Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/HFzLX8JfB09bMiykDXTNNVwsa28.roa
File: HFzLX8JfB09bMiykDXTNNVwsa28.roa (raw, json)
Hash identifier: RkC66kEQrpDYwov3VUFFbJbKcNeYjT04dJ6fhWE8V94=
Subject key identifier: 1C:5C:CB:5F:C2:5F:07:4F:5B:32:2C:A4:0D:74:CD:35:5C:2C:6B:6F
Certificate issuer: /CN=29c2103fd2417c8869145617de94fcc913b085ef
Certificate serial: 01942067F33226F0484B799B393D7E1A1340
Authority key identifier: 29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/HFzLX8JfB09bMiykDXTNNVwsa28.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8368
IP address blocks: 37.26.176.0/21 maxlen: 24
45.134.192.0/22 maxlen: 24
46.247.160.0/19 maxlen: 24
80.253.192.0/20 maxlen: 24
94.143.80.0/21 maxlen: 24
94.247.160.0/21 maxlen: 24
176.53.128.0/22 maxlen: 24
185.8.240.0/22 maxlen: 24
185.12.96.0/22 maxlen: 24
185.48.48.0/22 maxlen: 24
185.50.76.0/22 maxlen: 24
185.117.36.0/22 maxlen: 24
193.239.190.0/23 maxlen: 24
193.243.150.0/23 maxlen: 24
194.105.58.0/23 maxlen: 24
194.105.62.0/23 maxlen: 24
2a01:9720::/32 maxlen: 48
2a01:aa60::/32 maxlen: 48
2a03:bd00::/32 maxlen: 48
2a04:b440::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f3:32:26:f0:48:4b:79:9b:39:3d:7e:1a:13:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c2103fd2417c8869145617de94fcc913b085ef
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c5ccb5fc25f074f5b322ca40d74cd355c2c6b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:88:c7:2f:e5:3c:e1:79:48:b6:f6:82:57:55:
dd:f4:d1:24:80:59:8a:d1:c1:ac:d6:47:73:79:81:
a3:ea:bd:e4:2d:4d:8b:1e:1f:c5:33:8b:e2:82:f4:
f0:c6:b4:3b:2b:2a:2e:95:a2:75:b1:7a:5f:2b:6e:
3c:3f:17:04:32:ee:02:06:d5:b9:c2:1f:92:a1:bc:
44:c6:1c:5a:4b:46:26:a8:99:58:08:e7:66:5b:f4:
9e:c6:3e:5a:f0:c5:ff:05:64:59:ba:85:7e:49:33:
88:03:50:e2:2f:01:3e:28:02:70:b8:5c:9c:a3:09:
df:c0:a4:4b:4a:62:f8:83:20:3d:05:48:3f:0e:2e:
68:2d:73:4b:e9:9d:91:4f:04:4f:73:6e:66:e7:51:
5b:c3:5d:b4:3b:f5:0a:47:05:8e:b0:84:2c:c7:57:
3d:ee:0e:2e:5b:eb:60:37:c5:93:0f:d0:59:45:81:
29:1e:8c:06:65:44:32:55:5c:dc:cd:75:d5:35:90:
66:f9:c4:d9:a3:d8:31:f0:4d:d3:be:4e:52:cf:ce:
cf:02:c2:15:07:6a:87:e6:82:fa:ed:ff:db:dc:1f:
d4:e0:a4:de:7f:0f:79:be:2b:51:24:d7:3a:2d:84:
06:b4:9b:42:75:41:fb:0b:d8:39:d0:a9:b6:f0:8c:
9e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5C:CB:5F:C2:5F:07:4F:5B:32:2C:A4:0D:74:CD:35:5C:2C:6B:6F
X509v3 Authority Key Identifier:
keyid:29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/HFzLX8JfB09bMiykDXTNNVwsa28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.176.0/21
45.134.192.0/22
46.247.160.0/19
80.253.192.0/20
94.143.80.0/21
94.247.160.0/21
176.53.128.0/22
185.8.240.0/22
185.12.96.0/22
185.48.48.0/22
185.50.76.0/22
