Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/HBY-M_ian-YSI5lwHC0EiUHrs0o.roa
File: HBY-M_ian-YSI5lwHC0EiUHrs0o.roa (raw, json)
Hash identifier: ZI7egCNMEE3B8mkfLf/FS+KENhIx9VFrCinR8XTDQL4=
Subject key identifier: 1C:16:3E:33:F8:9A:9F:E6:12:23:99:70:1C:2D:04:89:41:EB:B3:4A
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019422FBC711DE08DC95B65790151EF4B781
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/HBY-M_ian-YSI5lwHC0EiUHrs0o.roa
Signing time: Wed 01 Jan 2025 17:48:33 +0000
ROA not before: Wed 01 Jan 2025 17:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29262
IP address blocks: 77.241.72.0/24 maxlen: 24
77.241.73.0/24 maxlen: 24
77.241.74.0/24 maxlen: 24
77.241.75.0/24 maxlen: 24
185.254.55.0/24 maxlen: 24
194.56.186.0/23 maxlen: 23
194.169.92.0/23 maxlen: 23
194.169.92.0/24 maxlen: 24
194.169.93.0/24 maxlen: 24
194.169.94.0/23 maxlen: 23
194.169.94.0/24 maxlen: 24
194.169.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c7:11:de:08:dc:95:b6:57:90:15:1e:f4:b7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 1 17:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c163e33f89a9fe6122399701c2d048941ebb34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:48:67:3d:b8:16:a2:62:47:20:df:e2:c5:cb:
d9:d2:f6:9b:e8:31:21:b9:f1:47:9a:c8:72:d9:44:
95:4d:60:4e:f8:f7:82:43:c0:cc:93:92:a4:48:8e:
51:7a:f2:69:84:31:a2:36:f2:28:27:06:41:d9:8b:
b3:0c:c7:52:15:d9:47:6a:75:88:c3:7a:c0:52:81:
c9:04:b2:e0:17:c5:a8:2b:10:c9:96:e5:a9:aa:c5:
07:c9:2b:d3:a3:2f:bb:ff:4f:08:72:31:7e:80:93:
43:34:9c:27:eb:c2:bb:99:48:be:cf:66:15:98:15:
2e:08:c2:6d:77:ae:d2:da:31:d7:f0:3e:91:e7:0f:
ab:5b:ed:89:06:97:9b:c5:8b:95:c7:0c:f2:02:48:
fc:6c:95:ef:24:e4:41:fd:b6:c3:be:58:53:cb:08:
97:d1:7b:6a:c2:a0:fc:16:ed:00:2a:16:a1:42:57:
6d:57:a0:0c:f5:cd:1f:ad:90:75:3b:70:95:b3:a5:
3c:c4:5f:a3:3f:a9:57:ca:b2:93:50:49:79:fb:62:
6c:60:bf:f9:7f:e2:9a:9e:37:b5:86:59:09:d2:58:
bc:58:97:0c:5a:56:b1:7e:73:3c:ae:42:ee:80:04:
d7:e7:fb:25:30:e8:8a:0b:fa:31:0b:96:7a:6d:2c:
07:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:16:3E:33:F8:9A:9F:E6:12:23:99:70:1C:2D:04:89:41:EB:B3:4A
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/HBY-M_ian-YSI5lwHC0EiUHrs0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.72.0/22
185.254.55.0/24
194.56.186.0/23
194.169.92.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:05:2a:a8:2f:36:30:d6:76:88:c3:af:19:d5:d5:47:b5:62:
84:2b:19:b3:b3:64:a8:32:f5:17:0e:b4:45:d4:cc:36:4f:f6:
58:97:29:8a:7e:08:9f:bd:e2:a4:bf:d4:a9:87:d2:15:d8:d1:
9f:00:96:3b:41:16:b5:86:f2:ee:9c:bb:0b:fe:4e:3c:f3:d7:
09:3f:99:46:b8:24:31:3f:93:f5:d4:b3:83:9f:21:19:50:35:
57:84:c5:52:54:d1:fd:c6:70:53:e6:c7:63:14:32:89:cd:f0:
ed:c3:7b:89:87:79:22:f2:79:1b:cd:a3:76:ea:b5:0f:3f:0a:
34:71:1f:c0:86:22:95:b7:db:a1:a1:b1:75:59:41:b0:04:12:
48:75:b0:54:90:71:8b:0f:e2:dc:93:c4:03:d6:c5:92:03:70:
d0:72:99:b8:a6:d2:1f:9c:14:d4:50:00:14:bf:4f:f7:9c:43:
b5:97:35:37:60:a5:94:ee:e5:6b:83:ba:5d:26:3d:4f:0d:d2:
f4:94:2d:85:0f:f9:25:dd:17:bf:88:c6:70:70:93:49:25:88:
f0:81:c4:90:54:ab:a4:04:1d:07:ce:ca:71:dc:1d:6f:da:2c:
ce:6a:63:92:51:a7:5d:1d:3e:07:d0:c5:73:86:ca:30:7a:ab:
48:39:c5:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi+8cR3gjclbZXkBUe9LeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjUwMTAxMTc0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzE2M2UzM2Y4OWE5ZmU2MTIyMzk5NzAxYzJkMDQ4OTQxZWJiMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9khnPbgWomJHIN/ixcvZ0vab6DEh
ufFHmshy2USVTWBO+PeCQ8DMk5KkSI5RevJphDGiNvIoJwZB2YuzDMdSFdlHanWI
w3rAUoHJBLLgF8WoKxDJluWpqsUHySvToy+7/08IcjF+gJNDNJwn68K7mUi+z2YV
mBUuCMJtd67S2jHX8D6R5w+rW+2JBpebxYuVxwzyAkj8bJXvJORB/bbDvlhTywiX
0XtqwqD8Fu0AKhahQldtV6AM9c0frZB1O3CVs6U8xF+jP6lXyrKTUEl5+2JsYL/5
f+Kanje1hlkJ0li8WJcMWlaxfnM8rkLugATX5/slMOiKC/oxC5Z6bSwHbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBwWPjP4mp/mEiOZcBwtBIlB67NKMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvSEJZLU1faWFuLVlTSTVsd0hDMEVpVUhyczBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTfFIAwQA
uf43AwQBwji6AwQCwqlcMA0GCSqGSIb3DQEBCwUAA4IBAQC0BSqoLzYw1naIw68Z
1dVHtWKEKxmzs2SoMvUXDrRF1Mw2T/ZYlymKfgifveKkv9Sph9IV2NGfAJY7QRa1
hvLunLsL/k4889cJP5lGuCQxP5P11LODnyEZUDVXhMVSVNH9xnBT5sdjFDKJzfDt
w3uJh3ki8nkbzaN26rUPPwo0cR/AhiKVt9uhobF1WUGwBBJIdbBUkHGLD+Lck8QD
1sWSA3DQcpm4ptIfnBTUUAAUv0/3nEO1lzU3YKWU7uVrg7pdJj1PDdL0lC2FD/kl
3Re/iMZwcJNJJYjwgcSQVKukBB0Hzspx3B1v2izOamOSUaddHT4H0MVzhsoweqtI
OcXR
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:56:40 2025 by rpki-client