Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/hqnI55-BtuuM4vFpZ56v79LAU1E.roa
File: hqnI55-BtuuM4vFpZ56v79LAU1E.roa (raw, json)
Hash identifier: de3zBJnkxcrGTCeqUEM+8xu6xpr3xr2UbYA58RD5CTg=
Subject key identifier: 86:A9:C8:E7:9F:81:B6:EB:8C:E2:F1:69:67:9E:AF:EF:D2:C0:53:51
Certificate issuer: /CN=79d69dd98333558401edd1a60168265dd1a0d958
Certificate serial: 0194258F799AB422E7BBC537C3995366F5DD
Authority key identifier: 79:D6:9D:D9:83:33:55:84:01:ED:D1:A6:01:68:26:5D:D1:A0:D9:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edad2YMzVYQB7dGmAWgmXdGg2Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/hqnI55-BtuuM4vFpZ56v79LAU1E.roa
Signing time: Thu 02 Jan 2025 05:49:07 +0000
ROA not before: Thu 02 Jan 2025 05:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 513
IP address blocks: 128.141.0.0/16 maxlen: 16
128.142.0.0/16 maxlen: 16
137.138.0.0/16 maxlen: 16
185.249.56.0/22 maxlen: 22
188.184.0.0/16 maxlen: 16
188.185.0.0/16 maxlen: 16
192.16.155.0/24 maxlen: 24
192.16.156.0/22 maxlen: 22
192.16.160.0/22 maxlen: 22
192.16.164.0/23 maxlen: 23
192.16.166.0/24 maxlen: 24
192.65.183.0/24 maxlen: 24
192.65.184.0/21 maxlen: 21
192.65.192.0/22 maxlen: 22
192.65.196.0/23 maxlen: 23
192.91.236.0/22 maxlen: 22
192.91.240.0/22 maxlen: 22
192.91.244.0/23 maxlen: 23
192.91.246.0/24 maxlen: 24
194.12.128.0/18 maxlen: 18
2001:1458::/32 maxlen: 32
2001:1459::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:79:9a:b4:22:e7:bb:c5:37:c3:99:53:66:f5:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d69dd98333558401edd1a60168265dd1a0d958
Validity
Not Before: Jan 2 05:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86a9c8e79f81b6eb8ce2f169679eafefd2c05351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:8a:62:e7:ac:53:da:61:74:a7:52:09:ae:ef:
4e:c4:d5:49:12:84:0c:dc:eb:7b:0f:4d:8d:40:13:
61:0f:72:09:d8:04:16:ed:89:e9:d5:cc:66:6b:92:
7a:7b:e6:40:49:1d:8e:a3:30:4a:31:b6:b4:3a:dd:
f3:22:ae:d4:6e:71:37:cf:48:5b:b9:2d:19:3d:64:
b1:a1:c8:97:b0:07:f5:2a:17:f6:bd:d1:97:e3:1d:
74:0f:c0:4e:5b:26:ca:26:97:83:4a:78:79:05:5d:
15:03:c5:e6:be:6a:3f:a0:a1:ab:a5:98:23:42:01:
b6:dc:07:de:22:73:1a:4f:b7:18:00:cf:43:b5:f5:
fa:0e:2f:87:2f:0d:ea:96:1d:f2:8a:64:d7:be:97:
74:e5:64:47:d4:f9:21:c8:81:aa:06:17:7a:a7:c4:
ed:ff:a2:bf:10:d5:a8:ec:fe:48:79:dd:e4:69:d4:
81:c8:2b:09:10:3c:d2:dc:0b:a5:d2:67:75:5a:ac:
5c:e1:62:6f:f9:0e:84:62:bf:24:1a:37:48:95:f6:
25:60:67:78:01:7a:75:2d:e3:07:37:2e:38:9b:cd:
15:f3:a3:92:78:f4:83:81:45:b6:63:32:d7:ad:00:
a2:38:8e:c7:3c:4f:9c:13:8c:48:ef:19:2f:aa:aa:
a9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A9:C8:E7:9F:81:B6:EB:8C:E2:F1:69:67:9E:AF:EF:D2:C0:53:51
X509v3 Authority Key Identifier:
keyid:79:D6:9D:D9:83:33:55:84:01:ED:D1:A6:01:68:26:5D:D1:A0:D9:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edad2YMzVYQB7dGmAWgmXdGg2Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/hqnI55-BtuuM4vFpZ56v79LAU1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/edad2YMzVYQB7dGmAWgmXdGg2Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.141.0.0-128.142.255.255
