Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/hrqEKTykKr09BUd_K3mCMU0oC6Q.roa
File: hrqEKTykKr09BUd_K3mCMU0oC6Q.roa (raw, json)
Hash identifier: pufSFJ+QVHIcFkxQwEPRtygVlxFuvFk+kfnkYeAvjWg=
Subject key identifier: 86:BA:84:29:3C:A4:2A:BD:3D:05:47:7F:2B:79:82:31:4D:28:0B:A4
Certificate issuer: /CN=b4c41e59834da612d83ca24194f02ca6d7602448
Certificate serial: 01942143D3577346929687C74A02E9DF64DA
Authority key identifier: B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/hrqEKTykKr09BUd_K3mCMU0oC6Q.roa
Signing time: Wed 01 Jan 2025 09:48:00 +0000
ROA not before: Wed 01 Jan 2025 09:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214666
IP address blocks: 185.133.160.0/22 maxlen: 22
185.133.160.0/23 maxlen: 23
185.133.160.0/24 maxlen: 24
185.133.161.0/24 maxlen: 24
185.133.162.0/23 maxlen: 23
185.133.162.0/24 maxlen: 24
185.133.163.0/24 maxlen: 24
2a12:ff40::/32 maxlen: 32
2a12:ff40::/33 maxlen: 33
2a12:ff40:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d3:57:73:46:92:96:87:c7:4a:02:e9:df:64:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4c41e59834da612d83ca24194f02ca6d7602448
Validity
Not Before: Jan 1 09:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86ba84293ca42abd3d05477f2b7982314d280ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:08:b7:c9:86:05:23:0d:2d:72:1f:a4:9f:b4:
33:24:aa:aa:bf:fb:fd:6b:b7:c9:3d:85:9a:cd:a5:
b3:5f:93:51:55:5d:6d:1a:e5:7f:b3:a6:e2:41:09:
74:9b:82:c2:09:2f:b4:91:c4:aa:d9:5c:b1:89:60:
15:87:68:19:60:2f:fc:67:e4:c9:b8:ce:ad:fe:2e:
6a:07:ff:ca:e7:3b:bc:74:e9:2a:2c:b4:70:79:96:
85:77:0e:db:fa:0d:e8:9e:ba:c5:ce:83:2d:0e:fc:
4a:a0:6f:ec:fd:98:28:d4:09:f3:b5:2e:a1:89:6b:
de:4f:1a:75:cc:de:03:de:20:74:cc:e9:b2:38:c7:
8a:bb:f9:59:20:1f:01:54:5e:d5:d5:5a:e6:ae:97:
b6:ac:5a:06:ad:d9:5e:87:cf:f1:77:c6:cb:16:88:
4a:e6:23:f2:6d:8c:22:3d:2c:52:a9:4a:14:6b:60:
8d:32:f3:3d:8b:97:84:75:76:56:1e:c2:4d:9b:bf:
19:13:a1:0b:b9:8d:88:cb:b0:70:96:aa:5d:5c:d0:
af:7f:d1:66:89:98:4d:94:59:48:ac:65:cf:bf:8e:
bc:06:14:02:0a:59:94:bd:b6:31:33:28:ac:f4:df:
22:77:f3:3e:3d:a7:0c:1c:9c:e4:0b:bb:f5:f8:82:
3c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BA:84:29:3C:A4:2A:BD:3D:05:47:7F:2B:79:82:31:4D:28:0B:A4
X509v3 Authority Key Identifier:
keyid:B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/hrqEKTykKr09BUd_K3mCMU0oC6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.160.0/22
IPv6:
2a12:ff40::/32
