Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/hr_3YvtJXQR8KRX2mS7v0fn9ds4.roa
File: hr_3YvtJXQR8KRX2mS7v0fn9ds4.roa (raw, json)
Hash identifier: Q8sCvSgfVoaQ1Z49sIbWUd2S2i06vk04oxHfnffsB6E=
Subject key identifier: 86:BF:F7:62:FB:49:5D:04:7C:29:15:F6:99:2E:EF:D1:F9:FD:76:CE
Certificate issuer: /CN=97242dba26ed882b380dabebab3c5f3942006ecc
Certificate serial: 019367636F333144EF4EF230AC34B1325A21
Authority key identifier: 97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/hr_3YvtJXQR8KRX2mS7v0fn9ds4.roa
Signing time: Tue 26 Nov 2024 07:33:09 +0000
ROA not before: Tue 26 Nov 2024 07:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 109.68.248.0/24 maxlen: 24
185.68.58.0/24 maxlen: 24
185.68.59.0/24 maxlen: 24
185.255.32.0/23 maxlen: 23
185.255.34.0/24 maxlen: 24
185.255.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:63:6f:33:31:44:ef:4e:f2:30:ac:34:b1:32:5a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97242dba26ed882b380dabebab3c5f3942006ecc
Validity
Not Before: Nov 26 07:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86bff762fb495d047c2915f6992eefd1f9fd76ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:07:30:66:73:48:cb:6d:0a:2d:13:b0:ef:fa:
b0:ac:2e:10:46:98:31:4c:ff:97:82:18:cd:60:8e:
5a:0e:48:99:e8:83:2b:b7:89:f2:1e:ee:9f:db:ef:
e8:2b:18:75:93:54:1d:44:61:30:6a:8b:83:78:aa:
e8:ed:49:11:d2:e2:bc:16:d1:95:71:65:6e:5c:ee:
07:43:15:ec:97:d7:61:f7:ad:74:bf:22:45:f6:7f:
b5:9d:c3:0b:37:4e:32:93:34:73:32:a7:d6:85:bd:
18:16:ab:10:ea:5c:d9:c8:f9:73:b1:22:c1:c5:c9:
c6:22:c9:c8:a1:78:aa:d2:f7:84:d2:cb:e0:ce:5f:
53:ab:b0:e0:38:b0:b0:5a:97:8d:5d:2c:2a:f0:6c:
e1:61:0c:7a:47:e9:01:9e:e2:4e:0a:60:3b:bd:34:
fb:bb:b2:36:4d:10:7c:2d:71:e0:78:e3:c2:32:34:
55:06:12:67:15:f6:44:ff:86:3d:cf:68:e7:38:be:
a1:f8:b2:2f:4f:30:aa:be:11:62:58:59:3f:fc:67:
8b:7f:16:ca:ec:f0:68:94:ca:a3:29:96:18:97:df:
a1:c6:ba:0d:75:96:61:af:a6:ca:f5:46:8f:12:ab:
c1:ee:30:ec:e9:bc:68:b0:3e:5e:eb:c6:de:c9:a6:
1e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:BF:F7:62:FB:49:5D:04:7C:29:15:F6:99:2E:EF:D1:F9:FD:76:CE
X509v3 Authority Key Identifier:
keyid:97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/hr_3YvtJXQR8KRX2mS7v0fn9ds4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.248.0/24
185.68.58.0/23
185.255.32.0/22
Signature Algorithm: sha256WithRSAEncryption
