Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/kHRA5W2PIyWNg3uKfxQ9zz9ybRk.roa
File: kHRA5W2PIyWNg3uKfxQ9zz9ybRk.roa (raw, json)
Hash identifier: GyaDxHXnOVqYowVqNzWMXYXPUi79rWH8RSfCQGy6dbQ=
Subject key identifier: 90:74:40:E5:6D:8F:23:25:8D:83:7B:8A:7F:14:3D:CF:3F:72:6D:19
Certificate issuer: /CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Certificate serial: 019424B36810B2A35E2B2DC321317DECB451
Authority key identifier: 85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/kHRA5W2PIyWNg3uKfxQ9zz9ybRk.roa
Signing time: Thu 02 Jan 2025 01:48:44 +0000
ROA not before: Thu 02 Jan 2025 01:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203505
IP address blocks: 185.146.224.0/24 maxlen: 24
185.146.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:68:10:b2:a3:5e:2b:2d:c3:21:31:7d:ec:b4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f4ee14f6d38a7cf071279dff7b391702e37135
Validity
Not Before: Jan 2 01:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=907440e56d8f23258d837b8a7f143dcf3f726d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:f2:9e:b6:f9:a3:59:f3:41:e4:62:c6:19:
8c:0e:ba:9b:1d:2c:b8:18:61:7a:0c:6d:85:46:54:
50:20:18:dd:48:1f:54:b7:76:99:25:e2:08:b4:c6:
d2:94:d4:93:23:92:81:78:95:20:89:b5:6a:83:d1:
92:82:b9:ab:c8:1d:92:ec:f1:21:2c:85:3f:d8:9f:
da:08:8f:d1:69:f0:1f:19:87:71:b4:e0:a5:d8:d9:
53:5b:5c:1b:b9:07:4d:52:7f:81:ce:3d:1b:02:fc:
a7:55:93:fd:2d:eb:2a:85:f4:ab:ed:c4:ee:04:9c:
ea:57:8f:86:0b:d3:3f:52:f0:98:9e:d2:e6:c6:f7:
ae:8e:b7:1b:db:88:15:3a:15:bd:60:ff:2c:8b:ad:
9d:20:f4:4a:69:4a:9b:db:d5:13:ed:6b:42:35:5c:
77:03:6b:58:1b:84:fe:96:86:61:b8:35:13:0b:51:
82:e6:f6:2f:00:ed:de:b7:7d:36:7c:d9:1f:83:94:
6a:85:e9:10:ff:9a:7d:3b:d0:90:47:a8:5b:5b:2b:
27:52:a0:4a:25:03:a9:29:57:10:4b:b9:a3:7c:a8:
8e:52:e6:62:16:24:d1:4f:98:21:f0:58:7f:54:f3:
30:b5:5c:14:4a:fd:cb:07:95:8e:71:89:c5:6c:25:
d4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:74:40:E5:6D:8F:23:25:8D:83:7B:8A:7F:14:3D:CF:3F:72:6D:19
X509v3 Authority Key Identifier:
keyid:85:F4:EE:14:F6:D3:8A:7C:F0:71:27:9D:FF:7B:39:17:02:E3:71:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfTuFPbTinzwcSed_3s5FwLjcTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/kHRA5W2PIyWNg3uKfxQ9zz9ybRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4df39a-783c-4d7d-b1be-bfd95a9a6e64/1/hfTuFPbTinzwcSed_3s5FwLjcTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.224.0/23
