Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8f23c1-043c-4956-bfb8-26c9f9932bbc/1/HSyzFVthhSBBD96mxsl0scilpJU.roa
File: HSyzFVthhSBBD96mxsl0scilpJU.roa (raw, json)
Hash identifier: q5u2KllVdiR/BqAy2dqAoFzSZ6PBl0fHr1yzfwddNTg=
Subject key identifier: 1D:2C:B3:15:5B:61:85:20:41:0F:DE:A6:C6:C9:74:B1:C8:A5:A4:95
Certificate issuer: /CN=6868f656805380ca86e79173789d668dc401d5b5
Certificate serial: 0195E882A1C5D4220A772D5550B4AE7F93A7
Authority key identifier: 68:68:F6:56:80:53:80:CA:86:E7:91:73:78:9D:66:8D:C4:01:D5:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGj2VoBTgMqG55FzeJ1mjcQB1bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8f23c1-043c-4956-bfb8-26c9f9932bbc/1/HSyzFVthhSBBD96mxsl0scilpJU.roa
Signing time: Sun 30 Mar 2025 19:23:49 +0000
ROA not before: Sun 30 Mar 2025 19:23:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49382
IP address blocks: 134.255.248.0/24 maxlen: 24
185.233.84.0/22 maxlen: 24
185.233.84.0/24 maxlen: 24
185.233.85.0/24 maxlen: 24
185.233.86.0/24 maxlen: 24
185.233.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e8:82:a1:c5:d4:22:0a:77:2d:55:50:b4:ae:7f:93:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6868f656805380ca86e79173789d668dc401d5b5
Validity
Not Before: Mar 30 19:23:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d2cb3155b618520410fdea6c6c974b1c8a5a495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:5d:db:7f:a7:08:46:c8:f1:b9:73:f0:37:
e3:48:c2:1f:6a:f3:b2:d5:0d:bc:28:e0:11:c3:47:
18:dd:39:65:3a:4d:52:66:d8:33:b4:cc:44:07:e4:
9f:0c:fa:f7:a0:f8:cf:57:7d:78:e3:3d:b0:fc:3e:
50:f0:ff:74:b7:17:6d:c4:f9:77:41:40:c1:f7:10:
4b:a6:34:a6:8a:5d:9d:42:a3:72:9c:cc:97:9f:df:
86:70:e0:49:8f:fc:d8:28:5f:99:81:01:14:aa:de:
40:a9:20:94:98:ea:3b:98:f3:5e:ea:0a:10:bc:0e:
79:88:9a:1f:cc:72:df:92:3a:d7:e1:c4:6e:7c:6b:
69:42:f4:e3:98:e8:7b:55:57:fb:0f:ee:48:6e:45:
3c:20:32:71:33:88:00:45:73:2f:d3:62:69:a3:41:
0b:15:1e:fc:8f:fa:51:0b:ba:08:2b:67:4c:51:8f:
61:96:12:16:79:c6:e5:05:e7:a4:69:13:3e:41:e6:
7f:af:42:80:a4:05:5f:84:8a:82:b7:f6:bc:1e:4d:
4d:da:3d:b6:a3:ef:d0:b6:50:92:e3:21:50:33:d6:
32:2e:37:ee:87:28:e1:57:b3:f3:e4:bc:43:22:07:
ef:c2:6d:a6:f9:86:54:7a:c5:89:85:0e:04:c6:53:
a5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2C:B3:15:5B:61:85:20:41:0F:DE:A6:C6:C9:74:B1:C8:A5:A4:95
X509v3 Authority Key Identifier:
keyid:68:68:F6:56:80:53:80:CA:86:E7:91:73:78:9D:66:8D:C4:01:D5:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGj2VoBTgMqG55FzeJ1mjcQB1bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8f23c1-043c-4956-bfb8-26c9f9932bbc/1/HSyzFVthhSBBD96mxsl0scilpJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8f23c1-043c-4956-bfb8-26c9f9932bbc/1/aGj2VoBTgMqG55FzeJ1mjcQB1bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.255.248.0/24
