Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/hPl-SGzQ4GZgnYoC6ykDKItL3cw.roa
File: hPl-SGzQ4GZgnYoC6ykDKItL3cw.roa (raw, json)
Hash identifier: Ai0Udt9rOFdWUn7Nqxkegh/x+FkuKlO0kZcUnHeGT1k=
Subject key identifier: 84:F9:7E:48:6C:D0:E0:66:60:9D:8A:02:EB:29:03:28:8B:4B:DD:CC
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01867310F827E103B980D8E330719A3256F9
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/hPl-SGzQ4GZgnYoC6ykDKItL3cw.roa
Signing time: Tue 21 Feb 2023 08:22:17 +0000
ROA not before: Tue 21 Feb 2023 08:22:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:10:f8:27:e1:03:b9:80:d8:e3:30:71:9a:32:56:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 21 08:22:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84f97e486cd0e066609d8a02eb2903288b4bddcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:31:5e:63:ff:2e:0f:db:37:6c:b6:50:4d:68:
c5:ca:3d:e2:d3:d2:2b:9b:1b:98:6d:ed:66:fa:06:
b6:7e:12:a5:ec:37:37:b7:a3:1b:dd:3f:54:af:31:
be:20:a4:d7:84:6f:52:38:7c:8c:6a:5d:15:fa:1c:
23:71:81:58:8b:22:2e:2c:c8:8b:83:c4:a0:8a:53:
6c:ec:e0:89:84:f6:ed:3b:4c:88:07:67:ed:9d:fc:
35:ef:a6:a9:50:7a:04:41:c5:8a:ce:9e:50:e7:ce:
80:99:bb:5a:c4:a3:2b:c3:79:ed:85:bb:75:01:7e:
4d:28:1c:34:12:8c:41:a9:45:68:97:83:db:50:5d:
78:e4:10:6e:53:01:c4:02:ed:33:3d:d0:8d:96:b8:
37:ec:01:9b:55:62:cc:9a:56:3d:b4:8f:34:ba:a3:
4c:9e:92:36:85:8b:2e:2a:b3:93:bf:95:03:65:3e:
8d:c5:ba:90:62:ea:a7:c6:2c:b3:93:bd:fb:5d:e6:
9c:51:72:e2:e4:4d:60:f9:a0:d1:c6:b4:63:34:4a:
94:f7:00:c2:fe:9f:4c:ef:24:b0:bc:98:70:80:7c:
e6:e6:60:b1:f6:24:da:e3:2b:ab:76:56:2f:d7:50:
28:fb:81:e8:61:5d:87:25:6e:3a:24:cb:97:82:7f:
a0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F9:7E:48:6C:D0:E0:66:60:9D:8A:02:EB:29:03:28:8B:4B:DD:CC
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/hPl-SGzQ4GZgnYoC6ykDKItL3cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
109.104.140.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
90:58:c6:9d:20:3b:32:b2:e0:8e:12:64:da:84:68:d7:f3:48:
0d:c8:2e:03:a6:f4:91:8e:ce:3d:d5:54:c9:56:80:c2:d9:67:
cb:18:4f:b5:d0:55:94:b3:8e:2d:01:0c:96:5b:0c:05:4a:46:
11:53:a6:d2:ca:75:dd:7d:ec:a9:19:11:73:53:65:f4:58:bc:
a3:05:ee:5f:9b:c9:a8:41:f9:97:ae:69:72:aa:ae:9f:61:df:
df:58:89:af:ca:40:cc:ba:30:7f:bd:1f:71:f9:26:e4:c7:d0:
e8:07:8b:89:6e:39:1f:60:7d:95:c9:40:3a:e0:12:ce:03:25:
e8:5e:82:67:b3:11:ca:bb:37:ef:2b:ea:ce:75:74:37:0e:d9:
7d:bf:2c:ae:28:9d:be:29:18:bb:27:69:78:01:1f:f1:fc:43:
dd:ed:a9:a8:e6:5f:9b:4b:13:ae:6b:f8:33:94:bb:9d:eb:48:
4e:93:2e:d9:0f:d5:ec:db:99:a2:87:84:32:a1:51:9a:d4:70:
dd:7c:95:d5:19:33:36:56:09:cc:21:4e:b6:78:de:83:70:20:
88:62:75:7b:23:be:61:fc:a3:db:1e:33:23:82:51:18:e5:ff:
80:98:45:ee:b0:a5:ab:c5:b1:c6:fc:83:8a:39:54:91:2f:09:
93:9e:56:1a
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYZzEPgn4QO5gNjjMHGaMlb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjMwMjIxMDgyMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY5N2U0ODZjZDBlMDY2NjA5ZDhhMDJlYjI5MDMyODhiNGJkZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDFeY/8uD9s3bLZQTWjFyj3i09Ir
mxuYbe1m+ga2fhKl7Dc3t6Mb3T9UrzG+IKTXhG9SOHyMal0V+hwjcYFYiyIuLMiL
g8SgilNs7OCJhPbtO0yIB2ftnfw176apUHoEQcWKzp5Q586AmbtaxKMrw3nthbt1
AX5NKBw0EoxBqUVol4PbUF145BBuUwHEAu0zPdCNlrg37AGbVWLMmlY9tI80uqNM
npI2hYsuKrOTv5UDZT6NxbqQYuqnxiyzk737XeacUXLi5E1g+aDRxrRjNEqU9wDC
/p9M7ySwvJhwgHzm5mCx9iTa4yurdlYv11Ao+4HoYV2HJW46JMuXgn+gmQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFIT5fkhs0OBmYJ2KAuspAyiLS93MMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvaFBsLVNHelE0R1pnbllvQzZ5a0RLSXRMM2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCbWiMAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCkE
AgACMCMDBQMqBCfAAwUDKgluQAMFAyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG
9w0BAQsFAAOCAQEAkFjGnSA7MrLgjhJk2oRo1/NIDcguA6b0kY7OPdVUyVaAwtln
yxhPtdBVlLOOLQEMllsMBUpGEVOm0sp13X3sqRkRc1Nl9Fi8owXuX5vJqEH5l65p
cqqun2Hf31iJr8pAzLowf70fcfkm5MfQ6AeLiW45H2B9lclAOuASzgMl6F6CZ7MR
yrs37yvqznV0Nw7Zfb8sriidvikYuydpeAEf8fxD3e2pqOZfm0sTrmv4M5S7netI
TpMu2Q/V7NuZooeEMqFRmtRw3XyV1RkzNlYJzCFOtnjeg3AgiGJ1eyO+Yfyj2x4z
I4JRGOX/gJhF7rClq8WxxvyDijlUkS8Jk55WGg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:39 2025 by rpki-client