Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HIVAfBpuYLzHlXdIStf-ZEACtsI.roa
File: HIVAfBpuYLzHlXdIStf-ZEACtsI.roa (raw, json)
Hash identifier: VyDhfLPeLz4UbNNoSQxmWBkkugEX9layAMFadyf2zgM=
Subject key identifier: 1C:85:40:7C:1A:6E:60:BC:C7:95:77:48:4A:D7:FE:64:40:02:B6:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019566B348F989BF0C9C239E3F9D8E0EE435
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HIVAfBpuYLzHlXdIStf-ZEACtsI.roa
Signing time: Wed 05 Mar 2025 14:26:20 +0000
ROA not before: Wed 05 Mar 2025 14:26:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198037
IP address blocks: 94.156.117.0/24 maxlen: 24
94.156.122.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:b3:48:f9:89:bf:0c:9c:23:9e:3f:9d:8e:0e:e4:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 5 14:26:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c85407c1a6e60bcc79577484ad7fe644002b6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:60:91:f9:05:e3:93:1f:8d:b7:36:47:ae:35:
17:72:52:9c:a2:03:02:1f:ae:83:0d:4a:10:fd:03:
df:14:78:bd:23:ee:cd:37:25:d9:56:f1:fa:ce:f2:
b9:05:59:2b:97:c3:cf:3d:9b:9b:81:4f:c8:30:ba:
e4:7f:24:78:11:d2:7d:44:59:2f:b8:9c:f9:a4:25:
ea:ff:fe:09:bc:79:64:fd:8a:82:36:d7:b2:98:8f:
dd:93:bb:05:c2:e6:9f:2b:96:ad:00:f2:fa:98:06:
4f:8a:55:50:e7:f8:1d:d4:48:21:1b:a0:56:36:bc:
f5:d3:39:40:80:ec:f6:38:7a:ea:24:5d:28:bf:7f:
b0:3b:eb:f9:02:e2:6f:b0:8f:28:40:97:80:53:0a:
e6:f4:84:8e:4a:a5:dc:12:fb:a2:4f:60:02:2a:ae:
c3:86:81:76:89:cc:f7:f4:5e:b7:13:af:88:60:8b:
b5:55:5b:56:b0:66:a5:5e:bc:77:f3:58:7b:dc:44:
da:c5:11:77:09:74:21:c9:97:86:dd:28:2b:2a:8b:
75:32:4c:3c:48:ef:e8:4a:a2:be:4c:38:1a:88:6a:
bf:0b:78:36:5b:8c:d8:cb:a3:28:c0:22:11:76:b4:
35:56:ab:c5:fe:4c:9d:62:a0:0b:09:ad:f6:8d:65:
f9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:85:40:7C:1A:6E:60:BC:C7:95:77:48:4A:D7:FE:64:40:02:B6:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HIVAfBpuYLzHlXdIStf-ZEACtsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.117.0/24
94.156.122.0/24
94.156.131.0/24
Signature Algorithm: sha256WithRSAEncryption
36:51:1d:d4:30:26:a4:66:02:d7:0a:62:6c:8e:9a:6d:a9:75:
47:b9:29:f2:8e:8b:3c:45:3b:01:fa:c1:be:0c:ff:25:47:67:
de:86:82:86:cf:ab:af:60:a7:8d:73:ba:70:78:37:c8:c9:ae:
7a:85:2a:83:c9:02:b6:14:90:f8:e5:fe:96:b6:ac:d0:92:c0:
2b:6f:10:47:4d:6b:f5:2b:b9:1a:b2:1e:52:8a:10:20:9c:9f:
ff:ec:31:7c:89:e0:37:2a:97:2d:30:6f:d1:3a:f6:c6:42:32:
b0:0e:0a:e6:83:00:e4:2b:ca:6c:97:f8:df:27:d5:de:ab:3e:
57:1b:ed:b5:06:2b:44:94:40:6b:d4:c4:73:79:9c:81:e0:e4:
4b:2b:7f:66:59:58:b0:62:9a:f5:4f:f4:f0:34:53:9e:23:83:
ba:2d:3b:d8:51:2a:2a:9c:46:8d:d6:ec:64:59:84:b5:67:ca:
e5:50:84:1b:32:86:22:77:67:29:7a:be:f3:b4:3c:7c:24:2f:
a3:af:e6:03:72:d3:9a:d0:cb:d2:cd:30:e6:99:d3:13:4c:82:
e4:84:d6:47:ef:33:fa:68:11:bc:16:6f:1d:fe:a6:02:31:3d:
ee:04:3f:b7:f0:c1:17:f3:8c:31:dc:c6:87:56:b0:64:ea:0f:
36:c7:f2:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVms0j5ib8MnCOeP52ODuQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzA1MTQyNjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg1NDA3YzFhNmU2MGJjYzc5NTc3NDg0YWQ3ZmU2NDQwMDJiNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32CR+QXjkx+NtzZHrjUXclKcogMC
H66DDUoQ/QPfFHi9I+7NNyXZVvH6zvK5BVkrl8PPPZubgU/IMLrkfyR4EdJ9RFkv
uJz5pCXq//4JvHlk/YqCNteymI/dk7sFwuafK5atAPL6mAZPilVQ5/gd1EghG6BW
Nrz10zlAgOz2OHrqJF0ov3+wO+v5AuJvsI8oQJeAUwrm9ISOSqXcEvuiT2ACKq7D
hoF2icz39F63E6+IYIu1VVtWsGalXrx381h73ETaxRF3CXQhyZeG3SgrKot1Mkw8
SO/oSqK+TDgaiGq/C3g2W4zYy6MowCIRdrQ1VqvF/kydYqALCa32jWX5ZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFByFQHwabmC8x5V3SErX/mRAArbCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSElWQWZCcHVZTHpIbFhkSVN0Zi1aRUFDdHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXpx1AwQA
Xpx6AwQAXpyDMA0GCSqGSIb3DQEBCwUAA4IBAQA2UR3UMCakZgLXCmJsjpptqXVH
uSnyjos8RTsB+sG+DP8lR2fehoKGz6uvYKeNc7pweDfIya56hSqDyQK2FJD45f6W
tqzQksArbxBHTWv1K7kash5SihAgnJ//7DF8ieA3KpctMG/ROvbGQjKwDgrmgwDk
K8psl/jfJ9Xeqz5XG+21BitElEBr1MRzeZyB4ORLK39mWViwYpr1T/TwNFOeI4O6
LTvYUSoqnEaN1uxkWYS1Z8rlUIQbMoYid2cper7ztDx8JC+jr+YDctOa0MvSzTDm
mdMTTILkhNZH7zP6aBG8Fm8d/qYCMT3uBD+38MEX84wx3MaHVrBk6g82x/Io
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:11 2025 by rpki-client