Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/hGH_yKtqtaewmmke-m1I7cISSH0.roa
File: hGH_yKtqtaewmmke-m1I7cISSH0.roa (raw, json)
Hash identifier: T3QXU6gMQq0RcA3qUlvm1jUKiUtDYtXE4Lz78+TSbU8=
Subject key identifier: 84:61:FF:C8:AB:6A:B5:A7:B0:9A:69:1E:FA:6D:48:ED:C2:12:48:7D
Certificate issuer: /CN=cf40e25606651a075484c709fa766d80dad52d9c
Certificate serial: 0194258F5A7EB382C859A26C01094F66D375
Authority key identifier: CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/hGH_yKtqtaewmmke-m1I7cISSH0.roa
Signing time: Thu 02 Jan 2025 05:48:59 +0000
ROA not before: Thu 02 Jan 2025 05:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25350
IP address blocks: 81.200.224.0/20 maxlen: 20
81.200.224.0/21 maxlen: 21
81.200.224.0/24 maxlen: 24
81.200.225.0/24 maxlen: 24
81.200.226.0/24 maxlen: 24
81.200.227.0/24 maxlen: 24
81.200.228.0/24 maxlen: 24
81.200.229.0/24 maxlen: 24
81.200.230.0/24 maxlen: 24
81.200.231.0/24 maxlen: 24
81.200.232.0/21 maxlen: 21
81.200.232.0/24 maxlen: 24
81.200.233.0/24 maxlen: 24
81.200.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5a:7e:b3:82:c8:59:a2:6c:01:09:4f:66:d3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40e25606651a075484c709fa766d80dad52d9c
Validity
Not Before: Jan 2 05:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8461ffc8ab6ab5a7b09a691efa6d48edc212487d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:34:e6:2d:cf:42:18:dd:3f:52:7a:9c:d2:
ef:4c:68:cf:5e:15:c3:e7:5f:a8:99:2c:f6:42:aa:
df:2c:04:ea:d5:1f:9d:ee:5c:b1:bb:70:55:91:d0:
50:24:a3:d5:3c:cd:e4:8f:81:13:be:23:d6:1c:d1:
18:d8:f0:44:94:60:cc:08:6f:1a:16:b1:53:ed:cf:
fb:d1:50:d6:d0:14:f4:2c:ab:4e:e2:f8:08:86:77:
07:16:6a:55:2f:ae:db:67:11:75:16:39:44:1a:2f:
28:05:7d:d8:af:bc:8f:f9:65:b2:4e:84:5e:3e:1a:
99:b5:20:d3:2e:c4:8d:13:c8:29:07:1f:40:63:bd:
a1:ce:bb:e5:26:46:10:e8:a8:0f:53:e9:17:63:d9:
ca:13:d2:4f:1f:71:9a:af:93:3c:b8:f6:4b:c9:ad:
e6:3f:8e:65:4b:61:32:fc:0d:af:db:32:cc:2b:26:
f9:1d:e6:2f:fc:98:28:49:df:f2:e9:cd:e0:0f:8e:
a2:12:6d:9f:ec:13:e7:be:ed:04:0b:47:ab:1a:c0:
d8:1a:2f:ca:07:48:13:1d:2f:91:88:8d:c3:3b:4c:
58:03:e3:30:85:b5:c2:b2:8b:df:a3:81:db:dd:1a:
6f:02:12:30:23:d4:22:ce:2d:72:14:bc:8d:09:30:
38:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:61:FF:C8:AB:6A:B5:A7:B0:9A:69:1E:FA:6D:48:ED:C2:12:48:7D
X509v3 Authority Key Identifier:
