Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b4c97b-e005-4cd6-8335-8091ebce3bbf/1/HbFrbBDigmkbyhupjsQvR2G2rcg.roa
File: HbFrbBDigmkbyhupjsQvR2G2rcg.roa (raw, json)
Hash identifier: DeaPvaz1CarpC6mp6iOUrw4n3hX9gcQTUiHE5Oraa94=
Subject key identifier: 1D:B1:6B:6C:10:E2:82:69:1B:CA:1B:A9:8E:C4:2F:47:61:B6:AD:C8
Certificate issuer: /CN=e05d28f149793a3d72e8ef041e9c9e0d9a66b21e
Certificate serial: 0194266ACECF78A4738C389EA465BEC6D2E9
Authority key identifier: E0:5D:28:F1:49:79:3A:3D:72:E8:EF:04:1E:9C:9E:0D:9A:66:B2:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4F0o8Ul5Oj1y6O8EHpyeDZpmsh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b4c97b-e005-4cd6-8335-8091ebce3bbf/1/HbFrbBDigmkbyhupjsQvR2G2rcg.roa
Signing time: Thu 02 Jan 2025 09:48:41 +0000
ROA not before: Thu 02 Jan 2025 09:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36239
IP address blocks: 185.65.146.0/24 maxlen: 24
185.138.171.0/24 maxlen: 24
2a0b:40c1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:ce:cf:78:a4:73:8c:38:9e:a4:65:be:c6:d2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e05d28f149793a3d72e8ef041e9c9e0d9a66b21e
Validity
Not Before: Jan 2 09:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1db16b6c10e282691bca1ba98ec42f4761b6adc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2e:19:f3:24:2a:f0:db:95:75:3e:95:dc:5b:
e5:51:aa:ec:22:fc:f9:6a:9f:da:19:87:06:70:35:
a1:18:a0:3f:b9:70:5a:03:c4:67:4f:31:c4:34:d5:
26:b2:d9:96:0f:2b:1a:2f:de:5b:43:67:6d:ef:41:
3a:f8:8a:83:1f:c0:a1:b9:07:f9:2c:8f:02:7b:c0:
f6:67:63:fb:c3:c9:c1:60:db:44:63:42:ba:19:cf:
56:21:34:19:d9:88:a8:4c:78:a1:87:b7:18:19:47:
f1:f0:76:e6:01:dd:65:f1:be:b9:d4:45:3f:d6:89:
6f:c6:1a:cb:95:ed:a9:62:14:ca:19:1d:96:2c:60:
b4:3d:2a:c3:11:20:61:14:fc:31:c0:b1:81:f8:ee:
2a:a7:b1:54:a2:6f:0d:f8:d2:89:c3:97:47:dc:e1:
0d:de:f4:7c:94:2f:d3:25:4a:2c:01:ee:11:a4:ca:
54:78:b3:b7:cb:ae:71:30:80:e8:d6:20:ed:fc:d9:
75:ea:f4:e1:5c:a8:02:76:3e:3a:bc:a6:0a:02:92:
d6:d9:a9:c0:ef:aa:f6:29:34:7a:77:4e:19:b2:2c:
af:2a:e5:17:5d:a8:85:13:96:46:94:2e:8b:17:92:
42:38:ac:65:f2:fc:76:16:9b:5c:06:59:d9:8b:2d:
78:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B1:6B:6C:10:E2:82:69:1B:CA:1B:A9:8E:C4:2F:47:61:B6:AD:C8
X509v3 Authority Key Identifier:
keyid:E0:5D:28:F1:49:79:3A:3D:72:E8:EF:04:1E:9C:9E:0D:9A:66:B2:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4F0o8Ul5Oj1y6O8EHpyeDZpmsh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b4c97b-e005-4cd6-8335-8091ebce3bbf/1/HbFrbBDigmkbyhupjsQvR2G2rcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b4c97b-e005-4cd6-8335-8091ebce3bbf/1/4F0o8Ul5Oj1y6O8EHpyeDZpmsh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.146.0/24
