Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/HcQrgOQY-RDP91BfEeuOKm8svWo.roa
File: HcQrgOQY-RDP91BfEeuOKm8svWo.roa (raw, json)
Hash identifier: RFd4n5G3/cIpkMo0ZtzCONcMq2heCCR+957up7goQF0=
Subject key identifier: 1D:C4:2B:80:E4:18:F9:10:CF:F7:50:5F:11:EB:8E:2A:6F:2C:BD:6A
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01907BB6D7ABDAA4467E6AA7E952877CAFD1
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/HcQrgOQY-RDP91BfEeuOKm8svWo.roa
Signing time: Thu 04 Jul 2024 03:08:18 +0000
ROA not before: Thu 04 Jul 2024 03:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
88.135.96.0/20 maxlen: 24
93.119.184.0/21 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
192.200.192.0/19 maxlen: 24
198.145.112.0/22 maxlen: 24
212.32.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7b:b6:d7:ab:da:a4:46:7e:6a:a7:e9:52:87:7c:af:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 4 03:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dc42b80e418f910cff7505f11eb8e2a6f2cbd6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4b:15:ee:04:3a:b0:57:dc:de:f8:19:07:91:
75:e2:d5:ec:fd:a8:d5:a6:4e:7f:20:2f:53:8d:65:
14:0f:8c:d3:a7:7b:0a:c4:80:cb:03:98:eb:0f:2a:
62:a9:39:55:ef:ab:08:82:41:e6:da:dd:4c:6d:74:
0e:4c:61:49:a7:0b:d0:05:07:3c:ac:10:e8:36:fc:
28:1f:c9:05:f4:78:9a:3e:88:a8:17:8d:15:74:48:
10:5a:88:88:f1:92:4d:1a:0f:2d:1a:9b:5d:d1:3b:
69:e7:63:60:c6:16:d4:41:4c:fc:4e:86:e5:66:69:
13:20:12:7e:68:98:4f:6a:b4:d1:3f:5d:f0:3b:10:
ff:fe:1a:ba:24:40:81:b6:41:a2:08:67:ee:c7:40:
a5:07:9b:33:b1:bc:f0:46:85:6a:6f:dd:6b:12:1d:
44:c4:bd:95:57:3a:16:19:c2:5d:35:e4:a2:ff:0f:
83:d8:70:c2:38:0e:6a:28:c1:5e:ae:af:01:2d:bc:
dc:8c:18:04:de:fb:ed:b4:0f:50:8d:69:89:a5:38:
b1:36:52:b2:cc:ad:03:89:34:1f:91:cd:25:10:82:
fe:a9:16:c3:57:52:40:5b:c0:ed:45:73:c6:6c:07:
85:e5:d4:07:5d:eb:46:d7:b6:40:80:6a:b8:09:1e:
b2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C4:2B:80:E4:18:F9:10:CF:F7:50:5F:11:EB:8E:2A:6F:2C:BD:6A
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/HcQrgOQY-RDP91BfEeuOKm8svWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/20
66.9.96.0/20
66.117.8.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
88.135.96.0/20
93.119.184.0/21
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
192.200.192.0/19
198.145.112.0/22
212.32.96.0/20
Signature Algorithm: sha256WithRSAEncryption
87:d8:2e:19:17:90:ed:9d:23:3f:33:d2:56:c6:a0:da:5e:7c:
ba:67:84:02:ea:9d:d5:39:69:4f:2e:ea:cf:d5:47:f4:2b:c4:
50:93:5d:9d:26:0f:14:cd:47:81:e5:dc:3a:4e:2d:8e:91:2d:
73:61:d5:68:16:97:12:4c:13:c4:b4:df:d6:2b:10:4c:42:26:
87:c6:b5:ca:c3:1d:00:b6:fd:3b:27:5c:19:b9:71:bd:f6:3e:
a8:d1:e9:3c:f0:12:5d:36:c2:0b:71:02:b7:7d:fa:ac:a3:70:
a3:a0:7c:f0:58:ba:16:31:b7:13:6a:08:5e:6b:a4:39:0f:93:
8e:f3:af:66:25:d6:38:40:aa:c3:d6:f6:09:2b:27:6a:c8:ed:
d8:1e:5a:a9:48:d6:59:71:83:8e:db:1d:ff:5d:b8:b7:54:4c:
4c:df:a0:c1:9a:57:62:ad:f8:9f:df:db:9d:9a:32:89:b5:16:
bc:de:84:2f:b5:7a:cb:91:43:80:28:e9:07:19:4e:91:e7:6d:
c9:31:80:58:6a:26:5a:ee:2b:8f:13:fc:3a:e3:4a:c1:aa:2b:
d9:d2:72:d8:c5:c0:a6:83:1e:38:47:42:78:ff:f2:1e:d5:56:
79:1f:92:c1:3f:2c:83:a9:62:0e:e4:0a:37:79:4c:4d:a3:92:
4d:93:f2:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZB7tter2qRGfmqn6VKHfK/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNzA0MDMwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM0MmI4MGU0MThmOTEwY2ZmNzUwNWYxMWViOGUyYTZmMmNiZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEsV7gQ6sFfc3vgZB5F14tXs/ajV
pk5/IC9TjWUUD4zTp3sKxIDLA5jrDypiqTlV76sIgkHm2t1MbXQOTGFJpwvQBQc8
rBDoNvwoH8kF9HiaPoioF40VdEgQWoiI8ZJNGg8tGptd0Ttp52NgxhbUQUz8Tobl
ZmkTIBJ+aJhParTRP13wOxD//hq6JECBtkGiCGfux0ClB5szsbzwRoVqb91rEh1E
xL2VVzoWGcJdNeSi/w+D2HDCOA5qKMFerq8BLbzcjBgE3vvttA9QjWmJpTixNlKy
zK0DiTQfkc0lEIL+qRbDV1JAW8DtRXPGbAeF5dQHXetG17ZAgGq4CR6ySQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFB3EK4DkGPkQz/dQXxHrjipvLL1qMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvSGNRcmdPUVktUkRQOTFCZkVldU9LbThzdldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEBD6k4AME
BEIJYAMEAkJ1CDAMAwQGTd/AAwQBTd/IAwQBT4tAAwQDU47IAwQEWIdgAwQDXXe4
AwQAXmVnAwQDX7IIAwQDdDIQAwQDeX84AwQCsN4wAwQFwMjAAwQCxpFwAwQE1CBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCH2C4ZF5DtnSM/M9JWxqDaXny6Z4QC6p3VOWlP
LurP1Uf0K8RQk12dJg8UzUeB5dw6Ti2OkS1zYdVoFpcSTBPEtN/WKxBMQiaHxrXK
wx0Atv07J1wZuXG99j6o0ek88BJdNsILcQK3ffqso3CjoHzwWLoWMbcTaghea6Q5
D5OO869mJdY4QKrD1vYJKydqyO3YHlqpSNZZcYOO2x3/Xbi3VExM36DBmldirfif
39udmjKJtRa83oQvtXrLkUOAKOkHGU6R523JMYBYaiZa7iuPE/w640rBqivZ0nLY
xcCmgx44R0J4//Ie1VZ5H5LBPyyDqWIO5Ao3eUxNo5JNk/K/
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:51 2025 by rpki-client