Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/HMJLEkPGlr7x44aeMyDl-iD3-H0.roa
File: HMJLEkPGlr7x44aeMyDl-iD3-H0.roa (raw, json)
Hash identifier: L+qMMZpme30javZoQJKYZdKfiPeTzWKpuVRpIrhWgDs=
Subject key identifier: 1C:C2:4B:12:43:C6:96:BE:F1:E3:86:9E:33:20:E5:FA:20:F7:F8:7D
Certificate issuer: /CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Certificate serial: 019426D96C4BD253BBB73380CE04C06FFCE9
Authority key identifier: D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/HMJLEkPGlr7x44aeMyDl-iD3-H0.roa
Signing time: Thu 02 Jan 2025 11:49:30 +0000
ROA not before: Thu 02 Jan 2025 11:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43342
IP address blocks: 91.135.178.0/23 maxlen: 23
91.135.178.0/24 maxlen: 24
91.135.179.0/24 maxlen: 24
91.135.180.0/22 maxlen: 23
91.135.180.0/24 maxlen: 24
91.135.181.0/24 maxlen: 24
91.135.182.0/24 maxlen: 24
91.135.183.0/24 maxlen: 24
91.135.184.0/22 maxlen: 23
91.135.184.0/24 maxlen: 24
91.135.185.0/24 maxlen: 24
91.135.186.0/24 maxlen: 24
91.135.187.0/24 maxlen: 24
91.135.190.0/23 maxlen: 23
91.135.190.0/24 maxlen: 24
91.135.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:6c:4b:d2:53:bb:b7:33:80:ce:04:c0:6f:fc:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Validity
Not Before: Jan 2 11:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cc24b1243c696bef1e3869e3320e5fa20f7f87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:86:b8:a6:1c:49:6e:6c:16:df:fb:8e:88:de:
9d:ef:38:16:70:14:90:f9:8b:c0:bc:6e:db:d3:58:
11:d5:75:ab:a5:ea:70:3f:25:bb:d2:c1:cf:79:82:
53:ba:37:f8:7f:d0:32:36:bb:82:bf:9e:65:99:cd:
5a:51:f7:c7:63:3f:ce:30:cf:c8:e2:bd:1b:51:62:
67:88:63:d5:95:f5:91:90:28:1d:62:a8:9f:89:dc:
e8:d2:13:ef:7d:b4:6b:9c:af:93:c6:56:b9:00:7c:
98:0d:6a:ba:22:54:b2:18:05:77:96:cd:33:8e:f0:
a3:91:e0:cf:54:be:d6:07:d1:46:3c:e5:88:0a:93:
dd:12:57:f2:24:48:2a:26:e3:c0:75:18:51:2e:41:
96:00:dc:19:b3:bc:29:5e:e5:fe:3b:35:2b:0a:50:
ad:48:29:d2:4e:78:41:65:93:e6:6b:39:b8:fa:d9:
a3:29:79:b5:2d:e7:b0:b3:ed:7e:36:42:00:d8:fb:
3d:32:eb:29:9b:bb:53:f5:e9:af:de:22:f8:f3:15:
23:39:bf:84:20:a7:76:88:6a:2d:02:22:47:24:e1:
bb:84:cf:9e:87:31:c1:cc:98:f8:f7:b7:c1:a6:97:
86:67:91:54:36:b7:36:6f:de:40:98:72:3a:ac:9e:
c9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C2:4B:12:43:C6:96:BE:F1:E3:86:9E:33:20:E5:FA:20:F7:F8:7D
X509v3 Authority Key Identifier:
keyid:D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/HMJLEkPGlr7x44aeMyDl-iD3-H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.178.0-91.135.187.255
