Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/hvBR5Lh2V5nBCkDL4kLbjgOv4x4.roa
File: hvBR5Lh2V5nBCkDL4kLbjgOv4x4.roa (raw, json)
Hash identifier: roHQdZzbDc98BWIijFr4uNTSgf0x5DY16Sjtlk2cSOs=
Subject key identifier: 86:F0:51:E4:B8:76:57:99:C1:0A:40:CB:E2:42:DB:8E:03:AF:E3:1E
Certificate issuer: /CN=f3c86ea2995e934b65041911cb9eb65872c2289f
Certificate serial: 019425214FB6CE46A33073B18D0EB3E5A94D
Authority key identifier: F3:C8:6E:A2:99:5E:93:4B:65:04:19:11:CB:9E:B6:58:72:C2:28:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88huoplek0tlBBkRy562WHLCKJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/hvBR5Lh2V5nBCkDL4kLbjgOv4x4.roa
Signing time: Thu 02 Jan 2025 03:48:47 +0000
ROA not before: Thu 02 Jan 2025 03:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213063
IP address blocks: 94.142.176.0/22 maxlen: 24
185.159.144.0/22 maxlen: 24
185.226.165.0/24 maxlen: 24
2a0d:e200::/29 maxlen: 29
2a0f:d540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:4f:b6:ce:46:a3:30:73:b1:8d:0e:b3:e5:a9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3c86ea2995e934b65041911cb9eb65872c2289f
Validity
Not Before: Jan 2 03:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86f051e4b8765799c10a40cbe242db8e03afe31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:80:55:b4:de:c2:e5:d4:ec:87:3b:44:3b:4d:
aa:b2:fa:c5:92:a4:36:43:ad:fb:12:d0:ff:7f:7a:
88:5d:49:90:6b:2d:90:5d:e4:4d:87:ba:6f:11:ba:
8f:80:9c:87:e9:29:b2:73:a8:ea:57:c1:bc:fd:56:
b0:41:83:75:5f:0b:c0:eb:47:f3:57:4f:d3:b0:e7:
03:e9:14:48:16:cf:6a:d5:d1:e5:8e:f4:b3:33:40:
ef:7b:7f:4a:23:8b:7e:26:27:3f:60:5d:e3:d4:68:
0d:04:0f:e1:f8:c5:f8:ce:43:e7:bc:c1:1f:6c:12:
f2:1f:65:b3:e6:d4:f3:a6:fc:86:07:c8:0b:72:3c:
6c:10:59:75:81:83:3f:83:df:02:89:fb:d4:5a:ff:
3a:a6:75:ca:d7:fd:fa:71:7c:ef:80:7c:24:e5:26:
48:d5:0e:c3:d1:0e:d9:5b:c5:df:5a:8b:88:80:43:
f8:7f:4d:29:74:10:48:8f:43:eb:d8:95:7e:2f:0d:
1d:8a:3d:3d:38:59:25:c1:9f:73:a1:17:13:c4:fd:
4b:dd:65:5c:08:35:13:ce:3a:3c:f7:4a:39:da:08:
cc:d1:4c:4e:f3:76:34:3a:7d:36:de:45:8c:57:97:
fc:36:a4:fb:e1:77:07:c2:b2:ac:43:fb:f3:b2:0d:
4f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F0:51:E4:B8:76:57:99:C1:0A:40:CB:E2:42:DB:8E:03:AF:E3:1E
X509v3 Authority Key Identifier:
keyid:F3:C8:6E:A2:99:5E:93:4B:65:04:19:11:CB:9E:B6:58:72:C2:28:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88huoplek0tlBBkRy562WHLCKJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/hvBR5Lh2V5nBCkDL4kLbjgOv4x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/88huoplek0tlBBkRy562WHLCKJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.176.0/22
185.159.144.0/22
185.226.165.0/24
IPv6:
2a0d:e200::/29
2a0f:d540::/29
Signature Algorithm: sha256WithRSAEncryption
31:77:67:e8:37:38:87:ff:48:12:1e:65:e3:9a:52:55:48:89:
ac:c3:5d:4e:25:4b:04:e8:a9:31:e8:92:45:85:26:22:0e:6e:
23:a9:f1:78:21:b8:dc:48:fe:65:de:9f:9c:25:a6:51:27:d6:
40:ba:96:2b:2c:60:44:ee:5c:b5:00:7e:8e:4e:50:f7:c1:c2:
ba:8a:cc:79:c5:38:53:5d:d1:6a:61:d8:63:e1:b6:00:18:e2:
85:3e:bd:ec:5e:86:0a:2d:12:3a:e0:84:83:08:6f:98:5c:15:
1e:d8:10:d4:ab:ab:e3:28:4d:ff:7d:33:30:53:55:a5:08:27:
52:9a:d5:ac:42:8e:77:6f:7c:e2:00:3a:f2:7f:76:d9:0c:06:
e9:d0:96:44:87:48:0c:d3:71:1e:26:98:ed:ad:60:be:15:7c:
92:27:32:b0:8f:d8:86:bf:85:fd:1e:51:93:47:48:95:f0:ec:
5b:d7:1d:b7:ec:44:3f:b6:90:1f:10:e7:15:22:40:c0:9f:b8:
32:0b:88:15:21:6a:4e:fd:cd:9e:81:36:38:1b:8c:24:72:42:
56:11:37:f5:a8:77:a2:52:ac:73:5a:ee:14:93:b2:19:e3:03:
d6:b5:43:5b:c5:ef:d8:ae:a4:f9:b1:a6:54:27:35:59:b1:2a:
c4:43:45:71
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQlIU+2zkajMHOxjQ6z5alNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYzg2ZWEyOTk1ZTkzNGI2NTA0MTkxMWNiOWViNjU4NzJj
MjI4OWYwHhcNMjUwMTAyMDM0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYwNTFlNGI4NzY1Nzk5YzEwYTQwY2JlMjQyZGI4ZTAzYWZlMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74BVtN7C5dTshztEO02qsvrFkqQ2
Q637EtD/f3qIXUmQay2QXeRNh7pvEbqPgJyH6Smyc6jqV8G8/VawQYN1XwvA60fz
V0/TsOcD6RRIFs9q1dHljvSzM0Dve39KI4t+Jic/YF3j1GgNBA/h+MX4zkPnvMEf
bBLyH2Wz5tTzpvyGB8gLcjxsEFl1gYM/g98CifvUWv86pnXK1/36cXzvgHwk5SZI
1Q7D0Q7ZW8XfWouIgEP4f00pdBBIj0Pr2JV+Lw0dij09OFklwZ9zoRcTxP1L3WVc
CDUTzjo890o52gjM0UxO83Y0On023kWMV5f8NqT74XcHwrKsQ/vzsg1PbwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIbwUeS4dleZwQpAy+JC244Dr+MeMB8GA1UdIwQY
MBaAFPPIbqKZXpNLZQQZEcuetlhywiifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhodW9wbGVrMHRsQkJrUnk1NjJXSExDS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNTU0YWEtZTRlZC00OTQ4LWI2ZmMt
YzYzNWQ4ZWVkNDQ3LzEvaHZCUjVMaDJWNW5CQ2tETDRrTGJqZ092NHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNTU0YWEtZTRlZC00OTQ4LWI2ZmMtYzYzNWQ4ZWVkNDQ3
LzEvODhodW9wbGVrMHRsQkJrUnk1NjJXSExDS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCXo6wAwQC
uZ+QAwQAueKlMBQEAgACMA4DBQMqDeIAAwUDKg/VQDANBgkqhkiG9w0BAQsFAAOC
AQEAMXdn6Dc4h/9IEh5l45pSVUiJrMNdTiVLBOipMeiSRYUmIg5uI6nxeCG43Ej+
Zd6fnCWmUSfWQLqWKyxgRO5ctQB+jk5Q98HCuorMecU4U13RamHYY+G2ABjihT69
7F6GCi0SOuCEgwhvmFwVHtgQ1Kur4yhN/30zMFNVpQgnUprVrEKOd2984gA68n92
2QwG6dCWRIdIDNNxHiaY7a1gvhV8kicysI/Yhr+F/R5Rk0dIlfDsW9cdt+xEP7aQ
HxDnFSJAwJ+4MguIFSFqTv3NnoE2OBuMJHJCVhE39ah3olKsc1ruFJOyGeMD1rVD
W8Xv2K6k+bGmVCc1WbEqxENFcQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:44 2025 by rpki-client on console.sobornost.net