Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/iHNmmkHnkrPi1F2vS2DFfQgsEUE.roa
File: iHNmmkHnkrPi1F2vS2DFfQgsEUE.roa (raw, json)
Hash identifier: 3V9ILLN3TdUu9XJlmFd4WmoL+cfzk6qYW28NQJnYdZA=
Subject key identifier: 88:73:66:9A:41:E7:92:B3:E2:D4:5D:AF:4B:60:C5:7D:08:2C:11:41
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 0195BAAE26816882DD52AC1E74CEEE897A97
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/iHNmmkHnkrPi1F2vS2DFfQgsEUE.roa
Signing time: Fri 21 Mar 2025 21:48:50 +0000
ROA not before: Fri 21 Mar 2025 21:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28924
IP address blocks: 195.90.98.0/24 maxlen: 24
195.90.99.0/24 maxlen: 24
195.90.114.0/23 maxlen: 23
195.90.114.0/24 maxlen: 24
212.52.160.0/19 maxlen: 19
212.52.160.0/22 maxlen: 22
212.52.160.0/24 maxlen: 24
212.52.161.0/24 maxlen: 24
212.52.162.0/24 maxlen: 24
212.52.163.0/24 maxlen: 24
212.52.164.0/24 maxlen: 24
212.52.165.0/24 maxlen: 24
212.52.166.0/24 maxlen: 24
212.52.167.0/24 maxlen: 24
212.52.168.0/22 maxlen: 22
212.52.168.0/24 maxlen: 24
212.52.169.0/24 maxlen: 24
212.52.170.0/24 maxlen: 24
212.52.171.0/24 maxlen: 24
212.52.172.0/24 maxlen: 24
212.52.173.0/24 maxlen: 24
212.52.174.0/24 maxlen: 24
212.52.175.0/24 maxlen: 24
212.52.176.0/24 maxlen: 24
212.52.177.0/24 maxlen: 24
212.52.178.0/24 maxlen: 24
212.52.179.0/24 maxlen: 24
212.52.180.0/24 maxlen: 24
212.52.181.0/24 maxlen: 24
212.52.182.0/24 maxlen: 24
212.52.183.0/24 maxlen: 24
212.52.184.0/24 maxlen: 24
212.52.185.0/24 maxlen: 24
212.52.186.0/24 maxlen: 24
212.52.187.0/24 maxlen: 24
212.52.188.0/24 maxlen: 24
212.52.189.0/24 maxlen: 24
212.52.190.0/24 maxlen: 24
212.52.191.0/24 maxlen: 24
2a01:7d80::/36 maxlen: 36
2a01:7d80:999::/48 maxlen: 48
2a01:7d80:1000::/36 maxlen: 48
2a01:7d80:9000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ba:ae:26:81:68:82:dd:52:ac:1e:74:ce:ee:89:7a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Mar 21 21:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8873669a41e792b3e2d45daf4b60c57d082c1141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:08:aa:cb:7b:43:fa:61:b2:94:72:b1:cb:96:
09:05:9b:9c:01:74:47:75:99:5f:b5:95:7e:ba:c4:
cc:f4:67:72:98:b6:ad:7d:ad:e5:0f:c0:6c:6f:1e:
6f:bb:19:31:6d:63:88:a4:9b:43:b6:c0:f8:25:38:
f5:6f:7f:66:e4:43:af:68:40:b4:9d:e3:10:e4:eb:
2a:76:ae:41:c6:63:85:7f:35:0b:33:b8:a6:a3:f1:
eb:9c:df:8c:8a:34:4c:60:c1:3b:72:87:f3:ae:4a:
4e:ff:79:53:3c:3a:a0:b6:45:87:2d:b2:7b:fc:e3:
99:0b:36:2c:ad:e4:96:35:9a:b8:c8:95:d4:3b:ca:
8e:76:3c:e3:12:96:b8:a8:2f:a5:75:07:70:db:b3:
45:ef:d1:70:53:e1:ab:09:bd:f7:e9:45:2b:97:32:
3c:5f:d3:de:bd:a7:bc:87:8b:62:c4:72:49:cc:33:
44:73:f8:9c:f1:19:62:9a:75:f8:2b:c8:93:2c:1a:
