Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/hyHlTiMwzWbl8Nf4H5xHNXAVBxY.roa
File: hyHlTiMwzWbl8Nf4H5xHNXAVBxY.roa (raw, json)
Hash identifier: HU5uH/M7qdwsXDoyu+UBXkrcHBCx6l/8Z2W4bZISR9A=
Subject key identifier: 87:21:E5:4E:23:30:CD:66:E5:F0:D7:F8:1F:9C:47:35:70:15:07:16
Certificate issuer: /CN=fc961dfc5f70bf1b76f05e44a74ed0293125e4be
Certificate serial: 01941FFA8EB6A4447A1B47E85FF9B3DFF5D5
Authority key identifier: FC:96:1D:FC:5F:70:BF:1B:76:F0:5E:44:A7:4E:D0:29:31:25:E4:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JYd_F9wvxt28F5Ep07QKTEl5L4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/hyHlTiMwzWbl8Nf4H5xHNXAVBxY.roa
Signing time: Wed 01 Jan 2025 03:48:21 +0000
ROA not before: Wed 01 Jan 2025 03:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28850
IP address blocks: 194.59.185.0/24 maxlen: 24
194.116.204.0/23 maxlen: 23
195.190.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:8e:b6:a4:44:7a:1b:47:e8:5f:f9:b3:df:f5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc961dfc5f70bf1b76f05e44a74ed0293125e4be
Validity
Not Before: Jan 1 03:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8721e54e2330cd66e5f0d7f81f9c473570150716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:23:d6:2f:03:65:1b:f9:27:a1:33:d2:a5:17:
8a:94:dc:98:37:fe:ea:ef:89:c7:2f:a2:ce:aa:91:
a3:dd:0c:5c:89:46:11:33:66:2c:43:a0:17:19:fd:
e5:f4:f6:e7:bd:63:20:1b:a7:7b:d9:87:e3:64:d1:
44:04:59:13:3d:b9:ca:26:8b:a4:eb:54:e8:3b:46:
15:d0:62:4e:f4:8a:62:9e:89:e4:b8:84:1c:e5:d3:
51:02:ac:d7:77:00:a8:40:39:e2:f5:d5:a5:0e:3e:
4d:e5:3d:6a:96:1d:34:1f:88:4d:8c:2d:b9:1b:d4:
31:1b:99:b9:b9:c4:f1:ef:2a:d0:69:9a:d0:94:48:
6a:97:a3:22:e5:b1:e4:53:60:a2:5c:d2:c7:61:15:
d4:aa:34:10:26:f1:99:45:86:b2:45:e8:61:c6:22:
58:f8:12:97:37:a6:06:85:6b:2f:45:27:7a:a3:35:
3a:df:76:8d:85:04:8a:fc:85:bf:4d:22:67:10:0c:
12:3d:41:47:85:d8:9e:b8:15:23:2c:92:88:fc:03:
89:a2:fa:2a:b0:a9:30:0f:fb:a9:60:9a:7f:78:ca:
d3:00:63:99:d5:88:d6:0c:5a:8c:c5:7e:8d:df:3e:
4e:eb:7e:56:aa:d4:9e:24:0e:24:c1:09:4e:fb:19:
26:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:21:E5:4E:23:30:CD:66:E5:F0:D7:F8:1F:9C:47:35:70:15:07:16
X509v3 Authority Key Identifier:
keyid:FC:96:1D:FC:5F:70:BF:1B:76:F0:5E:44:A7:4E:D0:29:31:25:E4:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JYd_F9wvxt28F5Ep07QKTEl5L4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/hyHlTiMwzWbl8Nf4H5xHNXAVBxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/_JYd_F9wvxt28F5Ep07QKTEl5L4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.185.0/24
194.116.204.0/23
