Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/hMoBKGj-P8OwGELuv5vcxsq1lww.roa
File: hMoBKGj-P8OwGELuv5vcxsq1lww.roa (raw, json)
Hash identifier: USrA4uorLCpGlaJcvL0Av4RTVLwLcnV1z5Iz5U6JvqE=
Subject key identifier: 84:CA:01:28:68:FE:3F:C3:B0:18:42:EE:BF:9B:DC:C6:CA:B5:97:0C
Certificate issuer: /CN=92c71c2078a91e76c0e5a6d30096872c922c9cdc
Certificate serial: 018CCA266224235CC4A32B03EA81AC695DBB
Authority key identifier: 92:C7:1C:20:78:A9:1E:76:C0:E5:A6:D3:00:96:87:2C:92:2C:9C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ksccIHipHnbA5abTAJaHLJIsnNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/hMoBKGj-P8OwGELuv5vcxsq1lww.roa
Signing time: Tue 02 Jan 2024 12:29:22 +0000
ROA not before: Tue 02 Jan 2024 12:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50564
IP address blocks: 185.208.21.0/24 maxlen: 24
185.208.22.0/24 maxlen: 24
185.208.23.0/24 maxlen: 24
185.208.20.0/22 maxlen: 22
185.208.20.0/24 maxlen: 24
45.131.28.0/24 maxlen: 24
45.131.28.0/22 maxlen: 22
45.131.29.0/24 maxlen: 24
45.131.30.0/24 maxlen: 24
45.131.31.0/24 maxlen: 24
185.143.138.0/24 maxlen: 24
185.143.139.0/24 maxlen: 24
185.143.136.0/22 maxlen: 22
185.143.136.0/24 maxlen: 24
185.143.137.0/24 maxlen: 24
185.184.0.0/22 maxlen: 22
185.184.0.0/24 maxlen: 24
185.184.1.0/24 maxlen: 24
185.184.2.0/24 maxlen: 24
185.184.3.0/24 maxlen: 24
185.95.124.0/22 maxlen: 22
185.95.124.0/24 maxlen: 24
185.95.125.0/24 maxlen: 24
185.95.126.0/24 maxlen: 24
185.95.127.0/24 maxlen: 24
185.213.48.0/22 maxlen: 22
185.213.49.0/24 maxlen: 24
185.213.50.0/24 maxlen: 24
185.213.51.0/24 maxlen: 24
185.213.48.0/24 maxlen: 24
185.44.24.0/24 maxlen: 24
185.44.24.0/22 maxlen: 22
185.44.25.0/24 maxlen: 24
185.44.26.0/24 maxlen: 24
185.44.27.0/24 maxlen: 24
94.158.252.0/22 maxlen: 22
94.158.252.0/24 maxlen: 24
94.158.253.0/24 maxlen: 24
94.158.255.0/24 maxlen: 24
94.158.254.0/24 maxlen: 24
185.104.236.0/24 maxlen: 24
185.104.236.0/22 maxlen: 22
185.104.237.0/24 maxlen: 24
185.104.238.0/24 maxlen: 24
185.104.239.0/24 maxlen: 24
185.182.124.0/24 maxlen: 24
185.182.124.0/22 maxlen: 22
185.182.125.0/24 maxlen: 24
185.182.126.0/24 maxlen: 24
185.182.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:26:62:24:23:5c:c4:a3:2b:03:ea:81:ac:69:5d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92c71c2078a91e76c0e5a6d30096872c922c9cdc
Validity
Not Before: Jan 2 12:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84ca012868fe3fc3b01842eebf9bdcc6cab5970c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6c:0f:bc:a3:df:05:7a:50:90:3a:f1:08:d8:
82:9e:76:74:dc:9b:96:0d:48:63:0a:27:71:a6:87:
df:7f:e2:2d:51:f7:4f:f8:5f:47:58:29:10:09:e3:
d5:f2:42:87:1f:52:3f:f3:0e:d0:de:a1:40:84:e1:
b4:a6:3d:e4:b0:bd:56:f1:a8:4c:21:22:3a:05:c1:
1b:5c:24:4c:47:1a:d5:84:1d:f8:55:9f:d0:ee:1a:
52:15:43:01:0e:fa:6d:e9:df:b3:50:68:00:36:cf:
93:fa:52:ca:bf:46:c0:5e:06:c6:ed:8c:e6:fd:69:
a0:50:c6:7c:71:b2:24:df:94:04:19:c8:55:0e:4b:
85:6a:f5:1c:33:1f:92:0f:4d:70:99:bc:9f:73:33:
dd:6b:40:c6:bb:86:0a:e9:58:b3:bc:9c:1c:a3:52:
01:e3:30:b9:cb:ec:90:0f:aa:93:79:2c:d4:71:fc:
70:60:80:87:c9:3e:f1:c1:ca:5b:69:1a:56:9f:f3:
1f:f6:a5:5d:b4:da:db:f4:f9:9b:0c:81:6f:01:92:
81:02:70:52:3d:94:71:45:77:82:1a:11:b2:3c:d7:
21:61:17:35:22:49:d7:51:10:83:a2:f2:08:c9:a3:
f3:7e:35:fa:26:b8:8a:a6:33:ca:3d:0c:6e:fb:b6:
26:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CA:01:28:68:FE:3F:C3:B0:18:42:EE:BF:9B:DC:C6:CA:B5:97:0C
X509v3 Authority Key Identifier:
keyid:92:C7:1C:20:78:A9:1E:76:C0:E5:A6:D3:00:96:87:2C:92:2C:9C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksccIHipHnbA5abTAJaHLJIsnNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/hMoBKGj-P8OwGELuv5vcxsq1lww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/ksccIHipHnbA5abTAJaHLJIsnNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.28.0/22
94.158.252.0/22
185.44.24.0/22
185.95.124.0/22
185.104.236.0/22
185.143.136.0/22
185.182.124.0/22
185.184.0.0/22
185.208.20.0/22
185.213.48.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:46:57:04:e8:46:97:04:93:8b:4d:ef:1e:a6:72:13:0b:81:
7e:ca:94:f1:07:e2:f3:1b:3a:09:a2:74:46:8f:02:69:ea:c3:
b7:db:6d:dc:17:b2:04:7a:d2:fc:fb:fa:6c:47:4b:07:01:c9:
e7:df:68:02:ba:b4:2f:45:c1:f2:9f:e9:69:1f:99:19:6e:04:
e9:e3:48:ed:18:4c:b1:44:84:9d:8f:f1:68:20:15:a7:1a:f1:
f8:66:58:86:5f:af:07:ae:49:cf:4a:9c:39:cf:79:4b:70:ad:
5b:e0:86:d3:07:91:51:86:d0:9c:b5:15:9b:60:21:b9:5f:49:
e9:6c:1a:1e:c7:e0:e1:ea:03:92:32:ef:9b:22:fd:3b:55:7f:
02:1e:4f:14:e2:9d:48:ac:f8:b0:09:17:75:27:ba:66:86:0b:
0e:d5:a7:4f:aa:a4:da:be:e3:e5:5d:61:81:e6:8b:31:3e:60:
cc:3a:03:2a:90:dd:a0:e3:6e:94:79:2c:9d:76:71:da:9d:0d:
8e:39:86:82:7f:c4:7c:6c:e9:89:56:1b:95:a8:c7:1d:b7:44:
a0:23:c4:a8:ff:77:03:e8:01:75:9c:9b:b8:47:e8:ac:01:d8:
13:8b:35:c4:4f:e3:84:78:c9:78:7e:f9:b4:c9:fb:62:4b:d2:
de:34:d6:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzKJmIkI1zEoysD6oGsaV27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYzcxYzIwNzhhOTFlNzZjMGU1YTZkMzAwOTY4NzJjOTIy
YzljZGMwHhcNMjQwMTAyMTIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNhMDEyODY4ZmUzZmMzYjAxODQyZWViZjliZGNjNmNhYjU5NzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mwPvKPfBXpQkDrxCNiCnnZ03JuW
DUhjCidxpofff+ItUfdP+F9HWCkQCePV8kKHH1I/8w7Q3qFAhOG0pj3ksL1W8ahM
ISI6BcEbXCRMRxrVhB34VZ/Q7hpSFUMBDvpt6d+zUGgANs+T+lLKv0bAXgbG7Yzm
/WmgUMZ8cbIk35QEGchVDkuFavUcMx+SD01wmbyfczPda0DGu4YK6VizvJwco1IB
4zC5y+yQD6qTeSzUcfxwYICHyT7xwcpbaRpWn/Mf9qVdtNrb9PmbDIFvAZKBAnBS
PZRxRXeCGhGyPNchYRc1IknXURCDovIIyaPzfjX6JriKpjPKPQxu+7YmNQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFITKASho/j/DsBhC7r+b3MbKtZcMMB8GA1UdIwQY
MBaAFJLHHCB4qR52wOWm0wCWhyySLJzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NjY0lIaXBIbmJBNWFiVEFKYUhMSklzbk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jMTcyMzctYTEzNC00YjExLWFiMTIt
OWZiNmI2MGJkNjlhLzEvaE1vQktHai1QOE93R0VMdXY1dmN4c3ExbHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jMTcyMzctYTEzNC00YjExLWFiMTItOWZiNmI2MGJkNjlh
LzEva3NjY0lIaXBIbmJBNWFiVEFKYUhMSklzbk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLYMcAwQC
Xp78AwQCuSwYAwQCuV98AwQCuWjsAwQCuY+IAwQCubZ8AwQCubgAAwQCudAUAwQC
udUwMA0GCSqGSIb3DQEBCwUAA4IBAQA6RlcE6EaXBJOLTe8epnITC4F+ypTxB+Lz
GzoJonRGjwJp6sO3223cF7IEetL8+/psR0sHAcnn32gCurQvRcHyn+lpH5kZbgTp
40jtGEyxRISdj/FoIBWnGvH4ZliGX68HrknPSpw5z3lLcK1b4IbTB5FRhtCctRWb
YCG5X0npbBoex+Dh6gOSMu+bIv07VX8CHk8U4p1IrPiwCRd1J7pmhgsO1adPqqTa
vuPlXWGB5osxPmDMOgMqkN2g426UeSyddnHanQ2OOYaCf8R8bOmJVhuVqMcdt0Sg
I8So/3cD6AF1nJu4R+isAdgTizXET+OEeMl4fvm0yftiS9LeNNa9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:16 2025 by rpki-client