Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/HfvQGv3fkx8EbAZWjLyDRRI_Z8o.roa
File: HfvQGv3fkx8EbAZWjLyDRRI_Z8o.roa (raw, json)
Hash identifier: L6g/T7YHsTiEPnLp25ze+rccMiIRyJAPI1nh81w0wDo=
Subject key identifier: 1D:FB:D0:1A:FD:DF:93:1F:04:6C:06:56:8C:BC:83:45:12:3F:67:CA
Certificate issuer: /CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Certificate serial: 0194266C444A2287954C78862CDC8D30DF8E
Authority key identifier: 5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/HfvQGv3fkx8EbAZWjLyDRRI_Z8o.roa
Signing time: Thu 02 Jan 2025 09:50:17 +0000
ROA not before: Thu 02 Jan 2025 09:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213857
IP address blocks: 185.228.200.0/22 maxlen: 23
2a0b:7180::/32 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:44:4a:22:87:95:4c:78:86:2c:dc:8d:30:df:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c
Validity
Not Before: Jan 2 09:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dfbd01afddf931f046c06568cbc8345123f67ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:58:2d:f4:f5:cd:39:c0:0c:7b:e3:c9:25:
57:85:9f:d2:06:d1:7a:6c:5f:48:b1:13:47:83:8a:
4f:88:73:f2:ea:66:38:65:9a:fb:f1:0d:1f:88:11:
6b:39:84:b3:fd:fc:49:ec:13:a1:f1:f8:16:09:19:
9e:8c:f4:b8:9a:f9:77:c8:77:38:b0:94:65:1c:80:
11:2d:88:7d:eb:4c:9f:da:23:18:07:c8:a4:1f:12:
b2:4d:07:c8:90:df:b8:8f:d9:91:2c:bc:f9:55:85:
95:02:e3:34:bb:af:9e:9b:ae:49:15:18:57:af:7f:
ad:65:2c:8c:80:6c:df:83:93:3e:a8:79:8c:10:44:
7e:0b:65:1e:7c:d9:ae:c4:aa:d8:e8:9c:8b:aa:57:
2c:47:2c:77:d4:2a:ff:a7:95:65:04:13:36:77:89:
08:15:b5:6f:4f:88:9b:bf:aa:ee:2d:3f:71:7a:86:
96:df:b6:a1:03:72:62:2f:0a:ee:b6:a6:61:4a:b7:
49:be:b9:0f:26:46:93:6e:5b:c7:78:ad:b8:c0:db:
a0:42:e1:30:b8:32:d2:50:8c:c2:72:c8:e6:7b:ff:
d6:a1:89:69:43:f3:98:4b:6b:02:9d:dc:4d:d7:d8:
4e:48:b5:4b:21:ae:a4:53:41:c2:17:75:56:14:b4:
67:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FB:D0:1A:FD:DF:93:1F:04:6C:06:56:8C:BC:83:45:12:3F:67:CA
X509v3 Authority Key Identifier:
keyid:5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/HfvQGv3fkx8EbAZWjLyDRRI_Z8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.200.0/22
IPv6:
2a0b:7180::/32
Signature Algorithm: sha256WithRSAEncryption
9c:dd:fe:51:f8:7c:00:c4:62:8e:11:af:f9:f7:6b:5b:ec:58:
22:a8:0d:f9:4e:d4:1e:01:34:f3:fe:01:fa:4c:cc:60:0e:0b:
e0:83:0b:3d:06:78:0d:c6:ac:94:db:0a:b8:db:e6:94:17:f5:
5c:55:a4:d6:ef:fa:e7:b9:cf:1f:12:6f:d3:c5:97:30:cb:97:
21:ca:f7:71:7c:66:ab:c1:ec:85:52:9b:b5:01:79:b3:98:85:
1c:d4:20:74:43:d7:ce:fe:d5:2c:2c:89:15:77:9e:3b:db:18:
23:a3:f2:9a:ff:ed:75:2f:5b:c7:76:bd:0a:4b:b0:16:a6:a1:
0a:42:9c:88:aa:bb:ed:9b:51:bb:fd:fb:ff:92:a0:32:fd:74:
84:24:44:86:24:1c:22:90:6d:62:db:73:13:1e:f7:16:0a:0f:
06:65:cd:b5:51:81:cb:d0:7c:92:97:6d:e8:7a:bc:9c:22:19:
24:0c:01:94:cf:5c:73:5d:59:c2:47:c1:13:de:03:c3:3b:4f:
1a:21:43:9a:05:06:d6:c6:b4:ec:a8:06:cb:58:65:e9:26:0f:
b8:64:56:20:9f:85:09:35:3d:74:4f:bf:39:5a:dc:b1:fd:44:
03:99:a2:52:f9:32:f2:f2:49:d0:07:43:b3:69:8d:c3:27:0f:
6f:68:7b:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbERKIoeVTHiGLNyNMN+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjJiYTlhYmY4MWQ2Y2Y4MDMzY2RjZGViYzhkZjhmN2Uy
MmMyOGMwHhcNMjUwMTAyMDk1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZiZDAxYWZkZGY5MzFmMDQ2YzA2NTY4Y2JjODM0NTEyM2Y2N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumZYLfT1zTnADHvjySVXhZ/SBtF6
bF9IsRNHg4pPiHPy6mY4ZZr78Q0fiBFrOYSz/fxJ7BOh8fgWCRmejPS4mvl3yHc4
sJRlHIARLYh960yf2iMYB8ikHxKyTQfIkN+4j9mRLLz5VYWVAuM0u6+em65JFRhX
r3+tZSyMgGzfg5M+qHmMEER+C2UefNmuxKrY6JyLqlcsRyx31Cr/p5VlBBM2d4kI
FbVvT4ibv6ruLT9xeoaW37ahA3JiLwrutqZhSrdJvrkPJkaTblvHeK24wNugQuEw
uDLSUIzCcsjme//WoYlpQ/OYS2sCndxN19hOSLVLIa6kU0HCF3VWFLRnwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB370Br935MfBGwGVoy8g0USP2fKMB8GA1UdIwQY
MBaAFFqyupq/gdbPgDPNzevI349+IsKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEt
NmRmYmJkZTUyZGVhLzEvSGZ2UUd2M2ZreDhFYkFaV2pMeURSUklfWjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEtNmRmYmJkZTUyZGVh
LzEvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueTIMA0E
AgACMAcDBQAqC3GAMA0GCSqGSIb3DQEBCwUAA4IBAQCc3f5R+HwAxGKOEa/592tb
7FgiqA35TtQeATTz/gH6TMxgDgvggws9BngNxqyU2wq42+aUF/VcVaTW7/rnuc8f
Em/TxZcwy5chyvdxfGarweyFUpu1AXmzmIUc1CB0Q9fO/tUsLIkVd5472xgjo/Ka
/+11L1vHdr0KS7AWpqEKQpyIqrvtm1G7/fv/kqAy/XSEJESGJBwikG1i23MTHvcW
Cg8GZc21UYHL0HySl23oerycIhkkDAGUz1xzXVnCR8ET3gPDO08aIUOaBQbWxrTs
qAbLWGXpJg+4ZFYgn4UJNT10T785Wtyx/UQDmaJS+TLy8knQB0OzaY3DJw9vaHvv
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:04 2025 by rpki-client on console.sobornost.net