185.233.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:78:ae:c3:95:be:d1:d3:27:f1:53:f5:69:7c:5f:8e:07:4e:
09:5a:f0:76:e3:9a:46:33:cd:5e:8f:c9:73:1a:a1:85:c1:29:
78:96:c0:56:c1:ea:80:99:8a:19:4c:33:b4:96:50:ec:64:1d:
ed:be:27:47:d0:4e:d3:e5:59:40:a6:20:ca:42:c4:38:63:5f:
b3:81:76:ca:f3:a3:79:6f:65:8e:5c:6f:b4:ac:40:77:22:01:
eb:d6:4a:c2:a0:76:0a:9d:fa:f4:26:62:49:51:42:1b:03:55:
f7:54:71:35:06:e1:02:59:86:95:d8:d4:a5:03:25:94:06:bb:
65:39:cc:a1:ad:89:d9:c0:e3:d7:f8:64:78:ab:2a:93:19:df:
cf:4c:3c:e8:cf:e2:8f:f8:e1:72:96:8b:68:ad:d2:ac:e6:4f:
93:17:ad:a6:44:15:06:aa:bf:59:dc:ef:85:cf:1d:64:68:2d:
6e:fe:33:4f:10:fa:4d:6c:65:41:d3:bf:f8:3e:bc:e6:70:ad:
86:18:58:94:7a:13:a3:45:cb:9e:90:d9:b7:3e:a2:54:85:fa:
20:cd:3d:f4:e1:c3:ef:b6:6e:90:38:8f:f0:74:7c:b0:ab:54:
6a:ce:ab:85:b7:29:a4:f5:2e:24:0a:2d:c1:d6:b9:72:30:1e:
2e:47:9a:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXogqHF1CIKdy1VULSuf5OnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjhmNjU2ODA1MzgwY2E4NmU3OTE3Mzc4OWQ2NjhkYzQw
MWQ1YjUwHhcNMjUwMzMwMTkyMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJjYjMxNTViNjE4NTIwNDEwZmRlYTZjNmM5NzRiMWM4YTVhNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykNd23+nCEbI8blz8DfjSMIfavOy
1Q28KOARw0cY3TllOk1SZtgztMxEB+SfDPr3oPjPV3144z2w/D5Q8P90txdtxPl3
QUDB9xBLpjSmil2dQqNynMyXn9+GcOBJj/zYKF+ZgQEUqt5AqSCUmOo7mPNe6goQ
vA55iJofzHLfkjrX4cRufGtpQvTjmOh7VVf7D+5IbkU8IDJxM4gARXMv02Jpo0EL
FR78j/pRC7oIK2dMUY9hlhIWecblBeekaRM+QeZ/r0KApAVfhIqCt/a8Hk1N2j22
o+/QtlCS4yFQM9YyLjfuhyjhV7Pz5LxDIgfvwm2m+YZUesWJhQ4ExlOlpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0ssxVbYYUgQQ/epsbJdLHIpaSVMB8GA1UdIwQY
MBaAFGho9laAU4DKhueRc3idZo3EAdW1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdqMlZvQlRnTXFHNTVGemVKMW1qY1FCMWJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZjIzYzEtMDQzYy00OTU2LWJmYjgt
MjZjOWY5OTMyYmJjLzEvSFN5ekZWdGhoU0JCRDk2bXhzbDBzY2lscEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZjIzYzEtMDQzYy00OTU2LWJmYjgtMjZjOWY5OTMyYmJj
LzEvYUdqMlZvQlRnTXFHNTVGemVKMW1qY1FCMWJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAhv/4AwQC
uelUMA0GCSqGSIb3DQEBCwUAA4IBAQCpeK7Dlb7R0yfxU/VpfF+OB04JWvB245pG
M81ej8lzGqGFwSl4lsBWweqAmYoZTDO0llDsZB3tvidH0E7T5VlApiDKQsQ4Y1+z
gXbK86N5b2WOXG+0rEB3IgHr1krCoHYKnfr0JmJJUUIbA1X3VHE1BuECWYaV2NSl
AyWUBrtlOcyhrYnZwOPX+GR4qyqTGd/PTDzoz+KP+OFylotordKs5k+TF62mRBUG
qr9Z3O+Fzx1kaC1u/jNPEPpNbGVB07/4PrzmcK2GGFiUehOjRcuekNm3PqJUhfog
zT304cPvtm6QOI/wdHywq1RqzquFtymk9S4kCi3B1rlyMB4uR5pd
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:46 2025 by rpki-client on console.sobornost.net