Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/JAj8K9FK0yJ4abLe6Fga6ihptw4.roa
File: JAj8K9FK0yJ4abLe6Fga6ihptw4.roa (raw, json)
Hash identifier: EFhtWb0ps1NNZCAlSUS+dLCZTzQuPXq8Ov+/YyEbgx0=
Subject key identifier: 24:08:FC:2B:D1:4A:D3:22:78:69:B2:DE:E8:58:1A:EA:28:69:B7:0E
Certificate issuer: /CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Certificate serial: 01942827A943E529AF4705CE059785B98AB4
Authority key identifier: 1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/JAj8K9FK0yJ4abLe6Fga6ihptw4.roa
Signing time: Thu 02 Jan 2025 17:54:35 +0000
ROA not before: Thu 02 Jan 2025 17:54:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 91.106.128.0/18 maxlen: 24
170.133.0.0/18 maxlen: 24
185.78.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:a9:43:e5:29:af:47:05:ce:05:97:85:b9:8a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Validity
Not Before: Jan 2 17:54:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2408fc2bd14ad3227869b2dee8581aea2869b70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:32:4a:11:9b:f7:6f:b7:d1:11:50:58:87:42:
e7:d9:4d:dc:12:19:70:de:49:fa:a4:2e:de:4d:0b:
07:fa:26:2c:f4:29:ab:6e:5c:a0:7d:70:e0:40:4c:
97:ae:f0:9d:8f:fe:5e:8f:c4:d6:fd:f0:c8:a6:c0:
0e:44:13:95:da:e3:6b:15:ce:ea:d2:6e:7e:56:99:
4f:71:57:cb:fb:50:06:4e:45:12:e0:b2:8d:bd:1f:
ef:97:59:73:fe:ee:fc:2a:84:25:a1:c6:40:f0:2a:
fa:06:44:7b:5c:fd:ab:cd:71:24:c8:78:1d:5d:71:
d2:1c:db:06:d4:31:15:4a:be:0f:46:fa:44:a0:09:
62:91:02:33:57:14:cd:fe:b4:75:27:27:da:40:22:
78:e3:11:4e:a2:10:78:89:35:cd:51:fe:6b:45:ff:
55:3a:55:39:6a:23:15:8d:d5:59:6a:ea:69:13:21:
42:e5:6a:84:6e:24:be:0e:a2:3d:45:37:f6:20:35:
09:43:87:bf:2c:54:d7:09:eb:1f:75:de:86:44:b6:
3a:3d:72:2f:f0:12:52:04:d7:b3:22:ee:3c:df:51:
a6:63:d1:bd:66:15:25:04:09:52:6a:c3:45:03:bd:
cd:6f:a1:fd:31:16:5b:ee:2f:a2:11:cd:cf:cc:b6:
65:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:08:FC:2B:D1:4A:D3:22:78:69:B2:DE:E8:58:1A:EA:28:69:B7:0E
X509v3 Authority Key Identifier:
keyid:1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/JAj8K9FK0yJ4abLe6Fga6ihptw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.128.0/18
170.133.0.0/18
185.78.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:79:e7:76:ac:16:14:fc:14:12:1e:0a:e1:ca:84:8f:f3:eb:
b9:f4:b0:1c:a4:3f:e9:83:10:f7:5e:1b:99:2b:40:14:ef:97:
90:06:0d:c3:17:76:8c:fe:c5:79:d3:df:84:47:5e:d3:a8:9f:
dc:3d:c9:61:77:96:74:1e:0d:d3:3e:72:db:8d:67:d0:dd:10:
dc:05:ca:cf:d6:a9:ff:54:9a:a9:65:28:87:90:16:89:41:96:
cc:ec:8d:c1:c2:8a:08:01:7d:93:95:35:8e:5e:5e:36:a1:9f:
ea:22:be:15:0a:8e:31:86:df:78:9a:9e:03:09:39:fa:e9:85:
2a:32:bc:31:bc:f1:5f:9f:4d:d2:14:af:08:46:99:cf:28:c8:
de:76:e8:08:5b:d9:7a:e5:f0:6f:6f:fe:a7:4e:f5:9a:1a:e2:
3a:ce:80:f1:36:a3:d6:5d:7c:99:a8:2e:e8:43:48:04:e0:5d:
e0:2b:76:ed:e1:61:a2:28:bc:60:ed:ac:12:db:fa:e4:0d:a0:
cd:45:9f:a0:6d:d1:5d:fa:e9:4e:4f:8a:9d:bf:b6:3c:13:4c:
ce:80:96:21:60:ab:1c:5c:0e:ad:ae:f1:8d:b2:40:e7:75:1b:
5c:95:03:77:7e:92:4c:52:1a:12:0b:92:3a:86:27:51:87:2f:
76:34:5f:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJ6lD5SmvRwXOBZeFuYq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjJlYzgyNWZhNjM4MWU4ZTk0ZmQzOWIwNmVhMzhiNjNl
NDFhMTAwHhcNMjUwMTAyMTc1NDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDA4ZmMyYmQxNGFkMzIyNzg2OWIyZGVlODU4MWFlYTI4NjliNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTJKEZv3b7fREVBYh0Ln2U3cEhlw
3kn6pC7eTQsH+iYs9CmrblygfXDgQEyXrvCdj/5ej8TW/fDIpsAORBOV2uNrFc7q
0m5+VplPcVfL+1AGTkUS4LKNvR/vl1lz/u78KoQlocZA8Cr6BkR7XP2rzXEkyHgd
XXHSHNsG1DEVSr4PRvpEoAlikQIzVxTN/rR1JyfaQCJ44xFOohB4iTXNUf5rRf9V
OlU5aiMVjdVZauppEyFC5WqEbiS+DqI9RTf2IDUJQ4e/LFTXCesfdd6GRLY6PXIv
8BJSBNezIu4831GmY9G9ZhUlBAlSasNFA73Nb6H9MRZb7i+iEc3PzLZlhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCQI/CvRStMieGmy3uhYGuooabcOMB8GA1UdIwQY
MBaAFBzy7IJfpjgejpT9ObBuo4tj5BoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2Ut
YzRjNjM5ODNiNTBjLzEvSkFqOEs5RksweUo0YWJMZTZGZ2E2aWhwdHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2UtYzRjNjM5ODNiNTBj
LzEvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGW2qAAwQG
qoUAAwQCuU48MA0GCSqGSIb3DQEBCwUAA4IBAQCieed2rBYU/BQSHgrhyoSP8+u5
9LAcpD/pgxD3XhuZK0AU75eQBg3DF3aM/sV509+ER17TqJ/cPclhd5Z0Hg3TPnLb
jWfQ3RDcBcrP1qn/VJqpZSiHkBaJQZbM7I3BwooIAX2TlTWOXl42oZ/qIr4VCo4x
ht94mp4DCTn66YUqMrwxvPFfn03SFK8IRpnPKMjedugIW9l65fBvb/6nTvWaGuI6
zoDxNqPWXXyZqC7oQ0gE4F3gK3bt4WGiKLxg7awS2/rkDaDNRZ+gbdFd+ulOT4qd
v7Y8E0zOgJYhYKscXA6trvGNskDndRtclQN3fpJMUhoSC5I6hidRhy92NF+y
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:47:26 2025 by rpki-client