Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/H6IzZrx8byO3caIkcY49jLe8s6I.roa
File: H6IzZrx8byO3caIkcY49jLe8s6I.roa (raw, json)
Hash identifier: aD1h/fBmUnkEqmwINWb3tP7Y404DXB5JUPfFMk9OdX0=
Subject key identifier: 1F:A2:33:66:BC:7C:6F:23:B7:71:A2:24:71:8E:3D:8C:B7:BC:B3:A2
Certificate issuer: /CN=b8d14227473e4b75c877274cf6c050f25c57721f
Certificate serial: 019426D93EC27AF69826A89DD1B6AC75C777
Authority key identifier: B8:D1:42:27:47:3E:4B:75:C8:77:27:4C:F6:C0:50:F2:5C:57:72:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNFCJ0c-S3XIdydM9sBQ8lxXch8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/H6IzZrx8byO3caIkcY49jLe8s6I.roa
Signing time: Thu 02 Jan 2025 11:49:19 +0000
ROA not before: Thu 02 Jan 2025 11:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60481
IP address blocks: 185.78.40.0/22 maxlen: 22
2001:67c:173c::/48 maxlen: 48
2a03:57e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:3e:c2:7a:f6:98:26:a8:9d:d1:b6:ac:75:c7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8d14227473e4b75c877274cf6c050f25c57721f
Validity
Not Before: Jan 2 11:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fa23366bc7c6f23b771a224718e3d8cb7bcb3a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5b:f1:08:d4:85:93:9f:7f:b6:65:03:13:6e:
c3:0c:a4:06:ad:a1:6a:32:8c:10:03:db:04:3b:72:
3d:14:ef:b8:ac:c8:b2:94:d1:30:47:75:6b:3a:27:
88:6b:d1:6a:2b:f4:8a:0c:03:a5:87:13:5c:be:86:
9e:f0:96:c7:13:04:00:7c:0e:ec:87:30:5c:9a:3d:
cb:29:ad:be:2f:61:96:3d:1c:7d:9a:1b:40:6b:41:
c7:fd:de:2e:b7:e6:fe:0b:d1:17:a2:53:59:e6:eb:
d3:44:f7:27:9d:ba:91:c0:53:97:21:81:3b:77:11:
f4:6f:50:a3:27:f4:e6:f2:99:0a:89:57:a6:5c:4f:
6a:07:08:2e:e3:2b:34:d8:6a:b7:cd:f9:f1:3a:22:
e9:7a:dd:7b:cf:56:d3:a0:f2:e5:46:31:e7:70:f0:
8b:89:d3:fd:5d:29:9e:5a:18:64:68:95:7e:89:18:
19:45:88:24:0a:22:eb:ce:6c:51:6c:a4:d4:c4:e2:
8c:da:18:7b:a6:45:f1:e7:7b:f1:3c:e1:1d:88:35:
f9:9d:30:1c:d6:fb:ec:a0:c8:b8:b8:20:c2:c8:09:
ff:bd:ec:a7:8d:88:5a:a3:f4:0c:4e:10:21:3d:a1:
12:f6:85:b0:c7:2b:d1:df:29:be:19:1f:34:80:1b:
f8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A2:33:66:BC:7C:6F:23:B7:71:A2:24:71:8E:3D:8C:B7:BC:B3:A2
X509v3 Authority Key Identifier:
keyid:B8:D1:42:27:47:3E:4B:75:C8:77:27:4C:F6:C0:50:F2:5C:57:72:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNFCJ0c-S3XIdydM9sBQ8lxXch8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/H6IzZrx8byO3caIkcY49jLe8s6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/uNFCJ0c-S3XIdydM9sBQ8lxXch8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.40.0/22
IPv6:
2001:67c:173c::/48
