2TczFORbfzfNTKu57XQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:46:47 2025 by rpki-client