Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/3c74a8-9f72-4c06-b516-35bb60ea07c1/1/1YHm_89mdmO3B6rQNuElV51RHnc.roa
File: 1YHm_89mdmO3B6rQNuElV51RHnc.roa (raw, json)
Hash identifier: MnfHwqRrOYbX1ON7yZ7M8gI0u2brRrZRizU4+uQlZVo=
Subject key identifier: D5:81:E6:FF:CF:66:76:63:B7:07:AA:D0:36:E1:25:57:9D:51:1E:77
Certificate issuer: /CN=1f504b1bb7168e680b19542f8f730386144c8a5f
Certificate serial: 0194221FB503E5ACEE00F04774FD997CE2BE
Authority key identifier: 1F:50:4B:1B:B7:16:8E:68:0B:19:54:2F:8F:73:03:86:14:4C:8A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1BLG7cWjmgLGVQvj3MDhhRMil8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/3c74a8-9f72-4c06-b516-35bb60ea07c1/1/1YHm_89mdmO3B6rQNuElV51RHnc.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61194
IP address blocks: 5.159.40.0/21 maxlen: 21
46.245.208.0/21 maxlen: 21
185.61.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b5:03:e5:ac:ee:00:f0:47:74:fd:99:7c:e2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f504b1bb7168e680b19542f8f730386144c8a5f
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d581e6ffcf667663b707aad036e125579d511e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0c:1b:e1:2a:a5:a0:bf:c9:e6:96:84:63:6e:
7e:b1:73:4e:b2:d7:3b:fd:9d:24:42:7e:60:d1:b3:
2c:40:57:8f:95:31:17:6f:3c:c0:0c:cc:d0:60:32:
5b:70:56:c0:bf:3f:d1:26:e6:31:4b:c4:59:3e:6a:
aa:00:04:11:76:3c:c8:31:0a:4d:0d:0c:4a:07:ea:
77:74:df:0d:62:e5:ac:0c:eb:0e:66:30:d1:5a:fe:
f1:e9:5b:bb:88:ac:00:9f:86:2e:d0:35:8c:ad:c3:
41:14:23:26:77:72:b4:eb:aa:22:05:dd:18:19:f7:
22:bb:e3:dd:ee:2e:04:56:86:43:7b:74:b8:49:2f:
11:68:b4:4c:4d:c8:82:c0:f0:cc:a7:81:b6:fa:aa:
dd:67:e4:bc:02:e3:12:6b:37:14:16:a4:c1:d9:9a:
24:d2:24:bf:0e:fe:28:6d:06:56:f8:cb:b4:11:2e:
3f:3e:71:6e:21:78:08:00:da:b0:8a:4b:58:5a:3a:
22:a8:b6:86:7d:de:3b:0b:b3:00:65:99:a7:1a:19:
68:15:fa:7f:42:e0:3b:3e:ed:de:80:9d:0d:3b:8d:
db:9a:d7:87:af:a4:12:ee:bc:20:83:0e:1d:96:81:
8e:5f:71:b0:76:9b:de:ac:65:ab:b2:ba:bf:b6:b2:
41:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:81:E6:FF:CF:66:76:63:B7:07:AA:D0:36:E1:25:57:9D:51:1E:77
X509v3 Authority Key Identifier:
keyid:1F:50:4B:1B:B7:16:8E:68:0B:19:54:2F:8F:73:03:86:14:4C:8A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1BLG7cWjmgLGVQvj3MDhhRMil8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3c74a8-9f72-4c06-b516-35bb60ea07c1/1/1YHm_89mdmO3B6rQNuElV51RHnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3c74a8-9f72-4c06-b516-35bb60ea07c1/1/H1BLG7cWjmgLGVQvj3MDhhRMil8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.40.0/21
46.245.208.0/21
