Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/993d38-2188-4a7b-bc37-a04762095ee6/1/hlby1xXJUtbaqPmELmi7xbziBY8.roa
File: hlby1xXJUtbaqPmELmi7xbziBY8.roa (raw, json)
Hash identifier: QsHPEqttrfF2zMx3M7sZxcReCt1hljy1sF+KTN49S3E=
Subject key identifier: 86:56:F2:D7:15:C9:52:D6:DA:A8:F9:84:2E:68:BB:C5:BC:E2:05:8F
Certificate issuer: /CN=874c3dcccbf02ba8501ab1c706d31e137fddf41d
Certificate serial: 019426D972A42867EBBB55FE3BDA0EFAFDA0
Authority key identifier: 87:4C:3D:CC:CB:F0:2B:A8:50:1A:B1:C7:06:D3:1E:13:7F:DD:F4:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0w9zMvwK6hQGrHHBtMeE3_d9B0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/993d38-2188-4a7b-bc37-a04762095ee6/1/hlby1xXJUtbaqPmELmi7xbziBY8.roa
Signing time: Thu 02 Jan 2025 11:49:32 +0000
ROA not before: Thu 02 Jan 2025 11:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47819
IP address blocks: 91.208.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:72:a4:28:67:eb:bb:55:fe:3b:da:0e:fa:fd:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874c3dcccbf02ba8501ab1c706d31e137fddf41d
Validity
Not Before: Jan 2 11:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8656f2d715c952d6daa8f9842e68bbc5bce2058f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:de:98:0f:f4:00:8a:bd:d0:b8:eb:4d:ec:36:
dc:bf:7a:6e:f2:fe:25:89:03:26:76:ac:12:0e:d6:
50:cc:98:93:47:83:ea:3f:5c:14:1e:b4:92:0f:5e:
62:84:3b:1e:b1:82:44:9a:02:06:45:ae:9e:7b:69:
d1:68:34:3b:33:ac:96:04:0e:12:75:b4:fd:92:6b:
bd:fe:0e:48:7e:94:e5:94:6e:3d:3a:55:9a:41:dc:
51:03:03:b4:3e:ea:80:8d:b3:e4:d5:c8:57:1e:0a:
38:e4:67:1a:82:76:14:f9:b3:69:67:a3:ce:a8:f2:
50:2c:30:89:6a:05:98:81:2e:b0:05:a4:d9:ee:b0:
0d:fa:66:6b:9e:d2:89:c0:bd:d3:c3:e3:1b:9a:66:
43:35:85:25:5f:d4:05:fe:fb:18:d6:85:ac:c5:91:
44:a2:e9:97:c1:44:ad:ce:81:af:46:56:70:f7:04:
7d:30:58:18:a8:98:07:68:7b:30:a5:22:c0:fd:11:
26:7f:ea:f4:08:1c:47:e5:b1:98:b1:d6:02:64:46:
9d:28:dd:e8:c1:2e:37:47:63:e9:86:8b:da:80:56:
04:51:5f:e3:e4:46:42:03:37:0c:eb:2b:62:61:70:
e8:f9:a3:f7:c9:fb:df:68:ee:43:93:74:51:1d:0f:
dc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:56:F2:D7:15:C9:52:D6:DA:A8:F9:84:2E:68:BB:C5:BC:E2:05:8F
X509v3 Authority Key Identifier:
keyid:87:4C:3D:CC:CB:F0:2B:A8:50:1A:B1:C7:06:D3:1E:13:7F:DD:F4:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0w9zMvwK6hQGrHHBtMeE3_d9B0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/993d38-2188-4a7b-bc37-a04762095ee6/1/hlby1xXJUtbaqPmELmi7xbziBY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/993d38-2188-4a7b-bc37-a04762095ee6/1/h0w9zMvwK6hQGrHHBtMeE3_d9B0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.23.0/24
