Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/h_QadbWb5OpVfIOeoSRDTQYMTGI.roa
File: h_QadbWb5OpVfIOeoSRDTQYMTGI.roa (raw, json)
Hash identifier: kWFPuHXw9r5O9KrFmHQZyw18yQHhOJlbH+7/Wxh8374=
Subject key identifier: 87:F4:1A:75:B5:9B:E4:EA:55:7C:83:9E:A1:24:43:4D:06:0C:4C:62
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240E8788519F1692FE37839A85C48B
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/h_QadbWb5OpVfIOeoSRDTQYMTGI.roa
Signing time: Thu 02 Jan 2025 17:50:39 +0000
ROA not before: Thu 02 Jan 2025 17:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 82.163.68.0/22 maxlen: 24
82.163.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0e:87:88:51:9f:16:92:fe:37:83:9a:85:c4:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87f41a75b59be4ea557c839ea124434d060c4c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:49:c0:9f:93:1e:62:7f:02:9e:e9:25:d5:44:
37:e7:e8:7c:b9:2a:f7:a0:b0:d3:a0:d4:ce:d0:e3:
c7:af:c6:56:71:4a:b8:ee:08:7d:b9:55:b5:3f:67:
40:92:17:f1:0e:69:ef:d1:b0:83:32:78:6f:de:6d:
dd:88:7f:a9:66:91:1b:7e:78:ce:23:fa:d7:44:83:
c7:3a:d1:70:4f:1a:56:5d:a1:d9:ac:ee:5e:fd:cd:
2d:12:2f:b7:6b:27:03:7a:94:38:f9:1b:e6:41:00:
4e:60:fb:94:7a:42:4a:ea:58:7b:bd:b8:f0:58:2f:
ee:c7:87:47:16:70:6c:28:88:10:5a:99:89:6e:d8:
a4:54:6f:e9:71:d0:89:69:54:d1:19:8b:cc:af:b3:
27:d3:0d:58:38:2c:ea:f0:a7:8c:fe:47:bf:81:ec:
1e:1c:47:26:47:7a:63:a3:a2:ec:ab:d2:49:f7:93:
87:76:00:57:c7:0c:6f:b6:3c:52:cd:82:0c:b7:6d:
81:8d:88:14:11:fd:d6:52:de:3b:d6:0d:62:14:ea:
b7:e0:28:4e:35:0d:be:54:ac:05:12:39:31:d8:6a:
76:a0:8e:04:ce:01:d7:65:3a:bc:f0:6f:12:4a:57:
c3:06:89:ef:54:58:45:e6:34:08:c9:68:3d:6c:5d:
bb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F4:1A:75:B5:9B:E4:EA:55:7C:83:9E:A1:24:43:4D:06:0C:4C:62
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/h_QadbWb5OpVfIOeoSRDTQYMTGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.68.0/22
82.163.172.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:83:02:b8:d7:30:7c:a3:03:22:6f:01:a6:e7:e7:37:1d:fc:
fa:63:ac:32:d9:e4:e3:24:ae:4a:ac:b3:ee:35:0c:92:b9:40:
2a:67:2b:ae:c6:b5:f3:10:14:52:d2:35:b3:ed:b4:23:b3:05:
be:2c:6b:c8:d4:c3:61:d3:4d:18:b5:1a:b1:57:05:c6:80:dd:
e2:a2:4f:4d:b4:b2:ef:ba:11:47:06:ef:e4:87:3e:0b:2b:b1:
86:79:b3:5e:0c:24:f8:41:9b:1c:bf:09:66:0c:2e:b0:c5:64:
e3:47:98:7a:e1:2f:4c:1c:cc:d6:36:3d:88:fa:c4:33:1a:be:
ee:ca:60:6e:a1:0f:fe:00:5e:26:c7:b2:00:38:4d:43:41:60:
16:7e:96:30:da:ab:6d:bf:11:84:bd:9d:bf:92:ea:f1:68:12:
c4:81:3d:c4:4c:4c:b5:e4:dd:6f:b4:be:d7:4b:b9:8d:c5:50:
fa:da:c3:d0:17:cc:53:4a:fc:b1:10:a8:f8:2e:08:aa:8b:41:
59:8f:47:6c:bd:85:17:7c:cb:33:0e:85:4b:48:3e:6e:62:56:
74:00:6a:0b:cf:9b:72:fa:65:43:7d:1f:2b:b9:f6:94:62:73:
3b:b5:88:35:52:bf:2d:4b:86:3b:c5:5d:08:fc:f6:f3:19:b8:
54:6b:83:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJA6HiFGfFpL+N4OahcSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y0MWE3NWI1OWJlNGVhNTU3YzgzOWVhMTI0NDM0ZDA2MGM0YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UnAn5MeYn8Cnukl1UQ35+h8uSr3
oLDToNTO0OPHr8ZWcUq47gh9uVW1P2dAkhfxDmnv0bCDMnhv3m3diH+pZpEbfnjO
I/rXRIPHOtFwTxpWXaHZrO5e/c0tEi+3aycDepQ4+RvmQQBOYPuUekJK6lh7vbjw
WC/ux4dHFnBsKIgQWpmJbtikVG/pcdCJaVTRGYvMr7Mn0w1YOCzq8KeM/ke/gewe
HEcmR3pjo6Lsq9JJ95OHdgBXxwxvtjxSzYIMt22BjYgUEf3WUt471g1iFOq34ChO
NQ2+VKwFEjkx2Gp2oI4EzgHXZTq88G8SSlfDBonvVFhF5jQIyWg9bF27gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIf0GnW1m+TqVXyDnqEkQ00GDExiMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaF9RYWRiV2I1T3BWZklPZW9TUkRUUVlNVEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUqNEAwQC
UqOsMA0GCSqGSIb3DQEBCwUAA4IBAQA6gwK41zB8owMibwGm5+c3Hfz6Y6wy2eTj
JK5KrLPuNQySuUAqZyuuxrXzEBRS0jWz7bQjswW+LGvI1MNh000YtRqxVwXGgN3i
ok9NtLLvuhFHBu/khz4LK7GGebNeDCT4QZscvwlmDC6wxWTjR5h64S9MHMzWNj2I
+sQzGr7uymBuoQ/+AF4mx7IAOE1DQWAWfpYw2qttvxGEvZ2/kurxaBLEgT3ETEy1
5N1vtL7XS7mNxVD62sPQF8xTSvyxEKj4Lgiqi0FZj0dsvYUXfMszDoVLSD5uYlZ0
AGoLz5ty+mVDfR8rufaUYnM7tYg1Ur8tS4Y7xV0I/PbzGbhUa4Oe
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:17:42 2025 by rpki-client on console.sobornost.net