Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/hOElLow0GDC_MeYSYyQtIC3PMlk.roa
File: hOElLow0GDC_MeYSYyQtIC3PMlk.roa (raw, json)
Hash identifier: A9+MJu+DhgYz/Pw7HTVC22t0LXuV3VUYuTahobeq0Fw=
Subject key identifier: 84:E1:25:2E:8C:34:18:30:BF:31:E6:12:63:24:2D:20:2D:CF:32:59
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 01948DE671E8AA6007AC387EEC816E6B3E36
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/hOElLow0GDC_MeYSYyQtIC3PMlk.roa
Signing time: Wed 22 Jan 2025 12:04:37 +0000
ROA not before: Wed 22 Jan 2025 12:04:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203936
IP address blocks: 45.144.248.0/22 maxlen: 22
89.40.238.0/24 maxlen: 24
89.43.72.0/24 maxlen: 24
89.43.198.0/24 maxlen: 24
89.44.145.0/24 maxlen: 24
185.237.136.0/22 maxlen: 24
185.237.138.0/24 maxlen: 24
185.249.232.0/24 maxlen: 24
185.253.144.0/22 maxlen: 22
185.253.145.0/24 maxlen: 24
185.253.146.0/24 maxlen: 24
185.253.147.0/24 maxlen: 24
193.39.92.0/22 maxlen: 22
193.39.92.0/24 maxlen: 24
193.39.93.0/24 maxlen: 24
193.39.94.0/24 maxlen: 24
194.15.219.0/24 maxlen: 24
194.15.232.0/24 maxlen: 24
194.15.236.0/24 maxlen: 24
194.26.1.0/24 maxlen: 24
2a03:6280::/29 maxlen: 29
2a0c:1380::/29 maxlen: 29
2a0c:3cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8d:e6:71:e8:aa:60:07:ac:38:7e:ec:81:6e:6b:3e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Jan 22 12:04:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84e1252e8c341830bf31e61263242d202dcf3259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c5:fd:6f:40:fc:20:65:d3:4e:d3:7c:0b:99:
74:10:01:93:3f:62:d6:ec:55:eb:3c:80:f4:32:30:
01:9f:b2:87:c6:0d:19:fc:d7:52:44:a8:00:8d:5a:
7c:57:d0:cf:e6:89:01:de:cd:95:55:ea:d9:2c:67:
64:78:00:5a:db:05:73:14:d2:50:8c:a2:bd:da:f9:
f4:fa:e0:6f:df:e3:6e:b6:3a:6b:73:58:89:40:72:
6a:24:fc:62:ca:7e:8a:8d:1f:b5:21:a5:dd:60:2a:
e8:ad:b8:a3:fd:ea:3f:5e:fc:a1:4a:1e:f7:dd:25:
f4:dc:54:82:a6:5c:b9:55:45:37:e8:74:16:e3:2a:
7a:07:cc:b6:0a:04:d2:24:2a:94:c4:17:28:08:82:
a4:77:2d:27:fe:82:ba:4b:77:d4:06:94:e8:21:de:
11:a4:8a:b3:00:88:84:d3:56:e9:0b:13:a2:3e:64:
dd:ef:d0:67:8b:fa:b9:e5:42:60:fe:9b:ae:16:d2:
0e:2b:e6:a2:7a:a1:5b:53:eb:ae:77:cc:55:ef:ac:
0a:63:66:4a:cc:a5:ef:6e:f5:18:6d:8f:50:ed:8b:
df:c4:02:54:8b:3b:49:60:29:78:d0:75:4b:71:54:
81:87:dc:71:4d:b9:7b:11:02:cc:06:d7:c7:44:a7:
0a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E1:25:2E:8C:34:18:30:BF:31:E6:12:63:24:2D:20:2D:CF:32:59
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/hOElLow0GDC_MeYSYyQtIC3PMlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.248.0/22
