Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/hR1_ZEXfbdX4pGc2ctPKXHrqf78.roa
File: hR1_ZEXfbdX4pGc2ctPKXHrqf78.roa (raw, json)
Hash identifier: ObK4r8CGHqPQX4CfItMJydsCSmFEvL3F0L64naX6VJI=
Subject key identifier: 85:1D:7F:64:45:DF:6D:D5:F8:A4:67:36:72:D3:CA:5C:7A:EA:7F:BF
Certificate issuer: /CN=70ef95d2cf0e7d84058b528e7902d60b403d7b76
Certificate serial: 0194266B439F39CFBF249A6059B54E38062C
Authority key identifier: 70:EF:95:D2:CF:0E:7D:84:05:8B:52:8E:79:02:D6:0B:40:3D:7B:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cO-V0s8OfYQFi1KOeQLWC0A9e3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/hR1_ZEXfbdX4pGc2ctPKXHrqf78.roa
Signing time: Thu 02 Jan 2025 09:49:11 +0000
ROA not before: Thu 02 Jan 2025 09:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210958
IP address blocks: 46.254.64.0/21 maxlen: 21
93.190.56.0/21 maxlen: 21
2a02:a28::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:43:9f:39:cf:bf:24:9a:60:59:b5:4e:38:06:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70ef95d2cf0e7d84058b528e7902d60b403d7b76
Validity
Not Before: Jan 2 09:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=851d7f6445df6dd5f8a4673672d3ca5c7aea7fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:94:eb:72:39:6e:52:9f:bd:21:37:83:b9:c3:
e4:92:18:6b:19:20:61:b5:13:5d:f3:08:03:19:19:
73:6c:ac:7c:b8:ae:d1:82:8c:58:77:ae:15:16:43:
5e:15:de:b7:2e:70:0a:28:ba:b9:f0:94:f9:43:38:
6d:65:6f:5c:0b:57:f6:0d:e6:3a:6e:e4:71:f8:c4:
cc:76:80:19:34:88:84:0b:0d:28:f4:2d:f4:38:6c:
44:0f:e3:ed:98:18:21:d4:46:19:2c:32:89:47:26:
02:09:1a:0c:72:7a:e6:6a:66:6b:5f:d8:e5:45:56:
55:05:ca:fa:41:64:44:83:1b:f7:b7:64:2d:c8:70:
dc:82:f4:00:8f:b5:70:bf:59:03:32:3e:69:91:7d:
2c:22:6c:8e:b6:dc:44:8d:27:a7:fd:e2:61:16:e5:
db:30:9c:9d:93:fa:1a:18:9e:43:5b:0d:5e:24:a0:
5b:55:54:ac:6e:a8:c6:e2:eb:48:2e:d7:0e:b7:cc:
19:85:11:39:9d:6e:10:67:2f:41:a3:60:ad:f9:54:
f4:d1:98:71:fa:a3:68:68:9e:4f:aa:5c:72:78:94:
83:65:95:88:70:ad:ce:80:73:ec:70:32:72:1e:aa:
07:5d:3e:ab:8b:5e:67:7c:32:0f:8a:6d:1b:1a:c7:
43:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1D:7F:64:45:DF:6D:D5:F8:A4:67:36:72:D3:CA:5C:7A:EA:7F:BF
X509v3 Authority Key Identifier:
keyid:70:EF:95:D2:CF:0E:7D:84:05:8B:52:8E:79:02:D6:0B:40:3D:7B:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cO-V0s8OfYQFi1KOeQLWC0A9e3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/hR1_ZEXfbdX4pGc2ctPKXHrqf78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/153ee2-ba84-449b-81fa-a040c7b6a670/1/cO-V0s8OfYQFi1KOeQLWC0A9e3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.64.0/21
