Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/hs7awmW5u-N7i3rafiPiNllc2Bo.roa
File: hs7awmW5u-N7i3rafiPiNllc2Bo.roa (raw, json)
Hash identifier: zx9QQVE6GtEBw9ZKQW610wAAxlFBO5GbObUYOTrSVsA=
Subject key identifier: 86:CE:DA:C2:65:B9:BB:E3:7B:8B:7A:DA:7E:23:E2:36:59:5C:D8:1A
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 019421B25333634ABDE9547244755A9F0BF0
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/hs7awmW5u-N7i3rafiPiNllc2Bo.roa
Signing time: Wed 01 Jan 2025 11:48:42 +0000
ROA not before: Wed 01 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4755
IP address blocks: 85.158.128.0/21 maxlen: 21
85.158.128.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.130.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.133.0/24 maxlen: 24
85.158.134.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:53:33:63:4a:bd:e9:54:72:44:75:5a:9f:0b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Jan 1 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86cedac265b9bbe37b8b7ada7e23e236595cd81a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:78:04:81:47:b6:47:a3:20:fb:bc:5a:31:
0b:9e:bd:8b:d9:64:78:44:57:21:a9:80:a5:d9:cb:
45:ef:f8:5b:71:a5:92:e2:05:82:d5:d0:79:b5:3c:
5a:33:02:a2:ed:f0:d8:2e:7a:68:63:16:e9:38:95:
a3:0a:7e:15:ab:6b:a6:16:e3:ef:28:6b:e9:4c:eb:
06:7b:d1:c3:a6:dd:5f:5b:8c:96:56:86:99:69:4f:
65:90:e2:f3:28:85:7d:ed:93:48:ee:de:71:00:f0:
93:53:82:0f:21:55:f3:e1:e9:d3:75:dc:80:fb:5d:
48:d8:10:ac:c5:d8:2c:a5:77:77:d7:f3:02:f4:d0:
93:95:26:bb:c6:22:e0:3b:84:eb:46:5a:f3:9b:ce:
c8:fd:ac:45:1e:97:f0:11:21:fd:c0:f9:43:f3:a9:
c3:5d:16:6a:d9:f6:6b:17:27:1f:a4:d9:cc:4c:8e:
4a:02:40:9a:73:cb:62:38:47:5b:53:b1:0e:a8:2d:
de:24:6b:6e:2a:28:b9:6b:f7:2e:1c:bc:85:16:bc:
05:6d:68:2e:a7:d3:cd:a9:3f:ae:4c:2b:1f:ce:db:
af:1b:e5:0a:b3:2b:f9:cb:cf:e4:ec:0e:7d:11:f0:
d9:6e:f8:1b:69:1f:5d:89:32:79:e1:9f:8d:22:15:
0e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CE:DA:C2:65:B9:BB:E3:7B:8B:7A:DA:7E:23:E2:36:59:5C:D8:1A
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/hs7awmW5u-N7i3rafiPiNllc2Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
Signature Algorithm: sha256WithRSAEncryption
29:8d:a3:d7:2f:c7:40:44:bf:c1:03:08:c9:e5:4f:86:49:a4:
4b:b8:83:ee:08:b4:3b:6e:f4:01:d5:df:83:9c:ad:50:6a:c9:
6b:3b:ae:19:ab:6e:12:57:dd:99:93:ea:17:d6:60:6b:c1:af:
fe:ec:b0:1c:76:f3:38:47:95:4f:cf:65:40:a8:5c:4e:c8:ee:
f8:20:98:75:5a:fe:71:16:f0:2d:27:15:ca:64:bf:77:2b:0d:
b9:d4:d6:07:be:38:07:54:b9:c5:92:23:b7:bf:ed:91:f7:f9:
5b:b6:b7:1c:b8:57:43:42:f3:38:c9:32:dc:4c:75:f0:3e:ab:
6b:69:46:c0:93:6e:a5:40:fe:cf:00:6e:96:d7:be:64:d3:aa:
92:36:51:1e:8d:fd:e9:47:2f:d8:32:8d:f4:b1:e8:e3:1a:7d:
21:07:2c:6a:8d:79:ec:01:21:9c:b8:d4:8c:af:82:8f:3f:a0:
17:8a:95:95:0e:0c:ec:8f:c2:a0:71:2d:be:2d:02:35:31:87:
69:17:82:89:a4:b2:96:4a:01:e9:b9:07:ee:84:0b:2f:bf:92:
74:a8:f0:d0:ea:49:d8:64:1e:01:74:92:d4:32:bf:cd:8b:b8:
2e:9e:85:1e:47:a2:be:10:d5:70:8a:6e:bc:b9:58:5c:8a:44:
be:7c:db:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslMzY0q96VRyRHVanwvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJl
ZWVlYTAwHhcNMjUwMTAxMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmNlZGFjMjY1YjliYmUzN2I4YjdhZGE3ZTIzZTIzNjU5NWNkODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL94BIFHtkejIPu8WjELnr2L2WR4
RFchqYCl2ctF7/hbcaWS4gWC1dB5tTxaMwKi7fDYLnpoYxbpOJWjCn4Vq2umFuPv
KGvpTOsGe9HDpt1fW4yWVoaZaU9lkOLzKIV97ZNI7t5xAPCTU4IPIVXz4enTddyA
+11I2BCsxdgspXd31/MC9NCTlSa7xiLgO4TrRlrzm87I/axFHpfwESH9wPlD86nD
XRZq2fZrFycfpNnMTI5KAkCac8tiOEdbU7EOqC3eJGtuKii5a/cuHLyFFrwFbWgu
p9PNqT+uTCsfztuvG+UKsyv5y8/k7A59EfDZbvgbaR9diTJ54Z+NIhUOWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbO2sJlubvje4t62n4j4jZZXNgaMB8GA1UdIwQY
MBaAFLbPTlfLwVzk7O9E9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUt
ODViZTQyNWQzMTk5LzEvaHM3YXdtVzV1LU43aTNyYWZpUGlObGxjMkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5
LzEvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ6AMA0G
CSqGSIb3DQEBCwUAA4IBAQApjaPXL8dARL/BAwjJ5U+GSaRLuIPuCLQ7bvQB1d+D
nK1QaslrO64Zq24SV92Zk+oX1mBrwa/+7LAcdvM4R5VPz2VAqFxOyO74IJh1Wv5x
FvAtJxXKZL93Kw251NYHvjgHVLnFkiO3v+2R9/lbtrccuFdDQvM4yTLcTHXwPqtr
aUbAk26lQP7PAG6W175k06qSNlEejf3pRy/YMo30sejjGn0hByxqjXnsASGcuNSM
r4KPP6AXipWVDgzsj8KgcS2+LQI1MYdpF4KJpLKWSgHpuQfuhAsvv5J0qPDQ6knY
ZB4BdJLUMr/Ni7gunoUeR6K+ENVwim68uVhcikS+fNsG
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:46 2025 by rpki-client on console.sobornost.net