137.138.0.0/16
185.249.56.0/22
188.184.0.0/15
192.16.155.0-192.16.166.255
192.65.183.0-192.65.197.255
192.91.236.0-192.91.246.255
194.12.128.0/18
IPv6:
2001:1458::/31
Signature Algorithm: sha256WithRSAEncryption
63:3b:51:4f:00:31:83:5c:9e:c0:9a:65:16:d6:bd:76:e7:49:
aa:ec:35:92:9f:b1:f7:11:00:0e:cd:16:85:2f:92:f9:cf:65:
6f:a8:95:93:f1:e0:c1:ca:81:f4:c6:b8:91:9b:4e:08:e1:76:
08:91:a5:4a:8b:fc:3f:64:f4:e7:81:8c:bf:91:7c:3c:da:b9:
df:d8:4d:f8:fb:2a:da:11:81:55:38:3c:86:73:bd:13:76:2b:
17:12:68:9d:58:18:f0:1d:c5:86:b6:68:de:e5:63:f4:c3:aa:
5c:59:0c:a4:85:8c:a2:27:62:89:cf:2c:c5:1a:56:01:dd:2c:
95:f1:da:3e:f9:61:7c:b5:b6:4a:c4:20:54:49:dc:7f:b0:e0:
48:0b:0c:89:be:3e:ba:dc:e2:69:ea:00:4c:eb:a7:42:4d:ac:
34:af:2d:b0:f8:0c:cd:e5:fe:67:ef:40:1e:9c:40:38:a8:ae:
bd:d8:4f:22:25:a9:73:f5:c7:ec:db:c9:5d:6a:d5:f2:1c:e0:
a7:a3:2e:3c:7a:8d:d8:2c:e5:9b:a2:8c:28:82:1a:53:81:6d:
35:41:b9:6d:2a:6f:4b:3d:fb:38:59:89:ce:eb:cb:b7:b3:73:
e8:be:bb:03:19:74:19:53:ec:83:cc:01:d1:a4:d5:2d:92:f7:
8d:1e:ef:10
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZQlj3matCLnu8U3w5lTZvXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDY5ZGQ5ODMzMzU1ODQwMWVkZDFhNjAxNjgyNjVkZDFh
MGQ5NTgwHhcNMjUwMTAyMDU0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE5YzhlNzlmODFiNmViOGNlMmYxNjk2NzllYWZlZmQyYzA1MzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4opi56xT2mF0p1IJru9OxNVJEoQM
3Ot7D02NQBNhD3IJ2AQW7Ynp1cxma5J6e+ZASR2OozBKMba0Ot3zIq7UbnE3z0hb
uS0ZPWSxociXsAf1Khf2vdGX4x10D8BOWybKJpeDSnh5BV0VA8Xmvmo/oKGrpZgj
QgG23AfeInMaT7cYAM9DtfX6Di+HLw3qlh3yimTXvpd05WRH1PkhyIGqBhd6p8Tt
/6K/ENWo7P5Ied3kadSByCsJEDzS3Aul0md1Wqxc4WJv+Q6EYr8kGjdIlfYlYGd4
AXp1LeMHNy44m80V86OSePSDgUW2YzLXrQCiOI7HPE+cE4xI7xkvqqqprQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFIapyOefgbbrjOLxaWeer+/SwFNRMB8GA1UdIwQY
MBaAFHnWndmDM1WEAe3RpgFoJl3RoNlYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRhZDJZTXpWWVFCN2RHbUFXZ21YZEdnMlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hNDZiZTctMzE3ZS00NzA4LWEwMTYt
NGZkNmI3ZDc2YTJmLzEvaHFuSTU1LUJ0dXVNNHZGcFo1NnY3OUxBVTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hNDZiZTctMzE3ZS00NzA4LWEwMTYtNGZkNmI3ZDc2YTJm
LzEvZWRhZDJZTXpWWVFCN2RHbUFXZ21YZEdnMlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMMAoDAwCAjQMD
AICOAwMAiYoDBAK5+TgDAwG8uDAMAwQAwBCbAwQAwBCmMAwDBADAQbcDBAHAQcQw
DAMEAsBb7AMEAMBb9gMEBsIMgDANBAIAAjAHAwUBIAEUWDANBgkqhkiG9w0BAQsF
AAOCAQEAYztRTwAxg1yewJplFta9dudJquw1kp+x9xEADs0WhS+S+c9lb6iVk/Hg
wcqB9Ma4kZtOCOF2CJGlSov8P2T054GMv5F8PNq539hN+Psq2hGBVTg8hnO9E3Yr
FxJonVgY8B3FhrZo3uVj9MOqXFkMpIWMoidiic8sxRpWAd0slfHaPvlhfLW2SsQg
VEncf7DgSAsMib4+utziaeoATOunQk2sNK8tsPgMzeX+Z+9AHpxAOKiuvdhPIiWp
c/XH7NvJXWrV8hzgp6MuPHqN2Czlm6KMKIIaU4FtNUG5bSpvSz37OFmJzuvLt7Nz
6L67Axl0GVPsg8wB0aTVLZL3jR7vEA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net