Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/HfROKsu5S9Kv9xQEghcCyLc0QU0.roa
File: HfROKsu5S9Kv9xQEghcCyLc0QU0.roa (raw, json)
Hash identifier: qqPIft59QLOT66DNtALVd3oXV+0wgDN34FKKDYySGVY=
Subject key identifier: 1D:F4:4E:2A:CB:B9:4B:D2:AF:F7:14:04:82:17:02:C8:B7:34:41:4D
Certificate issuer: /CN=4aefcfed51ff158fbe68ccd60b7b39be5f3eae20
Certificate serial: 019423D777D0A5905BD2FFFE639FD579DB66
Authority key identifier: 4A:EF:CF:ED:51:FF:15:8F:BE:68:CC:D6:0B:7B:39:BE:5F:3E:AE:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Su_P7VH_FY--aMzWC3s5vl8-riA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/HfROKsu5S9Kv9xQEghcCyLc0QU0.roa
Signing time: Wed 01 Jan 2025 21:48:30 +0000
ROA not before: Wed 01 Jan 2025 21:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39202
IP address blocks: 81.20.48.0/20 maxlen: 20
2a01:6000::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:77:d0:a5:90:5b:d2:ff:fe:63:9f:d5:79:db:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aefcfed51ff158fbe68ccd60b7b39be5f3eae20
Validity
Not Before: Jan 1 21:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1df44e2acbb94bd2aff71404821702c8b734414d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6f:61:f7:34:ef:90:3c:c7:b0:5e:47:cd:d3:
71:60:35:8b:b9:d3:f8:47:97:d6:c1:a3:4b:56:34:
1a:96:32:94:c7:4e:a2:48:8b:0d:f7:f6:ef:97:08:
ff:47:51:96:4f:ca:0f:c3:4f:cc:f9:03:35:77:7c:
1b:ca:f7:0b:e2:19:bd:fd:cc:e5:05:87:e9:b6:40:
67:43:64:85:45:c2:8d:9a:23:71:68:dc:da:8c:25:
a2:6a:86:3c:83:6a:61:b0:79:6c:ec:06:2e:99:33:
5e:8e:25:29:43:82:27:d2:1c:19:e0:26:c3:ed:bb:
e6:90:67:16:3e:7d:68:13:d7:02:3d:e9:70:49:d9:
8c:60:40:ef:05:30:59:a5:dc:2b:83:36:98:cb:78:
08:66:53:a0:56:c6:b2:31:54:34:f7:97:26:f0:18:
81:66:9c:48:2d:ad:7f:bd:7c:78:af:32:0d:eb:c8:
0e:5b:38:1a:4e:2a:d4:32:51:17:0e:a9:4b:2b:2d:
2a:ae:89:1b:41:10:a5:f2:d2:1c:65:ff:4e:71:a4:
79:b5:f7:ff:d9:54:e1:52:18:d5:ad:49:40:cd:e8:
29:db:85:97:91:33:bd:3d:54:64:58:f5:89:d1:8a:
67:0c:e8:d6:b6:ff:34:50:e5:21:eb:c3:0e:81:cb:
19:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F4:4E:2A:CB:B9:4B:D2:AF:F7:14:04:82:17:02:C8:B7:34:41:4D
X509v3 Authority Key Identifier:
keyid:4A:EF:CF:ED:51:FF:15:8F:BE:68:CC:D6:0B:7B:39:BE:5F:3E:AE:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su_P7VH_FY--aMzWC3s5vl8-riA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/HfROKsu5S9Kv9xQEghcCyLc0QU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/8e5576-33c8-4002-a437-db6671ac7672/1/Su_P7VH_FY--aMzWC3s5vl8-riA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.48.0/20
IPv6:
2a01:6000::/32
