Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/HL0tpswU2gQezd0-x9ZWDdfR-RY.roa
File: HL0tpswU2gQezd0-x9ZWDdfR-RY.roa (raw, json)
Hash identifier: NAIPlF1KgdG7sggbmAwv2GRB6aTgtE/arOeqKYJF690=
Subject key identifier: 1C:BD:2D:A6:CC:14:DA:04:1E:CD:DD:3E:C7:D6:56:0D:D7:D1:F9:16
Certificate issuer: /CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Certificate serial: 019422FC15A4D89E6EF41C668A5D748ADF44
Authority key identifier: 25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/HL0tpswU2gQezd0-x9ZWDdfR-RY.roa
Signing time: Wed 01 Jan 2025 17:48:53 +0000
ROA not before: Wed 01 Jan 2025 17:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25117
IP address blocks: 185.228.228.0/22 maxlen: 24
2a03:7787:fffc::/47 maxlen: 47
2a03:7787:fffe::/47 maxlen: 47
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:15:a4:d8:9e:6e:f4:1c:66:8a:5d:74:8a:df:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Validity
Not Before: Jan 1 17:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cbd2da6cc14da041ecddd3ec7d6560dd7d1f916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:aa:00:e3:00:b1:9d:44:4e:e0:14:6b:36:e7:
d5:ab:70:95:7d:70:bf:99:7c:e2:01:2f:eb:da:4a:
b2:b8:86:d5:bf:27:65:8b:56:26:ef:be:e6:cd:10:
55:c0:55:c0:b7:d2:fd:25:3e:e5:a3:8e:f6:09:82:
c8:57:32:70:c9:8f:46:76:3f:27:e0:cb:c0:30:06:
a4:c9:7c:98:a9:19:53:50:01:0f:17:e4:3d:17:3f:
27:6e:12:8b:a5:19:a2:e2:bd:52:5d:bc:37:3a:d0:
4e:ee:9e:a2:53:13:8d:0f:2d:5a:0b:b7:70:b3:43:
93:96:ee:01:4a:bf:42:dd:d8:d5:df:aa:42:f7:55:
aa:57:ed:0e:e4:23:d5:09:4b:24:91:01:39:2c:5e:
49:2b:15:76:22:ed:10:1f:25:ee:0f:f5:26:a2:34:
f0:66:6f:25:e0:30:91:57:ec:af:04:d0:7d:da:1e:
73:42:b3:c9:71:f7:21:fc:c5:40:cf:3a:de:08:ed:
07:52:19:55:54:1e:f8:48:9f:52:f3:a4:6c:72:fc:
e6:fd:37:f1:b8:f8:6c:e4:94:4c:81:50:6f:4c:29:
24:9f:b0:d3:3a:e0:53:f4:1b:c7:78:d3:04:82:89:
9f:fd:b1:9f:7c:dc:ea:da:8c:f7:98:b4:06:40:ea:
66:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BD:2D:A6:CC:14:DA:04:1E:CD:DD:3E:C7:D6:56:0D:D7:D1:F9:16
X509v3 Authority Key Identifier:
keyid:25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/HL0tpswU2gQezd0-x9ZWDdfR-RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/JY9ajila0de0ih4RlYeQBStXolM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.228.0/22
IPv6:
2a03:7787:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
82:23:45:ac:26:71:fa:29:b4:5f:a9:78:9d:34:ae:10:56:70:
44:c8:9f:ae:9e:ea:df:d9:89:ea:54:7f:b2:0e:8f:84:d5:f8:
df:c9:82:72:e2:5e:42:41:ef:10:f4:d7:67:99:57:0e:69:ec:
89:86:9e:8b:e1:9f:80:48:49:f4:98:22:a6:3b:f2:30:5b:ff:
a6:73:ee:85:d3:4f:1d:65:f6:1d:0b:7a:4e:89:6d:98:f5:a7:
c9:5e:ab:e3:a1:11:93:c2:fb:f8:37:36:e5:f3:44:0a:22:73:
24:09:c9:ae:8d:05:d1:1c:57:a1:bb:c1:95:53:49:cb:0f:98:
b9:10:d9:b6:3f:c9:a9:30:ea:b6:5d:0f:73:60:72:40:b6:59:
d5:ac:8d:24:35:a9:e8:84:a8:dd:75:e1:37:a3:67:35:d1:63:
26:e5:e9:cf:de:5f:5a:79:6f:72:66:64:9a:85:6b:42:49:07:
0e:5b:7b:94:f0:88:20:04:68:42:21:98:33:b1:64:2b:b6:17:
a7:75:26:43:24:d5:c3:f8:9b:0d:8b:3e:77:9c:d8:37:96:f3:
af:78:97:36:56:8c:2a:b7:06:3c:ce:35:4f:33:b2:a4:03:93:
8c:b9:6e:d5:3e:e2:15:88:ec:50:0c:66:3f:14:1f:e7:40:ab:
cf:c7:f2:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQi/BWk2J5u9Bxmil10it9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGY1YThlMjk1YWQxZDdiNDhhMWUxMTk1ODc5MDA1MmI1
N2EyNTMwHhcNMjUwMTAxMTc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JkMmRhNmNjMTRkYTA0MWVjZGRkM2VjN2Q2NTYwZGQ3ZDFmOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aoA4wCxnURO4BRrNufVq3CVfXC/
mXziAS/r2kqyuIbVvydli1Ym777mzRBVwFXAt9L9JT7lo472CYLIVzJwyY9Gdj8n
4MvAMAakyXyYqRlTUAEPF+Q9Fz8nbhKLpRmi4r1SXbw3OtBO7p6iUxONDy1aC7dw
s0OTlu4BSr9C3djV36pC91WqV+0O5CPVCUskkQE5LF5JKxV2Iu0QHyXuD/UmojTw
Zm8l4DCRV+yvBNB92h5zQrPJcfch/MVAzzreCO0HUhlVVB74SJ9S86Rscvzm/Tfx
uPhs5JRMgVBvTCkkn7DTOuBT9BvHeNMEgomf/bGffNzq2oz3mLQGQOpmkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBy9LabMFNoEHs3dPsfWVg3X0fkWMB8GA1UdIwQY
MBaAFCWPWo4pWtHXtIoeEZWHkAUrV6JTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzkt
NDU4YTI3MzYxNTdhLzEvSEwwdHBzd1UyZ1FlemQwLXg5WldEZGZSLVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzktNDU4YTI3MzYxNTdh
LzEvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCueTkMA8E
AgACMAkDBwIqA3eH//wwDQYJKoZIhvcNAQELBQADggEBAIIjRawmcfoptF+peJ00
rhBWcETIn66e6t/ZiepUf7IOj4TV+N/JgnLiXkJB7xD012eZVw5p7ImGnovhn4BI
SfSYIqY78jBb/6Zz7oXTTx1l9h0Lek6JbZj1p8leq+OhEZPC+/g3NuXzRAoicyQJ
ya6NBdEcV6G7wZVTScsPmLkQ2bY/yakw6rZdD3NgckC2WdWsjSQ1qeiEqN114Tej
ZzXRYybl6c/eX1p5b3JmZJqFa0JJBw5be5TwiCAEaEIhmDOxZCu2F6d1JkMk1cP4
mw2LPnec2DeW8694lzZWjCq3BjzONU8zsqQDk4y5btU+4hWI7FAMZj8UH+dAq8/H
8nE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:08 2025 by rpki-client