Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/hMWp2eYYKaaUSIum5EmKLwWKUa4.roa
File: hMWp2eYYKaaUSIum5EmKLwWKUa4.roa (raw, json)
Hash identifier: 8+yLsr+nQz8cs8V3LX83Tse1Iso+npvbmYLm0xnhp94=
Subject key identifier: 84:C5:A9:D9:E6:18:29:A6:94:48:8B:A6:E4:49:8A:2F:05:8A:51:AE
Certificate issuer: /CN=1012216458bd7605ff95540fd204eb93a477f393
Certificate serial: 019422FAE82D6019E536F25D1974A5CB9E90
Authority key identifier: 10:12:21:64:58:BD:76:05:FF:95:54:0F:D2:04:EB:93:A4:77:F3:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBIhZFi9dgX_lVQP0gTrk6R385M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/hMWp2eYYKaaUSIum5EmKLwWKUa4.roa
Signing time: Wed 01 Jan 2025 17:47:36 +0000
ROA not before: Wed 01 Jan 2025 17:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51086
IP address blocks: 194.28.240.0/22 maxlen: 22
194.28.240.0/24 maxlen: 24
194.28.241.0/24 maxlen: 24
194.28.242.0/24 maxlen: 24
194.28.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:e8:2d:60:19:e5:36:f2:5d:19:74:a5:cb:9e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1012216458bd7605ff95540fd204eb93a477f393
Validity
Not Before: Jan 1 17:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84c5a9d9e61829a694488ba6e4498a2f058a51ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:96:c2:c1:81:d3:1f:f0:4a:5a:2f:b5:c2:2b:
07:01:21:f8:74:2f:e6:c1:7d:0b:39:ac:2e:35:e8:
4a:e4:b0:7e:32:1e:21:87:ad:3f:ae:f4:4e:ce:9d:
53:c5:9e:8f:70:d1:f2:ab:97:a2:9f:51:60:05:a6:
d4:5a:0f:04:02:0e:8b:aa:3c:ca:80:fc:4a:8f:69:
aa:c6:dd:38:5f:32:9f:8b:33:c1:56:86:56:e2:f8:
ed:a7:f1:2d:be:40:46:61:89:b7:65:fb:63:7b:07:
04:3f:94:5d:b3:69:72:f4:a8:8d:98:93:40:b0:99:
93:3a:c2:e1:b8:ab:7c:1f:08:02:cd:88:e8:4e:ce:
d3:56:ad:a2:64:55:39:0f:df:ba:29:36:dd:58:a3:
72:6c:02:9d:f4:3b:a2:73:fb:4e:05:f9:94:bc:29:
60:c1:ba:36:b5:5b:9f:45:5a:38:d6:2a:30:72:4d:
e3:f6:1f:44:2a:bc:ae:39:a1:bc:9e:76:af:a5:d9:
a1:24:5d:b7:be:c8:4c:5b:d3:ec:3e:9c:e5:99:7d:
d7:18:17:4b:fc:8b:0e:5b:4e:bc:0b:8c:44:4e:6b:
d6:96:e2:5d:ac:5b:79:42:f3:83:27:c2:84:6c:d8:
d7:7f:6c:07:fc:0b:e4:d5:b0:32:6e:63:05:51:ef:
aa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C5:A9:D9:E6:18:29:A6:94:48:8B:A6:E4:49:8A:2F:05:8A:51:AE
X509v3 Authority Key Identifier:
keyid:10:12:21:64:58:BD:76:05:FF:95:54:0F:D2:04:EB:93:A4:77:F3:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBIhZFi9dgX_lVQP0gTrk6R385M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/hMWp2eYYKaaUSIum5EmKLwWKUa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/EBIhZFi9dgX_lVQP0gTrk6R385M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.240.0/22
