Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/hsaReoXY2mR3_oCjpG4j-yPGtgE.roa
File: hsaReoXY2mR3_oCjpG4j-yPGtgE.roa (raw, json)
Hash identifier: cnraCmQfKTDWUgiiK98Z/023EXxjG/JmIpzpFMXqbwQ=
Subject key identifier: 86:C6:91:7A:85:D8:DA:64:77:FE:80:A3:A4:6E:23:FB:23:C6:B6:01
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 0194252044C6B6455C40B8C2270FACA69F1F
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/hsaReoXY2mR3_oCjpG4j-yPGtgE.roa
Signing time: Thu 02 Jan 2025 03:47:39 +0000
ROA not before: Thu 02 Jan 2025 03:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199736
IP address blocks: 5.183.220.0/22 maxlen: 22
185.38.128.0/22 maxlen: 22
185.87.188.0/22 maxlen: 22
185.219.136.0/22 maxlen: 22
195.211.168.0/22 maxlen: 22
2a00:fde0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:44:c6:b6:45:5c:40:b8:c2:27:0f:ac:a6:9f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Jan 2 03:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86c6917a85d8da6477fe80a3a46e23fb23c6b601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:78:fe:c8:00:18:79:16:58:17:44:e9:88:24:
39:49:bd:9a:a7:2c:bb:a6:04:b3:34:15:f6:c2:42:
d1:04:03:51:6f:da:8b:78:35:1e:c0:f2:ab:6b:6b:
88:7e:7d:89:81:01:1e:ac:97:45:9e:2a:ad:7c:65:
17:92:8a:68:bd:4b:4e:0e:28:fa:8c:33:9a:17:9a:
3e:19:87:23:b5:ff:cf:08:69:e4:16:81:55:f8:a6:
60:be:ed:ed:b6:1c:31:f4:5d:78:11:69:3a:2d:52:
a4:46:9f:81:b7:5f:12:93:2a:20:77:d5:63:ce:d7:
72:06:b1:d8:57:19:8f:ac:61:96:78:3a:60:12:2a:
99:c7:86:56:60:5f:e2:a1:61:33:c5:68:87:88:17:
5b:c6:f7:bd:e7:ae:c8:5e:66:71:b3:1b:a2:0f:7d:
67:08:ca:65:60:18:57:16:70:c0:6d:cf:6a:a9:e7:
db:12:75:ee:03:1c:5a:38:75:ad:7d:3a:8f:2f:17:
17:a4:b0:f7:3e:f6:62:2f:82:65:10:8d:2a:5e:0a:
9f:98:15:ac:db:ab:af:57:c8:18:68:9b:61:fb:73:
a2:63:60:bd:cd:42:9c:14:e7:08:ce:c9:8a:ad:5e:
71:9b:02:fd:80:18:e9:60:95:d4:be:62:2b:9f:78:
85:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C6:91:7A:85:D8:DA:64:77:FE:80:A3:A4:6E:23:FB:23:C6:B6:01
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/hsaReoXY2mR3_oCjpG4j-yPGtgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.220.0/22
185.38.128.0/22
185.87.188.0/22
185.219.136.0/22
195.211.168.0/22
IPv6:
2a00:fde0::/32
Signature Algorithm: sha256WithRSAEncryption
17:9e:f3:58:d4:ec:3a:16:d4:44:af:75:d4:e2:a1:7f:20:ef:
a3:78:79:34:a2:5f:98:76:40:65:a9:dc:b5:20:04:b2:88:44:
14:c0:a1:d6:94:74:48:12:ca:38:48:d7:be:3c:fa:15:ac:7c:
10:75:89:68:60:29:ab:c8:65:e4:54:93:ef:53:d3:a1:ec:1a:
09:e8:a7:2f:dd:4d:2a:5f:cc:03:ee:fd:4b:73:d8:1c:96:71:
2e:33:1b:64:c0:c4:16:86:32:d7:5b:8e:3a:73:b1:b8:05:0e:
4b:53:bf:bc:cb:01:ac:f5:86:f1:6d:94:e0:ae:98:7b:b5:94:
43:68:bd:ce:3d:87:c4:ef:53:08:60:eb:2f:dd:e1:4c:f1:07:
6a:a2:3a:5b:cc:b9:74:de:ca:c6:c7:03:48:e4:cc:35:7f:43:
61:c3:17:e8:c9:f0:15:9b:0f:81:d1:1c:b1:7c:a8:d9:cd:12:
48:b2:29:e4:36:10:c8:8a:cf:4a:e2:4d:5c:b8:54:d1:1c:21:
89:a8:23:01:2f:0d:0c:1a:76:e4:cb:f3:01:6b:75:85:8f:ad:
82:69:1e:4d:db:2a:f8:94:82:9e:70:52:d4:64:9a:05:c4:4e:
95:d0:02:dc:43:09:dc:2c:f2:93:c3:fc:aa:5d:4b:96:0b:42:
69:f6:8b:98
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQlIETGtkVcQLjCJw+spp8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjUwMTAyMDM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM2OTE3YTg1ZDhkYTY0NzdmZTgwYTNhNDZlMjNmYjIzYzZiNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnj+yAAYeRZYF0TpiCQ5Sb2apyy7
pgSzNBX2wkLRBANRb9qLeDUewPKra2uIfn2JgQEerJdFniqtfGUXkopovUtODij6
jDOaF5o+GYcjtf/PCGnkFoFV+KZgvu3tthwx9F14EWk6LVKkRp+Bt18Skyogd9Vj
ztdyBrHYVxmPrGGWeDpgEiqZx4ZWYF/ioWEzxWiHiBdbxve9567IXmZxsxuiD31n
CMplYBhXFnDAbc9qqefbEnXuAxxaOHWtfTqPLxcXpLD3PvZiL4JlEI0qXgqfmBWs
26uvV8gYaJth+3OiY2C9zUKcFOcIzsmKrV5xmwL9gBjpYJXUvmIrn3iFGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIbGkXqF2Npkd/6Ao6RuI/sjxrYBMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvaHNhUmVvWFkybVIzX29DanBHNGoteVBHdGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBbfcAwQC
uSaAAwQCuVe8AwQCuduIAwQCw9OoMA0EAgACMAcDBQAqAP3gMA0GCSqGSIb3DQEB
CwUAA4IBAQAXnvNY1Ow6FtREr3XU4qF/IO+jeHk0ol+YdkBlqdy1IASyiEQUwKHW
lHRIEso4SNe+PPoVrHwQdYloYCmryGXkVJPvU9Oh7BoJ6Kcv3U0qX8wD7v1Lc9gc
lnEuMxtkwMQWhjLXW446c7G4BQ5LU7+8ywGs9YbxbZTgrph7tZRDaL3OPYfE71MI
YOsv3eFM8QdqojpbzLl03srGxwNI5Mw1f0NhwxfoyfAVmw+B0RyxfKjZzRJIsink
NhDIis9K4k1cuFTRHCGJqCMBLw0MGnbky/MBa3WFj62CaR5N2yr4lIKecFLUZJoF
xE6V0ALcQwncLPKTw/yqXUuWC0Jp9ouY
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net