Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/g_HTJXlqiVwcXNQwQ-5NsdWLDwY.roa
File: g_HTJXlqiVwcXNQwQ-5NsdWLDwY.roa (raw, json)
Hash identifier: T8aREzkEhzdTgcqG/dOQatsiFG6CYLxa2kl0FfKGWAQ=
Subject key identifier: 83:F1:D3:25:79:6A:89:5C:1C:5C:D4:30:43:EE:4D:B1:D5:8B:0F:06
Certificate issuer: /CN=d425900312ff3bda4d2f896f64df65646fd9c251
Certificate serial: 019426D8A9D5B5632D88B04CFCBA4684BDD3
Authority key identifier: D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/g_HTJXlqiVwcXNQwQ-5NsdWLDwY.roa
Signing time: Thu 02 Jan 2025 11:48:40 +0000
ROA not before: Thu 02 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25376
IP address blocks: 82.148.224.0/19 maxlen: 24
185.12.232.0/22 maxlen: 24
2a00:1b98::/32 maxlen: 32
2a02:f0a0::/30 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:a9:d5:b5:63:2d:88:b0:4c:fc:ba:46:84:bd:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d425900312ff3bda4d2f896f64df65646fd9c251
Validity
Not Before: Jan 2 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83f1d325796a895c1c5cd43043ee4db1d58b0f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:10:64:b3:06:1f:d5:ce:60:84:75:18:4e:c6:
69:e9:4a:ab:77:40:c6:f3:c8:6a:b8:43:40:cc:09:
80:57:b3:3f:61:50:f2:79:eb:41:9d:84:89:74:b2:
94:cf:49:6f:ef:84:46:fe:c0:f5:db:02:40:f8:a6:
00:88:5d:06:09:4e:63:24:8b:5e:92:6e:df:d5:45:
c5:54:42:da:6c:a8:d1:72:61:2d:10:8d:f1:20:6b:
1a:60:7f:7e:03:17:b1:0c:35:0f:fc:b6:55:c6:8a:
d4:1a:06:4c:ed:ad:c2:53:46:2f:f0:07:2b:e7:aa:
f6:3f:c3:0b:de:cc:c1:69:9c:10:83:4c:be:51:e7:
c8:ad:00:62:d5:8d:51:5f:0a:e6:de:23:f7:91:a4:
e3:e1:c9:8c:0f:b3:03:1c:6b:fa:d0:a4:b8:d6:ee:
fa:60:fc:e0:53:0d:cb:3f:03:48:55:85:96:08:44:
f0:5e:52:32:d8:8d:f0:95:32:3c:62:98:07:e7:9a:
f8:5a:63:bf:e3:9b:69:f7:39:19:6b:a2:83:0f:97:
ff:ac:25:88:c3:4c:5f:8d:29:46:80:0b:9e:06:5a:
29:45:93:6e:a6:4b:1f:5b:a4:4b:8e:19:d4:c4:41:
b4:84:74:e0:72:ea:10:41:54:a4:d0:b2:7e:19:21:
da:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F1:D3:25:79:6A:89:5C:1C:5C:D4:30:43:EE:4D:B1:D5:8B:0F:06
X509v3 Authority Key Identifier:
keyid:D4:25:90:03:12:FF:3B:DA:4D:2F:89:6F:64:DF:65:64:6F:D9:C2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/g_HTJXlqiVwcXNQwQ-5NsdWLDwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5bf826-921e-44f5-af33-676b428925ab/1/1CWQAxL_O9pNL4lvZN9lZG_ZwlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.224.0/19
185.12.232.0/22
IPv6:
2a00:1b98::/32
2a02:f0a0::/30
Signature Algorithm: sha256WithRSAEncryption
