Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/H0nzbISenXARQ7LjMm13gCpgBwU.roa
File: H0nzbISenXARQ7LjMm13gCpgBwU.roa (raw, json)
Hash identifier: lx2NoDAlntNGOTqfrVMLC+nLmzh32KKsGBcKq8aFDes=
Subject key identifier: 1F:49:F3:6C:84:9E:9D:70:11:43:B2:E3:32:6D:77:80:2A:60:07:05
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0195B81AF75BF5C38BEC8FE04323B2E363E1
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/H0nzbISenXARQ7LjMm13gCpgBwU.roa
Signing time: Fri 21 Mar 2025 09:48:49 +0000
ROA not before: Fri 21 Mar 2025 09:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47894
IP address blocks: 94.103.36.0/24 maxlen: 24
94.103.37.0/24 maxlen: 24
94.103.38.0/24 maxlen: 24
94.103.41.0/24 maxlen: 24
94.103.42.0/24 maxlen: 24
94.103.43.0/24 maxlen: 24
185.35.20.0/24 maxlen: 24
185.35.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:1a:f7:5b:f5:c3:8b:ec:8f:e0:43:23:b2:e3:63:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Mar 21 09:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f49f36c849e9d701143b2e3326d77802a600705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:62:dc:da:6c:89:d4:89:95:72:2b:66:21:ac:
d2:a4:cb:92:d3:28:bb:21:2f:fd:d5:ea:6e:38:b9:
a5:dc:8d:1f:5a:67:ec:9a:46:87:86:ef:18:76:f9:
13:e5:7d:53:be:41:05:66:2d:bf:74:36:7c:8f:0d:
f5:3c:83:c2:a6:eb:bf:68:c4:ca:65:bd:92:96:85:
dd:ea:bc:33:38:4e:0c:c8:2d:b1:1e:96:2b:fb:7b:
0f:6c:90:b2:ff:63:95:e6:8b:83:e8:61:d4:0d:67:
3d:be:4f:ab:6b:85:2f:61:2e:cc:02:54:ad:48:76:
d4:67:21:59:5c:d5:77:b4:cc:68:10:3e:bc:01:56:
ca:0c:9b:2f:e5:8b:ea:1a:33:b2:1d:98:ca:0e:62:
03:a4:7b:66:39:17:e0:26:52:c0:52:e0:0b:91:be:
cd:9b:5c:15:35:8a:e1:63:e7:33:73:5c:66:d9:ea:
6e:ff:55:87:a4:1a:fb:08:df:a6:d5:41:3e:77:f6:
81:d5:ee:93:88:67:1e:0a:4e:cf:47:1e:2d:15:54:
dc:ff:c1:dd:98:9a:c9:a0:13:69:02:1e:97:08:11:
be:bc:37:71:2d:60:e9:2d:24:21:35:8d:38:08:65:
27:20:f2:ad:a6:a7:b8:1f:b7:a5:ee:26:39:0d:64:
e5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:49:F3:6C:84:9E:9D:70:11:43:B2:E3:32:6D:77:80:2A:60:07:05
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/H0nzbISenXARQ7LjMm13gCpgBwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.36.0-94.103.38.255
94.103.41.0-94.103.43.255
185.35.20.0/24
185.35.23.0/24
Signature Algorithm: sha256WithRSAEncryption
07:c9:da:bf:4f:60:d7:48:ca:fa:aa:3d:f4:b5:1d:20:2a:8e:
52:c7:83:b4:7e:2f:fa:27:48:f3:f9:67:da:0e:c6:19:49:55:
81:6a:33:7a:a9:36:47:30:2e:ba:24:6f:55:7c:60:ed:95:b2:
be:14:a7:79:41:45:a5:30:b1:29:4f:3b:eb:c7:c5:b1:b5:fa:
80:0f:39:cf:2a:dc:f0:ee:b4:b0:f2:a7:02:2c:15:d5:39:ea:
66:1a:e1:5f:14:dd:c1:5d:3c:ba:bf:d3:9a:a7:84:c1:4d:a5:
5e:ea:6a:1e:a5:e5:36:dc:34:44:06:fc:a0:7c:04:ff:55:8e:
1a:f8:3f:0f:13:a7:88:04:5f:99:10:f6:52:8b:74:04:4f:dc:
e0:27:8c:b6:2e:d9:58:a5:e8:37:e4:65:f2:72:6d:2a:ea:25:
79:de:bd:2e:2a:86:a9:cf:ae:c5:cd:ba:12:ce:80:c9:99:15:
ce:51:a7:17:53:c0:58:02:95:bd:58:87:0d:4e:b9:b7:62:f6:
ea:c2:e2:fd:27:e1:0e:71:6a:4b:4c:e8:d2:e3:17:f0:d0:88:
8c:84:27:0c:63:18:2e:c0:c3:6d:3a:c9:ab:e4:fe:1b:81:b2:
07:01:65:62:2e:10:4f:a3:c7:9e:8b:45:97:f2:5c:49:24:80:
55:d0:15:a4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZW4Gvdb9cOL7I/gQyOy42PhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjUwMzIxMDk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQ5ZjM2Yzg0OWU5ZDcwMTE0M2IyZTMzMjZkNzc4MDJhNjAwNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumLc2myJ1ImVcitmIazSpMuS0yi7
IS/91epuOLml3I0fWmfsmkaHhu8YdvkT5X1TvkEFZi2/dDZ8jw31PIPCpuu/aMTK
Zb2SloXd6rwzOE4MyC2xHpYr+3sPbJCy/2OV5ouD6GHUDWc9vk+ra4UvYS7MAlSt
SHbUZyFZXNV3tMxoED68AVbKDJsv5YvqGjOyHZjKDmIDpHtmORfgJlLAUuALkb7N
m1wVNYrhY+czc1xm2epu/1WHpBr7CN+m1UE+d/aB1e6TiGceCk7PRx4tFVTc/8Hd
mJrJoBNpAh6XCBG+vDdxLWDpLSQhNY04CGUnIPKtpqe4H7el7iY5DWTlmQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFB9J82yEnp1wEUOy4zJtd4AqYAcFMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvSDBuemJJU2VuWEFSUTdMak1tMTNnQ3BnQndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAJeZyQD
BABeZyYwDAMEAF5nKQMEAl5nKAMEALkjFAMEALkjFzANBgkqhkiG9w0BAQsFAAOC
AQEAB8nav09g10jK+qo99LUdICqOUseDtH4v+idI8/ln2g7GGUlVgWozeqk2RzAu
uiRvVXxg7ZWyvhSneUFFpTCxKU8768fFsbX6gA85zyrc8O60sPKnAiwV1TnqZhrh
XxTdwV08ur/TmqeEwU2lXupqHqXlNtw0RAb8oHwE/1WOGvg/DxOniARfmRD2Uot0
BE/c4CeMti7ZWKXoN+Rl8nJtKuoled69LiqGqc+uxc26Es6AyZkVzlGnF1PAWAKV
vViHDU65t2L26sLi/SfhDnFqS0zo0uMX8NCIjIQnDGMYLsDDbTrJq+T+G4GyBwFl
Yi4QT6PHnotFl/JcSSSAVdAVpA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:15 2025 by rpki-client on console.sobornost.net