Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/hzOaBQqeJ1MZ-KZ4P7SZyCz4SP8.roa
File: hzOaBQqeJ1MZ-KZ4P7SZyCz4SP8.roa (raw, json)
Hash identifier: DRgkBXK2IQa5GIAmZXZtCYy6nVN5G7CPCGzy+FvJU0k=
Subject key identifier: 87:33:9A:05:0A:9E:27:53:19:F8:A6:78:3F:B4:99:C8:2C:F8:48:FF
Certificate issuer: /CN=eed5b3af0064981e96bb5e27d8f04d86e6306cfa
Certificate serial: 0194274821F6AB5A5B4017CFF6631D4DCCEE
Authority key identifier: EE:D5:B3:AF:00:64:98:1E:96:BB:5E:27:D8:F0:4D:86:E6:30:6C:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7tWzrwBkmB6Wu14n2PBNhuYwbPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/hzOaBQqeJ1MZ-KZ4P7SZyCz4SP8.roa
Signing time: Thu 02 Jan 2025 13:50:26 +0000
ROA not before: Thu 02 Jan 2025 13:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198089
IP address blocks: 46.31.8.0/21 maxlen: 21
46.31.8.0/22 maxlen: 22
46.31.12.0/22 maxlen: 22
2a02:4980::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:21:f6:ab:5a:5b:40:17:cf:f6:63:1d:4d:cc:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eed5b3af0064981e96bb5e27d8f04d86e6306cfa
Validity
Not Before: Jan 2 13:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87339a050a9e275319f8a6783fb499c82cf848ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:fc:74:37:53:e9:19:36:21:fa:e6:6d:86:
0a:8c:4e:26:ad:72:2a:b7:94:1c:7b:02:78:6f:1a:
49:d1:23:68:69:a9:cc:35:17:d9:7d:9f:e2:1b:1c:
28:77:94:35:87:dc:1f:58:ce:4b:8c:d4:0c:3c:e6:
da:d3:db:3d:3b:4e:fc:bd:ee:04:23:0f:97:0b:87:
14:2e:c9:38:af:ef:1c:96:0f:f5:b9:50:23:06:23:
61:e1:98:5e:98:a4:76:41:ef:ae:d1:d3:83:f4:9c:
4f:1b:a3:7e:9c:93:03:84:37:b3:30:95:1f:9f:fa:
c7:ca:f6:74:c2:02:a1:d7:9d:09:93:ad:0b:66:69:
94:ea:d1:d4:55:86:5c:8f:64:60:ad:4b:c6:6c:11:
11:ec:dd:dd:a3:0f:d6:33:c5:8f:e7:a1:74:5a:95:
69:cf:08:39:ae:65:77:df:78:90:58:c0:70:ab:19:
2e:2b:0d:ee:26:37:b5:e1:7f:94:a9:b9:da:37:d1:
32:0c:39:41:34:00:29:60:0c:47:07:68:e2:a0:28:
11:c5:d8:67:1d:11:7c:a8:d3:f4:ad:d0:f3:b2:65:
0e:98:db:04:4e:96:4c:ae:ad:73:eb:ff:98:8b:e1:
0f:bf:5c:5b:7f:27:3f:da:7a:44:59:7f:d0:c5:70:
cb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:33:9A:05:0A:9E:27:53:19:F8:A6:78:3F:B4:99:C8:2C:F8:48:FF
X509v3 Authority Key Identifier:
keyid:EE:D5:B3:AF:00:64:98:1E:96:BB:5E:27:D8:F0:4D:86:E6:30:6C:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7tWzrwBkmB6Wu14n2PBNhuYwbPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/hzOaBQqeJ1MZ-KZ4P7SZyCz4SP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/7tWzrwBkmB6Wu14n2PBNhuYwbPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.8.0/21
