Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/HrI_ZNL0dOaa5SSqv99U6ELy6t4.roa
File: HrI_ZNL0dOaa5SSqv99U6ELy6t4.roa (raw, json)
Hash identifier: n13hSIM8J7SvepGBD+Vp8UM2xhOsDHmf6h7aK70kh0Q=
Subject key identifier: 1E:B2:3F:64:D2:F4:74:E6:9A:E5:24:AA:BF:DF:54:E8:42:F2:EA:DE
Certificate issuer: /CN=0321bfea0305c48e949e6c249f4810b46905c886
Certificate serial: 01942445775839C766298017EC3D463F0C8F
Authority key identifier: 03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/HrI_ZNL0dOaa5SSqv99U6ELy6t4.roa
Signing time: Wed 01 Jan 2025 23:48:39 +0000
ROA not before: Wed 01 Jan 2025 23:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393262
IP address blocks: 45.10.131.0/24 maxlen: 24
77.81.141.0/24 maxlen: 24
78.159.151.0/24 maxlen: 24
89.44.34.0/24 maxlen: 24
91.92.32.0/24 maxlen: 24
91.92.36.0/24 maxlen: 24
91.92.37.0/24 maxlen: 24
91.231.3.0/24 maxlen: 24
95.214.76.0/24 maxlen: 24
95.214.77.0/24 maxlen: 24
95.214.78.0/24 maxlen: 24
95.214.79.0/24 maxlen: 24
194.147.64.0/24 maxlen: 24
194.147.65.0/24 maxlen: 24
212.11.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:77:58:39:c7:66:29:80:17:ec:3d:46:3f:0c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0321bfea0305c48e949e6c249f4810b46905c886
Validity
Not Before: Jan 1 23:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1eb23f64d2f474e69ae524aabfdf54e842f2eade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1f:43:3d:aa:9e:b7:85:57:19:1e:02:ad:2c:
97:53:8b:50:de:79:c6:a2:93:ac:84:5a:d9:cf:38:
d6:d8:5d:6d:98:a3:6a:38:b7:2f:eb:37:27:f1:78:
78:8f:e5:8a:3f:f2:da:ac:36:d0:06:3d:ee:8f:db:
b4:3a:d3:dd:3f:ba:d6:2e:2a:ba:cb:c1:2e:68:69:
6c:6e:39:0e:9d:54:15:34:fc:49:f1:cc:e7:d9:32:
b3:df:30:16:11:ee:07:ba:86:50:96:51:47:83:d4:
d3:48:b5:c2:19:1c:37:f1:92:15:83:18:97:7c:71:
9b:cb:47:1f:e2:65:ca:40:ac:31:73:ef:92:22:d6:
17:ef:51:6e:00:9a:5a:8b:49:5c:b7:e2:0b:f9:67:
a3:a7:4a:6a:72:96:8f:45:31:1f:fe:dd:7e:1b:6f:
f1:37:d2:13:63:05:c0:b2:d1:b8:71:43:3c:c6:08:
ed:5c:94:7b:9e:87:10:de:84:95:f3:66:18:04:af:
9f:2e:e9:63:66:d8:96:8f:05:f5:92:15:49:4c:33:
20:ab:d5:b6:9a:30:ce:5c:82:2b:70:a6:d3:d6:80:
33:2d:cf:c8:fb:67:c3:61:21:bc:d7:cd:0f:e3:aa:
a1:e7:c5:45:50:a8:ff:63:27:d3:a7:88:5a:35:14:
f1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B2:3F:64:D2:F4:74:E6:9A:E5:24:AA:BF:DF:54:E8:42:F2:EA:DE
X509v3 Authority Key Identifier:
keyid:03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/HrI_ZNL0dOaa5SSqv99U6ELy6t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/AyG_6gMFxI6Unmwkn0gQtGkFyIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.131.0/24
77.81.141.0/24
78.159.151.0/24
89.44.34.0/24
91.92.32.0/24
91.92.36.0/23
91.231.3.0/24
