Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/k-Hv5Avloy-7_yTlO8SDAhMoc5M.roa
File: k-Hv5Avloy-7_yTlO8SDAhMoc5M.roa (raw, json)
Hash identifier: iZ+5NIkdY2s7fnzuUEQnr4gkvl0QbM0xPICQPGddznM=
Subject key identifier: 93:E1:EF:E4:0B:E5:A3:2F:BB:FF:24:E5:3B:C4:83:02:13:28:73:93
Certificate issuer: /CN=1820f13139161384eaf13a1f7db60e2c68a43956
Certificate serial: 019425216C04AA6A6E03F11B80046C304C1C
Authority key identifier: 18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/k-Hv5Avloy-7_yTlO8SDAhMoc5M.roa
Signing time: Thu 02 Jan 2025 03:48:54 +0000
ROA not before: Thu 02 Jan 2025 03:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35433
IP address blocks: 84.18.224.0/19 maxlen: 24
85.208.12.0/22 maxlen: 24
91.193.8.0/22 maxlen: 22
2a09:8040::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6c:04:aa:6a:6e:03:f1:1b:80:04:6c:30:4c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1820f13139161384eaf13a1f7db60e2c68a43956
Validity
Not Before: Jan 2 03:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93e1efe40be5a32fbbff24e53bc4830213287393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f7:1f:d6:1c:4d:b4:6f:53:19:d2:3d:64:78:
b4:a5:c0:1b:45:94:f5:c6:8c:24:03:38:c5:d5:0f:
76:da:cb:c9:a4:95:67:f2:0a:e7:0c:15:1e:b3:c9:
53:3f:af:eb:a4:e4:2b:82:5d:9d:30:ac:8f:8f:5d:
9a:c4:30:7e:44:71:f1:10:af:5f:3a:48:29:52:93:
98:02:03:ca:56:04:c7:26:5d:14:2f:0d:1c:39:eb:
ca:6a:e7:51:a7:f9:c6:b3:10:18:b0:ee:2a:16:03:
cc:f2:c2:7e:8f:a8:5a:59:76:56:9c:86:57:ac:d3:
b5:7c:82:a0:97:40:86:0a:2c:c3:1b:a0:07:82:16:
05:82:ee:8a:7e:77:cf:d5:1b:24:e9:77:3c:35:55:
6c:17:39:c8:80:35:a2:86:ed:90:df:12:58:2d:85:
6a:4a:30:ff:04:51:81:7a:12:32:43:56:a7:38:47:
77:e4:27:24:c6:a6:e9:22:eb:01:61:cf:48:78:61:
0e:a8:04:ec:20:6b:ce:e1:d6:d7:aa:c5:89:14:30:
84:b3:41:bc:d3:c3:2f:78:c8:14:38:c8:7f:19:dc:
35:48:6c:80:f3:1d:3c:42:13:93:ca:e0:3d:5a:ed:
79:e1:48:26:93:6a:17:d3:1f:6f:67:8b:9e:32:44:
6d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E1:EF:E4:0B:E5:A3:2F:BB:FF:24:E5:3B:C4:83:02:13:28:73:93
X509v3 Authority Key Identifier:
keyid:18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/k-Hv5Avloy-7_yTlO8SDAhMoc5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/GCDxMTkWE4Tq8ToffbYOLGikOVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.224.0/19
85.208.12.0/22
91.193.8.0/22
IPv6:
2a09:8040::/29
Signature Algorithm: sha256WithRSAEncryption