195.190.158.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:89:d8:3a:eb:09:69:85:2a:51:74:71:c4:4e:20:c8:f7:96:
19:b7:d4:6f:ab:32:83:7a:bb:16:f9:ec:7b:b6:ce:03:4c:24:
20:07:88:f5:61:08:97:8f:66:50:ce:63:ad:65:26:16:23:36:
4f:2e:4c:af:2a:0e:aa:62:19:be:7a:70:80:0a:b7:80:80:4d:
0e:cf:62:d3:97:13:d9:0e:18:d6:4a:13:bc:b1:df:51:f1:83:
e3:73:6d:1f:64:ad:d4:d1:8a:14:28:fe:ae:61:f4:e5:83:f0:
05:59:1d:22:56:2e:a8:83:da:f2:8d:85:fc:02:00:ed:d6:e6:
00:11:d0:c1:a0:05:8d:9f:2e:ed:d4:ff:39:ce:1c:1a:26:17:
7b:7a:fb:40:15:ae:76:7f:6e:35:65:45:7c:f0:34:d3:00:5c:
67:7f:23:8d:0d:72:e4:4c:f6:06:c6:46:3c:0b:86:c8:e9:3c:
90:de:56:c2:39:ed:17:8c:a8:6a:93:b0:c2:4f:45:2a:33:11:
d0:45:16:cc:3c:e5:d0:59:36:b7:1d:3a:5f:dc:94:70:8d:41:
dd:5d:91:19:5d:db:15:2b:76:b5:75:90:cc:46:21:5f:fe:52:
05:1e:22:9d:d9:54:ae:a0:9b:56:ba:31:ce:fc:c7:63:7b:00:
39:e7:80:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+o62pER6G0foX/mz3/XVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTYxZGZjNWY3MGJmMWI3NmYwNWU0NGE3NGVkMDI5MzEy
NWU0YmUwHhcNMjUwMTAxMDM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzIxZTU0ZTIzMzBjZDY2ZTVmMGQ3ZjgxZjljNDczNTcwMTUwNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSPWLwNlG/knoTPSpReKlNyYN/7q
74nHL6LOqpGj3QxciUYRM2YsQ6AXGf3l9PbnvWMgG6d72YfjZNFEBFkTPbnKJouk
61ToO0YV0GJO9IpinonkuIQc5dNRAqzXdwCoQDni9dWlDj5N5T1qlh00H4hNjC25
G9QxG5m5ucTx7yrQaZrQlEhql6Mi5bHkU2CiXNLHYRXUqjQQJvGZRYayRehhxiJY
+BKXN6YGhWsvRSd6ozU633aNhQSK/IW/TSJnEAwSPUFHhdieuBUjLJKI/AOJovoq
sKkwD/upYJp/eMrTAGOZ1YjWDFqMxX6N3z5O635WqtSeJA4kwQlO+xkmjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIch5U4jMM1m5fDX+B+cRzVwFQcWMB8GA1UdIwQY
MBaAFPyWHfxfcL8bdvBeRKdO0CkxJeS+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pZZF9GOXd2eHQyOEY1RXAwN1FLVEVsNUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mZmU4Y2MtNzg1MS00MzJkLThjMDIt
NTAyOWQwYzk5OWI2LzEvaHlIbFRpTXd6V2JsOE5mNEg1eEhOWEFWQnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mZmU4Y2MtNzg1MS00MzJkLThjMDItNTAyOWQwYzk5OWI2
LzEvX0pZZF9GOXd2eHQyOEY1RXAwN1FLVEVsNUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwju5AwQB
wnTMAwQAw76eMA0GCSqGSIb3DQEBCwUAA4IBAQDZidg66wlphSpRdHHETiDI95YZ
t9RvqzKDersW+ex7ts4DTCQgB4j1YQiXj2ZQzmOtZSYWIzZPLkyvKg6qYhm+enCA
CreAgE0Oz2LTlxPZDhjWShO8sd9R8YPjc20fZK3U0YoUKP6uYfTlg/AFWR0iVi6o
g9ryjYX8AgDt1uYAEdDBoAWNny7t1P85zhwaJhd7evtAFa52f241ZUV88DTTAFxn
fyONDXLkTPYGxkY8C4bI6TyQ3lbCOe0XjKhqk7DCT0UqMxHQRRbMPOXQWTa3HTpf
3JRwjUHdXZEZXdsVK3a1dZDMRiFf/lIFHiKd2VSuoJtWujHO/MdjewA554Ax
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:44 2025 by rpki-client on console.sobornost.net