Signature Algorithm: sha256WithRSAEncryption
71:5f:31:61:86:6b:8c:e4:fd:bc:aa:62:34:2e:be:df:64:25:
b3:18:f7:39:c3:88:ad:5c:0f:d3:a6:5b:ef:db:48:0c:39:2d:
31:26:8b:0b:6c:a1:fb:ad:d3:9d:a4:90:d2:a3:cd:b2:02:af:
34:07:51:e5:1a:86:0e:c2:a7:63:43:db:01:80:2e:0f:09:55:
f6:ad:36:28:24:ce:f3:de:41:0a:42:5d:d5:b0:f4:f5:a8:62:
c4:9d:8e:21:d6:0e:28:7a:4e:57:c6:c0:ce:d1:ce:da:d4:92:
4b:f6:79:d9:ca:c0:08:d0:48:3c:cf:0a:a6:cd:c7:c9:2c:9a:
56:6f:0b:2e:69:ab:56:7b:b2:74:30:78:4f:f3:67:b0:e5:fc:
a1:fc:6b:35:3b:10:80:47:5c:c5:98:18:61:d6:26:67:7c:1c:
31:aa:a9:3c:d9:a3:3a:b0:7d:ca:56:ca:25:17:02:3e:ff:04:
cd:c1:c9:0f:73:8a:e3:14:49:fd:c9:7e:c9:2d:99:b6:94:ad:
4f:5b:19:70:ea:c5:c8:85:0d:c3:fb:11:25:52:ae:56:36:e6:
ff:36:f4:ba:d1:65:cd:b1:b0:11:fb:6b:21:65:77:07:52:2b:
23:55:70:de:3b:ba:d5:7f:7d:66:e6:81:17:a9:04:5d:da:03:
29:0e:b0:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks2gQsqNeKy3DITF97LRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZjRlZTE0ZjZkMzhhN2NmMDcxMjc5ZGZmN2IzOTE3MDJl
MzcxMzUwHhcNMjUwMTAyMDE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDc0NDBlNTZkOGYyMzI1OGQ4MzdiOGE3ZjE0M2RjZjNmNzI2ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAXynrb5o1nzQeRixhmMDrqbHSy4
GGF6DG2FRlRQIBjdSB9Ut3aZJeIItMbSlNSTI5KBeJUgibVqg9GSgrmryB2S7PEh
LIU/2J/aCI/RafAfGYdxtOCl2NlTW1wbuQdNUn+Bzj0bAvynVZP9LesqhfSr7cTu
BJzqV4+GC9M/UvCYntLmxveujrcb24gVOhW9YP8si62dIPRKaUqb29UT7WtCNVx3
A2tYG4T+loZhuDUTC1GC5vYvAO3et302fNkfg5RqhekQ/5p9O9CQR6hbWysnUqBK
JQOpKVcQS7mjfKiOUuZiFiTRT5gh8Fh/VPMwtVwUSv3LB5WOcYnFbCXU1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJB0QOVtjyMljYN7in8UPc8/cm0ZMB8GA1UdIwQY
MBaAFIX07hT204p88HEnnf97ORcC43E1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUt
YmZkOTVhOWE2ZTY0LzEva0hSQTVXMlBJeVdOZzN1S2Z4UTl6ejl5YlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80ZGYzOWEtNzgzYy00ZDdkLWIxYmUtYmZkOTVhOWE2ZTY0
LzEvaGZUdUZQYlRpbnp3Y1NlZF8zczVGd0xqY1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZLgMA0G
CSqGSIb3DQEBCwUAA4IBAQBxXzFhhmuM5P28qmI0Lr7fZCWzGPc5w4itXA/Tplvv
20gMOS0xJosLbKH7rdOdpJDSo82yAq80B1HlGoYOwqdjQ9sBgC4PCVX2rTYoJM7z
3kEKQl3VsPT1qGLEnY4h1g4oek5XxsDO0c7a1JJL9nnZysAI0Eg8zwqmzcfJLJpW
bwsuaatWe7J0MHhP82ew5fyh/Gs1OxCAR1zFmBhh1iZnfBwxqqk82aM6sH3KVsol
FwI+/wTNwckPc4rjFEn9yX7JLZm2lK1PWxlw6sXIhQ3D+xElUq5WNub/NvS60WXN
sbAR+2shZXcHUisjVXDeO7rVf31m5oEXqQRd2gMpDrDJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:25 2025 by rpki-client on console.sobornost.net