Signature Algorithm: sha256WithRSAEncryption
49:be:31:cc:55:3f:0f:9a:c1:da:7b:55:df:4c:89:d8:57:e0:
d9:2d:99:5f:6d:71:13:d1:72:5a:52:e6:65:06:1e:e4:d2:82:
db:43:9d:5a:18:7d:92:bf:c4:65:be:cf:0e:d4:03:d3:cc:36:
0c:ea:92:23:bc:b5:9c:af:b0:57:08:54:c1:a8:51:8e:54:6d:
26:d6:1a:eb:27:d7:04:ef:d0:ec:08:58:3b:1e:67:76:ac:e7:
33:8f:cd:9e:d9:fb:5d:3f:3f:ea:32:eb:f5:31:c3:56:66:b0:
cb:27:7c:27:16:1e:a9:2a:61:5e:f8:85:95:cf:37:62:51:2d:
6b:4e:14:05:18:69:fb:92:25:a0:f4:60:58:f1:99:96:fc:9a:
53:78:6f:e3:07:42:52:52:d7:ed:69:29:cb:32:26:28:0f:ca:
92:32:f4:0c:6a:27:60:67:3e:d7:7a:9c:cc:99:b3:09:71:ce:
c7:bf:86:86:0d:c6:d1:d0:f0:51:75:e4:8e:15:19:c1:70:33:
c1:33:73:36:44:57:36:be:f8:c3:af:ab:13:82:45:fa:55:92:
f2:96:e6:84:10:5c:54:e8:dd:66:0d:7a:a2:c5:c2:4e:54:86:
61:64:f4:61:51:8b:0b:73:fe:94:06:55:38:9b:ee:0d:ce:ca:
3d:79:f1:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2XKkKGfru1X+O9oO+v2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGMzZGNjY2JmMDJiYTg1MDFhYjFjNzA2ZDMxZTEzN2Zk
ZGY0MWQwHhcNMjUwMTAyMTE0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU2ZjJkNzE1Yzk1MmQ2ZGFhOGY5ODQyZTY4YmJjNWJjZTIwNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd6YD/QAir3QuOtN7Dbcv3pu8v4l
iQMmdqwSDtZQzJiTR4PqP1wUHrSSD15ihDsesYJEmgIGRa6ee2nRaDQ7M6yWBA4S
dbT9kmu9/g5IfpTllG49OlWaQdxRAwO0PuqAjbPk1chXHgo45GcagnYU+bNpZ6PO
qPJQLDCJagWYgS6wBaTZ7rAN+mZrntKJwL3Tw+MbmmZDNYUlX9QF/vsY1oWsxZFE
oumXwUStzoGvRlZw9wR9MFgYqJgHaHswpSLA/REmf+r0CBxH5bGYsdYCZEadKN3o
wS43R2PphovagFYEUV/j5EZCAzcM6ytiYXDo+aP3yfvfaO5Dk3RRHQ/cywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZW8tcVyVLW2qj5hC5ou8W84gWPMB8GA1UdIwQY
MBaAFIdMPczL8CuoUBqxxwbTHhN/3fQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB3OXpNdndLNmhRR3JISEJ0TWVFM19kOUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85OTNkMzgtMjE4OC00YTdiLWJjMzct
YTA0NzYyMDk1ZWU2LzEvaGxieTF4WEpVdGJhcVBtRUxtaTd4YnppQlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85OTNkMzgtMjE4OC00YTdiLWJjMzctYTA0NzYyMDk1ZWU2
LzEvaDB3OXpNdndLNmhRR3JISEJ0TWVFM19kOUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AXMA0G
CSqGSIb3DQEBCwUAA4IBAQBJvjHMVT8PmsHae1XfTInYV+DZLZlfbXET0XJaUuZl
Bh7k0oLbQ51aGH2Sv8Rlvs8O1APTzDYM6pIjvLWcr7BXCFTBqFGOVG0m1hrrJ9cE
79DsCFg7Hmd2rOczj82e2ftdPz/qMuv1McNWZrDLJ3wnFh6pKmFe+IWVzzdiUS1r
ThQFGGn7kiWg9GBY8ZmW/JpTeG/jB0JSUtftaSnLMiYoD8qSMvQMaidgZz7XepzM
mbMJcc7Hv4aGDcbR0PBRdeSOFRnBcDPBM3M2RFc2vvjDr6sTgkX6VZLyluaEEFxU
6N1mDXqixcJOVIZhZPRhUYsLc/6UBlU4m+4Nzso9efG6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:16 2025 by rpki-client on console.sobornost.net