IPv6:
2a02:4980::/32
Signature Algorithm: sha256WithRSAEncryption
cf:9b:57:a7:91:65:f8:f5:c2:e4:54:a4:ab:65:33:78:c4:32:
ff:88:2d:85:8c:e0:b1:3e:f7:14:32:72:6f:8c:da:41:62:97:
bd:95:bb:57:19:5f:1b:de:6e:fc:e0:d6:96:2b:df:62:e5:d6:
d7:30:19:03:ce:dc:06:6f:fe:69:e0:fb:fe:b5:bd:de:64:ca:
a4:6a:bc:a6:14:01:44:dc:4e:13:13:a9:df:93:61:43:ef:77:
f7:b1:b1:55:0c:84:1b:72:31:4e:6a:6c:e0:d2:57:fa:c7:9e:
be:31:64:0e:2f:c5:6a:a2:d4:ae:d3:e1:7b:01:7b:70:84:bf:
a6:67:ae:20:ee:d3:f1:5e:80:d8:75:0e:5e:e0:7a:5d:b8:fa:
44:6a:75:ef:43:94:c9:fe:2b:4b:0b:a8:1c:f6:44:0a:8a:f9:
3c:6e:03:34:27:9d:16:74:51:4d:d1:45:ae:03:53:71:fb:e6:
69:54:ff:81:81:06:ff:b0:c9:ff:c9:4f:80:9c:6f:32:01:63:
c1:d9:4a:e8:50:79:53:9b:ba:4b:2d:fc:75:cf:d7:ef:44:77:
5b:97:b2:d7:dc:dd:6f:4b:17:00:e6:bb:ac:75:90:a5:32:d6:
59:55:46:96:02:06:18:ec:f9:5b:09:31:ea:7a:ab:ba:2a:13:
ad:28:d6:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSCH2q1pbQBfP9mMdTczuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZDViM2FmMDA2NDk4MWU5NmJiNWUyN2Q4ZjA0ZDg2ZTYz
MDZjZmEwHhcNMjUwMTAyMTM1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzMzOWEwNTBhOWUyNzUzMTlmOGE2NzgzZmI0OTljODJjZjg0OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/L8dDdT6Rk2IfrmbYYKjE4mrXIq
t5QcewJ4bxpJ0SNoaanMNRfZfZ/iGxwod5Q1h9wfWM5LjNQMPOba09s9O078ve4E
Iw+XC4cULsk4r+8clg/1uVAjBiNh4ZhemKR2Qe+u0dOD9JxPG6N+nJMDhDezMJUf
n/rHyvZ0wgKh150Jk60LZmmU6tHUVYZcj2RgrUvGbBER7N3dow/WM8WP56F0WpVp
zwg5rmV333iQWMBwqxkuKw3uJje14X+UqbnaN9EyDDlBNAApYAxHB2jioCgRxdhn
HRF8qNP0rdDzsmUOmNsETpZMrq1z6/+Yi+EPv1xbfyc/2npEWX/QxXDL0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIczmgUKnidTGfimeD+0mcgs+Ej/MB8GA1UdIwQY
MBaAFO7Vs68AZJgelrteJ9jwTYbmMGz6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3RXenJ3QmttQjZXdTE0bjJQQk5odVl3YlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zYWFiZTAtOWU1Zi00OThkLWI1NTAt
MDMwYWNkM2FlMzM2LzEvaHpPYUJRcWVKMU1aLUtaNFA3U1p5Q3o0U1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zYWFiZTAtOWU1Zi00OThkLWI1NTAtMDMwYWNkM2FlMzM2
LzEvN3RXenJ3QmttQjZXdTE0bjJQQk5odVl3YlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLh8IMA0E
AgACMAcDBQAqAkmAMA0GCSqGSIb3DQEBCwUAA4IBAQDPm1enkWX49cLkVKSrZTN4
xDL/iC2FjOCxPvcUMnJvjNpBYpe9lbtXGV8b3m784NaWK99i5dbXMBkDztwGb/5p
4Pv+tb3eZMqkarymFAFE3E4TE6nfk2FD73f3sbFVDIQbcjFOamzg0lf6x56+MWQO
L8VqotSu0+F7AXtwhL+mZ64g7tPxXoDYdQ5e4HpduPpEanXvQ5TJ/itLC6gc9kQK
ivk8bgM0J50WdFFN0UWuA1Nx++ZpVP+BgQb/sMn/yU+AnG8yAWPB2UroUHlTm7pL
Lfx1z9fvRHdbl7LX3N1vSxcA5rusdZClMtZZVUaWAgYY7PlbCTHqequ6KhOtKNbY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net