185.138.171.0/24
IPv6:
2a0b:40c1::/48
Signature Algorithm: sha256WithRSAEncryption
76:5f:30:0e:7b:6e:20:c6:8d:c0:37:15:5b:52:d7:73:7e:0d:
25:bf:ae:3b:1e:88:f4:43:c9:78:f9:77:02:9c:79:96:b0:4b:
00:a0:65:9d:b6:c3:5c:ed:83:93:9e:87:5c:07:bb:bc:70:a9:
e0:6b:82:48:da:d4:67:58:59:0a:73:5b:e4:38:74:63:80:65:
69:28:9e:96:7a:2d:69:a1:e9:34:1c:9f:39:c4:e4:c8:c3:b1:
ab:b2:fa:fd:60:e0:f8:d9:23:8b:85:54:d6:93:fa:9e:f7:0b:
61:eb:1b:25:bf:e6:93:07:46:77:5e:65:0c:d5:f9:83:fe:38:
c9:0c:cb:ff:e2:c7:a3:80:6e:08:f9:7b:42:67:da:58:80:56:
ee:ef:ed:00:5c:48:7a:36:e4:0d:21:be:de:b4:2f:01:3f:2d:
1c:f4:c5:e3:f8:8e:70:88:3d:2a:e5:65:08:79:d9:02:2a:5b:
84:21:ca:b4:85:af:1b:f1:32:1b:20:d0:4f:8b:da:8b:34:7f:
b3:f7:f6:96:fd:0c:85:10:b9:62:e1:8e:0f:21:52:28:20:2c:
7e:42:d8:ae:69:a2:70:f7:11:c3:91:a5:b1:0b:ec:d7:a1:5e:
d5:34:04:0e:5e:75:b9:d9:bf:84:3c:0b:87:e2:56:69:38:da:
dd:b1:66:8d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQmas7PeKRzjDiepGW+xtLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNWQyOGYxNDk3OTNhM2Q3MmU4ZWYwNDFlOWM5ZTBkOWE2
NmIyMWUwHhcNMjUwMTAyMDk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIxNmI2YzEwZTI4MjY5MWJjYTFiYTk4ZWM0MmY0NzYxYjZhZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6S4Z8yQq8NuVdT6V3FvlUarsIvz5
ap/aGYcGcDWhGKA/uXBaA8RnTzHENNUmstmWDysaL95bQ2dt70E6+IqDH8ChuQf5
LI8Ce8D2Z2P7w8nBYNtEY0K6Gc9WITQZ2YioTHihh7cYGUfx8HbmAd1l8b651EU/
1olvxhrLle2pYhTKGR2WLGC0PSrDESBhFPwxwLGB+O4qp7FUom8N+NKJw5dH3OEN
3vR8lC/TJUosAe4RpMpUeLO3y65xMIDo1iDt/Nl16vThXKgCdj46vKYKApLW2anA
76r2KTR6d04ZsiyvKuUXXaiFE5ZGlC6LF5JCOKxl8vx2FptcBlnZiy14eQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB2xa2wQ4oJpG8obqY7EL0dhtq3IMB8GA1UdIwQY
MBaAFOBdKPFJeTo9cujvBB6cng2aZrIeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEYwbzhVbDVPajF5Nk84RUhweWVEWnBtc2g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNGM5N2ItZTAwNS00Y2Q2LTgzMzUt
ODA5MWViY2UzYmJmLzEvSGJGcmJCRGlnbWtieWh1cGpzUXZSMkcycmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNGM5N2ItZTAwNS00Y2Q2LTgzMzUtODA5MWViY2UzYmJm
LzEvNEYwbzhVbDVPajF5Nk84RUhweWVEWnBtc2g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuUGSAwQA
uYqrMA8EAgACMAkDBwAqC0DBAAAwDQYJKoZIhvcNAQELBQADggEBAHZfMA57biDG
jcA3FVtS13N+DSW/rjseiPRDyXj5dwKceZawSwCgZZ22w1ztg5Oeh1wHu7xwqeBr
gkja1GdYWQpzW+Q4dGOAZWkonpZ6LWmh6TQcnznE5MjDsauy+v1g4PjZI4uFVNaT
+p73C2HrGyW/5pMHRndeZQzV+YP+OMkMy//ix6OAbgj5e0Jn2liAVu7v7QBcSHo2
5A0hvt60LwE/LRz0xeP4jnCIPSrlZQh52QIqW4QhyrSFrxvxMhsg0E+L2os0f7P3
9pb9DIUQuWLhjg8hUiggLH5C2K5ponD3EcORpbEL7NehXtU0BA5edbnZv4Q8C4fi
Vmk42t2xZo0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:41 2025 by rpki-client