Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/HbsyO5Ut_ka88PCOgvDpSMFZyq8.roa
File: HbsyO5Ut_ka88PCOgvDpSMFZyq8.roa (raw, json)
Hash identifier: jCtFWPN5pcUn2iLSUbvpLI7JdhumMbRU/0oC6bbWKPU=
Subject key identifier: 1D:BB:32:3B:95:2D:FE:46:BC:F0:F0:8E:82:F0:E9:48:C1:59:CA:AF
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 019422865F108D17FEB5B85385CC1F65C182
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/HbsyO5Ut_ka88PCOgvDpSMFZyq8.roa
Signing time: Wed 01 Jan 2025 15:40:18 +0000
ROA not before: Wed 01 Jan 2025 15:40:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200590
IP address blocks: 78.142.250.0/23 maxlen: 23
78.142.250.0/24 maxlen: 24
78.142.251.0/24 maxlen: 24
195.7.12.0/24 maxlen: 24
195.7.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:86:5f:10:8d:17:fe:b5:b8:53:85:cc:1f:65:c1:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Jan 1 15:40:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dbb323b952dfe46bcf0f08e82f0e948c159caaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a1:7b:24:b5:81:5f:23:f7:60:1b:18:77:dd:
8c:f0:6f:71:fc:6c:f1:7d:b6:36:74:61:c3:ec:e7:
a4:a0:42:3e:b7:07:5f:22:e3:0a:35:88:bf:8c:92:
2a:c7:b0:b2:5b:77:e4:ed:44:2d:35:ab:1d:0e:1b:
57:e5:83:10:f5:b5:c8:61:46:9b:60:16:91:b2:92:
22:be:69:e9:ba:4b:a7:98:3e:9a:33:72:44:94:c8:
fb:e1:c8:ab:4f:53:91:dd:d7:72:c8:50:32:8c:e0:
77:cb:4a:cf:98:a2:95:d6:e8:8f:84:3a:24:e4:c8:
ae:0a:6e:79:b0:11:1c:09:d5:d7:f7:38:c3:3a:b5:
7d:88:0a:3e:13:6e:9e:46:5c:ce:8d:f2:ca:b0:52:
aa:bb:7e:62:96:fb:72:97:52:ae:6b:06:3f:4a:23:
69:e9:ee:6c:d5:96:43:03:48:c3:37:62:2a:01:da:
21:2a:95:e9:be:21:71:16:65:79:bf:49:69:18:b4:
65:62:63:d5:71:83:63:a3:77:ec:36:bc:0c:3b:65:
49:00:42:2c:5e:1c:c7:20:79:32:56:5d:73:a0:65:
95:92:0c:35:80:2a:10:cf:b1:6a:99:f5:8e:79:f8:
80:ac:e7:38:4b:0c:44:b4:2e:e5:e6:dd:50:b3:c7:
ef:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BB:32:3B:95:2D:FE:46:BC:F0:F0:8E:82:F0:E9:48:C1:59:CA:AF
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/HbsyO5Ut_ka88PCOgvDpSMFZyq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.250.0/23
195.7.12.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:10:0f:5f:c4:57:f1:00:f4:ed:bc:bc:5b:29:f7:51:30:05:
0b:dd:3e:58:f4:27:98:26:b4:a3:8e:d9:35:0d:8f:5c:dc:03:
a2:33:85:ea:9a:7b:84:a6:2c:e8:a0:ff:c6:95:9d:7d:ef:4f:
4b:9d:de:87:da:cd:ac:ab:d1:ae:8b:8f:83:55:aa:c4:e4:c0:
92:e4:f7:d5:30:66:c8:5d:4d:83:fe:83:1b:f3:a4:c2:38:e8:
28:61:41:4f:c7:77:6e:6f:e9:de:ed:da:e3:59:6f:07:81:d1:
22:44:b5:30:1e:07:62:58:06:67:90:4d:91:2c:27:8e:c0:19:
3a:2e:f8:0c:78:5b:f0:99:79:18:89:9e:be:d5:67:66:e0:55:
c3:db:ab:9e:f7:71:e2:08:6a:d2:e0:c7:c3:66:4b:eb:3d:29:
61:ba:58:2f:f3:d0:f3:7b:4c:a5:65:4b:88:83:8a:4f:ff:92:
38:9b:5a:d8:db:fe:57:b6:32:51:8d:53:71:79:12:d7:27:fb:
a0:43:ee:50:03:56:c2:27:a2:70:24:24:f9:ea:3a:3e:c4:e8:
ae:5c:d9:3b:20:b9:f8:4b:a1:f8:b7:a5:f9:59:b6:a9:c4:2f:
fb:05:0c:80:1f:00:1a:a0:5f:ef:1f:71:62:fa:70:d9:b4:c8:
e7:1a:b5:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQihl8QjRf+tbhThcwfZcGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjUwMTAxMTU0MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGJiMzIzYjk1MmRmZTQ2YmNmMGYwOGU4MmYwZTk0OGMxNTljYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKF7JLWBXyP3YBsYd92M8G9x/Gzx
fbY2dGHD7OekoEI+twdfIuMKNYi/jJIqx7CyW3fk7UQtNasdDhtX5YMQ9bXIYUab
YBaRspIivmnpukunmD6aM3JElMj74cirT1OR3ddyyFAyjOB3y0rPmKKV1uiPhDok
5MiuCm55sBEcCdXX9zjDOrV9iAo+E26eRlzOjfLKsFKqu35ilvtyl1KuawY/SiNp
6e5s1ZZDA0jDN2IqAdohKpXpviFxFmV5v0lpGLRlYmPVcYNjo3fsNrwMO2VJAEIs
XhzHIHkyVl1zoGWVkgw1gCoQz7FqmfWOefiArOc4SwxEtC7l5t1Qs8fvbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB27MjuVLf5GvPDwjoLw6UjBWcqvMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvSGJzeU81VXRfa2E4OFBDT2d2RHBTTUZaeXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTo76AwQB
wwcMMA0GCSqGSIb3DQEBCwUAA4IBAQANEA9fxFfxAPTtvLxbKfdRMAUL3T5Y9CeY
JrSjjtk1DY9c3AOiM4XqmnuEpizooP/GlZ19709Lnd6H2s2sq9Gui4+DVarE5MCS
5PfVMGbIXU2D/oMb86TCOOgoYUFPx3dub+ne7drjWW8HgdEiRLUwHgdiWAZnkE2R
LCeOwBk6LvgMeFvwmXkYiZ6+1Wdm4FXD26ue93HiCGrS4MfDZkvrPSlhulgv89Dz
e0ylZUuIg4pP/5I4m1rY2/5XtjJRjVNxeRLXJ/ugQ+5QA1bCJ6JwJCT56jo+xOiu
XNk7ILn4S6H4t6X5WbapxC/7BQyAHwAaoF/vH3Fi+nDZtMjnGrVL
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:22:19 2025 by rpki-client