Signature Algorithm: sha256WithRSAEncryption
60:a9:2b:cd:e9:6a:b1:28:30:57:62:38:5b:42:be:72:38:82:
77:6f:18:af:08:f1:4c:04:ed:d4:79:84:5f:87:03:43:09:b3:
b9:06:66:c0:88:50:2e:5f:b1:8e:ec:41:64:3c:7c:c8:22:f1:
7f:7c:f1:d5:f5:15:5a:1a:d0:2c:97:fc:34:47:92:f6:15:3c:
50:73:6c:dc:c5:bc:4c:0e:36:18:4f:b2:2c:c9:90:12:cd:f8:
3e:2d:37:73:98:5e:47:8d:6f:96:c0:f3:7a:93:49:6c:a5:86:
c2:cb:b7:b4:08:82:73:ef:2e:4e:05:cb:bb:a5:43:55:f1:e0:
30:41:66:a2:b8:c4:59:ca:7a:7a:8a:e2:fc:94:c5:3d:48:bf:
57:c8:04:8a:14:de:0c:82:71:ba:38:bc:6c:be:00:e9:08:81:
e8:e7:35:8a:cf:c6:14:dd:81:c9:ad:c2:13:a7:38:8b:87:3a:
ef:1f:0c:bb:74:8c:2a:64:ba:3d:3c:62:41:37:67:f4:37:4b:
7d:aa:47:b6:bd:7e:fc:f6:c0:bf:f5:b5:60:94:8b:ec:ea:c0:
4a:2f:86:00:38:44:a8:eb:29:da:21:e0:c4:7d:5f:cf:fb:5e:
b9:01:5b:1e:d2:2b:37:04:5c:8c:8e:56:54:11:20:8d:ec:f7:
f3:ac:46:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+ugtYBnlNvJdGXSly56QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTIyMTY0NThiZDc2MDVmZjk1NTQwZmQyMDRlYjkzYTQ3
N2YzOTMwHhcNMjUwMTAxMTc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGM1YTlkOWU2MTgyOWE2OTQ0ODhiYTZlNDQ5OGEyZjA1OGE1MWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJbCwYHTH/BKWi+1wisHASH4dC/m
wX0LOawuNehK5LB+Mh4hh60/rvROzp1TxZ6PcNHyq5ein1FgBabUWg8EAg6LqjzK
gPxKj2mqxt04XzKfizPBVoZW4vjtp/EtvkBGYYm3ZftjewcEP5Rds2ly9KiNmJNA
sJmTOsLhuKt8HwgCzYjoTs7TVq2iZFU5D9+6KTbdWKNybAKd9Duic/tOBfmUvClg
wbo2tVufRVo41iowck3j9h9EKryuOaG8nnavpdmhJF23vshMW9PsPpzlmX3XGBdL
/IsOW068C4xETmvWluJdrFt5QvODJ8KEbNjXf2wH/Avk1bAybmMFUe+qDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITFqdnmGCmmlEiLpuRJii8FilGuMB8GA1UdIwQY
MBaAFBASIWRYvXYF/5VUD9IE65Okd/OTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJJaFpGaTlkZ1hfbFZRUDBnVHJrNlIzODVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81MmJlNTYtZWM3Yi00NDM0LTkzZWIt
MDlmZWFhMTRlMzFlLzEvaE1XcDJlWVlLYWFVU0l1bTVFbUtMd1dLVWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81MmJlNTYtZWM3Yi00NDM0LTkzZWItMDlmZWFhMTRlMzFl
LzEvRUJJaFpGaTlkZ1hfbFZRUDBnVHJrNlIzODVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhzwMA0G
CSqGSIb3DQEBCwUAA4IBAQBgqSvN6WqxKDBXYjhbQr5yOIJ3bxivCPFMBO3UeYRf
hwNDCbO5BmbAiFAuX7GO7EFkPHzIIvF/fPHV9RVaGtAsl/w0R5L2FTxQc2zcxbxM
DjYYT7IsyZASzfg+LTdzmF5HjW+WwPN6k0lspYbCy7e0CIJz7y5OBcu7pUNV8eAw
QWaiuMRZynp6iuL8lMU9SL9XyASKFN4MgnG6OLxsvgDpCIHo5zWKz8YU3YHJrcIT
pziLhzrvHwy7dIwqZLo9PGJBN2f0N0t9qke2vX789sC/9bVglIvs6sBKL4YAOESo
6ynaIeDEfV/P+165AVse0is3BFyMjlZUESCN7PfzrEbt
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:46:00 2025 by rpki-client