Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/H4hpUNA2nrrRur4Tk2W8HjJVqu4.roa
File: H4hpUNA2nrrRur4Tk2W8HjJVqu4.roa (raw, json)
Hash identifier: oa7awxP7blKcpEGQ8hgbpBoX6kUOq34Ta41x1XECaFw=
Subject key identifier: 1F:88:69:50:D0:36:9E:BA:D1:BA:BE:13:93:65:BC:1E:32:55:AA:EE
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 01941FFA2380F84B4C8276D1E823EEEEA087
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/H4hpUNA2nrrRur4Tk2W8HjJVqu4.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3209
IP address blocks: 24.134.0.0/16 maxlen: 16
31.16.0.0/14 maxlen: 24
37.4.0.0/15 maxlen: 23
77.20.0.0/14 maxlen: 24
77.24.0.0/16 maxlen: 16
77.25.0.0/17 maxlen: 23
83.169.128.0/18 maxlen: 18
88.134.0.0/16 maxlen: 24
90.187.0.0/16 maxlen: 16
91.64.0.0/14 maxlen: 14
95.88.0.0/14 maxlen: 24
109.47.0.0/16 maxlen: 16
109.84.0.0/15 maxlen: 15
146.52.0.0/16 maxlen: 24
178.24.0.0/14 maxlen: 24
185.19.196.0/22 maxlen: 22
188.192.0.0/14 maxlen: 24
2a02:8100::/27 maxlen: 27
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:23:80:f8:4b:4c:82:76:d1:e8:23:ee:ee:a0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f886950d0369ebad1babe139365bc1e3255aaee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e7:af:51:fc:86:c8:af:20:ad:4a:44:0d:10:
39:a4:5e:36:18:bc:61:15:44:85:2a:92:a3:46:0c:
f1:5f:86:07:5a:df:15:97:13:49:9a:5c:ed:7d:7e:
ba:0c:1a:ba:bf:97:76:4c:93:ca:d1:22:f5:80:2b:
54:10:8f:7f:99:c0:b7:0e:22:9b:3b:6e:97:e6:31:
f4:7b:66:40:0f:0e:90:aa:96:5d:06:67:36:7a:fc:
28:12:49:ea:28:84:ee:f2:3a:eb:d2:a9:7e:89:66:
3a:d7:d5:65:c3:55:39:a7:9e:30:ca:9b:4a:93:aa:
0a:35:c4:66:ed:fb:4d:1c:df:61:69:11:fe:ad:c6:
89:55:9e:c1:60:75:3a:fb:99:cf:cc:7c:c0:bf:ed:
46:d0:4d:e6:eb:68:99:e7:c3:02:48:c3:b5:5e:96:
d8:9c:3e:22:ab:09:fc:6a:b7:f9:62:a7:ae:fd:69:
04:c7:14:f5:0c:03:cf:a1:1b:f4:c5:4b:b7:56:fb:
af:41:db:e8:d6:7a:b5:99:3d:95:2c:9c:b2:8e:02:
ce:3d:6b:17:65:10:2b:47:d9:bb:41:85:0e:a5:cf:
23:f9:56:89:49:3e:87:ef:2d:65:b9:ce:af:3e:ab:
5e:bd:e6:5b:b2:9a:41:36:b4:03:14:e9:52:30:22:
80:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:88:69:50:D0:36:9E:BA:D1:BA:BE:13:93:65:BC:1E:32:55:AA:EE
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/H4hpUNA2nrrRur4Tk2W8HjJVqu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.134.0.0/16
31.16.0.0/14
37.4.0.0/15
77.20.0.0-77.25.127.255
83.169.128.0/18
88.134.0.0/16
90.187.0.0/16
91.64.0.0/14
