Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/hg441-dk1ELACcBR9hJC7n9zX7w.roa
File: hg441-dk1ELACcBR9hJC7n9zX7w.roa (raw, json)
Hash identifier: NciEnBsoFrPmNoncnxwe1DkVUAjuGcfemR61KWLXSmo=
Subject key identifier: 86:0E:38:D7:E7:64:D4:42:C0:09:C0:51:F6:12:42:EE:7F:73:5F:BC
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0194282812B807A17B1CE6AF934BBE5FFDE9
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/hg441-dk1ELACcBR9hJC7n9zX7w.roa
Signing time: Thu 02 Jan 2025 17:55:02 +0000
ROA not before: Thu 02 Jan 2025 17:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39251
IP address blocks: 85.130.72.0/22 maxlen: 22
85.130.72.0/24 maxlen: 24
85.130.73.0/24 maxlen: 24
85.130.74.0/24 maxlen: 24
85.130.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:12:b8:07:a1:7b:1c:e6:af:93:4b:be:5f:fd:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=860e38d7e764d442c009c051f61242ee7f735fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f0:ad:c9:66:d1:e8:82:67:92:6b:1e:ef:fe:
df:d7:d8:be:3a:7a:95:90:f9:f8:b8:7f:52:c8:c7:
da:bb:b6:c7:04:43:19:03:af:d6:c3:b9:7f:e3:a5:
09:5b:9d:ff:b8:39:44:46:ce:3a:b1:74:5f:ab:af:
63:0c:88:8b:3c:e7:df:74:e3:c4:0f:64:7c:87:75:
b1:b7:e9:7d:f3:73:f4:97:59:60:b9:4d:52:d5:a7:
a3:1c:76:9b:16:f7:20:3f:ee:29:79:df:30:ba:cb:
c1:43:44:a9:c3:76:d5:16:d6:e8:28:a9:c5:95:00:
78:53:d5:3d:57:21:1b:03:f7:f1:a1:6a:da:cd:51:
07:b9:2e:32:3f:f7:3e:43:e6:2d:e5:f2:94:81:78:
6f:6b:bb:9e:92:87:8a:18:26:fc:fb:04:26:0e:06:
93:be:86:e8:02:c9:24:e5:2d:73:c8:03:f0:13:ac:
d3:37:22:f0:f5:5e:47:b0:a8:49:d0:b1:dd:60:e8:
90:56:7a:d1:c7:35:cf:5a:b4:c4:ea:33:b4:64:3b:
d2:71:10:45:e4:2f:4f:59:59:71:11:1e:47:18:83:
0e:83:0b:1c:a3:0e:44:f0:73:8c:31:bd:20:27:2e:
de:b8:48:a3:bb:09:b0:63:33:a4:82:27:a9:ae:df:
b8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0E:38:D7:E7:64:D4:42:C0:09:C0:51:F6:12:42:EE:7F:73:5F:BC
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/hg441-dk1ELACcBR9hJC7n9zX7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.130.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:04:e5:81:88:19:c8:5d:e8:52:d6:06:e9:40:ab:14:bf:d7:
72:a4:21:92:60:7c:3d:b7:71:50:4f:f0:1b:78:8e:9d:0c:79:
16:87:5d:8e:c5:47:d2:d0:a7:23:4a:42:81:90:f9:0e:2d:30:
03:9a:8e:dd:36:28:da:db:04:86:7c:a0:d2:ed:00:e7:96:fc:
79:96:3b:a1:9b:26:ef:5c:f3:c7:a0:0a:27:a3:7f:00:ac:c7:
3d:2b:74:59:1c:c2:1e:8e:57:ca:54:7b:c8:f4:77:5b:86:81:
bb:d0:80:6b:ab:f2:9c:0d:98:10:fb:35:b7:3e:06:b9:a6:88:
03:5b:79:9a:99:64:35:2f:ce:09:76:e7:e1:0b:95:06:9a:25:
90:2a:01:99:1e:74:dc:b5:71:e4:f9:cf:ac:ca:d8:5a:93:90:
9b:e6:da:69:a7:02:3e:60:bb:4c:6b:1c:17:87:da:c3:8e:e7:
f0:06:9d:ce:9c:e4:18:96:a6:c6:97:ae:90:55:8d:c4:a4:f3:
c9:38:03:89:c4:dd:8d:ee:37:25:77:3e:af:45:5a:f9:ce:03:
a7:29:90:50:c1:98:c9:98:91:c8:03:cf:d2:d0:3a:82:1b:72:
70:61:9c:33:50:8f:50:b9:1b:4a:d5:92:f1:3a:83:64:d3:0c:
09:31:49:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoKBK4B6F7HOavk0u+X/3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBlMzhkN2U3NjRkNDQyYzAwOWMwNTFmNjEyNDJlZTdmNzM1ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PCtyWbR6IJnkmse7/7f19i+OnqV
kPn4uH9SyMfau7bHBEMZA6/Ww7l/46UJW53/uDlERs46sXRfq69jDIiLPOffdOPE
D2R8h3Wxt+l983P0l1lguU1S1aejHHabFvcgP+4ped8wusvBQ0Spw3bVFtboKKnF
lQB4U9U9VyEbA/fxoWrazVEHuS4yP/c+Q+Yt5fKUgXhva7uekoeKGCb8+wQmDgaT
voboAskk5S1zyAPwE6zTNyLw9V5HsKhJ0LHdYOiQVnrRxzXPWrTE6jO0ZDvScRBF
5C9PWVlxER5HGIMOgwscow5E8HOMMb0gJy7euEijuwmwYzOkgieprt+4WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYOONfnZNRCwAnAUfYSQu5/c1+8MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvaGc0NDEtZGsxRUxBQ2NCUjloSkM3bjl6WDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVYJIMA0G
CSqGSIb3DQEBCwUAA4IBAQAPBOWBiBnIXehS1gbpQKsUv9dypCGSYHw9t3FQT/Ab
eI6dDHkWh12OxUfS0KcjSkKBkPkOLTADmo7dNija2wSGfKDS7QDnlvx5ljuhmybv
XPPHoAono38ArMc9K3RZHMIejlfKVHvI9HdbhoG70IBrq/KcDZgQ+zW3Pga5pogD
W3mamWQ1L84JdufhC5UGmiWQKgGZHnTctXHk+c+sythak5Cb5tpppwI+YLtMaxwX
h9rDjufwBp3OnOQYlqbGl66QVY3EpPPJOAOJxN2N7jcldz6vRVr5zgOnKZBQwZjJ
mJHIA8/S0DqCG3JwYZwzUI9QuRtK1ZLxOoNk0wwJMUla
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:54:50 2025 by rpki-client