Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/Ha78yg7qqGZ0v8W1DWmHUAWoLSA.roa
File: Ha78yg7qqGZ0v8W1DWmHUAWoLSA.roa (raw, json)
Hash identifier: mO1w4kIt1AKbmRPhw4OwRAWPyk0O9BdOZhhOqd4nLR0=
Subject key identifier: 1D:AE:FC:CA:0E:EA:A8:66:74:BF:C5:B5:0D:69:87:50:05:A8:2D:20
Certificate issuer: /CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Certificate serial: 019420D61739064DF6F381DB2CB0F1DBF18A
Authority key identifier: 7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/Ha78yg7qqGZ0v8W1DWmHUAWoLSA.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205424
IP address blocks: 185.42.172.0/24 maxlen: 24
185.42.173.0/24 maxlen: 24
185.42.174.0/24 maxlen: 24
185.42.175.0/24 maxlen: 24
194.24.188.0/24 maxlen: 24
2a01:63a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:17:39:06:4d:f6:f3:81:db:2c:b0:f1:db:f1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1daefcca0eeaa86674bfc5b50d69875005a82d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:81:f6:99:ad:72:70:b4:ac:fb:5c:d2:9d:
d6:24:5c:b4:03:06:0c:74:97:8f:65:ed:83:56:f3:
f2:8e:52:b9:dc:f9:e6:1a:85:e9:48:28:4a:46:3b:
03:f2:e5:f8:97:bb:26:eb:b4:80:ba:29:db:48:2d:
a8:c7:59:a1:68:89:f4:8b:54:8c:7f:36:8b:aa:a3:
8a:17:7f:22:01:3d:18:0a:ca:f1:34:70:73:d6:a1:
e4:c2:0d:0d:ab:3f:45:43:ab:63:c3:69:f4:07:2f:
12:e0:41:25:e7:5e:29:dc:3f:58:40:1e:e9:08:75:
b7:c5:c9:02:66:f6:01:30:e6:74:15:88:97:3f:84:
b1:7f:d8:28:da:78:09:52:f5:b6:e2:72:85:50:32:
88:3f:9d:8d:61:fc:32:23:8a:21:0d:11:c4:eb:c6:
41:05:70:5c:fd:27:87:fa:3c:1b:57:52:c0:9f:8c:
cd:c7:c0:bc:fd:50:09:61:ea:83:4f:9a:73:22:fa:
2f:d2:22:61:02:09:9d:07:ce:90:bc:d5:80:ae:b1:
de:43:c0:55:d7:dc:e0:b6:5b:b8:47:a3:36:30:6d:
21:ef:32:f7:f8:03:67:ab:ab:54:b8:36:38:e8:99:
ec:42:e1:d7:ba:4c:61:96:61:84:d4:fd:2a:f6:2b:
36:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AE:FC:CA:0E:EA:A8:66:74:BF:C5:B5:0D:69:87:50:05:A8:2D:20
X509v3 Authority Key Identifier:
keyid:7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/Ha78yg7qqGZ0v8W1DWmHUAWoLSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.172.0/22
194.24.188.0/24
IPv6:
2a01:63a0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:06:73:e8:68:35:cb:d6:f2:28:1f:ed:ad:cb:2c:e2:50:b8:
91:db:37:22:3a:d3:64:cb:fe:0e:23:e9:e1:14:ce:bb:d7:0d:
00:d4:2a:4d:f9:70:56:c1:b6:1e:3d:7a:80:f7:10:1a:53:3f:
c6:2e:b7:d5:6d:c1:02:71:8a:79:74:69:87:7a:e9:a5:fa:70:
8f:5b:f7:a3:2d:9a:e8:b8:9b:35:b8:2e:4c:e7:fe:1b:39:34:
94:d9:bb:fe:d2:61:fd:31:97:26:17:64:d5:77:63:c7:68:0c:
06:35:db:fa:be:0e:2a:79:21:57:0b:d2:5f:4a:f4:3d:8c:05:
0f:6d:fd:06:e3:18:e7:9a:5c:c6:b7:53:4c:d1:88:0c:77:a0:
19:d3:6c:f5:e1:3b:98:5e:e2:f2:40:49:88:df:3d:b4:9b:7a:
49:e8:65:7a:36:e2:9f:f5:4f:e6:5d:09:62:49:e8:23:b7:68:
dc:44:33:1d:86:f0:0e:0b:da:43:f7:d7:f7:8e:2e:ab:68:e5:
64:14:06:5d:0f:ba:1f:80:e3:28:13:60:3b:22:ec:c0:c4:7a:
91:cb:e8:16:57:bd:e4:d2:79:8f:db:39:7f:35:49:04:b7:ed:
73:0b:d3:3c:ad:76:4d:11:6c:0f:41:66:92:b3:10:cf:83:4f:
30:d7:4b:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1hc5Bk3284HbLLDx2/GKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMWY1NTdlZTI2M2NiMzU5YTE5ZWEyY2Q3ZmEwZThjOTEz
OWViNzYwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFlZmNjYTBlZWFhODY2NzRiZmM1YjUwZDY5ODc1MDA1YTgyZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX2B9pmtcnC0rPtc0p3WJFy0AwYM
dJePZe2DVvPyjlK53PnmGoXpSChKRjsD8uX4l7sm67SAuinbSC2ox1mhaIn0i1SM
fzaLqqOKF38iAT0YCsrxNHBz1qHkwg0Nqz9FQ6tjw2n0By8S4EEl514p3D9YQB7p
CHW3xckCZvYBMOZ0FYiXP4Sxf9go2ngJUvW24nKFUDKIP52NYfwyI4ohDRHE68ZB
BXBc/SeH+jwbV1LAn4zNx8C8/VAJYeqDT5pzIvov0iJhAgmdB86QvNWArrHeQ8BV
19zgtlu4R6M2MG0h7zL3+ANnq6tUuDY46JnsQuHXukxhlmGE1P0q9is2hwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB2u/MoO6qhmdL/FtQ1ph1AFqC0gMB8GA1UdIwQY
MBaAFHsfVX7iY8s1mhnqLNf6DoyROet2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEt
M2UzNjYwZGExM2E0LzEvSGE3OHlnN3FxR1owdjhXMURXbUhVQVdvTFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEtM2UzNjYwZGExM2E0
LzEvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSqsAwQA
whi8MA0EAgACMAcDBQAqAWOgMA0GCSqGSIb3DQEBCwUAA4IBAQCOBnPoaDXL1vIo
H+2tyyziULiR2zciOtNky/4OI+nhFM671w0A1CpN+XBWwbYePXqA9xAaUz/GLrfV
bcECcYp5dGmHeuml+nCPW/ejLZrouJs1uC5M5/4bOTSU2bv+0mH9MZcmF2TVd2PH
aAwGNdv6vg4qeSFXC9JfSvQ9jAUPbf0G4xjnmlzGt1NM0YgMd6AZ02z14TuYXuLy
QEmI3z20m3pJ6GV6NuKf9U/mXQliSegjt2jcRDMdhvAOC9pD99f3ji6raOVkFAZd
D7ofgOMoE2A7IuzAxHqRy+gWV73k0nmP2zl/NUkEt+1zC9M8rXZNEWwPQWaSsxDP
g08w10tP
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:45:13 2025 by rpki-client