Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/haz-HdaagkevUDJWOKHcKbMpfs4.roa
File: haz-HdaagkevUDJWOKHcKbMpfs4.roa (raw, json)
Hash identifier: 4MYVAihmuy2VBnQslitsGPSQAlGwL1bJXLz/oBhLSUI=
Subject key identifier: 85:AC:FE:1D:D6:9A:82:47:AF:50:32:56:38:A1:DC:29:B3:29:7E:CE
Certificate issuer: /CN=556c9a9c61980a90b5d0c51f86d7cbac9ff142da
Certificate serial: 0194228DDDD9E1023EA85B47DE466A3F7016
Authority key identifier: 55:6C:9A:9C:61:98:0A:90:B5:D0:C5:1F:86:D7:CB:AC:9F:F1:42:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWyanGGYCpC10MUfhtfLrJ_xQto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/haz-HdaagkevUDJWOKHcKbMpfs4.roa
Signing time: Wed 01 Jan 2025 15:48:30 +0000
ROA not before: Wed 01 Jan 2025 15:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20553
IP address blocks: 217.168.192.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:dd:d9:e1:02:3e:a8:5b:47:de:46:6a:3f:70:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556c9a9c61980a90b5d0c51f86d7cbac9ff142da
Validity
Not Before: Jan 1 15:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85acfe1dd69a8247af50325638a1dc29b3297ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:70:ec:b2:74:cd:ca:d4:95:04:bb:46:fd:f5:
a6:18:ac:43:fa:1e:e8:51:9f:7f:22:ed:49:4c:a7:
61:35:9f:41:ba:b3:28:34:7f:ac:16:16:fd:f7:96:
0d:ca:5a:81:48:84:3a:95:30:35:6b:15:4f:20:36:
de:56:29:5b:1e:30:0b:35:18:34:31:6a:0a:06:e2:
32:b0:06:17:88:1d:0c:0d:1b:e0:85:4a:d3:ef:39:
02:bf:71:4c:22:e4:37:73:61:88:e8:39:35:7a:fb:
15:68:2b:2f:f7:e5:86:09:6c:fb:96:79:4b:03:94:
91:3c:ff:36:d9:5c:60:9e:2d:f4:af:10:2d:84:e9:
6a:88:1b:da:6b:10:9a:7b:1c:bd:11:29:24:96:b9:
90:52:a7:7c:16:73:be:fe:00:01:ee:c4:07:97:cd:
6e:08:9c:24:4a:b7:72:04:ce:15:48:6d:ee:8d:77:
f6:b4:66:6d:91:c5:76:69:f5:1e:0a:bf:40:95:1e:
0f:1a:56:e2:6d:91:24:4b:9d:31:54:29:c7:38:d7:
fc:6c:9f:f7:2e:b8:f6:6f:90:ad:29:10:6b:d8:05:
72:34:32:9c:a5:28:56:07:d3:d2:af:e7:9a:a7:e1:
1d:ec:e3:4e:f7:73:49:46:8f:90:f5:9b:58:e2:fa:
b7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AC:FE:1D:D6:9A:82:47:AF:50:32:56:38:A1:DC:29:B3:29:7E:CE
X509v3 Authority Key Identifier:
keyid:55:6C:9A:9C:61:98:0A:90:B5:D0:C5:1F:86:D7:CB:AC:9F:F1:42:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWyanGGYCpC10MUfhtfLrJ_xQto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/haz-HdaagkevUDJWOKHcKbMpfs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/25a747-8426-430a-9e30-45b3443a76f9/1/VWyanGGYCpC10MUfhtfLrJ_xQto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.168.192.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:8f:4a:18:12:fc:be:fe:5a:9b:a1:fd:38:c1:df:a3:1d:05:
93:bb:1e:21:05:38:2f:44:46:3f:9f:a1:57:c8:07:32:1a:7d:
f2:95:83:17:72:07:26:4a:b9:d4:eb:00:c6:4b:df:f1:c3:84:
8f:cf:3b:27:78:73:fb:10:17:89:35:45:3b:9a:ec:b3:0c:69:
a5:06:fd:79:97:e3:d6:bd:3f:c0:9e:41:2c:c0:c2:ab:36:a3:
81:ac:ec:b9:49:df:47:a5:99:e4:4a:90:ef:91:7b:97:63:53:
e1:e8:1f:f8:ca:b0:37:38:12:1d:72:27:1e:d1:e1:01:31:fb:
85:7b:5a:64:6d:29:b2:46:ec:b1:b7:ff:65:8d:71:aa:97:ac:
31:b2:ac:89:5c:1b:97:7f:37:61:d0:ee:f1:4d:7c:65:4a:9e:
3f:2d:72:24:fb:ab:15:68:b1:75:d5:e5:11:25:96:bd:94:80:
d0:ae:e8:e8:68:83:c2:fd:dc:9f:58:27:25:cd:9b:1b:cf:7e:
52:93:55:25:e4:0a:e8:1f:30:4d:e3:68:5c:0c:7d:c6:96:ec:
b4:df:f8:92:ce:d1:a4:47:a0:6c:95:ce:24:ae:8a:68:a7:eb:
d6:7f:cb:68:72:68:f9:7a:81:b0:3c:f5:48:e9:1b:dd:4c:54:
de:b5:07:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijd3Z4QI+qFtH3kZqP3AWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmM5YTljNjE5ODBhOTBiNWQwYzUxZjg2ZDdjYmFjOWZm
MTQyZGEwHhcNMjUwMTAxMTU0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFjZmUxZGQ2OWE4MjQ3YWY1MDMyNTYzOGExZGMyOWIzMjk3ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HDssnTNytSVBLtG/fWmGKxD+h7o
UZ9/Iu1JTKdhNZ9BurMoNH+sFhb995YNylqBSIQ6lTA1axVPIDbeVilbHjALNRg0
MWoKBuIysAYXiB0MDRvghUrT7zkCv3FMIuQ3c2GI6Dk1evsVaCsv9+WGCWz7lnlL
A5SRPP822Vxgni30rxAthOlqiBvaaxCaexy9ESkklrmQUqd8FnO+/gAB7sQHl81u
CJwkSrdyBM4VSG3ujXf2tGZtkcV2afUeCr9AlR4PGlbibZEkS50xVCnHONf8bJ/3
Lrj2b5CtKRBr2AVyNDKcpShWB9PSr+eap+Ed7ONO93NJRo+Q9ZtY4vq3gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWs/h3WmoJHr1AyVjih3CmzKX7OMB8GA1UdIwQY
MBaAFFVsmpxhmAqQtdDFH4bXy6yf8ULaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVld5YW5HR1lDcEMxME1VZmh0ZkxySl94UXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yNWE3NDctODQyNi00MzBhLTllMzAt
NDViMzQ0M2E3NmY5LzEvaGF6LUhkYWFna2V2VURKV09LSGNLYk1wZnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8yNWE3NDctODQyNi00MzBhLTllMzAtNDViMzQ0M2E3NmY5
LzEvVld5YW5HR1lDcEMxME1VZmh0ZkxySl94UXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ajAMA0G
CSqGSIb3DQEBCwUAA4IBAQCkj0oYEvy+/lqbof04wd+jHQWTux4hBTgvREY/n6FX
yAcyGn3ylYMXcgcmSrnU6wDGS9/xw4SPzzsneHP7EBeJNUU7muyzDGmlBv15l+PW
vT/AnkEswMKrNqOBrOy5Sd9HpZnkSpDvkXuXY1Ph6B/4yrA3OBIdcice0eEBMfuF
e1pkbSmyRuyxt/9ljXGql6wxsqyJXBuXfzdh0O7xTXxlSp4/LXIk+6sVaLF11eUR
JZa9lIDQrujoaIPC/dyfWCclzZsbz35Sk1Ul5AroHzBN42hcDH3Gluy03/iSztGk
R6Bslc4kropop+vWf8tocmj5eoGwPPVI6RvdTFTetQdv
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net