Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/c1c11c-2161-4afc-97a5-3f1a7c4f51b5/1/H1tYgXLLWfPNRsiraZOWsc2ElvQ.roa
File: H1tYgXLLWfPNRsiraZOWsc2ElvQ.roa (raw, json)
Hash identifier: EmbP4jLbfudtKgGtKdZDrQ0gORWApQpD2bI92szlr5c=
Subject key identifier: 1F:5B:58:81:72:CB:59:F3:CD:46:C8:AB:69:93:96:B1:CD:84:96:F4
Certificate issuer: /CN=a19b2d70233e0e5bdef6dbfbda91886d27b6a5ae
Certificate serial: 0195C2FB155F2E24B5C4CDEE7918A0655BC9
Authority key identifier: A1:9B:2D:70:23:3E:0E:5B:DE:F6:DB:FB:DA:91:88:6D:27:B6:A5:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oZstcCM-Dlve9tv72pGIbSe2pa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/c1c11c-2161-4afc-97a5-3f1a7c4f51b5/1/H1tYgXLLWfPNRsiraZOWsc2ElvQ.roa
Signing time: Sun 23 Mar 2025 12:29:49 +0000
ROA not before: Sun 23 Mar 2025 12:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199563
IP address blocks: 185.174.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c2:fb:15:5f:2e:24:b5:c4:cd:ee:79:18:a0:65:5b:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a19b2d70233e0e5bdef6dbfbda91886d27b6a5ae
Validity
Not Before: Mar 23 12:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f5b588172cb59f3cd46c8ab699396b1cd8496f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4a:6b:88:6c:0c:de:64:ab:fa:79:61:b5:52:
44:dd:0f:21:87:3a:eb:dd:c0:38:96:81:19:8e:61:
ce:7c:de:ed:98:4b:f2:41:14:9b:66:a9:0b:e2:9a:
bb:a7:b4:e3:a1:71:c4:6d:6b:1f:33:a0:a3:9f:05:
b1:be:cb:ff:77:1b:cf:e1:0f:7e:9d:2b:22:4d:a1:
5a:56:e3:aa:f2:56:15:a2:0e:1f:60:36:49:d8:50:
9e:6b:71:c4:a2:cd:6b:22:47:c7:d4:e2:ec:53:7b:
d1:0b:30:fa:bb:48:77:52:dd:4e:42:bd:91:92:27:
44:74:cd:96:32:8d:fc:60:46:24:90:80:69:eb:f0:
91:05:72:d0:cc:d2:ea:c1:f9:b9:f6:d8:84:2b:eb:
fd:c5:df:e7:64:aa:20:2c:72:58:92:a4:ad:66:d9:
9c:db:a2:fa:fc:d8:b2:fe:92:87:23:ea:85:a3:0e:
46:20:c8:94:8e:c9:b7:35:31:15:d1:63:d6:87:b1:
ee:c1:fb:9e:2a:8e:d0:81:6d:2b:9e:37:fa:85:77:
ca:a1:ec:f1:9a:8f:2a:d2:21:01:9e:bd:2b:2f:aa:
f9:4d:3b:d8:11:fd:d7:2d:0e:27:84:40:ef:aa:c2:
e7:ce:09:58:2b:fe:86:4b:5d:02:75:c4:e4:bf:6e:
c7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5B:58:81:72:CB:59:F3:CD:46:C8:AB:69:93:96:B1:CD:84:96:F4
X509v3 Authority Key Identifier:
keyid:A1:9B:2D:70:23:3E:0E:5B:DE:F6:DB:FB:DA:91:88:6D:27:B6:A5:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oZstcCM-Dlve9tv72pGIbSe2pa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/c1c11c-2161-4afc-97a5-3f1a7c4f51b5/1/H1tYgXLLWfPNRsiraZOWsc2ElvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/c1c11c-2161-4afc-97a5-3f1a7c4f51b5/1/oZstcCM-Dlve9tv72pGIbSe2pa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.107.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e1:ff:73:e9:f8:12:4b:8f:34:fd:42:4d:07:22:00:6a:5b:
