Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/hn0oOL_Phy31I2IYdCocfuCMl4Y.roa
File: hn0oOL_Phy31I2IYdCocfuCMl4Y.roa (raw, json)
Hash identifier: pL8SqciTf3yJI1mNpTYcxXjCVmcDvB9gR79xz18ukNA=
Subject key identifier: 86:7D:28:38:BF:CF:87:2D:F5:23:62:18:74:2A:1C:7E:E0:8C:97:86
Certificate issuer: /CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Certificate serial: 019425218F9E5E4F3B68E1C5483D1B881C0A
Authority key identifier: FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/hn0oOL_Phy31I2IYdCocfuCMl4Y.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25249
IP address blocks: 81.95.160.0/20 maxlen: 20
81.95.160.0/21 maxlen: 21
81.95.160.0/24 maxlen: 24
94.100.224.0/20 maxlen: 20
94.100.224.0/21 maxlen: 21
94.100.224.0/24 maxlen: 24
94.100.229.0/24 maxlen: 24
94.100.231.0/24 maxlen: 24
94.100.232.0/21 maxlen: 21
94.100.234.0/24 maxlen: 24
94.100.235.0/24 maxlen: 24
94.100.237.0/24 maxlen: 24
94.100.238.0/24 maxlen: 24
185.115.4.0/22 maxlen: 22
185.115.5.0/24 maxlen: 24
185.115.6.0/24 maxlen: 24
185.115.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8f:9e:5e:4f:3b:68:e1:c5:48:3d:1b:88:1c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd2b36206439bbce15b363f09eeff1d738cecc7
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=867d2838bfcf872df5236218742a1c7ee08c9786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e6:c0:49:3a:51:ce:20:41:b9:55:e0:d4:9c:
d9:57:7c:da:0c:ac:1a:02:f2:54:e3:56:b4:2f:56:
ea:82:ea:6d:44:89:bf:62:3f:f2:23:e9:f5:4a:69:
dd:93:1d:36:ed:a6:cb:60:75:62:d6:df:e3:b2:00:
d8:31:47:f3:67:fc:e2:25:20:e2:e7:b2:d2:30:2c:
46:a9:77:cc:8c:a1:af:8f:4b:2c:a4:70:fb:c2:f5:
07:39:79:46:6d:13:cb:9a:49:e0:39:02:c5:65:29:
65:85:a7:4a:e0:85:fb:74:a1:65:48:e2:d1:5f:42:
9f:18:d4:f3:b4:f0:d5:04:87:c2:63:08:8c:be:d8:
21:75:3d:5e:00:24:c5:29:55:19:d5:6a:a6:b4:b4:
9a:6a:b2:9a:59:eb:24:35:c1:cb:ad:f7:79:4d:6d:
19:34:dc:c8:c8:a6:45:c7:0d:b8:cd:b8:26:0a:f3:
15:ba:80:7e:fc:75:85:c2:2d:dc:64:17:a0:2f:b9:
c4:74:8f:dc:17:26:b4:99:a9:fd:dc:bd:66:52:cc:
b8:2d:f3:b9:45:10:ac:68:26:bb:09:1f:80:97:08:
8b:b5:7d:f7:9f:38:d6:ba:e3:14:7a:d7:e2:5b:37:
94:46:69:d8:19:dc:d7:1a:67:be:24:e7:ea:ca:46:
84:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7D:28:38:BF:CF:87:2D:F5:23:62:18:74:2A:1C:7E:E0:8C:97:86
X509v3 Authority Key Identifier:
keyid:FD:D2:B3:62:06:43:9B:BC:E1:5B:36:3F:09:EE:FF:1D:73:8C:EC:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/hn0oOL_Phy31I2IYdCocfuCMl4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/62b909-1e3e-4a1b-9e24-b01e0297b070/1/_dKzYgZDm7zhWzY_Ce7_HXOM7Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.160.0/20