95.88.0.0/14
109.47.0.0/16
109.84.0.0/15
146.52.0.0/16
178.24.0.0/14
185.19.196.0/22
188.192.0.0/14
IPv6:
2a02:8100::/27
Signature Algorithm: sha256WithRSAEncryption
26:01:95:5a:14:7f:96:45:43:7c:dc:fc:2b:2d:b5:b8:8a:64:
29:18:81:b9:5d:37:82:39:bc:43:4b:1a:28:ed:b5:ef:bf:81:
0e:4e:3a:f1:ac:07:7a:cf:3c:6a:b1:24:7f:64:16:8e:cd:a3:
13:c3:67:ca:38:3d:67:59:b4:74:e5:a9:c7:c3:44:06:e7:d1:
08:1e:74:f4:8d:0c:92:07:37:60:eb:90:96:d5:bd:df:af:be:
08:f5:a2:56:93:25:53:4c:b8:9c:ed:8e:25:09:9f:2a:6c:88:
11:87:95:43:6e:57:f6:f6:ea:69:93:c4:c9:40:3f:dc:bd:e1:
01:0b:a8:58:a6:40:29:c5:30:5d:2f:79:ad:b6:3b:1f:af:02:
0a:10:2d:b5:1b:78:f7:26:db:19:3d:3e:7e:ca:ac:00:13:96:
07:aa:c1:79:e7:d1:f5:dd:38:b3:bc:11:0f:db:6b:a0:bc:0f:
52:ae:7f:2d:c3:00:83:ea:76:d1:69:1c:16:f7:8d:9c:b0:01:
35:67:c8:f9:af:a9:e6:cb:5c:fd:83:09:3c:9e:8f:e8:95:1c:
34:2a:42:a4:74:90:b8:01:fa:a9:32:09:f1:82:1b:89:46:20:
4e:84:5c:b1:8f:3e:8a:3f:84:f7:ea:57:04:09:55:bc:01:6b:
14:a4:58:c4
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZQf+iOA+EtMgnbR6CPu7qCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg4Njk1MGQwMzY5ZWJhZDFiYWJlMTM5MzY1YmMxZTMyNTVhYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eevUfyGyK8grUpEDRA5pF42GLxh
FUSFKpKjRgzxX4YHWt8VlxNJmlztfX66DBq6v5d2TJPK0SL1gCtUEI9/mcC3DiKb
O26X5jH0e2ZADw6QqpZdBmc2evwoEknqKITu8jrr0ql+iWY619Vlw1U5p54wyptK
k6oKNcRm7ftNHN9haRH+rcaJVZ7BYHU6+5nPzHzAv+1G0E3m62iZ58MCSMO1XpbY
nD4iqwn8arf5Yqeu/WkExxT1DAPPoRv0xUu3VvuvQdvo1nq1mT2VLJyyjgLOPWsX
ZRArR9m7QYUOpc8j+VaJST6H7y1luc6vPqteveZbsppBNrQDFOlSMCKAUwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFB+IaVDQNp660bq+E5NlvB4yVaruMB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvSDRocFVOQTJucnJSdXI0VGsyVzhIakpWcXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAGIYDAwIf
EAMDASUEMAsDAwJNFAMEB00ZAAMEBlOpgAMDAFiGAwMAWrsDAwJbQAMDAl9YAwMA
bS8DAwFtVAMDAJI0AwMCshgDBAK5E8QDAwK8wDANBAIAAjAHAwUFKgKBADANBgkq
hkiG9w0BAQsFAAOCAQEAJgGVWhR/lkVDfNz8Ky21uIpkKRiBuV03gjm8Q0saKO21
77+BDk468awHes88arEkf2QWjs2jE8Nnyjg9Z1m0dOWpx8NEBufRCB509I0Mkgc3
YOuQltW936++CPWiVpMlU0y4nO2OJQmfKmyIEYeVQ25X9vbqaZPEyUA/3L3hAQuo
WKZAKcUwXS95rbY7H68CChAttRt49ybbGT0+fsqsABOWB6rBeefR9d04s7wRD9tr
oLwPUq5/LcMAg+p20WkcFveNnLABNWfI+a+p5stc/YMJPJ6P6JUcNCpCpHSQuAH6
qTIJ8YIbiUYgToRcsY8+ij+E9+pXBAlVvAFrFKRYxA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:37 2025 by rpki-client on console.sobornost.net