Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/H0bQgySRSVEBMsUFWG1LFpsoHvo.roa
File: H0bQgySRSVEBMsUFWG1LFpsoHvo.roa (raw, json)
Hash identifier: xkMnmqfm74JviA1Eb+MeDPeuGBKpBqJAXaeRNQIX3FU=
Subject key identifier: 1F:46:D0:83:24:91:49:51:01:32:C5:05:58:6D:4B:16:9B:28:1E:FA
Certificate issuer: /CN=407d2dc10c02f5ec24f690f9f660555486562e59
Certificate serial: 019425FC33D07B56BCAA4CFE4A2ECA9B7801
Authority key identifier: 40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/H0bQgySRSVEBMsUFWG1LFpsoHvo.roa
Signing time: Thu 02 Jan 2025 07:47:52 +0000
ROA not before: Thu 02 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29436
IP address blocks: 192.162.80.0/22 maxlen: 22
192.166.112.0/23 maxlen: 23
193.238.36.0/22 maxlen: 22
195.149.108.0/24 maxlen: 24
2001:67c:2d9c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:33:d0:7b:56:bc:aa:4c:fe:4a:2e:ca:9b:78:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407d2dc10c02f5ec24f690f9f660555486562e59
Validity
Not Before: Jan 2 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f46d083249149510132c505586d4b169b281efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4a:b0:a6:5d:53:9c:34:8a:9c:3d:a4:91:6a:
ef:31:74:de:f9:58:7d:3d:0f:6b:44:d0:3b:e1:b8:
64:b9:57:86:cf:ee:c3:0e:c0:c7:5e:5f:c3:b9:30:
79:77:d9:8c:f0:83:19:6d:7a:d4:87:09:c3:5c:7a:
e4:c1:16:2e:ff:50:ef:c8:23:0f:41:a4:25:f4:ac:
c7:7e:4d:dd:f2:b4:23:8b:25:16:d7:a6:e9:9e:ef:
d4:96:80:19:01:07:43:3d:45:99:bc:2c:7c:cc:d9:
8d:7e:e1:24:ef:6c:e6:66:f0:12:b4:f5:e7:b0:e8:
b7:77:3c:7c:83:51:bd:ab:e5:0f:26:b7:14:d9:81:
13:43:30:eb:79:87:3b:a7:07:d8:fa:62:a1:02:e7:
d5:9f:0a:ce:1a:98:83:c6:c0:73:30:cd:db:8b:f4:
88:11:60:3f:ea:49:fe:94:79:74:84:c0:fe:3a:2b:
4e:4b:91:04:d1:9c:3c:b5:ce:95:70:8f:1d:13:7d:
cc:4e:88:f3:f5:39:31:e7:e7:03:1b:12:8d:e5:bd:
94:7c:01:64:c3:26:75:12:c1:04:7c:27:82:76:d1:
ac:05:f6:77:e8:ca:1f:e9:27:cc:c1:2d:2b:1e:73:
c1:ab:14:42:5c:73:e3:9b:cc:eb:0b:f3:c6:84:36:
bb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:46:D0:83:24:91:49:51:01:32:C5:05:58:6D:4B:16:9B:28:1E:FA
X509v3 Authority Key Identifier:
keyid:40:7D:2D:C1:0C:02:F5:EC:24:F6:90:F9:F6:60:55:54:86:56:2E:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH0twQwC9ewk9pD59mBVVIZWLlk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/H0bQgySRSVEBMsUFWG1LFpsoHvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a6fcc9-d251-42dc-ad02-967c2285ea62/1/QH0twQwC9ewk9pD59mBVVIZWLlk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.80.0/22
192.166.112.0/23
193.238.36.0/22
