Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/818142-c138-44bb-922b-d305730b5368/1/hfSj4Acr0ZdBdVZF-bmfhSWxDR0.roa
File: hfSj4Acr0ZdBdVZF-bmfhSWxDR0.roa (raw, json)
Hash identifier: qMvzKdtsac1CrAS5/GB10mnE0HZEb+d2b/OglfbpJc0=
Subject key identifier: 85:F4:A3:E0:07:2B:D1:97:41:75:56:45:F9:B9:9F:85:25:B1:0D:1D
Certificate issuer: /CN=dd52ad090b54678e0968e69955c25049434d96c8
Certificate serial: 019423D6E7FD3234B63C67787C6B94CD33A5
Authority key identifier: DD:52:AD:09:0B:54:67:8E:09:68:E6:99:55:C2:50:49:43:4D:96:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VKtCQtUZ44JaOaZVcJQSUNNlsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/818142-c138-44bb-922b-d305730b5368/1/hfSj4Acr0ZdBdVZF-bmfhSWxDR0.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28951
IP address blocks: 195.47.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e7:fd:32:34:b6:3c:67:78:7c:6b:94:cd:33:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd52ad090b54678e0968e69955c25049434d96c8
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85f4a3e0072bd19741755645f9b99f8525b10d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:be:78:34:69:07:7b:4c:c7:cf:98:37:3a:
a5:60:e7:dd:35:ca:ef:19:09:83:3c:14:75:46:d3:
7b:f1:7c:77:5c:0d:6c:d9:d5:d1:31:ca:f9:93:a4:
5e:8a:30:a5:45:13:87:6e:ae:ad:4a:fb:fd:c1:29:
33:02:88:f2:d8:a1:3c:47:c8:1a:e8:b7:88:83:b1:
f6:d2:4a:89:43:cb:0c:e0:5c:2b:2d:0d:df:81:c3:
8f:e6:57:35:22:1d:0e:8a:77:0a:66:69:c1:63:11:
42:88:72:3b:3c:15:63:c4:ec:0d:c6:94:46:71:4c:
10:c2:33:d8:ae:85:4b:55:b8:37:1d:00:f8:74:bb:
f7:8a:08:b4:03:7d:a2:ec:dc:f1:97:f8:62:0e:f0:
ac:9a:70:bb:1f:ee:0a:d5:25:94:25:aa:a7:32:e7:
76:be:91:fd:4a:4e:ef:91:85:74:1d:e2:e8:93:51:
e7:45:e8:2b:74:6c:99:9e:64:b4:46:ff:83:3a:ac:
a5:e0:71:34:b3:6f:3a:a4:ad:84:3e:d3:1c:53:b9:
1a:0c:41:52:e8:ea:ed:fa:13:c1:9f:82:cc:09:ed:
e8:f0:41:66:73:9d:7c:87:d7:65:11:29:47:37:b7:
cc:7a:16:c4:51:c3:89:d2:1b:0e:40:51:64:52:3a:
61:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F4:A3:E0:07:2B:D1:97:41:75:56:45:F9:B9:9F:85:25:B1:0D:1D
X509v3 Authority Key Identifier:
keyid:DD:52:AD:09:0B:54:67:8E:09:68:E6:99:55:C2:50:49:43:4D:96:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VKtCQtUZ44JaOaZVcJQSUNNlsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/818142-c138-44bb-922b-d305730b5368/1/hfSj4Acr0ZdBdVZF-bmfhSWxDR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/818142-c138-44bb-922b-d305730b5368/1/3VKtCQtUZ44JaOaZVcJQSUNNlsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.213.0/24
