Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/1HQrth7x2hYac3-rAHdQKneZexA.roa
File: 1HQrth7x2hYac3-rAHdQKneZexA.roa (raw, json)
Hash identifier: lAZc/tBy8uupNbFUPR3SnDuStug9BEkk/M1CkjcJwn0=
Subject key identifier: D4:74:2B:B6:1E:F1:DA:16:1A:73:7F:AB:00:77:50:2A:77:99:7B:10
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 01955C3433DF20B37A3E430730D2A60B5154
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/1HQrth7x2hYac3-rAHdQKneZexA.roa
Signing time: Mon 03 Mar 2025 13:31:19 +0000
ROA not before: Mon 03 Mar 2025 13:31:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20640
IP address blocks: 217.173.128.0/19 maxlen: 23
217.173.128.0/20 maxlen: 24
2001:4b88::/32 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:34:33:df:20:b3:7a:3e:43:07:30:d2:a6:0b:51:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Mar 3 13:31:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4742bb61ef1da161a737fab0077502a77997b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:e4:9f:e6:3d:0d:8d:83:f7:fe:20:27:c4:
5a:b9:df:4e:04:46:f6:dd:ec:bd:ab:fc:ac:11:22:
b7:ea:e2:80:bc:07:b3:cc:10:b5:d2:c6:6d:eb:0c:
b3:e1:ce:b1:89:c8:58:98:a1:22:35:c1:71:6f:e6:
4d:51:d7:bf:05:93:25:04:56:61:24:49:e8:94:df:
6c:bb:a6:a3:34:8e:f2:cd:d5:a7:c6:05:49:22:44:
43:64:81:15:63:84:06:ce:f3:4a:59:4f:9f:01:3d:
5a:71:b7:bf:fe:82:d9:31:1a:a6:13:25:74:af:e3:
6d:65:0e:bf:7e:d7:e4:d5:40:9e:80:17:f0:32:73:
18:71:3f:8d:0f:84:74:52:0d:2a:7b:76:7c:a1:af:
98:d1:fa:c7:43:fa:38:ee:22:f7:c0:04:c8:12:f2:
b2:4e:d5:d6:99:ef:d6:0c:ba:aa:a6:c0:36:fe:ab:
c5:43:77:53:7e:e2:3f:51:cf:85:5c:dd:b2:e2:ce:
f2:47:05:84:b2:83:8f:87:97:a1:74:f8:56:9c:8b:
b5:6e:ba:ad:fa:9c:75:a6:28:b8:1b:db:f0:e9:9e:
7d:31:b3:66:55:d1:e1:27:28:4c:12:a0:22:57:fa:
ed:85:81:69:26:ac:7a:dd:25:de:cc:95:27:45:16:
b8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:74:2B:B6:1E:F1:DA:16:1A:73:7F:AB:00:77:50:2A:77:99:7B:10
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/1HQrth7x2hYac3-rAHdQKneZexA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.173.128.0/19
IPv6:
2001:4b88::/32
Signature Algorithm: sha256WithRSAEncryption
22:a4:6c:01:08:ba:2a:82:2f:3f:00:e6:a6:c5:36:ee:7b:31:
6b:e2:c3:47:e6:2a:2f:18:23:93:05:31:88:6f:8b:90:32:03:
c6:0c:7e:b6:cc:e3:77:f4:69:51:6e:82:84:cb:fa:89:a6:71:
f7:8e:4b:a9:54:7a:9f:ac:92:20:2c:f3:69:f5:ff:9b:69:bd:
b3:38:0a:94:f3:51:87:2f:2e:96:a5:47:d3:6b:e9:1d:13:2d:
e0:4a:62:c7:c0:42:a3:5a:90:ff:7a:d7:4c:6b:f7:c4:37:d7:
ff:b3:a9:7c:cb:e5:6d:49:d1:33:e9:79:d0:90:5a:b4:3d:17:
0a:ff:41:c2:80:e0:5e:63:2b:b1:55:88:e0:5f:44:a0:fd:3b:
35:3f:10:e0:9c:00:22:90:90:68:ef:26:81:b2:02:d2:e9:b1:
1f:f5:33:65:61:d0:32:64:5d:bb:a9:dc:22:80:14:11:58:d7:
a7:8d:95:63:d5:50:2d:23:48:06:72:94:11:e1:38:59:52:80:
90:ac:88:c9:38:9e:09:f8:df:ab:71:d6:ec:6a:01:33:ae:e6:
3a:5f:fb:25:e3:19:e7:71:12:3d:8c:0b:8e:ae:30:ba:80:c6:
fb:6d:82:4c:50:86:82:a6:ff:af:2a:9e:3e:b6:2e:70:26:b9:
9d:e2:61:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVcNDPfILN6PkMHMNKmC1FUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjUwMzAzMTMzMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc0MmJiNjFlZjFkYTE2MWE3MzdmYWIwMDc3NTAyYTc3OTk3YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfrkn+Y9DY2D9/4gJ8Raud9OBEb2
3ey9q/ysESK36uKAvAezzBC10sZt6wyz4c6xichYmKEiNcFxb+ZNUde/BZMlBFZh
JEnolN9su6ajNI7yzdWnxgVJIkRDZIEVY4QGzvNKWU+fAT1acbe//oLZMRqmEyV0
r+NtZQ6/ftfk1UCegBfwMnMYcT+ND4R0Ug0qe3Z8oa+Y0frHQ/o47iL3wATIEvKy
TtXWme/WDLqqpsA2/qvFQ3dTfuI/Uc+FXN2y4s7yRwWEsoOPh5ehdPhWnIu1brqt
+px1pii4G9vw6Z59MbNmVdHhJyhMEqAiV/rthYFpJqx63SXezJUnRRa4mwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNR0K7Ye8doWGnN/qwB3UCp3mXsQMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvMUhRcnRoN3gyaFlhYzMtckFIZFFLbmVaZXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF2a2AMA0E
AgACMAcDBQAgAUuIMA0GCSqGSIb3DQEBCwUAA4IBAQAipGwBCLoqgi8/AOamxTbu
ezFr4sNH5iovGCOTBTGIb4uQMgPGDH62zON39GlRboKEy/qJpnH3jkupVHqfrJIg
LPNp9f+bab2zOAqU81GHLy6WpUfTa+kdEy3gSmLHwEKjWpD/etdMa/fEN9f/s6l8
y+VtSdEz6XnQkFq0PRcK/0HCgOBeYyuxVYjgX0Sg/Ts1PxDgnAAikJBo7yaBsgLS
6bEf9TNlYdAyZF27qdwigBQRWNenjZVj1VAtI0gGcpQR4ThZUoCQrIjJOJ4J+N+r
cdbsagEzruY6X/sl4xnncRI9jAuOrjC6gMb7bYJMUIaCpv+vKp4+ti5wJrmd4mHh
-----END CERTIFICATE-----
Generated at Tue Mar 25 14:40:53 2025 by rpki-client on console.sobornost.net