Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/HXXBTE8dY9ro_gMVT2SU0KasMyM.roa
File: HXXBTE8dY9ro_gMVT2SU0KasMyM.roa (raw, json)
Hash identifier: kZXsTm2eaQSzsoHcmvoA080Abh4SX7WV3w9v9zFCDPQ=
Subject key identifier: 1D:75:C1:4C:4F:1D:63:DA:E8:FE:03:15:4F:64:94:D0:A6:AC:33:23
Certificate issuer: /CN=be1a887e7653a2de44f13163e187037326a29a03
Certificate serial: 0194244593B1AE32276786F13968A20E7E35
Authority key identifier: BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/HXXBTE8dY9ro_gMVT2SU0KasMyM.roa
Signing time: Wed 01 Jan 2025 23:48:47 +0000
ROA not before: Wed 01 Jan 2025 23:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39398
IP address blocks: 5.199.228.0/24 maxlen: 24
5.199.229.0/24 maxlen: 24
5.199.230.0/24 maxlen: 24
5.199.231.0/24 maxlen: 24
185.119.248.0/22 maxlen: 22
185.119.248.0/24 maxlen: 24
185.119.249.0/24 maxlen: 24
185.119.250.0/24 maxlen: 24
185.119.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:93:b1:ae:32:27:67:86:f1:39:68:a2:0e:7e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be1a887e7653a2de44f13163e187037326a29a03
Validity
Not Before: Jan 1 23:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d75c14c4f1d63dae8fe03154f6494d0a6ac3323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f6:7a:c8:a3:c4:70:dd:a0:d8:45:62:c3:08:
4a:e5:36:ca:65:4d:b5:ca:a7:82:aa:60:54:69:bb:
70:a0:cd:92:e4:06:e9:e1:75:7d:81:de:52:c7:47:
a0:02:05:87:c3:f3:55:3b:3c:5a:e8:71:0c:5d:01:
af:82:c3:d3:db:54:69:03:13:c5:40:32:2e:fe:8c:
87:49:54:fb:a7:47:37:b0:d0:39:d4:f2:25:7a:a8:
99:24:25:cf:6a:e1:c8:97:21:3e:57:0e:2a:b6:dd:
52:40:72:ef:e4:05:9b:10:db:7a:d6:da:ef:77:59:
ee:41:de:ca:af:57:fa:29:1b:67:9f:7f:00:24:b7:
23:be:f6:dc:0e:bf:20:16:35:87:e1:0c:94:f9:c8:
71:e7:2f:cc:cb:f5:96:7f:4d:3d:44:40:41:11:9f:
88:1a:03:72:d1:79:f0:e5:f4:96:b7:d2:32:8e:ff:
13:2d:8c:c2:e7:db:81:66:2e:9e:0e:f3:1d:6e:d6:
67:e5:bf:a4:0b:ac:41:d7:5f:db:41:ea:05:92:9d:
29:e3:5a:d3:a2:3d:e6:c9:47:c0:3c:07:67:41:38:
7a:bb:82:f8:af:40:5f:82:20:5c:df:81:a3:9d:83:
49:08:6d:d8:6a:03:ec:38:57:ac:e8:92:4c:fc:61:
f1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:75:C1:4C:4F:1D:63:DA:E8:FE:03:15:4F:64:94:D0:A6:AC:33:23
X509v3 Authority Key Identifier:
keyid:BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/HXXBTE8dY9ro_gMVT2SU0KasMyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/vhqIfnZTot5E8TFj4YcDcyaimgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.228.0/22
185.119.248.0/22
