Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/HTtaJI7F0HZATXXascx3TmNByxo.roa
File: HTtaJI7F0HZATXXascx3TmNByxo.roa (raw, json)
Hash identifier: d5j76fTLUAV6ovcqXej2UO/z7lwi9LauG77wR6/wZRE=
Subject key identifier: 1D:3B:5A:24:8E:C5:D0:76:40:4D:75:DA:B1:CC:77:4E:63:41:CB:1A
Certificate issuer: /CN=f7aa039b886b226578bdb6a42781bf59044bb138
Certificate serial: 019424B333DDABCE182361311F8CBEDCF262
Authority key identifier: F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/HTtaJI7F0HZATXXascx3TmNByxo.roa
Signing time: Thu 02 Jan 2025 01:48:31 +0000
ROA not before: Thu 02 Jan 2025 01:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35000
IP address blocks: 185.7.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:33:dd:ab:ce:18:23:61:31:1f:8c:be:dc:f2:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7aa039b886b226578bdb6a42781bf59044bb138
Validity
Not Before: Jan 2 01:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d3b5a248ec5d076404d75dab1cc774e6341cb1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3d:fd:24:f3:dc:6c:21:f7:b9:17:42:1c:b6:
91:f1:4c:8d:b0:88:7f:e8:e5:53:40:2c:97:60:ed:
04:60:44:1e:62:b1:8b:59:00:b7:25:16:1b:0b:30:
ba:49:4a:0d:6e:65:ef:d4:75:78:b2:2f:c5:2b:95:
4f:6f:4e:74:3b:d2:13:04:c7:a8:88:4c:35:d6:48:
41:98:18:2e:9e:2b:92:82:9d:de:f8:a8:f2:f0:e7:
74:fd:ac:c8:0a:0a:bd:f5:ed:51:b5:df:48:aa:9b:
b7:0c:ed:7b:95:05:39:84:0d:95:ad:45:59:7b:13:
f2:c7:b4:72:5a:c2:94:00:e0:8e:bf:9f:f9:83:02:
76:11:8d:10:c1:c9:f4:f8:49:88:b9:3c:8a:66:d0:
ec:b3:eb:ca:03:92:e7:be:ed:e1:a4:93:64:cf:5d:
56:a3:47:c7:00:4b:80:55:f9:ff:5a:7d:8f:21:15:
23:8b:fb:3a:59:ce:75:f5:32:9d:38:a9:c8:ff:1a:
8c:a0:a4:b4:f4:3e:ee:f3:47:10:46:fe:89:d6:ac:
ba:42:d6:13:ec:72:e7:1c:be:21:e2:a9:08:3e:06:
d1:0e:a2:51:71:a7:07:89:9e:04:43:21:84:82:ae:
5d:62:c8:ab:38:a1:6f:6a:c5:05:c5:73:18:ef:a8:
58:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3B:5A:24:8E:C5:D0:76:40:4D:75:DA:B1:CC:77:4E:63:41:CB:1A
X509v3 Authority Key Identifier:
keyid:F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/HTtaJI7F0HZATXXascx3TmNByxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:5f:61:67:ac:28:17:63:60:aa:78:dd:7a:83:1c:7c:0a:c8:
b5:cc:fb:1c:ac:61:e7:f6:b7:9a:fd:8a:23:08:df:9c:32:4c:
55:1b:b3:06:ee:ca:74:fa:c2:f5:29:ac:cc:72:77:37:93:32:
cf:dd:77:7e:90:79:f4:4f:c6:53:6a:7b:67:2b:27:b8:76:65:
86:fb:3f:ef:c0:71:aa:70:19:80:9c:b1:4c:84:92:b5:a1:fa:
d2:73:fd:68:b4:64:c2:27:8a:a8:1f:98:c3:af:e9:6d:e6:b9:
0f:97:09:17:2e:9f:35:19:20:45:85:8e:27:e2:ff:46:ec:cb:
f5:d1:4e:0b:ac:81:05:5e:42:e9:dc:ea:0b:ce:d5:60:05:cf:
72:dd:63:38:3c:ae:54:11:bd:1c:b5:24:27:61:5b:fb:88:72:
69:72:8b:cf:d0:0f:0d:9f:7b:ab:4d:60:51:a0:9f:44:90:d1:
d9:03:0b:61:04:63:58:c1:a5:4f:47:ee:62:31:0f:7e:59:8e:
45:fe:39:af:70:88:fe:0a:d1:69:76:6f:b9:4e:c3:77:e7:b1:
f7:3e:fa:b3:05:f5:02:ae:d1:ce:8c:66:ad:23:69:67:3e:eb:
5d:c0:f4:92:28:28:c2:08:44:b2:6d:d1:6a:e0:d6:21:b1:d6:
2e:f8:7b:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkszPdq84YI2ExH4y+3PJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWEwMzliODg2YjIyNjU3OGJkYjZhNDI3ODFiZjU5MDQ0
YmIxMzgwHhcNMjUwMTAyMDE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDNiNWEyNDhlYzVkMDc2NDA0ZDc1ZGFiMWNjNzc0ZTYzNDFjYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz39JPPcbCH3uRdCHLaR8UyNsIh/
6OVTQCyXYO0EYEQeYrGLWQC3JRYbCzC6SUoNbmXv1HV4si/FK5VPb050O9ITBMeo
iEw11khBmBguniuSgp3e+Kjy8Od0/azICgq99e1Rtd9Iqpu3DO17lQU5hA2VrUVZ
exPyx7RyWsKUAOCOv5/5gwJ2EY0Qwcn0+EmIuTyKZtDss+vKA5Lnvu3hpJNkz11W
o0fHAEuAVfn/Wn2PIRUji/s6Wc519TKdOKnI/xqMoKS09D7u80cQRv6J1qy6QtYT
7HLnHL4h4qkIPgbRDqJRcacHiZ4EQyGEgq5dYsirOKFvasUFxXMY76hYpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB07WiSOxdB2QE112rHMd05jQcsaMB8GA1UdIwQY
MBaAFPeqA5uIayJleL22pCeBv1kES7E4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWIt
NmY2MjFkNzM2YWZmLzEvSFR0YUpJN0YwSFpBVFhYYXNjeDNUbU5CeXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWItNmY2MjFkNzM2YWZm
LzEvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQeTMA0G
CSqGSIb3DQEBCwUAA4IBAQBvX2FnrCgXY2CqeN16gxx8Csi1zPscrGHn9rea/Yoj
CN+cMkxVG7MG7sp0+sL1KazMcnc3kzLP3Xd+kHn0T8ZTantnKye4dmWG+z/vwHGq
cBmAnLFMhJK1ofrSc/1otGTCJ4qoH5jDr+lt5rkPlwkXLp81GSBFhY4n4v9G7Mv1
0U4LrIEFXkLp3OoLztVgBc9y3WM4PK5UEb0ctSQnYVv7iHJpcovP0A8Nn3urTWBR
oJ9EkNHZAwthBGNYwaVPR+5iMQ9+WY5F/jmvcIj+CtFpdm+5TsN357H3PvqzBfUC
rtHOjGatI2lnPutdwPSSKCjCCESybdFq4NYhsdYu+Hva
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:02 2025 by rpki-client