2a03:57e0::/32
Signature Algorithm: sha256WithRSAEncryption
56:5a:e3:42:a2:f9:9b:a2:7c:10:bf:4f:26:94:d1:ee:ef:f8:
69:e5:47:7f:77:83:b8:11:bd:b5:ae:67:8e:48:a2:19:05:4f:
84:c8:53:2d:d5:a6:90:57:b4:0b:98:b7:40:ab:68:3b:a9:a2:
ca:af:12:47:5a:db:11:ac:09:dc:e0:0d:99:67:24:a5:45:09:
89:5c:93:1d:6a:5b:92:d8:38:92:7b:5b:2b:20:b1:16:26:7e:
6e:c5:1b:4b:e0:61:14:1a:b9:e6:52:38:38:cc:c6:dd:53:73:
a5:73:dc:2f:8c:62:89:21:07:a6:18:10:23:e5:db:69:af:68:
81:13:43:21:44:4a:be:a3:a6:70:b5:a1:ae:d8:d9:c5:65:7e:
c0:49:96:5f:ca:c5:fa:94:0f:1b:74:f0:c1:5b:16:61:ed:f6:
ce:f6:6f:9f:39:fa:a7:3e:51:cb:e8:3f:ed:f7:a9:b5:dd:59:
56:db:71:01:75:8c:ae:46:5b:89:e7:f5:00:39:4e:fe:2b:5e:
d2:93:89:82:17:7a:18:19:98:ac:b7:a4:4b:5f:e9:6c:01:30:
86:17:c6:eb:97:01:90:a3:80:3c:23:3d:ed:b5:10:25:70:2a:
32:76:7f:97:92:7b:1d:12:6b:94:08:d6:b9:d1:66:0f:43:fb:
9b:3e:fa:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQm2T7CevaYJqid0basdcd3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDE0MjI3NDczZTRiNzVjODc3Mjc0Y2Y2YzA1MGYyNWM1
NzcyMWYwHhcNMjUwMTAyMTE0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmEyMzM2NmJjN2M2ZjIzYjc3MWEyMjQ3MThlM2Q4Y2I3YmNiM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11vxCNSFk59/tmUDE27DDKQGraFq
MowQA9sEO3I9FO+4rMiylNEwR3VrOieIa9FqK/SKDAOlhxNcvoae8JbHEwQAfA7s
hzBcmj3LKa2+L2GWPRx9mhtAa0HH/d4ut+b+C9EXolNZ5uvTRPcnnbqRwFOXIYE7
dxH0b1CjJ/Tm8pkKiVemXE9qBwgu4ys02Gq3zfnxOiLpet17z1bToPLlRjHncPCL
idP9XSmeWhhkaJV+iRgZRYgkCiLrzmxRbKTUxOKM2hh7pkXx53vxPOEdiDX5nTAc
1vvsoMi4uCDCyAn/veynjYhao/QMThAhPaES9oWwxyvR3ym+GR80gBv4rwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB+iM2a8fG8jt3GiJHGOPYy3vLOiMB8GA1UdIwQY
MBaAFLjRQidHPkt1yHcnTPbAUPJcV3IfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5GQ0owYy1TM1hJZHlkTTlzQlE4bHhYY2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNzRiODAtNDBlYS00ZTM0LWI1MGQt
MTE0ZmFjZTFhNTcxLzEvSDZJelpyeDhieU8zY2FJa2NZNDlqTGU4czZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNzRiODAtNDBlYS00ZTM0LWI1MGQtMTE0ZmFjZTFhNTcx
LzEvdU5GQ0owYy1TM1hJZHlkTTlzQlE4bHhYY2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuU4oMBYE
AgACMBADBwAgAQZ8FzwDBQAqA1fgMA0GCSqGSIb3DQEBCwUAA4IBAQBWWuNCovmb
onwQv08mlNHu7/hp5Ud/d4O4Eb21rmeOSKIZBU+EyFMt1aaQV7QLmLdAq2g7qaLK
rxJHWtsRrAnc4A2ZZySlRQmJXJMdaluS2DiSe1srILEWJn5uxRtL4GEUGrnmUjg4
zMbdU3Olc9wvjGKJIQemGBAj5dtpr2iBE0MhREq+o6ZwtaGu2NnFZX7ASZZfysX6
lA8bdPDBWxZh7fbO9m+fOfqnPlHL6D/t96m13VlW23EBdYyuRluJ5/UAOU7+K17S
k4mCF3oYGZist6RLX+lsATCGF8brlwGQo4A8Iz3ttRAlcCoydn+XknsdEmuUCNa5
0WYPQ/ubPvrb
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net