Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/H1OMOC2BAR_5642Cu7ZwMViudi8.roa
File: H1OMOC2BAR_5642Cu7ZwMViudi8.roa (raw, json)
Hash identifier: XWP0BQbCva9Xp/f//R3LpuOJ9bWFeCg7RqrDman+FAE=
Subject key identifier: 1F:53:8C:38:2D:81:01:1F:F9:EB:8D:82:BB:B6:70:31:58:AE:76:2F
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 01942521C9EEDB7CA444963B12FC4168B555
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/H1OMOC2BAR_5642Cu7ZwMViudi8.roa
Signing time: Thu 02 Jan 2025 03:49:18 +0000
ROA not before: Thu 02 Jan 2025 03:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35699
IP address blocks: 185.77.158.0/24 maxlen: 24
185.86.9.0/24 maxlen: 24
185.158.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c9:ee:db:7c:a4:44:96:3b:12:fc:41:68:b5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: Jan 2 03:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f538c382d81011ff9eb8d82bbb6703158ae762f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c8:4a:5e:20:6d:04:7d:da:f9:75:0a:54:e4:
a7:63:ed:f3:0e:6e:f2:a5:16:4d:28:a7:c7:65:42:
bd:19:fe:58:e1:44:7b:fa:58:ce:54:d0:14:e1:1c:
c7:8a:c9:e3:33:d1:a2:cb:1b:94:6f:f8:d9:bd:0c:
70:f0:9e:14:41:27:a4:17:07:4a:a7:80:62:a3:b8:
ee:88:72:8b:23:43:be:eb:a4:74:4a:2e:d4:e8:2d:
6a:f5:31:9a:93:b1:c4:84:c3:5d:50:44:a4:99:6e:
d5:6b:29:5d:64:d9:f5:a2:e3:77:65:9b:c8:c4:9a:
e4:2f:7a:65:84:47:7b:86:14:c4:fe:8c:e5:3a:3f:
1e:30:4a:55:26:26:19:16:2f:eb:e3:4e:8f:7f:53:
e7:dc:b9:b3:bb:a7:63:c6:65:76:91:c7:e2:8d:f7:
db:f2:92:f0:fd:cc:35:9b:66:b6:c3:e7:6d:cd:95:
76:8c:25:4b:14:94:05:03:fa:f4:85:3c:32:74:18:
87:77:fa:85:f3:7c:0a:13:e6:7a:10:42:10:d7:e5:
71:ff:f2:9d:91:0b:78:2c:ed:14:c2:a5:c2:c5:5f:
d1:81:5c:b7:b6:b9:cc:30:13:ac:78:0f:a0:30:5f:
b2:3f:3f:94:bd:ca:74:9b:c1:91:46:da:b7:d1:50:
f1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:53:8C:38:2D:81:01:1F:F9:EB:8D:82:BB:B6:70:31:58:AE:76:2F
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/H1OMOC2BAR_5642Cu7ZwMViudi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.158.0/24
185.86.9.0/24
185.158.170.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:09:9f:22:40:57:26:88:d3:d0:89:a4:6f:a8:31:fd:f9:3b:
6d:a6:01:23:b3:10:57:7a:43:6a:f0:29:7c:8d:34:4c:29:49:
05:a5:4c:44:c3:12:2b:42:f5:15:b0:30:47:e4:37:1d:af:46:
20:05:1a:db:07:f6:5f:81:2c:02:8b:4b:03:97:86:eb:ca:61:
5b:ef:9a:98:5e:b4:db:35:b8:28:e2:5b:0b:02:66:ea:c7:c7:
41:0e:77:cd:08:1b:cd:81:e5:20:f0:61:46:27:9e:22:f0:44:
40:e0:94:d7:ef:a0:e8:ef:d6:10:f2:af:91:64:45:b4:0c:5a:
85:3e:52:f8:72:4d:61:58:4f:9c:d0:d9:69:1d:44:6c:85:ae:
3f:5e:80:9f:53:32:05:f0:cb:1b:ab:65:ed:e9:42:91:5e:89:
40:69:52:85:55:ef:7a:0b:1b:7b:bd:8a:98:3a:df:f7:5c:d6:
66:db:46:75:97:05:fb:77:67:7c:39:23:02:bb:aa:36:7a:c1:
a8:53:0b:09:32:16:e7:d9:c1:b5:fe:9c:ba:02:6f:90:8a:9b:
38:18:99:99:1f:ff:3a:84:bc:7d:cc:52:91:cc:fd:79:78:1d:
dd:2f:68:28:90:7a:1d:bc:b3:90:ff:60:5a:0b:12:55:6f:43:
a9:53:44:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIcnu23ykRJY7EvxBaLVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk
ZmUyYTIwHhcNMjUwMTAyMDM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjUzOGMzODJkODEwMTFmZjllYjhkODJiYmI2NzAzMTU4YWU3NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48hKXiBtBH3a+XUKVOSnY+3zDm7y
pRZNKKfHZUK9Gf5Y4UR7+ljOVNAU4RzHisnjM9GiyxuUb/jZvQxw8J4UQSekFwdK
p4Bio7juiHKLI0O+66R0Si7U6C1q9TGak7HEhMNdUESkmW7VayldZNn1ouN3ZZvI
xJrkL3plhEd7hhTE/ozlOj8eMEpVJiYZFi/r406Pf1Pn3Lmzu6djxmV2kcfijffb
8pLw/cw1m2a2w+dtzZV2jCVLFJQFA/r0hTwydBiHd/qF83wKE+Z6EEIQ1+Vx//Kd
kQt4LO0UwqXCxV/RgVy3trnMMBOseA+gMF+yPz+Uvcp0m8GRRtq30VDx2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB9TjDgtgQEf+euNgru2cDFYrnYvMB8GA1UdIwQY
MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt
ZjQ3NGY3YmQzNTMxLzEvSDFPTU9DMkJBUl81NjQyQ3U3WndNVml1ZGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx
LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuU2eAwQA
uVYJAwQAuZ6qMA0GCSqGSIb3DQEBCwUAA4IBAQB8CZ8iQFcmiNPQiaRvqDH9+Ttt
pgEjsxBXekNq8Cl8jTRMKUkFpUxEwxIrQvUVsDBH5Dcdr0YgBRrbB/ZfgSwCi0sD
l4brymFb75qYXrTbNbgo4lsLAmbqx8dBDnfNCBvNgeUg8GFGJ54i8ERA4JTX76Do
79YQ8q+RZEW0DFqFPlL4ck1hWE+c0NlpHURsha4/XoCfUzIF8Msbq2Xt6UKRXolA
aVKFVe96Cxt7vYqYOt/3XNZm20Z1lwX7d2d8OSMCu6o2esGoUwsJMhbn2cG1/py6
Am+Qips4GJmZH/86hLx9zFKRzP15eB3dL2gokHodvLOQ/2BaCxJVb0OpU0Re
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:44 2025 by rpki-client on console.sobornost.net