Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/H4SCZYw4FHzxIfr36EaDI9qI5L0.roa
File: H4SCZYw4FHzxIfr36EaDI9qI5L0.roa (raw, json)
Hash identifier: /lJPsylAXMkUSxuonkNU9/aG7pQpFDWgNXuP9YOvRQw=
Subject key identifier: 1F:84:82:65:8C:38:14:7C:F1:21:FA:F7:E8:46:83:23:DA:88:E4:BD
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 019426D991860147D145F5DE1BB8B6A26CE3
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/H4SCZYw4FHzxIfr36EaDI9qI5L0.roa
Signing time: Thu 02 Jan 2025 11:49:40 +0000
ROA not before: Thu 02 Jan 2025 11:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49025
IP address blocks: 95.173.200.0/22 maxlen: 24
95.173.201.0/24 maxlen: 24
95.173.202.0/23 maxlen: 23
95.173.208.0/21 maxlen: 22
185.2.40.0/22 maxlen: 22
2a02:a48:f000::/36 maxlen: 36
2a06:5d80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:91:86:01:47:d1:45:f5:de:1b:b8:b6:a2:6c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Jan 2 11:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f8482658c38147cf121faf7e8468323da88e4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9a:f0:6d:ac:ad:32:bb:b5:69:0c:97:b3:4b:
e6:aa:a2:9d:db:b1:1f:a2:82:b0:d9:a4:3f:10:17:
6f:ee:8f:12:c3:92:b7:9e:8d:23:30:fe:60:03:e7:
0c:3b:4b:03:15:22:3e:60:90:3b:8c:cb:51:46:87:
8c:21:a5:40:81:ef:cd:b4:c8:35:fd:b5:9d:9a:69:
2a:56:e7:d5:3b:52:80:30:02:93:3d:19:95:37:d2:
6a:a6:33:20:3d:7a:ad:45:26:c7:2f:77:39:f0:67:
31:0b:4b:3d:30:f6:27:3f:55:be:d8:ed:5e:11:1c:
f4:c9:da:98:24:41:8f:87:6a:c9:3f:b2:c1:9a:38:
5b:aa:1b:43:bc:15:81:5a:f5:7d:5f:1f:01:60:54:
9e:5b:4a:32:1b:5c:d6:53:e5:77:d1:95:e8:9e:8f:
34:8d:6b:6d:a8:85:d3:ac:cd:8e:86:aa:85:f3:78:
5e:a2:a8:b7:34:6d:a3:85:39:a3:93:2b:db:32:f5:
e0:74:6d:8c:e1:b4:54:3e:9f:4e:6c:e2:0b:70:ed:
92:bb:a9:8c:d5:b9:60:a5:df:e7:e6:c5:57:b5:8f:
86:f5:45:f7:ba:c9:a0:a4:ef:76:8b:6d:2a:61:ba:
0d:bc:35:bb:3e:9a:cc:aa:3b:4a:96:be:a3:bf:98:
f6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:84:82:65:8C:38:14:7C:F1:21:FA:F7:E8:46:83:23:DA:88:E4:BD
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/H4SCZYw4FHzxIfr36EaDI9qI5L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.200.0/22
95.173.208.0/21
185.2.40.0/22
IPv6:
2a02:a48:f000::/36
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
24:b6:cf:07:a8:7d:76:e0:5a:c4:e7:3a:23:01:f0:09:63:17:
0d:b3:bb:3a:38:32:64:fd:75:20:e5:8c:2e:9a:fa:84:ef:9f:
01:e4:13:fc:cb:a1:92:c9:b0:76:4e:09:a4:b6:9a:18:ad:e8:
5a:e7:7d:01:46:ec:d6:1f:cb:7c:25:04:10:a5:d0:32:d5:b1:
8b:92:ef:c0:33:ee:65:08:b2:f9:84:e2:43:96:49:33:c4:e2:
95:74:04:13:1d:d7:c4:6c:16:7d:2a:98:fb:14:e4:09:0d:16:
be:50:5f:8c:8a:62:7c:db:ab:37:2f:2c:5e:5a:0c:e3:0a:84:
e4:3b:b2:aa:a7:74:27:d7:79:ab:7f:4e:1d:3c:04:1b:bf:55:
44:f8:07:88:f7:59:78:d2:d8:fe:f4:6a:ed:b2:93:ec:de:59:
a5:14:40:71:c5:d8:51:b9:24:3c:05:af:be:83:8e:3f:62:54:
90:7e:0e:40:c6:c7:9a:94:04:43:fe:b7:00:3b:b6:10:5b:7b:
3e:c4:16:18:53:fc:16:2e:94:17:08:dd:98:2c:e2:0c:0f:bb:
95:9b:77:e7:cd:11:57:d7:db:c7:96:2a:0b:ff:5d:53:cf:6c:
b5:4c:3d:07:ed:cd:d9:53:bc:05:d0:6a:39:c0:fd:fb:de:a6:
3f:65:2b:06
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQm2ZGGAUfRRfXeG7i2omzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjUwMTAyMTE0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg0ODI2NThjMzgxNDdjZjEyMWZhZjdlODQ2ODMyM2RhODhlNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6prwbaytMru1aQyXs0vmqqKd27Ef
ooKw2aQ/EBdv7o8Sw5K3no0jMP5gA+cMO0sDFSI+YJA7jMtRRoeMIaVAge/NtMg1
/bWdmmkqVufVO1KAMAKTPRmVN9JqpjMgPXqtRSbHL3c58GcxC0s9MPYnP1W+2O1e
ERz0ydqYJEGPh2rJP7LBmjhbqhtDvBWBWvV9Xx8BYFSeW0oyG1zWU+V30ZXono80
jWttqIXTrM2OhqqF83heoqi3NG2jhTmjkyvbMvXgdG2M4bRUPp9ObOILcO2Su6mM
1blgpd/n5sVXtY+G9UX3usmgpO92i20qYboNvDW7PprMqjtKlr6jv5j2JwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFB+EgmWMOBR88SH69+hGgyPaiOS9MB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvSDRTQ1pZdzRGSHp4SWZyMzZFYURJOXFJNUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAYBAIAATASAwQCX63IAwQD
X63QAwQCuQIoMBUEAgACMA8DBgQqAgpI8AMFACoGXYAwDQYJKoZIhvcNAQELBQAD
ggEBACS2zweofXbgWsTnOiMB8AljFw2zuzo4MmT9dSDljC6a+oTvnwHkE/zLoZLJ
sHZOCaS2mhit6FrnfQFG7NYfy3wlBBCl0DLVsYuS78Az7mUIsvmE4kOWSTPE4pV0
BBMd18RsFn0qmPsU5AkNFr5QX4yKYnzbqzcvLF5aDOMKhOQ7sqqndCfXeat/Th08
BBu/VUT4B4j3WXjS2P70au2yk+zeWaUUQHHF2FG5JDwFr76Djj9iVJB+DkDGx5qU
BEP+twA7thBbez7EFhhT/BYulBcI3Zgs4gwPu5Wbd+fNEVfX28eWKgv/XVPPbLVM
PQftzdlTvAXQajnA/fvepj9lKwY=
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:21 2025 by rpki-client on console.sobornost.net