Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/hf-Axeu0-LKzLqki_vil6CeScoo.roa
File: hf-Axeu0-LKzLqki_vil6CeScoo.roa (raw, json)
Hash identifier: Nh2kbF9yIljjgDIhCm7xNMGzz25ux65Knd2i1INqJjc=
Subject key identifier: 85:FF:80:C5:EB:B4:F8:B2:B3:2E:A9:22:FE:F8:A5:E8:27:92:72:8A
Certificate issuer: /CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Certificate serial: 0182D7342D76E8D969FA6D5F74BE1663AFA5
Authority key identifier: 9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/hf-Axeu0-LKzLqki_vil6CeScoo.roa
Signing time: Thu 25 Aug 2022 22:51:37 +0000
ROA not before: Thu 25 Aug 2022 22:51:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29802
IP address blocks: 149.255.39.0/24 maxlen: 24
45.158.38.0/24 maxlen: 24
45.158.36.0/23 maxlen: 32
45.158.39.0/24 maxlen: 24
37.72.168.0/21 maxlen: 32
37.72.172.0/23 maxlen: 23
37.72.171.0/24 maxlen: 24
37.72.170.0/23 maxlen: 23
37.72.170.0/24 maxlen: 24
37.72.174.0/23 maxlen: 23
194.126.172.0/24 maxlen: 24
194.126.172.0/22 maxlen: 24
194.126.175.0/24 maxlen: 24
194.126.173.0/24 maxlen: 24
94.100.16.0/20 maxlen: 32
94.100.16.0/24 maxlen: 24
94.100.17.0/24 maxlen: 24
94.100.23.0/24 maxlen: 24
94.100.24.0/24 maxlen: 24
94.100.21.0/24 maxlen: 24
94.100.22.0/24 maxlen: 24
94.100.19.0/24 maxlen: 24
94.100.20.0/24 maxlen: 24
94.100.18.0/24 maxlen: 24
94.100.30.0/24 maxlen: 24
94.100.31.0/24 maxlen: 24
94.100.28.0/24 maxlen: 24
94.100.29.0/24 maxlen: 24
94.100.26.0/24 maxlen: 24
94.100.27.0/24 maxlen: 24
94.100.25.0/24 maxlen: 24
217.79.240.0/24 maxlen: 24
217.79.242.0/23 maxlen: 24
217.79.240.0/20 maxlen: 24
149.255.37.0/24 maxlen: 24
149.255.38.0/24 maxlen: 24
149.255.32.0/21 maxlen: 32
149.255.35.0/24 maxlen: 24
149.255.36.0/24 maxlen: 32
89.233.104.0/24 maxlen: 24
89.233.104.0/21 maxlen: 24
89.233.105.0/24 maxlen: 24
89.233.106.0/24 maxlen: 24
89.233.107.0/24 maxlen: 24
46.21.144.0/24 maxlen: 24
46.21.145.0/24 maxlen: 24
46.21.144.0/20 maxlen: 32
46.21.151.0/24 maxlen: 24
46.21.152.0/24 maxlen: 24
46.21.150.0/24 maxlen: 24
46.21.148.0/24 maxlen: 24
46.21.146.0/24 maxlen: 24
46.21.147.0/24 maxlen: 24
46.21.158.0/23 maxlen: 23
46.21.156.0/24 maxlen: 24
46.21.157.0/24 maxlen: 24
46.21.153.0/24 maxlen: 24
195.242.152.0/23 maxlen: 24
195.242.153.0/24 maxlen: 24
2a02:748:f000::/36 maxlen: 36
2a02:748:c000::/35 maxlen: 35
2a02:748::/35 maxlen: 35
2a02:748:e000::/35 maxlen: 35
2a02:748::/32 maxlen: 48
2a0f:5180::/32 maxlen: 32
2a02:748:6000::/48 maxlen: 48
2a0f:5180::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d7:34:2d:76:e8:d9:69:fa:6d:5f:74:be:16:63:af:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d23f4cb4bab5c10801a770658df891cfb8c68c6
Validity
Not Before: Aug 25 22:51:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85ff80c5ebb4f8b2b32ea922fef8a5e82792728a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:35:44:f1:52:09:31:af:35:37:d9:b8:8d:79:
98:cf:7c:56:ec:67:9b:5b:db:c9:d0:08:c7:58:69:
ad:ab:db:cd:7a:68:aa:3b:f4:0b:10:28:a6:4b:62:
05:96:07:39:a1:00:b8:9f:30:77:c2:2d:fc:a5:7c:
da:4c:30:b1:59:bd:2f:48:54:ef:ff:95:76:4e:03:
2b:94:7f:a1:dd:c9:6b:b4:34:cb:e4:2a:c6:41:3a:
09:5f:40:70:7c:25:ff:b3:fb:04:66:1c:25:cb:48:
cc:ee:8c:be:17:b0:ca:1b:a0:68:66:cd:a5:e3:6e:
1d:ed:73:d1:fd:1e:68:e5:ef:14:1b:a7:4e:0d:bf:
df:6b:0b:f4:72:5a:21:fe:3a:84:07:e8:0f:0e:0e:
fc:f5:77:92:2d:1a:9c:2a:06:5e:7b:0c:28:89:d7:
f0:50:2e:21:2a:ae:61:a1:f8:e9:f8:5c:0d:c4:4e:
3b:31:00:ae:7f:fa:06:b3:cb:e9:a4:10:35:aa:1d:
26:32:9e:86:6b:e3:90:d3:49:2f:f0:b8:b9:fb:46:
62:c5:0e:88:59:04:5d:ec:4a:ff:b6:1a:a2:68:06:
43:9d:06:0b:4e:9f:ae:92:ac:cc:a2:11:48:54:5d:
9e:ef:e7:7e:74:35:62:ee:cf:5f:c6:ca:35:51:62:
c7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FF:80:C5:EB:B4:F8:B2:B3:2E:A9:22:FE:F8:A5:E8:27:92:72:8A
X509v3 Authority Key Identifier:
keyid:9D:23:F4:CB:4B:AB:5C:10:80:1A:77:06:58:DF:89:1C:FB:8C:68:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSP0y0urXBCAGncGWN-JHPuMaMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/hf-Axeu0-LKzLqki_vil6CeScoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4eca4d-3a2e-4a84-a789-01577a927fa9/1/nSP0y0urXBCAGncGWN-JHPuMaMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.168.0/21
45.158.36.0/22
46.21.144.0/20
89.233.104.0/21
94.100.16.0/20
149.255.32.0/21
194.126.172.0/22
195.242.152.0/23
217.79.240.0/20
IPv6:
2a02:748::/32
2a0f:5180::/29
Signature Algorithm: sha256WithRSAEncryption
b7:b2:db:f1:15:28:e0:a2:ad:96:17:40:9c:bd:06:ec:44:9d:
44:9c:73:00:86:31:d2:0c:5f:1d:11:fe:75:23:bb:c8:16:6a:
c1:08:b3:52:93:d1:04:ea:57:53:60:d0:ad:b1:fe:70:e9:90:
98:af:44:e0:01:75:5b:dd:12:4a:b7:e2:2e:64:41:d6:b5:e7:
80:08:69:7e:13:a2:99:0a:cc:73:ad:1c:6d:77:0e:a8:97:66:
6b:ac:1e:8f:b8:66:67:b0:42:46:ca:12:b6:8a:61:16:e8:cd:
dd:23:6f:33:59:59:3c:72:c1:1a:aa:40:8e:0a:98:b9:3c:2c:
aa:4c:67:46:fa:13:95:cc:9b:ec:db:5b:48:46:f4:cb:e5:64:
5c:ac:10:eb:f7:a4:64:0c:af:a5:6b:fb:75:44:64:df:a9:c5:
0f:59:eb:1f:c5:6a:c0:3d:bd:c4:6a:33:31:da:b8:b8:30:b5:
28:8f:e0:d5:30:cc:55:e8:9c:47:6c:18:2b:5a:87:8b:7a:f0:
68:d1:8b:d1:d1:43:e1:95:a3:fc:b6:7c:57:e0:b8:4b:55:a7:
90:ae:4f:5b:0b:1d:2a:5d:d5:a8:3f:a9:09:42:a3:65:62:01:
b7:8e:35:cf:ab:dd:b7:1a:d9:ca:74:5f:eb:c7:30:d3:5f:a0:
c6:e8:e2:ce
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYLXNC126Nlp+m1fdL4WY6+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjNmNGNiNGJhYjVjMTA4MDFhNzcwNjU4ZGY4OTFjZmI4
YzY4YzYwHhcNMjIwODI1MjI1MTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWZmODBjNWViYjRmOGIyYjMyZWE5MjJmZWY4YTVlODI3OTI3MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTVE8VIJMa81N9m4jXmYz3xW7Geb
W9vJ0AjHWGmtq9vNemiqO/QLECimS2IFlgc5oQC4nzB3wi38pXzaTDCxWb0vSFTv
/5V2TgMrlH+h3clrtDTL5CrGQToJX0BwfCX/s/sEZhwly0jM7oy+F7DKG6BoZs2l
424d7XPR/R5o5e8UG6dODb/fawv0cloh/jqEB+gPDg789XeSLRqcKgZeewwoidfw
UC4hKq5hofjp+FwNxE47MQCuf/oGs8vppBA1qh0mMp6Ga+OQ00kv8Li5+0ZixQ6I
WQRd7Er/thqiaAZDnQYLTp+ukqzMohFIVF2e7+d+dDVi7s9fxso1UWLHhQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIX/gMXrtPiysy6pIv74pegnknKKMB8GA1UdIwQY
MBaAFJ0j9MtLq1wQgBp3BljfiRz7jGjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODkt
MDE1NzdhOTI3ZmE5LzEvaGYtQXhldTAtTEt6THFraV92aWw2Q2VTY29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZWNhNGQtM2EyZS00YTg0LWE3ODktMDE1NzdhOTI3ZmE5
LzEvblNQMHkwdXJYQkNBR25jR1dOLUpIUHVNYU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDJUioAwQC
LZ4kAwQELhWQAwQDWeloAwQEXmQQAwQDlf8gAwQCwn6sAwQBw/KYAwQE2U/wMBQE
AgACMA4DBQAqAgdIAwUDKg9RgDANBgkqhkiG9w0BAQsFAAOCAQEAt7Lb8RUo4KKt
lhdAnL0G7ESdRJxzAIYx0gxfHRH+dSO7yBZqwQizUpPRBOpXU2DQrbH+cOmQmK9E
4AF1W90SSrfiLmRB1rXngAhpfhOimQrMc60cbXcOqJdma6wej7hmZ7BCRsoStoph
FujN3SNvM1lZPHLBGqpAjgqYuTwsqkxnRvoTlcyb7NtbSEb0y+VkXKwQ6/ekZAyv
pWv7dURk36nFD1nrH8VqwD29xGozMdq4uDC1KI/g1TDMVeicR2wYK1qHi3rwaNGL
0dFD4ZWj/LZ8V+C4S1WnkK5PWwsdKl3VqD+pCUKjZWIBt441z6vdtxrZynRf68cw
01+gxujizg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:56 2025 by rpki-client