Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/HlqaX9y1cpjv0wxGrlQZeagT5Q0.roa
File: HlqaX9y1cpjv0wxGrlQZeagT5Q0.roa (raw, json)
Hash identifier: dZjid0DCr3cVa0kusKQlx9flhXPy/L6bL7wDHQcf1TY=
Subject key identifier: 1E:5A:9A:5F:DC:B5:72:98:EF:D3:0C:46:AE:54:19:79:A8:13:E5:0D
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0195B9A7304C770B6310CB094248815C8E46
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/HlqaX9y1cpjv0wxGrlQZeagT5Q0.roa
Signing time: Fri 21 Mar 2025 17:01:36 +0000
ROA not before: Fri 21 Mar 2025 17:01:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25160
IP address blocks: 144.56.8.0/24 maxlen: 24
144.56.10.0/24 maxlen: 24
144.56.11.0/24 maxlen: 24
144.56.18.0/24 maxlen: 24
144.56.19.0/24 maxlen: 24
144.56.25.0/24 maxlen: 24
144.56.26.0/24 maxlen: 24
144.56.30.0/24 maxlen: 24
144.56.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:a7:30:4c:77:0b:63:10:cb:09:42:48:81:5c:8e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Mar 21 17:01:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e5a9a5fdcb57298efd30c46ae541979a813e50d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:01:2b:73:31:ea:40:a1:e6:f4:49:22:98:b8:
c0:52:02:de:06:26:8d:da:2c:bc:40:64:dc:1c:01:
d3:03:43:11:09:92:af:18:d2:e3:06:02:02:64:06:
67:a3:ce:4a:fe:43:ac:b5:c9:71:0e:27:43:4d:a6:
24:8a:82:f8:f4:61:c9:71:66:ff:14:ff:d5:87:35:
c8:91:15:47:1d:d5:e9:fd:bf:a2:9f:4a:eb:d8:af:
b8:6c:56:40:d4:ba:81:6f:30:dc:d3:80:f1:c1:45:
7b:0b:35:cd:ac:de:01:f5:b5:4b:44:89:15:00:d2:
33:d4:45:1e:39:b8:01:35:7c:fa:9c:f3:05:f9:ef:
e1:59:43:8f:a4:c6:1a:6d:77:a9:69:94:c1:4e:14:
0f:35:77:ee:e6:02:64:d2:72:5e:61:ac:65:42:2c:
4f:1b:b1:2d:3f:e5:ad:19:b4:ba:db:2e:c7:a5:07:
4f:bf:e0:34:a1:41:f6:70:fb:8e:01:9c:6b:fa:7a:
05:6e:f0:6f:55:e4:20:eb:f9:ec:25:98:f0:d3:b8:
99:e9:bf:22:8b:2b:63:3f:e1:c7:78:5c:16:80:91:
37:7e:82:97:df:de:88:ca:2f:9a:f9:b7:16:fd:7e:
86:41:05:b5:27:99:22:9d:64:0e:13:8a:b1:93:46:
49:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5A:9A:5F:DC:B5:72:98:EF:D3:0C:46:AE:54:19:79:A8:13:E5:0D
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/HlqaX9y1cpjv0wxGrlQZeagT5Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.8.0/24
144.56.10.0/23
144.56.18.0/23
144.56.25.0-144.56.26.255
144.56.30.0/24
144.56.32.0/24
Signature Algorithm: sha256WithRSAEncryption
07:41:6a:21:1a:15:ca:7d:5d:ac:1f:90:57:b6:89:56:49:01:
d0:e3:55:4a:0c:c5:1e:80:77:29:0d:b1:b3:92:84:05:c3:44:
1a:e2:a6:82:c4:9e:53:51:a7:5e:4e:b3:fc:24:86:c7:97:3c:
80:36:c1:8c:0e:7e:10:81:f6:fc:68:4c:bf:85:15:76:0d:33:
77:ce:d4:08:3c:fd:b5:75:d2:0f:49:18:82:58:94:d4:f8:83:
80:5c:b3:46:3a:f5:42:e6:0b:0b:78:a7:13:18:21:a4:0f:53:
79:22:1f:51:8f:ab:a3:1e:b8:59:6e:09:15:f2:18:6d:26:6b:
2c:24:d4:93:2e:66:f5:45:37:16:91:1e:1a:42:59:d4:75:35:
e0:4f:95:9e:0b:4a:35:0e:a5:39:d3:84:8b:a3:82:b7:cf:9d:
88:73:70:51:02:8e:7b:c6:fc:93:dc:7e:18:5d:e7:de:5c:7b:
cd:a9:f4:96:89:0c:44:0e:01:8c:91:af:39:75:ff:c3:76:ac:
ae:ba:78:48:bd:ab:c4:27:12:e9:4d:77:07:e3:e7:2f:06:cf:
7a:92:13:63:33:4f:b6:bf:a9:44:e4:83:e0:37:ac:80:6f:17:
56:3e:8c:dc:c7:9c:a8:62:57:ff:b6:27:31:85:30:be:1b:3a:
3f:93:cb:e8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZW5pzBMdwtjEMsJQkiBXI5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwMzIxMTcwMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVhOWE1ZmRjYjU3Mjk4ZWZkMzBjNDZhZTU0MTk3OWE4MTNlNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AErczHqQKHm9EkimLjAUgLeBiaN
2iy8QGTcHAHTA0MRCZKvGNLjBgICZAZno85K/kOstclxDidDTaYkioL49GHJcWb/
FP/VhzXIkRVHHdXp/b+in0rr2K+4bFZA1LqBbzDc04DxwUV7CzXNrN4B9bVLRIkV
ANIz1EUeObgBNXz6nPMF+e/hWUOPpMYabXepaZTBThQPNXfu5gJk0nJeYaxlQixP
G7EtP+WtGbS62y7HpQdPv+A0oUH2cPuOAZxr+noFbvBvVeQg6/nsJZjw07iZ6b8i
iytjP+HHeFwWgJE3foKX396Iyi+a+bcW/X6GQQW1J5kinWQOE4qxk0ZJFwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFB5aml/ctXKY79MMRq5UGXmoE+UNMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvSGxxYVg5eTFjcGp2MHd4R3JsUVplYWdUNVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAkDgIAwQB
kDgKAwQBkDgSMAwDBACQOBkDBACQOBoDBACQOB4DBACQOCAwDQYJKoZIhvcNAQEL
BQADggEBAAdBaiEaFcp9XawfkFe2iVZJAdDjVUoMxR6AdykNsbOShAXDRBripoLE
nlNRp15Os/wkhseXPIA2wYwOfhCB9vxoTL+FFXYNM3fO1Ag8/bV10g9JGIJYlNT4
g4Bcs0Y69ULmCwt4pxMYIaQPU3kiH1GPq6MeuFluCRXyGG0maywk1JMuZvVFNxaR
HhpCWdR1NeBPlZ4LSjUOpTnThIujgrfPnYhzcFECjnvG/JPcfhhd595ce82p9JaJ
DEQOAYyRrzl1/8N2rK66eEi9q8QnEulNdwfj5y8Gz3qSE2MzT7a/qUTkg+A3rIBv
F1Y+jNzHnKhiV/+2JzGFML4bOj+Ty+g=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:30 2025 by rpki-client on console.sobornost.net