95:8f:03:e7:9d:33:87:5e:ca:29:d2:40:11:1b:b3:4f:00:a6:
4f:01:72:58:75:91:a7:cd:89:8e:c0:1e:36:1a:88:ba:05:84:
ac:b8:d2:1a:d1:90:d2:64:d0:ed:2f:c4:61:92:9f:15:5b:1b:
d9:eb:37:3d:37:eb:80:59:d6:fe:16:71:0e:e5:91:95:5c:4f:
9b:0b:64:a5:bf:ce:18:47:e5:18:3b:41:91:3a:18:cb:b3:d2:
42:61:61:55:fb:2a:be:68:64:1e:a0:10:64:32:87:99:e5:ed:
32:fd:02:43:61:86:71:7f:16:fe:60:42:c6:e2:ec:43:46:79:
0d:20:7f:70:ad:79:72:f3:25:15:e4:cc:3c:69:2d:e8:cb:af:
1e:27:6e:17:6e:08:dd:3f:5d:5a:08:ac:64:e3:ed:88:38:9b:
87:81:d0:eb:6c:dc:a2:b2:f5:7c:46:53:67:ee:04:91:20:4f:
c3:77:73:af:95:cb:3d:49:7f:4b:38:70:c3:c3:ff:7a:52:14:
d5:b5:10:09:a7:f3:20:de:c6:7a:aa:43:7a:c6:c8:22:20:6d:
68:49:f5:cf:31:82:1d:68:9d:72:55:99:52:b0:47:24:be:d7:
4e:42:76:d6:4b:de:72:0b:8f:1c:4b:59:ee:bc:2c:0e:a2:e6:
00:59:4a:0d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlIWwEqmpuA/EbgARsMEwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MjBmMTMxMzkxNjEzODRlYWYxM2ExZjdkYjYwZTJjNjhh
NDM5NTYwHhcNMjUwMTAyMDM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2UxZWZlNDBiZTVhMzJmYmJmZjI0ZTUzYmM0ODMwMjEzMjg3MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/cf1hxNtG9TGdI9ZHi0pcAbRZT1
xowkAzjF1Q922svJpJVn8grnDBUes8lTP6/rpOQrgl2dMKyPj12axDB+RHHxEK9f
OkgpUpOYAgPKVgTHJl0ULw0cOevKaudRp/nGsxAYsO4qFgPM8sJ+j6haWXZWnIZX
rNO1fIKgl0CGCizDG6AHghYFgu6KfnfP1Rsk6Xc8NVVsFznIgDWihu2Q3xJYLYVq
SjD/BFGBehIyQ1anOEd35CckxqbpIusBYc9IeGEOqATsIGvO4dbXqsWJFDCEs0G8
08MveMgUOMh/Gdw1SGyA8x08QhOTyuA9Wu154Ugmk2oX0x9vZ4ueMkRtBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJPh7+QL5aMvu/8k5TvEgwITKHOTMB8GA1UdIwQY
MBaAFBgg8TE5FhOE6vE6H322DixopDlWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjct
MzY3ZGMzODUyNjFhLzEvay1IdjVBdmxveS03X3lUbE84U0RBaE1vYzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjctMzY3ZGMzODUyNjFh
LzEvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVBLgAwQC
VdAMAwQCW8EIMA0EAgACMAcDBQMqCYBAMA0GCSqGSIb3DQEBCwUAA4IBAQCVjwPn
nTOHXsop0kARG7NPAKZPAXJYdZGnzYmOwB42Goi6BYSsuNIa0ZDSZNDtL8Rhkp8V
WxvZ6zc9N+uAWdb+FnEO5ZGVXE+bC2Slv84YR+UYO0GROhjLs9JCYWFV+yq+aGQe
oBBkMoeZ5e0y/QJDYYZxfxb+YELG4uxDRnkNIH9wrXly8yUV5Mw8aS3oy68eJ24X
bgjdP11aCKxk4+2IOJuHgdDrbNyisvV8RlNn7gSRIE/Dd3Ovlcs9SX9LOHDDw/96
UhTVtRAJp/Mg3sZ6qkN6xsgiIG1oSfXPMYIdaJ1yVZlSsEckvtdOQnbWS95yC48c
S1nuvCwOouYAWUoN
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:34 2025 by rpki-client on console.sobornost.net