185.117.36.0/22
193.239.190.0/23
193.243.150.0/23
194.105.58.0/23
194.105.62.0/23
IPv6:
2a01:9720::/32
2a01:aa60::/32
2a03:bd00::/32
2a04:b440::/29
Signature Algorithm: sha256WithRSAEncryption
64:d3:f6:46:3b:b0:bb:a8:25:76:8f:60:5e:04:ab:29:4d:5d:
62:47:b0:c2:14:2d:5c:2d:37:96:b8:18:f8:bc:a6:7d:e0:8c:
f8:f2:bc:c0:78:c1:da:4c:9f:77:cb:85:40:29:ce:37:5b:04:
83:63:73:9b:d2:f8:65:df:ce:19:c0:de:7d:4e:04:b5:54:cc:
e7:80:59:6a:11:b7:af:ad:cf:df:16:81:b6:6a:8b:fc:97:72:
9d:a7:48:8f:bc:2a:2d:de:15:f4:d4:68:d1:ba:59:23:cd:4e:
d2:a9:69:dc:10:6e:55:26:3d:04:99:5b:63:1c:73:b6:74:82:
83:d2:eb:86:e6:25:da:8c:31:2b:1d:db:94:a3:31:4d:29:61:
16:d5:8a:46:76:01:ce:d0:a2:a0:f4:9b:8c:a7:a8:32:c9:ba:
c3:84:73:41:cd:53:f8:f1:90:48:9a:44:13:fe:c7:16:ce:7f:
5d:e5:e9:e2:c1:26:e7:2d:db:3f:5f:da:56:24:1f:ff:4d:28:
b9:dd:8b:16:eb:83:4a:36:e0:8a:19:8e:70:19:bb:1a:29:bd:
39:cc:c4:01:2f:3b:e3:6c:e3:ee:16:36:7c:cf:74:fb:82:00:
61:0c:b1:80:60:1e:9b:1e:98:93:64:e9:34:34:4e:8b:94:1a:
68:0e:8e:9b
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQgZ/MyJvBIS3mbOT1+GhNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzIxMDNmZDI0MTdjODg2OTE0NTYxN2RlOTRmY2M5MTNi
MDg1ZWYwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVjY2I1ZmMyNWYwNzRmNWIzMjJjYTQwZDc0Y2QzNTVjMmM2YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyojHL+U84XlItvaCV1Xd9NEkgFmK
0cGs1kdzeYGj6r3kLU2LHh/FM4vigvTwxrQ7KyoulaJ1sXpfK248PxcEMu4CBtW5
wh+SobxExhxaS0YmqJlYCOdmW/Sexj5a8MX/BWRZuoV+STOIA1DiLwE+KAJwuFyc
ownfwKRLSmL4gyA9BUg/Di5oLXNL6Z2RTwRPc25m51Fbw120O/UKRwWOsIQsx1c9
7g4uW+tgN8WTD9BZRYEpHowGZUQyVVzczXXVNZBm+cTZo9gx8E3Tvk5Sz87PAsIV
B2qH5oL67f/b3B/U4KTefw95vitRJNc6LYQGtJtCdUH7C9g50Km28IyelQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFBxcy1/CXwdPWzIspA10zTVcLGtvMB8GA1UdIwQY
MBaAFCnCED/SQXyIaRRWF96U/MkTsIXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUt
OWQ1NjU3NTEzZTIwLzEvSEZ6TFg4SmZCMDliTWl5a0RYVE5OVndzYTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUtOWQ1NjU3NTEzZTIw
LzEvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBmBAIAATBgAwQDJRqw
AwQCLYbAAwQFLvegAwQEUP3AAwQDXo9QAwQDXvegAwQCsDWAAwQCuQjwAwQCuQxg
AwQCuTAwAwQCuTJMAwQCuXUkAwQBwe++AwQBwfOWAwQBwmk6AwQBwmk+MCIEAgAC
MBwDBQAqAZcgAwUAKgGqYAMFACoDvQADBQMqBLRAMA0GCSqGSIb3DQEBCwUAA4IB
AQBk0/ZGO7C7qCV2j2BeBKspTV1iR7DCFC1cLTeWuBj4vKZ94Iz48rzAeMHaTJ93
y4VAKc43WwSDY3Ob0vhl384ZwN59TgS1VMzngFlqEbevrc/fFoG2aov8l3Kdp0iP
vCot3hX01GjRulkjzU7SqWncEG5VJj0EmVtjHHO2dIKD0uuG5iXajDErHduUozFN
KWEW1YpGdgHO0KKg9JuMp6gyybrDhHNBzVP48ZBImkQT/scWzn9d5eniwSbnLds/
X9pWJB//TSi53YsW64NKNuCKGY5wGbsaKb05zMQBLzvjbOPuFjZ8z3T7ggBhDLGA
YB6bHpiTZOk0NE6LlBpoDo6b
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:15:09 2025 by rpki-client