Signature Algorithm: sha256WithRSAEncryption
23:1d:2f:2e:e8:d6:c3:4f:e2:17:05:96:eb:70:67:3f:ed:d4:
bf:2e:80:a9:67:76:fc:5b:f8:49:f2:36:da:ea:d3:d2:32:c8:
be:6b:bd:a7:81:04:66:da:78:b9:86:31:02:ea:f0:5f:74:d8:
02:cf:21:21:12:8d:ee:c6:bc:76:ab:d2:0d:09:cd:c4:e1:1a:
c2:14:c3:84:89:93:18:b8:32:8c:e5:aa:45:d8:09:bb:1e:53:
b9:e9:1d:75:a4:62:84:e0:21:dc:a1:bd:68:ff:ec:10:83:31:
01:57:86:71:27:9b:a7:6d:3b:e9:0b:91:a7:51:30:f1:3d:5d:
e2:27:d2:75:54:60:af:e2:f7:c5:61:86:84:4f:4d:ff:2b:ee:
84:a7:93:c4:c7:4a:ba:cd:03:80:58:6c:d4:bd:4c:1e:53:a9:
6d:5d:60:0b:e5:86:94:9a:dd:a8:88:18:a4:84:61:db:28:7d:
d9:d7:cf:d7:67:23:72:32:5c:2b:50:0a:8d:38:9a:e2:2f:5e:
41:13:e9:3d:46:7e:bc:f0:c7:6f:83:8a:e1:23:47:5b:41:8d:
70:2f:25:fe:7f:54:ea:91:b3:a4:45:05:d0:f4:4f:8e:e2:b3:
1b:cf:50:1f:26:9c:83:1e:94:3c:cc:b4:7e:82:0d:30:74:76:
cf:11:f5:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1uf9MjS2PGd4fGuUzTOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTJhZDA5MGI1NDY3OGUwOTY4ZTY5OTU1YzI1MDQ5NDM0
ZDk2YzgwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWY0YTNlMDA3MmJkMTk3NDE3NTU2NDVmOWI5OWY4NTI1YjEwZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbS+eDRpB3tMx8+YNzqlYOfdNcrv
GQmDPBR1RtN78Xx3XA1s2dXRMcr5k6ReijClRROHbq6tSvv9wSkzAojy2KE8R8ga
6LeIg7H20kqJQ8sM4FwrLQ3fgcOP5lc1Ih0OincKZmnBYxFCiHI7PBVjxOwNxpRG
cUwQwjPYroVLVbg3HQD4dLv3igi0A32i7Nzxl/hiDvCsmnC7H+4K1SWUJaqnMud2
vpH9Sk7vkYV0HeLok1HnRegrdGyZnmS0Rv+DOqyl4HE0s286pK2EPtMcU7kaDEFS
6Ort+hPBn4LMCe3o8EFmc518h9dlESlHN7fMehbEUcOJ0hsOQFFkUjph9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX0o+AHK9GXQXVWRfm5n4UlsQ0dMB8GA1UdIwQY
MBaAFN1SrQkLVGeOCWjmmVXCUElDTZbIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZLdENRdFVaNDRKYU9hWlZjSlFTVU5ObHNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84MTgxNDItYzEzOC00NGJiLTkyMmIt
ZDMwNTczMGI1MzY4LzEvaGZTajRBY3IwWmRCZFZaRi1ibWZoU1d4RFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84MTgxNDItYzEzOC00NGJiLTkyMmItZDMwNTczMGI1MzY4
LzEvM1ZLdENRdFVaNDRKYU9hWlZjSlFTVU5ObHNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/VMA0G
CSqGSIb3DQEBCwUAA4IBAQAjHS8u6NbDT+IXBZbrcGc/7dS/LoCpZ3b8W/hJ8jba
6tPSMsi+a72ngQRm2ni5hjEC6vBfdNgCzyEhEo3uxrx2q9INCc3E4RrCFMOEiZMY
uDKM5apF2Am7HlO56R11pGKE4CHcob1o/+wQgzEBV4ZxJ5unbTvpC5GnUTDxPV3i
J9J1VGCv4vfFYYaET03/K+6Ep5PEx0q6zQOAWGzUvUweU6ltXWAL5YaUmt2oiBik
hGHbKH3Z18/XZyNyMlwrUAqNOJriL15BE+k9Rn688Mdvg4rhI0dbQY1wLyX+f1Tq
kbOkRQXQ9E+O4rMbz1AfJpyDHpQ8zLR+gg0wdHbPEfXj
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:32 2025 by rpki-client on console.sobornost.net