keyid:CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/hGH_yKtqtaewmmke-m1I7cISSH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.224.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:30:4a:a1:89:eb:5f:19:4a:71:c1:3d:fb:32:23:0d:12:25:
27:b9:e3:6d:1c:02:87:4b:54:9f:ae:94:1d:8f:62:60:44:c0:
75:cd:76:01:dd:34:51:c3:8f:9b:a3:83:57:94:f5:7b:d4:93:
8f:73:e8:26:26:7e:40:f2:34:39:52:8d:88:36:68:e5:21:ef:
25:2c:1c:fc:e7:39:7b:25:e5:35:c0:7a:7b:dc:0d:a5:f2:6d:
10:9e:47:67:e8:00:af:7b:a3:2d:dd:21:0c:1d:b3:15:a6:2d:
c8:1d:f0:84:be:56:20:03:e4:48:b0:9b:1f:37:c2:c4:8a:92:
ec:be:09:bf:71:3f:16:3d:ef:75:cc:77:08:87:88:92:0c:91:
bc:e2:46:43:04:56:f0:0b:11:72:05:ad:a4:bd:c6:f3:20:09:
32:80:5d:b1:04:0a:ff:41:d4:a5:44:81:07:3b:f5:82:ca:b2:
d5:77:05:55:09:96:0e:fc:dc:4f:7c:83:92:66:3d:14:0a:72:
60:7c:38:29:bc:df:33:90:8d:41:32:44:ca:a8:7d:28:25:84:
37:5a:a7:90:30:7d:d1:b3:e2:00:e6:45:5c:b6:66:f8:21:35:
92:c8:2a:87:72:96:b3:cf:ae:b1:7f:a5:a6:5d:f4:93:f1:d2:
44:16:1e:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj1p+s4LIWaJsAQlPZtN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBlMjU2MDY2NTFhMDc1NDg0YzcwOWZhNzY2ZDgwZGFk
NTJkOWMwHhcNMjUwMTAyMDU0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDYxZmZjOGFiNmFiNWE3YjA5YTY5MWVmYTZkNDhlZGMyMTI0ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx005i3PQhjdP1J6nNLvTGjPXhXD
51+omSz2QqrfLATq1R+d7lyxu3BVkdBQJKPVPM3kj4ETviPWHNEY2PBElGDMCG8a
FrFT7c/70VDW0BT0LKtO4vgIhncHFmpVL67bZxF1FjlEGi8oBX3Yr7yP+WWyToRe
PhqZtSDTLsSNE8gpBx9AY72hzrvlJkYQ6KgPU+kXY9nKE9JPH3Gar5M8uPZLya3m
P45lS2Ey/A2v2zLMKyb5HeYv/JgoSd/y6c3gD46iEm2f7BPnvu0EC0erGsDYGi/K
B0gTHS+RiI3DO0xYA+MwhbXCsovfo4Hb3RpvAhIwI9Qizi1yFLyNCTA4fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRh/8irarWnsJppHvptSO3CEkh9MB8GA1UdIwQY
MBaAFM9A4lYGZRoHVITHCfp2bYDa1S2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAt
ZTk5N2U1NThkNzNhLzEvaEdIX3lLdHF0YWV3bW1rZS1tMUk3Y0lTU0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAtZTk5N2U1NThkNzNh
LzEvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUcjgMA0G
CSqGSIb3DQEBCwUAA4IBAQCNMEqhietfGUpxwT37MiMNEiUnueNtHAKHS1SfrpQd
j2JgRMB1zXYB3TRRw4+bo4NXlPV71JOPc+gmJn5A8jQ5Uo2INmjlIe8lLBz85zl7
JeU1wHp73A2l8m0Qnkdn6ACve6Mt3SEMHbMVpi3IHfCEvlYgA+RIsJsfN8LEipLs
vgm/cT8WPe91zHcIh4iSDJG84kZDBFbwCxFyBa2kvcbzIAkygF2xBAr/QdSlRIEH
O/WCyrLVdwVVCZYO/NxPfIOSZj0UCnJgfDgpvN8zkI1BMkTKqH0oJYQ3WqeQMH3R
s+IA5kVctmb4ITWSyCqHcpazz66xf6WmXfST8dJEFh4b
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:31 2025 by rpki-client on console.sobornost.net