95.214.76.0/22
194.147.64.0/23
212.11.95.0/24
Signature Algorithm: sha256WithRSAEncryption
56:58:2f:83:c7:77:2e:d1:0f:a3:42:6e:70:7b:7d:f0:39:1a:
1c:5d:3d:eb:5d:0b:db:66:c0:f4:46:e5:3d:0e:f6:2e:25:01:
4d:57:b5:f7:7e:db:11:31:3b:af:ed:5b:5d:e8:21:31:a8:2a:
a0:77:16:36:ce:7e:78:a4:91:82:d5:09:38:4e:fd:5d:95:54:
54:72:8c:a3:c9:06:58:1b:7e:a9:b3:b0:69:7c:80:a0:b4:80:
dc:03:8b:52:bf:64:74:d1:75:d6:3f:57:8c:67:38:97:d5:13:
92:18:6d:cb:5d:db:b8:ac:a3:8e:41:04:e5:de:2c:ea:27:00:
ca:d2:76:68:8a:c3:4a:57:3e:f2:83:59:38:cd:65:cd:b3:d6:
de:49:76:1b:c9:33:8d:45:4d:f2:7d:78:6d:68:d5:91:d7:fd:
39:b3:2d:f2:ae:d6:0d:a6:47:2b:81:86:80:5e:4b:34:1a:bf:
5b:ec:3d:f9:d1:d3:31:27:d6:c3:1d:ea:94:aa:10:f8:65:b0:
72:b7:0d:08:a5:ff:77:16:0f:88:e7:38:9d:ba:ab:d7:e3:b0:
68:1b:66:2f:75:42:6a:3d:3b:0c:e9:99:39:bb:bb:fa:a4:79:
c7:5a:f1:9f:9a:a0:35:87:79:2b:b1:7f:84:2d:3f:40:a9:e9:
71:41:c9:1e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQkRXdYOcdmKYAX7D1GPwyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjFiZmVhMDMwNWM0OGU5NDllNmMyNDlmNDgxMGI0Njkw
NWM4ODYwHhcNMjUwMTAxMjM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIyM2Y2NGQyZjQ3NGU2OWFlNTI0YWFiZmRmNTRlODQyZjJlYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR9DPaqet4VXGR4CrSyXU4tQ3nnG
opOshFrZzzjW2F1tmKNqOLcv6zcn8Xh4j+WKP/LarDbQBj3uj9u0OtPdP7rWLiq6
y8EuaGlsbjkOnVQVNPxJ8czn2TKz3zAWEe4HuoZQllFHg9TTSLXCGRw38ZIVgxiX
fHGby0cf4mXKQKwxc++SItYX71FuAJpai0lct+IL+Wejp0pqcpaPRTEf/t1+G2/x
N9ITYwXAstG4cUM8xgjtXJR7nocQ3oSV82YYBK+fLuljZtiWjwX1khVJTDMgq9W2
mjDOXIIrcKbT1oAzLc/I+2fDYSG8180P46qh58VFUKj/YyfTp4haNRTx1QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB6yP2TS9HTmmuUkqr/fVOhC8ureMB8GA1UdIwQY
MBaAFAMhv+oDBcSOlJ5sJJ9IELRpBciGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlHXzZnTUZ4STZVbm13a24wZ1F0R2tGeUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMWRhMmItNzdiZC00MWM3LWJiZjMt
NTYwYzllN2MwNzQ3LzEvSHJJX1pOTDBkT2FhNVNTcXY5OVU2RUx5NnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMWRhMmItNzdiZC00MWM3LWJiZjMtNTYwYzllN2MwNzQ3
LzEvQXlHXzZnTUZ4STZVbm13a24wZ1F0R2tGeUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQqDAwQA
TVGNAwQATp+XAwQAWSwiAwQAW1wgAwQBW1wkAwQAW+cDAwQCX9ZMAwQBwpNAAwQA
1AtfMA0GCSqGSIb3DQEBCwUAA4IBAQBWWC+Dx3cu0Q+jQm5we33wORocXT3rXQvb
ZsD0RuU9DvYuJQFNV7X3ftsRMTuv7Vtd6CExqCqgdxY2zn54pJGC1Qk4Tv1dlVRU
coyjyQZYG36ps7BpfICgtIDcA4tSv2R00XXWP1eMZziX1ROSGG3LXdu4rKOOQQTl
3izqJwDK0nZoisNKVz7yg1k4zWXNs9beSXYbyTONRU3yfXhtaNWR1/05sy3yrtYN
pkcrgYaAXks0Gr9b7D350dMxJ9bDHeqUqhD4ZbBytw0Ipf93Fg+I5ziduqvX47Bo
G2YvdUJqPTsM6Zk5u7v6pHnHWvGfmqA1h3krsX+ELT9AqelxQcke
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:09 2025 by rpki-client on console.sobornost.net