Signature Algorithm: sha256WithRSAEncryption
4f:b5:62:ff:b8:4e:4c:35:53:92:be:51:87:a3:4e:16:e8:71:
4e:37:74:39:fe:f2:4f:a5:e0:bf:38:23:e2:a5:12:70:ac:d5:
2c:ef:ad:9e:11:8a:3b:7c:65:15:9e:c2:66:59:54:94:b9:49:
ad:99:39:25:f5:1b:45:c3:b5:1f:ab:8b:bc:56:ff:43:cb:a3:
bc:e1:64:69:ed:b8:c8:59:8c:44:a5:74:61:ae:33:42:0c:ca:
48:2f:cc:d4:6e:6c:99:0b:91:55:ff:88:a9:0a:2b:35:5a:d2:
39:0b:fd:f9:41:0d:1e:cb:6f:47:e2:c2:de:39:91:7f:d7:59:
32:1f:ee:df:11:a6:97:b5:ca:cb:02:92:e0:e9:87:d3:0f:1d:
5c:35:21:65:5f:98:d8:31:a3:fa:79:87:64:9f:87:53:83:3d:
70:9d:12:cf:5a:79:84:09:f9:d5:94:a5:81:f1:d4:ab:a4:dd:
9f:e0:8c:1d:85:00:51:15:de:15:b9:06:43:75:5d:51:fd:e0:
70:14:4e:46:58:ce:5b:28:53:7c:bd:47:33:0d:f3:33:8f:2b:
09:63:d1:82:5f:2d:73:c3:a8:50:94:83:ac:5b:23:aa:06:3b:
77:fe:b0:16:3a:c9:a6:c4:39:92:b3:1a:ac:78:e9:0f:cb:ae:
1b:dd:91:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ9NXc0aSlofHSgLp32TaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YzQxZTU5ODM0ZGE2MTJkODNjYTI0MTk0ZjAyY2E2ZDc2
MDI0NDgwHhcNMjUwMTAxMDk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJhODQyOTNjYTQyYWJkM2QwNTQ3N2YyYjc5ODIzMTRkMjgwYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Qi3yYYFIw0tch+kn7QzJKqqv/v9
a7fJPYWazaWzX5NRVV1tGuV/s6biQQl0m4LCCS+0kcSq2VyxiWAVh2gZYC/8Z+TJ
uM6t/i5qB//K5zu8dOkqLLRweZaFdw7b+g3onrrFzoMtDvxKoG/s/Zgo1AnztS6h
iWveTxp1zN4D3iB0zOmyOMeKu/lZIB8BVF7V1Vrmrpe2rFoGrdleh8/xd8bLFohK
5iPybYwiPSxSqUoUa2CNMvM9i5eEdXZWHsJNm78ZE6ELuY2Iy7BwlqpdXNCvf9Fm
iZhNlFlIrGXPv468BhQCClmUvbYxMyis9N8id/M+PacMHJzkC7v1+II8jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIa6hCk8pCq9PQVHfyt5gjFNKAukMB8GA1UdIwQY
MBaAFLTEHlmDTaYS2DyiQZTwLKbXYCRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEt
NTU3YTRjMzFlMDJlLzEvaHJxRUtUeWtLcjA5QlVkX0szbUNNVTBvQzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEtNTU3YTRjMzFlMDJl
LzEvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYWgMA0E
AgACMAcDBQAqEv9AMA0GCSqGSIb3DQEBCwUAA4IBAQBPtWL/uE5MNVOSvlGHo04W
6HFON3Q5/vJPpeC/OCPipRJwrNUs762eEYo7fGUVnsJmWVSUuUmtmTkl9RtFw7Uf
q4u8Vv9Dy6O84WRp7bjIWYxEpXRhrjNCDMpIL8zUbmyZC5FV/4ipCis1WtI5C/35
QQ0ey29H4sLeOZF/11kyH+7fEaaXtcrLApLg6YfTDx1cNSFlX5jYMaP6eYdkn4dT
gz1wnRLPWnmECfnVlKWB8dSrpN2f4IwdhQBRFd4VuQZDdV1R/eBwFE5GWM5bKFN8
vUczDfMzjysJY9GCXy1zw6hQlIOsWyOqBjt3/rAWOsmmxDmSsxqseOkPy64b3ZEm
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:31 2025 by rpki-client on console.sobornost.net