195.149.108.0/24
IPv6:
2001:67c:2d9c::/48
Signature Algorithm: sha256WithRSAEncryption
9c:da:0a:ea:b5:4c:d0:0e:f3:17:cc:8c:d2:94:6a:06:e5:b6:
74:00:87:52:80:62:70:c9:e7:51:0c:92:a8:fa:20:98:68:0a:
b7:7d:bf:c7:69:9d:ec:53:75:4c:f1:2a:f1:10:fc:3d:e0:ed:
49:1b:ac:ab:b9:00:e1:86:4d:17:23:04:58:e1:88:31:ee:c0:
c3:77:c2:95:4b:50:9e:e0:d7:db:c0:78:33:1a:0f:d2:59:c5:
39:60:04:b4:5c:6b:d7:b6:93:b4:03:4e:d1:18:00:91:f2:ed:
86:84:87:36:d9:ca:f0:f0:74:be:a4:c6:6c:03:78:18:36:09:
b6:e2:68:0c:0a:7c:81:15:52:7f:1d:ee:98:f9:b9:9b:a6:d7:
7e:21:1e:2d:00:c2:c0:aa:56:c5:7d:a0:33:58:fa:7d:e5:8f:
b8:65:8d:3f:ea:d8:21:10:d0:d6:7d:57:e2:54:6a:3f:30:27:
d6:a7:c1:c8:89:a1:07:0c:f2:ca:37:3d:68:64:08:3d:43:3e:
31:1d:28:e3:20:fd:a8:a6:46:38:bb:87:44:bd:a1:56:f6:cc:
6f:d1:0c:be:9d:d2:33:b2:e9:7b:e3:09:67:a1:bb:f5:26:b4:
e4:af:31:0e:73:1b:78:4b:e8:90:08:8b:42:37:f3:bb:8b:50:
2d:25:ef:f7
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQl/DPQe1a8qkz+Si7Km3gBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2QyZGMxMGMwMmY1ZWMyNGY2OTBmOWY2NjA1NTU0ODY1
NjJlNTkwHhcNMjUwMTAyMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQ2ZDA4MzI0OTE0OTUxMDEzMmM1MDU1ODZkNGIxNjliMjgxZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0qwpl1TnDSKnD2kkWrvMXTe+Vh9
PQ9rRNA74bhkuVeGz+7DDsDHXl/DuTB5d9mM8IMZbXrUhwnDXHrkwRYu/1DvyCMP
QaQl9KzHfk3d8rQjiyUW16bpnu/UloAZAQdDPUWZvCx8zNmNfuEk72zmZvAStPXn
sOi3dzx8g1G9q+UPJrcU2YETQzDreYc7pwfY+mKhAufVnwrOGpiDxsBzMM3bi/SI
EWA/6kn+lHl0hMD+OitOS5EE0Zw8tc6VcI8dE33MTojz9Tkx5+cDGxKN5b2UfAFk
wyZ1EsEEfCeCdtGsBfZ36Mof6SfMwS0rHnPBqxRCXHPjm8zrC/PGhDa7MwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFB9G0IMkkUlRATLFBVhtSxabKB76MB8GA1UdIwQY
MBaAFEB9LcEMAvXsJPaQ+fZgVVSGVi5ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDIt
OTY3YzIyODVlYTYyLzEvSDBiUWd5U1JTVkVCTXNVRldHMUxGcHNvSHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hNmZjYzktZDI1MS00MmRjLWFkMDItOTY3YzIyODVlYTYy
LzEvUUgwdHdRd0M5ZXdrOXBENTltQlZWSVpXTGxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCwKJQAwQB
wKZwAwQCwe4kAwQAw5VsMA8EAgACMAkDBwAgAQZ8LZwwDQYJKoZIhvcNAQELBQAD
ggEBAJzaCuq1TNAO8xfMjNKUagbltnQAh1KAYnDJ51EMkqj6IJhoCrd9v8dpnexT
dUzxKvEQ/D3g7UkbrKu5AOGGTRcjBFjhiDHuwMN3wpVLUJ7g19vAeDMaD9JZxTlg
BLRca9e2k7QDTtEYAJHy7YaEhzbZyvDwdL6kxmwDeBg2CbbiaAwKfIEVUn8d7pj5
uZum134hHi0AwsCqVsV9oDNY+n3lj7hljT/q2CEQ0NZ9V+JUaj8wJ9anwciJoQcM
8so3PWhkCD1DPjEdKOMg/aimRji7h0S9oVb2zG/RDL6d0jOy6XvjCWehu/UmtOSv
MQ5zG3hL6JAIi0I387uLUC0l7/c=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:42 2025 by rpki-client on console.sobornost.net