1b:69:ea:59:a1:11:1b:f8:bc:f0:68:6f:b7:f4:53:
ba:38:4f:f2:e1:09:e2:af:64:f5:d6:2d:83:c1:29:
9e:99:7b:79:37:38:e4:46:92:c6:d4:8d:75:32:d9:
37:f6:50:14:50:ab:80:65:9e:ba:2a:5a:e7:47:04:
0c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:73:66:9A:41:E7:92:B3:E2:D4:5D:AF:4B:60:C5:7D:08:2C:11:41
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/iHNmmkHnkrPi1F2vS2DFfQgsEUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.90.98.0/23
195.90.114.0/23
212.52.160.0/19
IPv6:
2a01:7d80::/35
2a01:7d80:9000::/36
Signature Algorithm: sha256WithRSAEncryption
65:5d:39:f0:89:a7:c9:a5:53:2e:ec:89:6c:c3:63:73:a8:fd:
67:ea:69:38:5e:34:6f:15:27:84:45:e6:0b:ff:cc:82:ec:f6:
fd:05:07:f8:51:5a:90:1b:3e:54:92:38:a4:26:96:b6:ea:e2:
af:68:5b:b6:3f:7a:53:ac:ef:6d:30:14:dc:e0:07:a8:3e:f4:
1b:e2:4b:64:b7:aa:82:cf:d8:2b:45:80:3f:7e:f2:91:60:40:
0a:cc:be:a9:e8:5e:f4:05:0c:e1:2c:93:84:36:60:54:3d:3c:
82:a4:37:71:96:31:a6:70:35:80:a2:e8:67:b1:d8:bf:d4:ef:
57:f6:30:b4:e3:b2:95:97:60:60:ee:53:19:fd:85:a2:5a:55:
ee:1b:23:d1:b8:c9:f0:a1:48:58:cc:4b:30:ba:d5:78:50:bc:
5b:7c:55:d3:28:45:c8:2a:10:5b:44:10:a9:5e:a5:f5:f6:5a:
88:19:67:c2:0e:59:10:bb:ed:64:35:78:4a:a5:5d:87:d1:99:
cb:2c:14:74:ef:92:97:ce:13:a4:97:46:c0:24:17:31:b6:9e:
5d:c5:8d:f7:69:24:df:cc:27:77:a7:03:c3:4b:db:94:72:51:
d7:37:70:b1:ab:2b:4d:76:77:00:bb:94:e3:9f:d1:28:2f:c9:
52:6e:24:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZW6riaBaILdUqwedM7uiXqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjUwMzIxMjE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODczNjY5YTQxZTc5MmIzZTJkNDVkYWY0YjYwYzU3ZDA4MmMxMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Aiqy3tD+mGylHKxy5YJBZucAXRH
dZlftZV+usTM9GdymLatfa3lD8Bsbx5vuxkxbWOIpJtDtsD4JTj1b39m5EOvaEC0
neMQ5Osqdq5BxmOFfzULM7imo/HrnN+MijRMYME7cofzrkpO/3lTPDqgtkWHLbJ7
/OOZCzYsreSWNZq4yJXUO8qOdjzjEpa4qC+ldQdw27NF79FwU+GrCb336UUrlzI8
X9Pevae8h4tixHJJzDNEc/ic8RlimnX4K8iTLBobaepZoREb+LzwaG+39FO6OE/y
4Qnir2T11i2DwSmemXt5NzjkRpLG1I11Mtk39lAUUKuAZZ66KlrnRwQMiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIhzZppB55Kz4tRdr0tgxX0ILBFBMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvaUhObW1rSG5rclBpMUYydlMyREZmUWdzRVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQBw1piAwQB
w1pyAwQF1DSgMBYEAgACMBADBgUqAX2AAAMGBCoBfYCQMA0GCSqGSIb3DQEBCwUA
A4IBAQBlXTnwiafJpVMu7Ilsw2NzqP1n6mk4XjRvFSeEReYL/8yC7Pb9BQf4UVqQ
Gz5UkjikJpa26uKvaFu2P3pTrO9tMBTc4AeoPvQb4ktkt6qCz9grRYA/fvKRYEAK
zL6p6F70BQzhLJOENmBUPTyCpDdxljGmcDWAouhnsdi/1O9X9jC047KVl2Bg7lMZ
/YWiWlXuGyPRuMnwoUhYzEswutV4ULxbfFXTKEXIKhBbRBCpXqX19lqIGWfCDlkQ
u+1kNXhKpV2H0ZnLLBR075KXzhOkl0bAJBcxtp5dxY33aSTfzCd3pwPDS9uUclHX
N3CxqytNdncAu5Tjn9EoL8lSbiTz
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net