185.61.60.0/22
Signature Algorithm: sha256WithRSAEncryption
29:eb:94:20:36:3e:68:0e:ea:40:3d:1c:89:d9:77:6d:c7:dd:
45:a1:a3:b3:06:6d:36:32:7e:e6:f2:53:5e:cf:0d:30:fc:03:
cd:e6:07:a8:09:5a:9f:a0:cd:dc:4b:38:c8:56:c9:e9:fd:8c:
12:0f:52:18:78:97:3f:96:56:4a:cd:64:9b:bd:db:6e:63:28:
20:d8:c2:93:6b:50:88:0a:ae:9b:42:fd:b9:70:4f:fd:65:ec:
4f:c3:22:83:7d:76:9d:95:fc:c8:9d:10:ab:1e:67:ff:67:c2:
d5:08:10:57:86:27:4c:6d:5a:5e:e3:dd:ff:62:82:66:b5:11:
45:86:cc:4e:4e:9d:fa:cd:e9:92:70:a6:e9:d8:57:c7:46:6c:
2c:77:ef:7b:4d:f2:a0:b8:86:36:71:15:94:35:0d:91:e0:12:
5b:be:40:b3:81:d9:b0:5f:24:1d:aa:11:3b:f8:7a:d9:e2:6e:
21:27:c3:36:bb:84:f9:b1:f0:63:15:22:df:5f:38:f8:80:a8:
23:9d:0a:b1:7c:80:16:5f:2f:52:63:d5:b3:64:43:bf:28:96:
ed:43:b2:6c:31:32:b0:da:9e:46:d3:d1:cc:d8:d5:14:8b:72:
fc:d6:19:a6:de:25:f4:45:7e:cc:8e:6d:69:61:a6:d8:a0:a1:
2e:98:4f:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH7UD5azuAPBHdP2ZfOK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTA0YjFiYjcxNjhlNjgwYjE5NTQyZjhmNzMwMzg2MTQ0
YzhhNWYwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTgxZTZmZmNmNjY3NjYzYjcwN2FhZDAzNmUxMjU1NzlkNTExZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswwb4SqloL/J5paEY25+sXNOstc7
/Z0kQn5g0bMsQFePlTEXbzzADMzQYDJbcFbAvz/RJuYxS8RZPmqqAAQRdjzIMQpN
DQxKB+p3dN8NYuWsDOsOZjDRWv7x6Vu7iKwAn4Yu0DWMrcNBFCMmd3K066oiBd0Y
Gfciu+Pd7i4EVoZDe3S4SS8RaLRMTciCwPDMp4G2+qrdZ+S8AuMSazcUFqTB2Zok
0iS/Dv4obQZW+Mu0ES4/PnFuIXgIANqwiktYWjoiqLaGfd47C7MAZZmnGhloFfp/
QuA7Pu3egJ0NO43bmteHr6QS7rwggw4dloGOX3GwdpverGWrsrq/trJBNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNWB5v/PZnZjtweq0DbhJVedUR53MB8GA1UdIwQY
MBaAFB9QSxu3Fo5oCxlUL49zA4YUTIpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFCTEc3Y1dqbWdMR1ZRdmozTURoaFJNaWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8zYzc0YTgtOWY3Mi00YzA2LWI1MTYt
MzViYjYwZWEwN2MxLzEvMVlIbV84OW1kbU8zQjZyUU51RWxWNTFSSG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8zYzc0YTgtOWY3Mi00YzA2LWI1MTYtMzViYjYwZWEwN2Mx
LzEvSDFCTEc3Y1dqbWdMR1ZRdmozTURoaFJNaWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBZ8oAwQD
LvXQAwQCuT08MA0GCSqGSIb3DQEBCwUAA4IBAQAp65QgNj5oDupAPRyJ2Xdtx91F
oaOzBm02Mn7m8lNezw0w/APN5geoCVqfoM3cSzjIVsnp/YwSD1IYeJc/llZKzWSb
vdtuYygg2MKTa1CICq6bQv25cE/9ZexPwyKDfXadlfzInRCrHmf/Z8LVCBBXhidM
bVpe493/YoJmtRFFhsxOTp36zemScKbp2FfHRmwsd+97TfKguIY2cRWUNQ2R4BJb
vkCzgdmwXyQdqhE7+HrZ4m4hJ8M2u4T5sfBjFSLfXzj4gKgjnQqxfIAWXy9SY9Wz
ZEO/KJbtQ7JsMTKw2p5G09HM2NUUi3L81hmm3iX0RX7Mjm1pYabYoKEumE9C
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:51 2025 by rpki-client on console.sobornost.net