a1:f9:8c:da:da:21:6c:d4:22:66:1f:c2:9f:97:0f:84:ee:82:
ec:40:fd:56:3c:c6:9b:88:23:56:4c:13:42:77:c7:00:5e:74:
75:a5:db:e2:b5:1b:5e:76:11:a1:21:de:c2:92:19:b0:6e:fd:
a7:f4:db:98:6c:93:ba:c2:1f:7c:b7:21:50:48:a7:3e:e2:a4:
de:f5:d1:a9:8a:e4:ca:6a:7b:d4:b2:84:86:27:c0:26:e4:50:
d1:6f:4d:10:d7:40:b9:46:64:cd:33:bc:8c:e4:56:91:44:02:
24:3e:16:63:0f:11:67:f7:76:94:d7:7a:b2:4b:47:3e:c7:b3:
5d:5e:a5:76:98:ce:ce:04:a8:62:5c:f9:2d:31:02:aa:0d:20:
80:b7:cc:64:f7:74:f4:ad:32:fe:cf:d9:3c:a4:1d:b5:a1:35:
bf:8f:b9:6b:02:3c:21:66:4f:d8:f3:07:49:a0:aa:52:2a:51:
8c:91:6d:d9:35:43:5a:9b:68:ce:76:90:fa:c9:21:fb:f7:98:
71:74:27:6e:73:6c:8b:52:dd:60:73:55:6f:d2:92:23:7f:58:
39:02:fd:08:36:55:ba:2f:80:af:f4:96:49:0f:31:40:e8:ad:
33:61:76:d9:d7:d2:a2:be:e0:46:81:ea:34:86:7b:97:9a:59:
3f:7c:9b:55
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2KnVtWMtiLBM/LpGhL3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjU5MDAzMTJmZjNiZGE0ZDJmODk2ZjY0ZGY2NTY0NmZk
OWMyNTEwHhcNMjUwMTAyMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2YxZDMyNTc5NmE4OTVjMWM1Y2Q0MzA0M2VlNGRiMWQ1OGIwZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxBkswYf1c5ghHUYTsZp6Uqrd0DG
88hquENAzAmAV7M/YVDyeetBnYSJdLKUz0lv74RG/sD12wJA+KYAiF0GCU5jJIte
km7f1UXFVELabKjRcmEtEI3xIGsaYH9+AxexDDUP/LZVxorUGgZM7a3CU0Yv8Acr
56r2P8ML3szBaZwQg0y+UefIrQBi1Y1RXwrm3iP3kaTj4cmMD7MDHGv60KS41u76
YPzgUw3LPwNIVYWWCETwXlIy2I3wlTI8YpgH55r4WmO/45tp9zkZa6KDD5f/rCWI
w0xfjSlGgAueBlopRZNupksfW6RLjhnUxEG0hHTgcuoQQVSk0LJ+GSHatQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIPx0yV5aolcHFzUMEPuTbHViw8GMB8GA1UdIwQY
MBaAFNQlkAMS/zvaTS+Jb2TfZWRv2cJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMt
Njc2YjQyODkyNWFiLzEvZ19IVEpYbHFpVndjWE5Rd1EtNU5zZFdMRHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YmY4MjYtOTIxZS00NGY1LWFmMzMtNjc2YjQyODkyNWFi
LzEvMUNXUUF4TF9POXBOTDRsdlpOOWxaR19ad2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQFUpTgAwQC
uQzoMBQEAgACMA4DBQAqABuYAwUCKgLwoDANBgkqhkiG9w0BAQsFAAOCAQEAofmM
2tohbNQiZh/Cn5cPhO6C7ED9VjzGm4gjVkwTQnfHAF50daXb4rUbXnYRoSHewpIZ
sG79p/TbmGyTusIffLchUEinPuKk3vXRqYrkymp71LKEhifAJuRQ0W9NENdAuUZk
zTO8jORWkUQCJD4WYw8RZ/d2lNd6sktHPsezXV6ldpjOzgSoYlz5LTECqg0ggLfM
ZPd09K0y/s/ZPKQdtaE1v4+5awI8IWZP2PMHSaCqUipRjJFt2TVDWptoznaQ+skh
+/eYcXQnbnNsi1LdYHNVb9KSI39YOQL9CDZVui+Ar/SWSQ8xQOitM2F22dfSor7g
RoHqNIZ7l5pZP3ybVQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:43 2025 by rpki-client on console.sobornost.net