44:1b:db:e6:34:f5:45:d1:f5:63:0c:ab:d0:94:82:88:be:fc:
3f:e5:9f:18:35:6c:5c:46:37:68:d8:cd:2f:e5:87:e9:be:28:
d0:fa:de:37:60:8c:1e:f3:03:66:10:1b:d7:9c:28:39:6c:d2:
6d:1f:84:09:11:62:1b:7f:c7:0e:43:08:21:4d:3f:f6:67:9d:
38:9e:7c:89:f3:73:e4:ef:e9:09:98:d8:c0:1f:06:9b:0c:da:
e4:f2:4e:08:af:45:81:a2:77:2e:1f:25:68:a3:40:59:07:d3:
6c:1f:18:07:d7:3c:db:dd:b1:84:68:d6:03:43:fe:80:47:8f:
99:c2:ad:b7:6e:3f:69:ee:3b:b2:78:71:c3:74:67:b4:56:79:
ae:27:b3:d5:d6:8f:ab:a9:62:16:e5:b5:f5:c0:b9:26:80:30:
11:9a:ff:a6:86:04:1d:7a:d7:32:e6:61:dc:dd:70:7b:e5:76:
74:e0:7e:10:64:b4:8c:df:cb:58:b0:ba:a5:c1:40:81:53:3f:
95:da:2f:27:f2:af:a6:68:3e:93:eb:70:57:8a:97:7f:e2:fc:
48:54:52:d7:a6:ad:bf:11:65:16:32:10:8b:44:5c:cf:19:35:
d0:a2:c4:f6:1f:b5:db:86:32:9f:d8:00:4e:97:c9:35:3d:6f:
f0:13:1e:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNnY28zMUTvTvIwrDSxMlohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MjQyZGJhMjZlZDg4MmIzODBkYWJlYmFiM2M1ZjM5NDIw
MDZlY2MwHhcNMjQxMTI2MDczMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmJmZjc2MmZiNDk1ZDA0N2MyOTE1ZjY5OTJlZWZkMWY5ZmQ3NmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwcwZnNIy20KLROw7/qwrC4QRpgx
TP+XghjNYI5aDkiZ6IMrt4nyHu6f2+/oKxh1k1QdRGEwaouDeKro7UkR0uK8FtGV
cWVuXO4HQxXsl9dh9610vyJF9n+1ncMLN04ykzRzMqfWhb0YFqsQ6lzZyPlzsSLB
xcnGIsnIoXiq0veE0svgzl9Tq7DgOLCwWpeNXSwq8GzhYQx6R+kBnuJOCmA7vTT7
u7I2TRB8LXHgeOPCMjRVBhJnFfZE/4Y9z2jnOL6h+LIvTzCqvhFiWFk//GeLfxbK
7PBolMqjKZYYl9+hxroNdZZhr6bK9UaPEqvB7jDs6bxosD5e68beyaYeNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIa/92L7SV0EfCkV9pku79H5/XbOMB8GA1UdIwQY
MBaAFJckLbom7YgrOA2r66s8XzlCAG7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmIt
NjA3MjcyZDczN2NiLzEvaHJfM1l2dEpYUVI4S1JYMm1TN3YwZm45ZHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmItNjA3MjcyZDczN2Ni
LzEvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbUT4AwQB
uUQ6AwQCuf8gMA0GCSqGSIb3DQEBCwUAA4IBAQBEG9vmNPVF0fVjDKvQlIKIvvw/
5Z8YNWxcRjdo2M0v5YfpvijQ+t43YIwe8wNmEBvXnCg5bNJtH4QJEWIbf8cOQwgh
TT/2Z504nnyJ83Pk7+kJmNjAHwabDNrk8k4Ir0WBoncuHyVoo0BZB9NsHxgH1zzb
3bGEaNYDQ/6AR4+Zwq23bj9p7juyeHHDdGe0VnmuJ7PV1o+rqWIW5bX1wLkmgDAR
mv+mhgQdetcy5mHc3XB75XZ04H4QZLSM38tYsLqlwUCBUz+V2i8n8q+maD6T63BX
ipd/4vxIVFLXpq2/EWUWMhCLRFzPGTXQosT2H7XbhjKf2ABOl8k1PW/wEx5x
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:33 2024 by rpki-client on console.sobornost.net