Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/HSf-a0eTcicBmzn4zJZRWXp92WE.roa
File: HSf-a0eTcicBmzn4zJZRWXp92WE.roa (raw, json)
Hash identifier: vvlQV7Jpi0XVGKQA4HOtArKcD3xjeMm171XNaqqkcT0=
Subject key identifier: 1D:27:FE:6B:47:93:72:27:01:9B:39:F8:CC:96:51:59:7A:7D:D9:61
Certificate issuer: /CN=7015ed275005408d2a86a2303701744430eda34a
Certificate serial: 019422FC30CAA14328EA981D870618A26C55
Authority key identifier: 70:15:ED:27:50:05:40:8D:2A:86:A2:30:37:01:74:44:30:ED:A3:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBXtJ1AFQI0qhqIwNwF0RDDto0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/HSf-a0eTcicBmzn4zJZRWXp92WE.roa
Signing time: Wed 01 Jan 2025 17:49:00 +0000
ROA not before: Wed 01 Jan 2025 17:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 193.25.48.0/24 maxlen: 24
193.25.49.0/24 maxlen: 24
193.25.50.0/24 maxlen: 24
193.25.51.0/24 maxlen: 24
193.25.52.0/24 maxlen: 24
193.25.53.0/24 maxlen: 24
193.25.54.0/24 maxlen: 24
193.25.55.0/24 maxlen: 24
193.25.56.0/24 maxlen: 24
193.25.57.0/24 maxlen: 24
193.25.58.0/24 maxlen: 24
193.25.59.0/24 maxlen: 24
193.25.60.0/24 maxlen: 24
193.25.61.0/24 maxlen: 24
193.25.62.0/24 maxlen: 24
193.25.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:30:ca:a1:43:28:ea:98:1d:87:06:18:a2:6c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7015ed275005408d2a86a2303701744430eda34a
Validity
Not Before: Jan 1 17:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d27fe6b47937227019b39f8cc9651597a7dd961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4e:5b:fb:58:a3:e0:1c:8c:31:4e:6e:ca:cb:
50:57:fd:78:94:df:4f:e3:5d:a5:d2:77:27:21:31:
34:01:81:39:e9:71:39:b8:12:24:1c:66:17:fd:75:
3f:cc:c2:30:b0:ea:af:c6:e8:66:b0:4a:1a:b9:f0:
04:8d:49:6d:78:87:76:7b:5f:f7:16:c5:60:ae:c1:
49:36:33:54:dd:f3:49:1f:03:2a:0e:4f:ac:0a:0d:
47:55:43:7d:e4:ca:84:75:0d:9a:ea:de:83:a1:4a:
c6:fa:1b:b2:aa:c4:ca:80:22:22:ae:08:10:0b:47:
de:01:1c:5a:31:e0:05:15:27:68:a2:59:62:ee:9b:
0d:db:b8:ea:49:70:0d:5e:b6:18:d7:f8:b1:c7:cd:
ce:ba:85:99:2d:a5:8e:ae:d7:3b:c9:a3:20:08:e9:
2b:cb:ec:85:83:81:e9:85:21:09:4c:c2:75:88:3f:
e9:08:d8:b1:82:00:a0:3d:8e:bf:7c:b9:4c:ce:70:
f4:68:92:e2:54:a9:4c:b6:d7:22:9e:16:11:76:7f:
e4:09:27:bc:4f:8b:5e:19:f2:7c:49:bb:c4:66:65:
c7:dc:e0:87:a3:10:14:ea:ea:a0:80:cf:38:02:26:
df:b1:fa:97:34:1c:66:3f:37:6d:1c:d3:d9:dc:2f:
08:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:27:FE:6B:47:93:72:27:01:9B:39:F8:CC:96:51:59:7A:7D:D9:61
X509v3 Authority Key Identifier:
keyid:70:15:ED:27:50:05:40:8D:2A:86:A2:30:37:01:74:44:30:ED:A3:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBXtJ1AFQI0qhqIwNwF0RDDto0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/HSf-a0eTcicBmzn4zJZRWXp92WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ddf529-1536-44f0-9eda-4dad48a16e42/1/cBXtJ1AFQI0qhqIwNwF0RDDto0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.48.0/20