91.135.190.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:51:1f:87:cc:cf:95:c8:4a:36:ad:84:3b:65:f3:bf:a4:45:
37:34:3d:1a:8b:b5:d3:45:a8:64:12:ec:59:67:f4:a3:30:b5:
59:c9:97:c0:85:81:96:f0:31:f9:d7:ba:39:c1:2e:b7:7f:a8:
e6:6e:1d:2f:ff:13:46:ee:11:10:9c:5b:2c:fc:9f:b6:55:8f:
07:f3:25:e7:ec:16:87:80:a9:80:44:f6:f5:6a:47:f0:8e:fa:
ab:5d:d9:43:ea:da:82:69:32:fb:94:80:f7:e5:79:11:e1:14:
e3:1b:a0:09:73:4f:c4:49:6d:8a:87:27:c9:83:6a:48:5e:0e:
6a:28:9c:d5:2f:8e:b2:a5:49:22:42:cc:48:53:53:29:96:a6:
5e:2b:93:2e:49:21:2c:bc:22:78:0e:4b:73:b3:d5:0f:b9:e3:
3a:73:74:6d:70:e2:80:23:04:b4:01:db:7b:b5:20:20:5a:66:
be:aa:1e:68:98:61:f6:ec:e8:ae:07:a5:b2:79:a5:02:2d:ec:
f8:d7:df:03:0a:3f:41:fe:e6:6d:9e:2d:b2:9b:b4:55:eb:0e:
fe:75:27:f6:63:93:56:93:b3:5b:c6:51:74:7e:61:bb:b7:38:
60:4e:09:26:d1:cd:c7:21:37:51:f3:2d:94:1c:89:00:b8:04:
91:f2:0f:3f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQm2WxL0lO7tzOAzgTAb/zpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzVkN2E4YmFjMDQ3N2Y1NTA5ZGZmMTFiOTE5NWNhNjBk
Zjg3ZGEwHhcNMjUwMTAyMTE0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2MyNGIxMjQzYzY5NmJlZjFlMzg2OWUzMzIwZTVmYTIwZjdmODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoa4phxJbmwW3/uOiN6d7zgWcBSQ
+YvAvG7b01gR1XWrpepwPyW70sHPeYJTujf4f9AyNruCv55lmc1aUffHYz/OMM/I
4r0bUWJniGPVlfWRkCgdYqifidzo0hPvfbRrnK+Txla5AHyYDWq6IlSyGAV3ls0z
jvCjkeDPVL7WB9FGPOWICpPdElfyJEgqJuPAdRhRLkGWANwZs7wpXuX+OzUrClCt
SCnSTnhBZZPmazm4+tmjKXm1Leews+1+NkIA2Ps9Muspm7tT9emv3iL48xUjOb+E
IKd2iGotAiJHJOG7hM+ehzHBzJj497fBppeGZ5FUNrc2b95AmHI6rJ7J8QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBzCSxJDxpa+8eOGnjMg5fog9/h9MB8GA1UdIwQY
MBaAFNJ116i6wEd/VQnf8RuRlcpg34faMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQt
NTY1YjE0NDcwMzdiLzEvSE1KTEVrUEdscjd4NDRhZU15RGwtaUQzLUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQtNTY1YjE0NDcwMzdi
LzEvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFbh7ID
BAJbh7gDBAFbh74wDQYJKoZIhvcNAQELBQADggEBAD9RH4fMz5XISjathDtl87+k
RTc0PRqLtdNFqGQS7Fln9KMwtVnJl8CFgZbwMfnXujnBLrd/qOZuHS//E0buERCc
Wyz8n7ZVjwfzJefsFoeAqYBE9vVqR/CO+qtd2UPq2oJpMvuUgPfleRHhFOMboAlz
T8RJbYqHJ8mDakheDmoonNUvjrKlSSJCzEhTUymWpl4rky5JISy8IngOS3Oz1Q+5
4zpzdG1w4oAjBLQB23u1ICBaZr6qHmiYYfbs6K4HpbJ5pQIt7PjX3wMKP0H+5m2e
LbKbtFXrDv51J/Zjk1aTs1vGUXR+Ybu3OGBOCSbRzcchN1HzLZQciQC4BJHyDz8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net