93.190.56.0/21
IPv6:
2a02:a28::/32
Signature Algorithm: sha256WithRSAEncryption
08:d5:2d:b9:f5:3f:a9:a6:cb:be:08:5c:98:98:22:fe:c0:f2:
dd:34:05:ab:e4:1a:64:55:48:60:6b:01:29:50:d5:01:3b:a6:
c0:00:e9:f0:7f:73:22:9b:b0:f2:6a:ee:ae:5b:16:85:1f:cd:
9c:07:cf:cf:ad:9b:85:1b:d8:df:6c:5e:15:bf:3f:ae:23:c3:
d5:8f:1b:c5:37:ef:e3:69:91:25:4c:8e:0a:89:a8:89:b1:94:
1a:31:7f:ce:16:f8:5e:ab:83:2e:7a:e7:92:c8:80:a6:55:94:
e0:66:70:1b:b2:9a:e0:49:53:15:96:7f:0e:f8:65:f5:84:bd:
fd:2b:86:64:c9:0f:da:31:92:b1:02:65:d4:42:3f:59:bc:d1:
d5:9e:3b:d3:55:79:1b:22:61:1d:de:a9:92:67:7c:72:14:01:
0c:c7:27:7d:49:e0:88:a8:f2:1b:c5:98:3b:12:6c:c1:e3:6f:
3b:2b:38:65:cc:d3:13:30:a8:96:3a:bd:e8:cc:74:fe:d9:2e:
8b:48:f6:12:62:3a:60:1d:b1:a7:7c:bf:64:91:c9:14:8c:1c:
7c:c8:d7:f5:8f:50:af:ac:db:4d:21:93:f0:4e:01:88:5b:e1:
90:25:39:a1:50:09:23:06:0f:fc:6e:67:be:c7:d8:ee:e4:05:
fe:9e:b5:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma0OfOc+/JJpgWbVOOAYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZWY5NWQyY2YwZTdkODQwNThiNTI4ZTc5MDJkNjBiNDAz
ZDdiNzYwHhcNMjUwMTAyMDk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTFkN2Y2NDQ1ZGY2ZGQ1ZjhhNDY3MzY3MmQzY2E1YzdhZWE3ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5TrcjluUp+9ITeDucPkkhhrGSBh
tRNd8wgDGRlzbKx8uK7RgoxYd64VFkNeFd63LnAKKLq58JT5QzhtZW9cC1f2DeY6
buRx+MTMdoAZNIiECw0o9C30OGxED+PtmBgh1EYZLDKJRyYCCRoMcnrmamZrX9jl
RVZVBcr6QWREgxv3t2QtyHDcgvQAj7Vwv1kDMj5pkX0sImyOttxEjSen/eJhFuXb
MJydk/oaGJ5DWw1eJKBbVVSsbqjG4utILtcOt8wZhRE5nW4QZy9Bo2Ct+VT00Zhx
+qNoaJ5PqlxyeJSDZZWIcK3OgHPscDJyHqoHXT6ri15nfDIPim0bGsdDbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIUdf2RF323V+KRnNnLTylx66n+/MB8GA1UdIwQY
MBaAFHDvldLPDn2EBYtSjnkC1gtAPXt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY08tVjBzOE9mWVFGaTFLT2VRTFdDMEE5ZTNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xNTNlZTItYmE4NC00NDliLTgxZmEt
YTA0MGM3YjZhNjcwLzEvaFIxX1pFWGZiZFg0cEdjMmN0UEtYSHJxZjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xNTNlZTItYmE4NC00NDliLTgxZmEtYTA0MGM3YjZhNjcw
LzEvY08tVjBzOE9mWVFGaTFLT2VRTFdDMEE5ZTNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv5AAwQD
Xb44MA0EAgACMAcDBQAqAgooMA0GCSqGSIb3DQEBCwUAA4IBAQAI1S259T+ppsu+
CFyYmCL+wPLdNAWr5BpkVUhgawEpUNUBO6bAAOnwf3Mim7Dyau6uWxaFH82cB8/P
rZuFG9jfbF4Vvz+uI8PVjxvFN+/jaZElTI4KiaiJsZQaMX/OFvheq4MueueSyICm
VZTgZnAbsprgSVMVln8O+GX1hL39K4ZkyQ/aMZKxAmXUQj9ZvNHVnjvTVXkbImEd
3qmSZ3xyFAEMxyd9SeCIqPIbxZg7EmzB4287KzhlzNMTMKiWOr3ozHT+2S6LSPYS
YjpgHbGnfL9kkckUjBx8yNf1j1CvrNtNIZPwTgGIW+GQJTmhUAkjBg/8bme+x9ju
5AX+nrXa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net