Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/HitPQyHhpEoVidVOwqr2ddK23LE.roa
File: HitPQyHhpEoVidVOwqr2ddK23LE.roa (raw, json)
Hash identifier: UNtTyCfc7GR1gxgfjG0Y/XLw7gBd/DnSW8H0cz2SvrM=
Subject key identifier: 1E:2B:4F:43:21:E1:A4:4A:15:89:D5:4E:C2:AA:F6:75:D2:B6:DC:B1
Certificate issuer: /CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Certificate serial: 01942067C2A9299ECCA9FAC78BEE3A260479
Authority key identifier: 41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/HitPQyHhpEoVidVOwqr2ddK23LE.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44460
IP address blocks: 92.43.200.0/21 maxlen: 21
185.68.72.0/22 maxlen: 22
185.68.72.0/24 maxlen: 24
185.68.73.0/24 maxlen: 24
185.68.74.0/24 maxlen: 24
185.68.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c2:a9:29:9e:cc:a9:fa:c7:8b:ee:3a:26:04:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e2b4f4321e1a44a1589d54ec2aaf675d2b6dcb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:89:a5:f4:28:67:f4:6e:81:7d:3d:b6:cf:
81:82:6a:11:a3:67:a8:c8:bd:3c:f2:bc:0a:a7:e5:
3d:34:49:5c:06:09:c3:2e:9d:89:88:14:7c:05:9f:
ff:34:b8:8c:2c:7b:1f:df:3f:69:0e:f9:e7:1d:78:
eb:b0:93:31:64:62:42:31:e6:ee:3f:ae:a1:6a:5a:
68:d7:8c:67:4a:b5:8d:4a:bc:4b:03:05:f6:92:80:
d8:b2:70:37:af:17:25:c0:ff:3d:90:e7:68:e0:08:
c4:75:90:04:82:60:25:87:84:62:d8:db:75:47:7a:
b0:a2:9d:09:d4:5a:9a:fa:3d:37:37:f1:2b:ca:37:
fe:f4:29:94:48:02:56:ee:7b:f9:ba:5e:47:a7:b8:
91:c2:59:8f:1f:08:4f:0b:32:0a:a9:2c:26:86:ea:
3e:e4:da:ec:1c:fd:fc:27:38:12:b6:9b:a8:56:6b:
81:b6:2d:a0:9d:e6:a9:05:13:de:90:f5:4a:c4:64:
b4:7c:52:33:51:cd:ee:03:a8:ae:2d:bc:54:b2:b3:
74:19:23:36:c9:81:3c:75:31:d2:76:f4:7d:18:69:
e0:53:c3:f0:c2:d6:fd:ea:df:c5:e9:af:0e:9e:0c:
f7:36:6c:18:10:c8:5e:7e:87:9d:e9:1a:7c:34:5d:
a2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:2B:4F:43:21:E1:A4:4A:15:89:D5:4E:C2:AA:F6:75:D2:B6:DC:B1
X509v3 Authority Key Identifier:
keyid:41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/HitPQyHhpEoVidVOwqr2ddK23LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.200.0/21
185.68.72.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:88:8a:fd:0d:4c:98:b3:3a:f7:12:72:83:0f:2f:17:62:1c:
73:fe:ba:1e:2c:10:da:f9:94:92:6f:40:26:e2:f3:5e:f8:f5:
45:ef:ef:85:6b:5e:c9:a6:61:36:92:a5:34:48:16:b4:6b:f0:
11:8f:0e:93:4a:de:d7:9f:a0:6d:e1:ff:c4:95:9b:51:d8:e5:
80:15:55:40:f4:41:7e:ce:75:13:40:2b:b9:e3:0e:a6:52:1c:
f4:94:1a:93:4c:f4:f5:42:e0:cd:0f:0e:26:50:5b:ca:42:d3:
7d:18:e7:b0:0c:8b:83:3b:16:63:7c:8a:14:05:bf:2a:95:3c:
88:b0:5e:de:54:45:0b:06:f1:e2:f9:86:81:fb:45:07:65:c0:
38:d0:b7:e0:b2:25:2d:71:09:d5:fb:67:df:9f:7a:b4:fc:d1:
47:69:f2:fc:6d:a7:65:d1:00:55:ba:dd:74:76:cd:eb:6d:8f:
cf:22:06:df:6a:36:63:d0:58:7e:63:6d:1c:8a:67:67:19:ae:
9c:a2:12:97:c3:71:00:ec:9b:5d:ad:97:13:8b:ac:94:39:9f:
a7:31:43:1c:8e:75:20:55:85:4f:a3:65:08:0d:dd:95:91:65:
74:df:74:b0:53:25:cd:e2:e3:66:d1:21:af:ba:97:02:41:87:
5f:fd:0d:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ8KpKZ7MqfrHi+46JgR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxODFjMjJlYjdiMzJkOTAxZDEyNTcwMGUxNDBlYjYwMDlk
Y2M2ZGEwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTJiNGY0MzIxZTFhNDRhMTU4OWQ1NGVjMmFhZjY3NWQyYjZkY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorWJpfQoZ/RugX09ts+BgmoRo2eo
yL088rwKp+U9NElcBgnDLp2JiBR8BZ//NLiMLHsf3z9pDvnnHXjrsJMxZGJCMebu
P66halpo14xnSrWNSrxLAwX2koDYsnA3rxclwP89kOdo4AjEdZAEgmAlh4Ri2Nt1
R3qwop0J1Fqa+j03N/Eryjf+9CmUSAJW7nv5ul5Hp7iRwlmPHwhPCzIKqSwmhuo+
5NrsHP38JzgStpuoVmuBti2gneapBRPekPVKxGS0fFIzUc3uA6iuLbxUsrN0GSM2
yYE8dTHSdvR9GGngU8Pwwtb96t/F6a8Ongz3NmwYEMhefoed6Rp8NF2iHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4rT0Mh4aRKFYnVTsKq9nXSttyxMB8GA1UdIwQY
MBaAFEGBwi63sy2QHRJXAOFA62AJ3MbaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMt
YzIxNDA5NDQyZmFjLzEvSGl0UFF5SGhwRW9WaWRWT3dxcjJkZEsyM0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMtYzIxNDA5NDQyZmFj
LzEvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXCvIAwQC
uURIMA0GCSqGSIb3DQEBCwUAA4IBAQC7iIr9DUyYszr3EnKDDy8XYhxz/roeLBDa
+ZSSb0Am4vNe+PVF7++Fa17JpmE2kqU0SBa0a/ARjw6TSt7Xn6Bt4f/ElZtR2OWA
FVVA9EF+znUTQCu54w6mUhz0lBqTTPT1QuDNDw4mUFvKQtN9GOewDIuDOxZjfIoU
Bb8qlTyIsF7eVEULBvHi+YaB+0UHZcA40LfgsiUtcQnV+2ffn3q0/NFHafL8badl
0QBVut10ds3rbY/PIgbfajZj0Fh+Y20cimdnGa6cohKXw3EA7JtdrZcTi6yUOZ+n
MUMcjnUgVYVPo2UIDd2VkWV033SwUyXN4uNm0SGvupcCQYdf/Q33
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net