Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/hPRhT7rkMq9JixnaKQg6MXIa6w0.roa
File: hPRhT7rkMq9JixnaKQg6MXIa6w0.roa (raw, json)
Hash identifier: 47HMse7zHITwF5pv9mb9OCNw4X4BUCmXu1B+299Il/A=
Subject key identifier: 84:F4:61:4F:BA:E4:32:AF:49:8B:19:DA:29:08:3A:31:72:1A:EB:0D
Certificate issuer: /CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Certificate serial: 019427B5A385E6BE924F09EEC8BDA69FFBC3
Authority key identifier: 74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/hPRhT7rkMq9JixnaKQg6MXIa6w0.roa
Signing time: Thu 02 Jan 2025 15:50:02 +0000
ROA not before: Thu 02 Jan 2025 15:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205820
IP address blocks: 46.53.196.0/24 maxlen: 24
128.140.254.0/24 maxlen: 24
178.163.224.0/19 maxlen: 19
178.163.230.0/23 maxlen: 23
185.183.120.0/22 maxlen: 22
185.204.116.0/22 maxlen: 22
2a0a:f240::/29 maxlen: 29
2a0a:f241::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a3:85:e6:be:92:4f:09:ee:c8:bd:a6:9f:fb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aa9312af4c3d9cee082c9541a6b65ada569b3c
Validity
Not Before: Jan 2 15:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84f4614fbae432af498b19da29083a31721aeb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d2:bc:9a:2d:de:ab:b7:b2:a2:9a:cf:ae:b5:
f4:4b:a4:31:7c:74:95:1b:28:c3:ad:c1:2d:9d:33:
9a:ce:63:cb:2e:03:05:20:06:2f:c4:04:98:42:d3:
f8:42:da:73:22:96:9e:e6:58:18:c3:a6:13:f4:cb:
88:81:4a:21:a3:b0:b1:31:ca:b7:89:26:d8:24:9a:
a0:5a:73:82:74:1d:14:35:92:be:2a:3e:a6:0d:94:
b4:a6:11:8a:25:12:fe:e2:e6:27:e6:0a:f2:70:4d:
70:89:79:c4:1b:cb:d0:62:84:71:71:c4:39:66:1d:
1a:56:1c:7c:2b:52:59:37:f2:09:cf:9e:2e:b1:0d:
ec:f3:d3:19:da:c4:5c:94:d4:d8:e5:5d:92:c1:61:
40:10:94:24:8e:4e:4e:17:eb:1b:e4:af:58:7b:a1:
07:88:bd:90:a3:1d:3b:ed:cd:61:b7:ad:01:9f:ad:
14:10:31:f1:23:5c:6f:e7:4f:54:a0:36:7c:f6:b3:
bc:69:8c:36:74:23:e3:d0:3a:0c:ec:b8:ed:46:81:
3a:e5:e6:fc:01:a2:51:67:97:fd:e3:fa:c7:fc:3c:
e4:f1:d1:b4:df:7c:e7:a8:ad:d4:1d:b8:74:0f:29:
69:01:b1:27:c8:c6:e2:bf:d8:85:60:21:89:ad:d4:
ab:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F4:61:4F:BA:E4:32:AF:49:8B:19:DA:29:08:3A:31:72:1A:EB:0D
X509v3 Authority Key Identifier:
keyid:74:AA:93:12:AF:4C:3D:9C:EE:08:2C:95:41:A6:B6:5A:DA:56:9B:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKqTEq9MPZzuCCyVQaa2WtpWmzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/hPRhT7rkMq9JixnaKQg6MXIa6w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0a415a-c728-42e9-be45-98a1d65cfe6f/1/dKqTEq9MPZzuCCyVQaa2WtpWmzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.53.196.0/24