89.40.238.0/24
89.43.72.0/24
89.43.198.0/24
89.44.145.0/24
185.237.136.0/22
185.249.232.0/24
185.253.144.0/22
193.39.92.0/22
194.15.219.0/24
194.15.232.0/24
194.15.236.0/24
194.26.1.0/24
IPv6:
2a03:6280::/29
2a0c:1380::/29
2a0c:3cc0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:cd:c7:c3:fc:d8:c2:68:b7:e8:58:d9:13:a3:ba:75:ef:50:
8b:99:c5:78:08:ad:60:a1:f5:e8:28:72:43:92:7e:dd:29:c3:
1d:55:61:94:3e:af:7c:c4:1c:1c:1d:96:a9:4b:02:4c:0b:ec:
90:3b:31:10:95:ac:2b:bb:37:08:d3:84:cb:0c:df:17:97:7c:
55:b5:ac:98:44:aa:b9:24:63:5a:d8:08:01:6f:45:60:47:e2:
24:6e:f2:55:fe:3c:06:87:cd:bc:40:4b:27:94:52:d6:f1:4d:
0e:ee:82:c3:9a:36:c5:fc:e5:84:a0:c2:9b:9a:35:ec:e1:73:
32:45:dd:64:b3:96:24:be:7a:0e:43:b7:5e:58:7e:dd:b4:49:
b2:03:67:58:35:a4:49:13:17:6f:d6:c0:83:03:b0:2d:89:83:
35:76:df:54:a7:45:5c:1c:d0:73:ff:28:03:eb:e2:c6:4a:ab:
12:43:c0:0a:5c:65:79:8c:7b:54:f8:bb:46:78:87:9c:3d:dd:
a9:38:d2:37:70:36:6b:16:27:36:c7:54:9f:ed:f8:d8:96:98:
1e:14:57:25:ea:c9:e8:a9:76:d1:b1:f6:d0:c3:b0:65:8a:35:
ec:a9:06:fc:f5:f6:9a:cc:7a:ca:46:02:e5:c1:4a:31:0e:a5:
77:dc:7c:30
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZSN5nHoqmAHrDh+7IFuaz42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjUwMTIyMTIwNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGUxMjUyZThjMzQxODMwYmYzMWU2MTI2MzI0MmQyMDJkY2YzMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMX9b0D8IGXTTtN8C5l0EAGTP2LW
7FXrPID0MjABn7KHxg0Z/NdSRKgAjVp8V9DP5okB3s2VVerZLGdkeABa2wVzFNJQ
jKK92vn0+uBv3+Nutjprc1iJQHJqJPxiyn6KjR+1IaXdYCrorbij/eo/XvyhSh73
3SX03FSCply5VUU36HQW4yp6B8y2CgTSJCqUxBcoCIKkdy0n/oK6S3fUBpToId4R
pIqzAIiE01bpCxOiPmTd79Bni/q55UJg/puuFtIOK+aieqFbU+uud8xV76wKY2ZK
zKXvbvUYbY9Q7YvfxAJUiztJYCl40HVLcVSBh9xxTbl7EQLMBtfHRKcKPwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFIThJS6MNBgwvzHmEmMkLSAtzzJZMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvaE9FbExvdzBHRENfTWVZU1l5UXRJQzNQTWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAi2Q+AME
AFko7gMEAFkrSAMEAFkrxgMEAFkskQMEArntiAMEALn56AMEArn9kAMEAsEnXAME
AMIP2wMEAMIP6AMEAMIP7AMEAMIaATAbBAIAAjAVAwUDKgNigAMFAyoME4ADBQAq
DDzAMA0GCSqGSIb3DQEBCwUAA4IBAQBLzcfD/NjCaLfoWNkTo7p171CLmcV4CK1g
ofXoKHJDkn7dKcMdVWGUPq98xBwcHZapSwJMC+yQOzEQlawruzcI04TLDN8Xl3xV
tayYRKq5JGNa2AgBb0VgR+IkbvJV/jwGh828QEsnlFLW8U0O7oLDmjbF/OWEoMKb
mjXs4XMyRd1ks5YkvnoOQ7deWH7dtEmyA2dYNaRJExdv1sCDA7AtiYM1dt9Up0Vc
HNBz/ygD6+LGSqsSQ8AKXGV5jHtU+LtGeIecPd2pONI3cDZrFic2x1Sf7fjYlpge
FFcl6snoqXbRsfbQw7BlijXsqQb89faazHrKRgLlwUoxDqV33Hww
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:53:03 2025 by rpki-client on console.sobornost.net