Signature Algorithm: sha256WithRSAEncryption
32:85:c6:85:a3:64:ac:94:59:08:33:02:a2:75:d3:12:87:e9:
52:74:ca:63:a0:1f:11:d1:ea:a5:ed:ae:2f:07:de:1e:46:8c:
23:a0:c1:47:8a:50:11:15:d5:7e:64:6c:1f:ce:e0:7e:85:30:
ec:22:78:49:b4:5d:70:b7:37:f1:7a:7d:9c:17:63:7e:d4:c0:
9d:69:84:79:03:ca:4e:69:dd:01:b2:31:e5:db:56:3d:f0:17:
1f:57:a6:aa:1e:4f:ad:df:b8:1b:2b:32:09:7b:93:7e:28:d0:
3e:35:7e:2f:1d:13:79:ad:a8:94:53:99:b8:01:78:48:5b:70:
20:8d:00:38:d5:a7:b3:5f:82:e3:4f:a6:f6:d2:ba:c4:37:d8:
19:dd:6b:8c:e1:26:66:78:43:36:31:73:43:39:fd:b0:60:0e:
b9:65:62:71:88:bd:04:c7:23:6d:13:ea:13:f8:f9:dc:9d:ec:
18:8e:bb:0e:5a:e0:a3:05:cc:8f:c4:11:fb:1a:d3:11:9c:6c:
68:c6:28:6c:04:2e:67:44:b4:1f:b6:ad:69:2e:7a:34:85:1f:
ac:c6:b9:36:cb:1a:74:31:20:7e:01:f8:43:b7:d6:67:6d:e5:
c5:ea:0f:55:a5:30:4f:84:ef:6f:8c:8a:b3:6e:dc:34:b6:88:
6b:99:16:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/DDKoUMo6pgdhwYYomxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMTVlZDI3NTAwNTQwOGQyYTg2YTIzMDM3MDE3NDQ0MzBl
ZGEzNGEwHhcNMjUwMTAxMTc0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI3ZmU2YjQ3OTM3MjI3MDE5YjM5ZjhjYzk2NTE1OTdhN2RkOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA005b+1ij4ByMMU5uystQV/14lN9P
412l0ncnITE0AYE56XE5uBIkHGYX/XU/zMIwsOqvxuhmsEoaufAEjUlteId2e1/3
FsVgrsFJNjNU3fNJHwMqDk+sCg1HVUN95MqEdQ2a6t6DoUrG+huyqsTKgCIirggQ
C0feARxaMeAFFSdoolli7psN27jqSXANXrYY1/ixx83OuoWZLaWOrtc7yaMgCOkr
y+yFg4HphSEJTMJ1iD/pCNixggCgPY6/fLlMznD0aJLiVKlMttcinhYRdn/kCSe8
T4teGfJ8SbvEZmXH3OCHoxAU6uqggM84AibfsfqXNBxmPzdtHNPZ3C8ItQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0n/mtHk3InAZs5+MyWUVl6fdlhMB8GA1UdIwQY
MBaAFHAV7SdQBUCNKoaiMDcBdEQw7aNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0JYdEoxQUZRSTBxaHFJd053RjBSRER0bzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9kZGY1MjktMTUzNi00NGYwLTllZGEt
NGRhZDQ4YTE2ZTQyLzEvSFNmLWEwZVRjaWNCbXpuNHpKWlJXWHA5MldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9kZGY1MjktMTUzNi00NGYwLTllZGEtNGRhZDQ4YTE2ZTQy
LzEvY0JYdEoxQUZRSTBxaHFJd053RjBSRER0bzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRkwMA0G
CSqGSIb3DQEBCwUAA4IBAQAyhcaFo2SslFkIMwKiddMSh+lSdMpjoB8R0eql7a4v
B94eRowjoMFHilARFdV+ZGwfzuB+hTDsInhJtF1wtzfxen2cF2N+1MCdaYR5A8pO
ad0BsjHl21Y98BcfV6aqHk+t37gbKzIJe5N+KNA+NX4vHRN5raiUU5m4AXhIW3Ag
jQA41aezX4LjT6b20rrEN9gZ3WuM4SZmeEM2MXNDOf2wYA65ZWJxiL0ExyNtE+oT
+PncnewYjrsOWuCjBcyPxBH7GtMRnGxoxihsBC5nRLQftq1pLno0hR+sxrk2yxp0
MSB+AfhDt9ZnbeXF6g9VpTBPhO9vjIqzbtw0tohrmRab
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:32:13 2025 by rpki-client