Signature Algorithm: sha256WithRSAEncryption
93:b4:b7:a9:81:30:f4:02:be:0a:fb:d3:81:82:ee:39:77:6e:
fa:42:df:03:1a:5d:84:61:0e:c9:db:ec:83:8e:60:38:98:65:
56:81:27:2b:7b:80:c5:86:2a:5d:91:e3:d1:2a:58:2c:de:0a:
3b:37:46:d4:90:94:4b:94:4b:53:88:05:b3:79:38:8b:11:19:
8a:99:61:1c:6c:89:7e:89:d6:f7:98:34:36:30:de:e0:0b:c5:
97:94:4d:ea:6f:55:c7:91:04:74:d8:29:a4:34:89:c6:8e:d9:
0d:87:d8:ae:57:7f:83:ee:68:58:dd:7c:08:77:16:a3:a1:65:
fa:12:f9:3a:f4:cd:51:49:5f:4a:81:4a:bb:d5:6c:80:4e:fb:
bc:72:80:50:38:30:0f:3a:8b:c8:3a:b5:4c:3f:2e:89:92:6d:
0c:42:92:52:00:4d:32:d9:6d:ce:7a:1c:8d:8e:fa:88:13:80:
11:e1:dc:89:c2:40:a4:c0:af:92:62:e7:45:e3:62:31:13:0d:
03:a4:5a:b3:4e:f2:d6:8c:5a:30:28:aa:45:86:6e:17:91:55:
9d:e4:b9:41:30:b6:1e:78:7d:c1:13:47:8d:06:d5:83:88:3a:
8a:20:4c:0b:22:51:ec:ca:de:83:2f:7c:09:fe:cf:e0:c4:32:
82:96:de:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj13fQpZBb0v/+Y5/VedtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWZjZmVkNTFmZjE1OGZiZTY4Y2NkNjBiN2IzOWJlNWYz
ZWFlMjAwHhcNMjUwMTAxMjE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGY0NGUyYWNiYjk0YmQyYWZmNzE0MDQ4MjE3MDJjOGI3MzQ0MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW9h9zTvkDzHsF5HzdNxYDWLudP4
R5fWwaNLVjQaljKUx06iSIsN9/bvlwj/R1GWT8oPw0/M+QM1d3wbyvcL4hm9/czl
BYfptkBnQ2SFRcKNmiNxaNzajCWiaoY8g2phsHls7AYumTNejiUpQ4In0hwZ4CbD
7bvmkGcWPn1oE9cCPelwSdmMYEDvBTBZpdwrgzaYy3gIZlOgVsayMVQ095cm8BiB
ZpxILa1/vXx4rzIN68gOWzgaTirUMlEXDqlLKy0qrokbQRCl8tIcZf9OcaR5tff/
2VThUhjVrUlAzegp24WXkTO9PVRkWPWJ0YpnDOjWtv80UOUh68MOgcsZWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB30TirLuUvSr/cUBIIXAsi3NEFNMB8GA1UdIwQY
MBaAFErvz+1R/xWPvmjM1gt7Ob5fPq4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3VfUDdWSF9GWS0tYU16V0MzczV2bDgtcmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS84ZTU1NzYtMzNjOC00MDAyLWE0Mzct
ZGI2NjcxYWM3NjcyLzEvSGZST0tzdTVTOUt2OXhRRWdoY0N5TGMwUVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS84ZTU1NzYtMzNjOC00MDAyLWE0MzctZGI2NjcxYWM3Njcy
LzEvU3VfUDdWSF9GWS0tYU16V0MzczV2bDgtcmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEURQwMA0E
AgACMAcDBQAqAWAAMA0GCSqGSIb3DQEBCwUAA4IBAQCTtLepgTD0Ar4K+9OBgu45
d276Qt8DGl2EYQ7J2+yDjmA4mGVWgScre4DFhipdkePRKlgs3go7N0bUkJRLlEtT
iAWzeTiLERmKmWEcbIl+idb3mDQ2MN7gC8WXlE3qb1XHkQR02CmkNInGjtkNh9iu
V3+D7mhY3XwIdxajoWX6Evk69M1RSV9KgUq71WyATvu8coBQODAPOovIOrVMPy6J
km0MQpJSAE0y2W3OehyNjvqIE4AR4dyJwkCkwK+SYudF42IxEw0DpFqzTvLWjFow
KKpFhm4XkVWd5LlBMLYeeH3BE0eNBtWDiDqKIEwLIlHsyt6DL3wJ/s/gxDKClt5b
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:34 2025 by rpki-client on console.sobornost.net