94.100.224.0/20
185.115.4.0/22
Signature Algorithm: sha256WithRSAEncryption
49:7a:a6:be:00:b5:7d:8c:42:2f:fd:6e:dc:50:2c:07:dc:fe:
8f:21:f1:9a:e8:6d:85:cb:60:6b:a7:70:55:8c:ba:ac:68:e0:
82:58:da:a1:e0:21:07:07:f0:d7:f8:f4:b0:59:63:7c:fc:80:
32:9a:2e:f4:b3:1d:98:7a:28:1d:2b:e0:2f:4a:72:f7:9d:c8:
50:d1:8a:28:e8:ad:1b:91:db:56:96:15:4e:00:40:b7:b0:b3:
b4:58:bb:db:83:1a:13:ba:d5:7d:fa:0a:4c:0a:50:70:ac:f4:
90:e4:36:9a:71:ff:e7:15:9b:d0:4e:cb:d7:a8:46:64:96:f3:
67:ff:bc:d0:bf:a8:1d:e5:12:fb:b4:f6:f2:1d:ed:59:c5:54:
4a:1b:1e:85:e3:45:bb:e2:7c:3d:d1:f7:d8:67:9c:3d:7f:a5:
e6:10:73:80:b1:57:44:eb:65:12:f0:5e:12:48:8d:b4:be:54:
af:1c:37:3d:b8:ab:41:89:44:ba:32:85:56:6d:a6:a2:00:90:
a4:09:4d:8d:85:b5:dc:a4:d5:46:6a:d6:c4:c6:f6:ad:9c:68:
c8:09:98:16:a8:c0:47:b5:d7:7d:9e:d3:bd:b6:2e:c5:af:8a:
af:b9:43:b0:d4:33:fe:2e:35:6f:48:9c:24:b3:9e:cd:a4:39:
5e:71:bf:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIY+eXk87aOHFSD0biBwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDJiMzYyMDY0MzliYmNlMTViMzYzZjA5ZWVmZjFkNzM4
Y2VjYzcwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdkMjgzOGJmY2Y4NzJkZjUyMzYyMTg3NDJhMWM3ZWUwOGM5Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApObASTpRziBBuVXg1JzZV3zaDKwa
AvJU41a0L1bqguptRIm/Yj/yI+n1Smndkx027abLYHVi1t/jsgDYMUfzZ/ziJSDi
57LSMCxGqXfMjKGvj0sspHD7wvUHOXlGbRPLmkngOQLFZSllhadK4IX7dKFlSOLR
X0KfGNTztPDVBIfCYwiMvtghdT1eACTFKVUZ1WqmtLSaarKaWeskNcHLrfd5TW0Z
NNzIyKZFxw24zbgmCvMVuoB+/HWFwi3cZBegL7nEdI/cFya0man93L1mUsy4LfO5
RRCsaCa7CR+AlwiLtX33nzjWuuMUetfiWzeURmnYGdzXGme+JOfqykaERQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIZ9KDi/z4ct9SNiGHQqHH7gjJeGMB8GA1UdIwQY
MBaAFP3Ss2IGQ5u84Vs2Pwnu/x1zjOzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQt
YjAxZTAyOTdiMDcwLzEvaG4wb09MX1BoeTMxSTJJWWRDb2NmdUNNbDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82MmI5MDktMWUzZS00YTFiLTllMjQtYjAxZTAyOTdiMDcw
LzEvX2RLellnWkRtN3poV3pZX0NlN19IWE9NN01jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUV+gAwQE
XmTgAwQCuXMEMA0GCSqGSIb3DQEBCwUAA4IBAQBJeqa+ALV9jEIv/W7cUCwH3P6P
IfGa6G2Fy2Brp3BVjLqsaOCCWNqh4CEHB/DX+PSwWWN8/IAymi70sx2YeigdK+Av
SnL3nchQ0Yoo6K0bkdtWlhVOAEC3sLO0WLvbgxoTutV9+gpMClBwrPSQ5Daacf/n
FZvQTsvXqEZklvNn/7zQv6gd5RL7tPbyHe1ZxVRKGx6F40W74nw90ffYZ5w9f6Xm
EHOAsVdE62US8F4SSI20vlSvHDc9uKtBiUS6MoVWbaaiAJCkCU2NhbXcpNVGatbE
xvatnGjICZgWqMBHtdd9ntO9ti7Fr4qvuUOw1DP+LjVvSJwks57NpDlecb9m
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:23 2025 by rpki-client