Signature Algorithm: sha256WithRSAEncryption
85:c8:cd:29:b1:d3:3f:5f:68:05:7f:b9:05:c4:ed:b0:4c:ee:
26:98:be:d9:fe:34:80:59:9e:f9:0c:fb:c6:54:0f:24:8d:89:
83:b1:53:b8:e2:6f:3a:51:43:a7:e7:c8:8e:de:59:79:63:c3:
05:91:4b:fd:84:93:b4:69:38:f7:7e:d6:95:be:7d:88:84:6f:
9a:25:82:9d:c1:85:17:9d:fb:2d:4b:5c:19:c3:43:88:ff:01:
81:b5:1c:fb:e7:5a:c9:cc:4b:ce:2e:09:da:61:94:64:5d:42:
d8:5b:30:2d:a5:6e:33:e2:9b:00:d6:65:80:35:5b:a4:f9:01:
40:06:2d:44:2a:b0:92:df:9d:08:62:91:06:3b:4c:06:35:a0:
40:f6:67:85:de:dc:00:36:84:38:4e:d2:7b:f3:ec:19:da:17:
82:5f:47:fb:9c:6a:0a:4e:64:52:33:c2:37:3c:fc:96:cd:41:
19:17:2d:5f:42:a1:76:f5:06:63:bb:44:38:f3:d0:07:37:ce:
91:09:b7:f7:15:bc:4b:53:19:6f:c4:86:23:11:a7:ec:18:24:
d3:81:17:35:0a:53:5c:cf:b2:e7:1a:94:2e:2f:6e:f1:77:64:
6e:f8:37:e8:22:68:b0:46:42:91:a3:7d:14:e9:fc:12:31:97:
0f:2b:20:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRZOxrjInZ4bxOWiiDn41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMWE4ODdlNzY1M2EyZGU0NGYxMzE2M2UxODcwMzczMjZh
MjlhMDMwHhcNMjUwMTAxMjM0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc1YzE0YzRmMWQ2M2RhZThmZTAzMTU0ZjY0OTRkMGE2YWMzMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvZ6yKPEcN2g2EViwwhK5TbKZU21
yqeCqmBUabtwoM2S5Abp4XV9gd5Sx0egAgWHw/NVOzxa6HEMXQGvgsPT21RpAxPF
QDIu/oyHSVT7p0c3sNA51PIleqiZJCXPauHIlyE+Vw4qtt1SQHLv5AWbENt61trv
d1nuQd7Kr1f6KRtnn38AJLcjvvbcDr8gFjWH4QyU+chx5y/My/WWf009REBBEZ+I
GgNy0Xnw5fSWt9Iyjv8TLYzC59uBZi6eDvMdbtZn5b+kC6xB11/bQeoFkp0p41rT
oj3myUfAPAdnQTh6u4L4r0BfgiBc34GjnYNJCG3YagPsOFes6JJM/GHxgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB11wUxPHWPa6P4DFU9klNCmrDMjMB8GA1UdIwQY
MBaAFL4aiH52U6LeRPExY+GHA3MmopoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYt
ODZjNTQxY2E5ZDcxLzEvSFhYQlRFOGRZOXJvX2dNVlQyU1UwS2FzTXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84YjQ0M2UtZjNjOC00YmEwLTllOTYtODZjNTQxY2E5ZDcx
LzEvdmhxSWZuWlRvdDVFOFRGajRZY0RjeWFpbWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBcfkAwQC
uXf4MA0GCSqGSIb3DQEBCwUAA4IBAQCFyM0psdM/X2gFf7kFxO2wTO4mmL7Z/jSA
WZ75DPvGVA8kjYmDsVO44m86UUOn58iO3ll5Y8MFkUv9hJO0aTj3ftaVvn2IhG+a
JYKdwYUXnfstS1wZw0OI/wGBtRz751rJzEvOLgnaYZRkXULYWzAtpW4z4psA1mWA
NVuk+QFABi1EKrCS350IYpEGO0wGNaBA9meF3twANoQ4TtJ78+wZ2heCX0f7nGoK
TmRSM8I3PPyWzUEZFy1fQqF29QZju0Q489AHN86RCbf3FbxLUxlvxIYjEafsGCTT
gRc1ClNcz7LnGpQuL27xd2Ru+DfoImiwRkKRo30U6fwSMZcPKyDk
-----END CERTIFICATE-----
Generated at Thu Jan 23 15:56:09 2025 by rpki-client on console.sobornost.net