93:29:a9:6d:ab:30:17:d3:f7:6e:e4:e9:03:ee:5f:b2:a7:6c:
65:bf:70:77:bc:e7:3c:38:5e:93:48:d0:41:d2:83:ba:81:a3:
9d:57:c5:c3:1e:74:d3:03:7c:a8:73:7f:71:5a:55:48:bf:36:
af:f2:d0:64:cb:5d:1a:8a:fa:41:a2:72:b5:0d:b8:32:5f:d7:
38:39:22:88:a7:2f:75:54:87:48:a9:b7:c6:7d:4b:16:94:6e:
0b:58:01:58:6c:6d:fd:aa:d5:db:d5:fa:3b:f8:92:32:44:aa:
85:cc:74:bb:33:99:3a:5b:79:f9:26:48:5d:06:ba:15:ba:11:
3f:5d:99:a8:9d:1e:b6:a8:81:77:b6:63:45:ff:83:76:a5:98:
8e:85:cd:68:94:82:25:35:f3:f6:41:55:a5:cd:ab:53:25:b1:
92:52:1a:6f:56:83:e8:d6:41:ed:95:66:20:a0:f6:a6:85:f2:
6e:c1:a5:6d:4e:27:99:e8:06:d1:99:7f:b3:b3:b9:2b:50:98:
38:66:64:d5:dd:6b:9d:d2:7d:e5:c4:2d:b1:18:7a:10:17:24:
f2:77:d4:0f:a0:45:b3:cc:39:4a:c2:39:fe:be:11:12:04:50:
58:11:99:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXC+xVfLiS1xM3ueRigZVvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExOWIyZDcwMjMzZTBlNWJkZWY2ZGJmYmRhOTE4ODZkMjdi
NmE1YWUwHhcNMjUwMzIzMTIyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjViNTg4MTcyY2I1OWYzY2Q0NmM4YWI2OTkzOTZiMWNkODQ5NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EpriGwM3mSr+nlhtVJE3Q8hhzrr
3cA4loEZjmHOfN7tmEvyQRSbZqkL4pq7p7TjoXHEbWsfM6CjnwWxvsv/dxvP4Q9+
nSsiTaFaVuOq8lYVog4fYDZJ2FCea3HEos1rIkfH1OLsU3vRCzD6u0h3Ut1OQr2R
kidEdM2WMo38YEYkkIBp6/CRBXLQzNLqwfm59tiEK+v9xd/nZKogLHJYkqStZtmc
26L6/Niy/pKHI+qFow5GIMiUjsm3NTEV0WPWh7HuwfueKo7QgW0rnjf6hXfKoezx
mo8q0iEBnr0rL6r5TTvYEf3XLQ4nhEDvqsLnzglYK/6GS10CdcTkv27H5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9bWIFyy1nzzUbIq2mTlrHNhJb0MB8GA1UdIwQY
MBaAFKGbLXAjPg5b3vbb+9qRiG0ntqWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1pzdGNDTS1EbHZlOXR2NzJwR0liU2UycGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jMWMxMWMtMjE2MS00YWZjLTk3YTUt
M2YxYTdjNGY1MWI1LzEvSDF0WWdYTExXZlBOUnNpcmFaT1dzYzJFbHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jMWMxMWMtMjE2MS00YWZjLTk3YTUtM2YxYTdjNGY1MWI1
LzEvb1pzdGNDTS1EbHZlOXR2NzJwR0liU2UycGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua5rMA0G
CSqGSIb3DQEBCwUAA4IBAQBC4f9z6fgSS480/UJNByIAaluTKaltqzAX0/du5OkD
7l+yp2xlv3B3vOc8OF6TSNBB0oO6gaOdV8XDHnTTA3yoc39xWlVIvzav8tBky10a
ivpBonK1DbgyX9c4OSKIpy91VIdIqbfGfUsWlG4LWAFYbG39qtXb1fo7+JIyRKqF
zHS7M5k6W3n5JkhdBroVuhE/XZmonR62qIF3tmNF/4N2pZiOhc1olIIlNfP2QVWl
zatTJbGSUhpvVoPo1kHtlWYgoPamhfJuwaVtTieZ6AbRmX+zs7krUJg4ZmTV3Wud
0n3lxC2xGHoQFyTyd9QPoEWzzDlKwjn+vhESBFBYEZm2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:33 2025 by rpki-client on console.sobornost.net