128.140.254.0/24
178.163.224.0/19
185.183.120.0/22
185.204.116.0/22
IPv6:
2a0a:f240::/29
Signature Algorithm: sha256WithRSAEncryption
a4:1d:73:74:bc:66:90:75:08:7e:ff:da:a4:ad:e1:79:e2:f9:
f6:a0:e6:c7:d1:01:95:10:87:61:b8:e5:b4:84:4d:02:57:a9:
b8:81:03:95:e1:25:ad:77:d2:80:4f:c6:68:54:16:fd:18:c4:
bb:c6:e2:98:10:ac:6c:ae:f3:11:0b:f4:7c:a3:21:b8:50:4f:
5d:c3:88:b9:9a:c1:b5:aa:87:17:8d:c1:8a:9c:f8:ae:5d:44:
66:58:ba:bf:a9:4b:62:f0:98:3f:57:d9:db:9f:0e:9e:5d:75:
c2:08:d5:5b:a4:ef:d4:af:70:94:5d:4a:2a:0b:b0:72:0c:6c:
e2:fd:48:2b:86:20:0f:38:16:7b:59:dd:3f:c2:14:14:4a:05:
ff:5d:64:66:bb:50:b1:25:6e:fe:79:1b:ab:9e:80:e1:13:2b:
54:e4:08:be:b8:fc:d9:a3:33:e8:71:ea:4e:0d:37:44:ab:92:
24:60:83:6f:b1:61:13:46:29:cc:80:a4:0d:04:4c:da:1c:be:
66:6d:b6:2f:c0:78:88:05:64:ba:95:68:28:fd:30:84:3a:d5:
b4:db:f1:49:18:03:c0:bf:d9:80:4d:3c:af:7a:5a:99:c0:bd:
02:93:e6:2a:35:37:4f:73:c4:ea:a4:17:5b:91:2f:84:0d:07:
d3:5f:0d:dd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQntaOF5r6STwnuyL2mn/vDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWE5MzEyYWY0YzNkOWNlZTA4MmM5NTQxYTZiNjVhZGE1
NjliM2MwHhcNMjUwMTAyMTU1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY0NjE0ZmJhZTQzMmFmNDk4YjE5ZGEyOTA4M2EzMTcyMWFlYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstK8mi3eq7eyoprPrrX0S6QxfHSV
GyjDrcEtnTOazmPLLgMFIAYvxASYQtP4QtpzIpae5lgYw6YT9MuIgUoho7CxMcq3
iSbYJJqgWnOCdB0UNZK+Kj6mDZS0phGKJRL+4uYn5grycE1wiXnEG8vQYoRxccQ5
Zh0aVhx8K1JZN/IJz54usQ3s89MZ2sRclNTY5V2SwWFAEJQkjk5OF+sb5K9Ye6EH
iL2Qox077c1ht60Bn60UEDHxI1xv509UoDZ89rO8aYw2dCPj0DoM7LjtRoE65eb8
AaJRZ5f94/rH/Dzk8dG033znqK3UHbh0DylpAbEnyMbiv9iFYCGJrdSrFQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIT0YU+65DKvSYsZ2ikIOjFyGusNMB8GA1UdIwQY
MBaAFHSqkxKvTD2c7ggslUGmtlraVps8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUt
OThhMWQ2NWNmZTZmLzEvaFBSaFQ3cmtNcTlKaXhuYUtRZzZNWElhNncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYTQxNWEtYzcyOC00MmU5LWJlNDUtOThhMWQ2NWNmZTZm
LzEvZEtxVEVxOU1QWnp1Q0N5VlFhYTJXdHBXbXp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALjXEAwQA
gIz+AwQFsqPgAwQCubd4AwQCucx0MA0EAgACMAcDBQMqCvJAMA0GCSqGSIb3DQEB
CwUAA4IBAQCkHXN0vGaQdQh+/9qkreF54vn2oObH0QGVEIdhuOW0hE0CV6m4gQOV
4SWtd9KAT8ZoVBb9GMS7xuKYEKxsrvMRC/R8oyG4UE9dw4i5msG1qocXjcGKnPiu
XURmWLq/qUti8Jg/V9nbnw6eXXXCCNVbpO/Ur3CUXUoqC7ByDGzi/UgrhiAPOBZ7
Wd0/whQUSgX/XWRmu1CxJW7+eRurnoDhEytU5Ai+uPzZozPocepODTdEq5IkYINv
sWETRinMgKQNBEzaHL5mbbYvwHiIBWS6lWgo/TCEOtW02/FJGAPAv9mATTyvelqZ
wL0Ck+YqNTdPc8TqpBdbkS+EDQfTXw3d
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net