Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/ve4iz1Nb8DcHS9BJwN65K0mM0-E.roa
File: ve4iz1Nb8DcHS9BJwN65K0mM0-E.roa (raw, json)
Hash identifier: KrskrDJ9DRb/ge1dc1ifB8Oiho4jbO0ADnVg8CJqCCI=
Subject key identifier: BD:EE:22:CF:53:5B:F0:37:07:4B:D0:49:C0:DE:B9:2B:49:8C:D3:E1
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 019420D63C1E46BEC5107CC0AF0143BED767
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/ve4iz1Nb8DcHS9BJwN65K0mM0-E.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6461
IP address blocks: 5.63.24.0/21 maxlen: 21
91.190.168.0/21 maxlen: 21
185.85.76.0/22 maxlen: 22
2a02:798::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3c:1e:46:be:c5:10:7c:c0:af:01:43:be:d7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdee22cf535bf037074bd049c0deb92b498cd3e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:60:c7:2b:a8:14:5f:b5:bb:19:77:17:7e:
fa:e4:2a:f6:97:38:74:83:1e:3b:f1:cf:b6:40:e4:
fc:da:c3:77:0a:a7:ca:ad:e2:1e:97:19:eb:f5:4f:
00:21:82:40:2c:01:8b:16:6f:89:62:2c:fc:35:73:
da:eb:82:b0:13:a2:02:d6:65:8f:4e:19:92:e4:6a:
0f:8d:f7:7a:dc:99:fb:c3:8f:6a:1c:f9:c4:af:22:
b2:53:48:72:ee:b1:c3:9b:21:99:a7:c2:a4:ff:ec:
4e:6a:75:ab:c5:16:eb:81:46:bf:e4:b1:d1:a8:b3:
ab:28:66:8a:dc:ca:cb:a7:30:4b:7a:3d:84:08:7e:
4b:e5:ec:f8:02:08:81:76:82:77:c9:ee:b5:d4:b6:
55:2b:e4:d4:96:77:0e:88:86:1f:94:6b:56:2c:3f:
05:84:03:a5:08:e1:ed:42:47:96:ea:85:83:33:4d:
28:10:d8:6d:9a:0b:d1:c6:6f:47:4e:d4:50:97:32:
31:69:d1:d0:9b:a9:ff:b3:ed:cf:70:06:ef:9c:c1:
38:8c:f2:40:c6:27:6b:fa:52:92:6b:e7:fc:a3:2a:
99:6d:c6:e1:11:cb:77:da:12:57:2b:1c:7d:47:74:
dd:fb:c6:56:e8:94:3b:37:7e:08:e6:12:0e:09:18:
a5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EE:22:CF:53:5B:F0:37:07:4B:D0:49:C0:DE:B9:2B:49:8C:D3:E1
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/ve4iz1Nb8DcHS9BJwN65K0mM0-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
b6:70:c8:c0:27:3c:b7:af:b2:4f:1a:4c:56:8b:4d:a2:74:00:
d2:cc:4c:c0:26:61:b0:95:19:ef:f3:17:34:0a:bf:c0:68:74:
ac:e1:d1:e6:52:eb:45:2f:dc:47:57:53:2d:10:29:84:72:ee:
63:2a:57:b1:f5:eb:67:1a:d3:51:b3:07:27:f7:32:63:d1:d9:
02:41:14:3c:7d:de:bf:b4:20:86:f4:d4:88:3c:ef:6f:44:72:
cd:b0:91:c6:de:d7:23:39:d2:15:7a:44:84:f6:64:7a:ff:b2:
44:9d:4c:99:79:44:70:6f:15:84:cb:6c:8f:7b:23:fc:e1:2b:
8e:4a:a1:15:af:e0:47:4a:f9:3f:b9:7c:8b:20:62:c6:20:66:
82:d2:b5:8c:00:bd:69:58:94:bf:1d:84:cc:dd:01:bb:38:cb:
3c:63:94:92:53:ba:4c:34:ea:01:55:75:b9:35:0f:16:84:e0:
75:01:7a:70:fc:d1:20:33:ce:0b:9f:44:59:76:2f:36:47:34:
10:34:54:aa:a1:86:75:79:e4:7a:2e:c0:e4:5f:dd:2f:97:63:
8f:64:29:14:ec:86:36:4f:dd:66:78:d5:c7:8f:3f:9b:1d:65:
6a:d8:2d:cb:28:2b:c4:89:4d:6f:c1:75:69:92:68:7c:28:c7:
82:42:e8:92
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1jweRr7FEHzArwFDvtdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGVlMjJjZjUzNWJmMDM3MDc0YmQwNDljMGRlYjkyYjQ5OGNkM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtlgxyuoFF+1uxl3F3765Cr2lzh0
gx478c+2QOT82sN3CqfKreIelxnr9U8AIYJALAGLFm+JYiz8NXPa64KwE6IC1mWP
ThmS5GoPjfd63Jn7w49qHPnEryKyU0hy7rHDmyGZp8Kk/+xOanWrxRbrgUa/5LHR
qLOrKGaK3MrLpzBLej2ECH5L5ez4AgiBdoJ3ye611LZVK+TUlncOiIYflGtWLD8F
hAOlCOHtQkeW6oWDM00oENhtmgvRxm9HTtRQlzIxadHQm6n/s+3PcAbvnME4jPJA
xidr+lKSa+f8oyqZbcbhEct32hJXKxx9R3Td+8ZW6JQ7N34I5hIOCRilcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL3uIs9TW/A3B0vQScDeuStJjNPhMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvdmU0aXoxTmI4RGNIUzlCSndONjVLMG1NMC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT8YAwQD
W76oAwQCuVVMMA0EAgACMAcDBQAqAgeYMA0GCSqGSIb3DQEBCwUAA4IBAQC2cMjA
Jzy3r7JPGkxWi02idADSzEzAJmGwlRnv8xc0Cr/AaHSs4dHmUutFL9xHV1MtECmE
cu5jKlex9etnGtNRswcn9zJj0dkCQRQ8fd6/tCCG9NSIPO9vRHLNsJHG3tcjOdIV
ekSE9mR6/7JEnUyZeURwbxWEy2yPeyP84SuOSqEVr+BHSvk/uXyLIGLGIGaC0rWM
AL1pWJS/HYTM3QG7OMs8Y5SSU7pMNOoBVXW5NQ8WhOB1AXpw/NEgM84Ln0RZdi82
RzQQNFSqoYZ1eeR6LsDkX90vl2OPZCkU7IY2T91meNXHjz+bHWVq2C3LKCvEiU1v
wXVpkmh8KMeCQuiS
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:45:16 2025 by rpki-client