Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/HO-WF7oHezpfwwV3wUG7AErtTlE.roa
File: HO-WF7oHezpfwwV3wUG7AErtTlE.roa (raw, json)
Hash identifier: 8SO7ZYvzAB17ADVUPvCZiM0fv0nIROPrrAJMFayW82A=
Subject key identifier: 1C:EF:96:17:BA:07:7B:3A:5F:C3:05:77:C1:41:BB:00:4A:ED:4E:51
Certificate issuer: /CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Certificate serial: 0194236A1886E20DB7C49FFD7B7F2E8F96F9
Authority key identifier: 5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/HO-WF7oHezpfwwV3wUG7AErtTlE.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15544
IP address blocks: 185.104.144.0/22 maxlen: 22
185.104.144.0/24 maxlen: 24
185.104.145.0/24 maxlen: 24
185.104.146.0/24 maxlen: 24
185.104.147.0/24 maxlen: 24
213.140.128.0/19 maxlen: 19
213.140.128.0/24 maxlen: 24
213.140.129.0/24 maxlen: 24
213.140.130.0/24 maxlen: 24
213.140.131.0/24 maxlen: 24
213.140.132.0/24 maxlen: 24
213.140.133.0/24 maxlen: 24
213.140.134.0/24 maxlen: 24
213.140.135.0/24 maxlen: 24
213.140.136.0/24 maxlen: 24
213.140.137.0/24 maxlen: 24
213.140.138.0/24 maxlen: 24
213.140.139.0/24 maxlen: 24
213.140.143.0/24 maxlen: 24
213.140.146.0/24 maxlen: 24
213.140.148.0/24 maxlen: 24
2a02:2298::/32 maxlen: 32
2a02:2298::/36 maxlen: 36
2a02:2298:4000::/36 maxlen: 36
2a02:2298:8000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:18:86:e2:0d:b7:c4:9f:fd:7b:7f:2e:8f:96:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cef9617ba077b3a5fc30577c141bb004aed4e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:40:27:53:a7:b8:9d:78:1c:2a:a1:20:f9:2f:
ea:eb:9d:de:0e:c4:fb:39:4e:c4:22:98:7f:10:f6:
ba:4f:d2:9b:c6:03:6f:d5:4f:1c:5b:08:06:e4:de:
29:59:b5:bc:a2:66:a8:3e:29:f7:57:5c:3d:b8:04:
10:5b:65:26:0e:af:ba:10:2d:0b:79:af:6d:7c:53:
5b:21:f5:f2:33:76:f4:33:4f:38:4d:33:42:ac:0a:
86:83:30:31:91:08:10:ce:45:6e:5c:e7:e3:06:c8:
6d:81:58:a1:88:80:4e:63:62:d3:67:6b:e1:8d:ea:
f2:a3:ce:fb:42:5c:82:01:e2:78:e3:46:04:a2:ea:
87:16:42:fc:31:cb:90:87:e4:9d:28:e0:44:97:58:
ba:68:93:2d:6c:e5:49:27:83:f2:ef:ab:cb:fc:d9:
c5:4b:d1:72:a7:27:13:0e:24:e0:92:17:ca:f7:2c:
13:c9:63:9f:a2:c7:b8:95:35:f1:fc:de:05:97:94:
17:1f:eb:70:27:fa:64:81:2e:ad:ae:43:d7:15:10:
2e:bc:06:d8:e8:68:99:2f:50:61:99:2a:54:bd:e1:
d5:a6:ac:cd:9b:63:f0:05:bd:37:b1:87:6d:da:cc:
69:4e:64:24:af:ac:62:0e:36:ea:9f:42:49:4c:16:
9f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:EF:96:17:BA:07:7B:3A:5F:C3:05:77:C1:41:BB:00:4A:ED:4E:51
X509v3 Authority Key Identifier:
keyid:5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/HO-WF7oHezpfwwV3wUG7AErtTlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.144.0/22
213.140.128.0/19
IPv6:
2a02:2298::/32
Signature Algorithm: sha256WithRSAEncryption
36:f7:1f:2f:d4:f6:a4:3a:dc:8c:57:d9:8c:8b:ad:f4:a8:fc:
17:51:ee:f7:8e:92:7d:b4:7f:ff:8e:a3:8b:14:2f:83:a3:25:
db:f4:f5:ac:5a:82:83:9f:17:10:f6:9c:5f:04:3e:b7:75:56:
99:ea:11:1d:52:59:ad:bc:7c:b3:a7:b6:e3:4f:e6:3d:17:10:
a4:e9:c8:8c:5a:ca:00:7f:e6:27:d5:a7:0b:67:93:ae:6b:a2:
20:f2:27:99:3e:c8:00:85:bc:ab:93:5b:00:0f:31:ac:ba:dd:
8c:56:7a:f8:3c:0a:7f:ab:e1:17:fe:4a:c3:9e:61:2c:79:00:
27:a5:52:ef:3f:39:23:62:cb:b0:0c:6b:5d:ed:ae:33:19:26:
db:ea:32:e0:08:96:44:8d:31:3f:39:ae:07:e3:dc:e1:6a:25:
a8:08:bb:03:67:64:5d:1e:57:72:2f:e7:fc:a4:4b:ed:3c:f4:
97:54:e6:83:f3:d9:e0:c5:46:6f:2d:2f:ee:23:06:03:15:af:
82:2d:d3:f4:44:e0:0d:97:05:c5:de:1e:91:74:a3:bf:23:15:
38:9f:ea:f5:d3:6b:42:52:97:a2:84:f2:3b:e7:55:d6:ab:69:
1e:db:63:a9:cd:31:80:8f:7e:57:1d:df:a4:11:96:23:e0:e8:
69:83:1d:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQjahiG4g23xJ/9e38uj5b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGE5ZmQ3YzUxOTI2ZTIyZWE4YWEzM2IzYjg4MzhlOTNl
OGJlZGQwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2VmOTYxN2JhMDc3YjNhNWZjMzA1NzdjMTQxYmIwMDRhZWQ0ZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUAnU6e4nXgcKqEg+S/q653eDsT7
OU7EIph/EPa6T9KbxgNv1U8cWwgG5N4pWbW8omaoPin3V1w9uAQQW2UmDq+6EC0L
ea9tfFNbIfXyM3b0M084TTNCrAqGgzAxkQgQzkVuXOfjBshtgVihiIBOY2LTZ2vh
jeryo877QlyCAeJ440YEouqHFkL8McuQh+SdKOBEl1i6aJMtbOVJJ4Py76vL/NnF
S9FypycTDiTgkhfK9ywTyWOfose4lTXx/N4Fl5QXH+twJ/pkgS6trkPXFRAuvAbY
6GiZL1BhmSpUveHVpqzNm2PwBb03sYdt2sxpTmQkr6xiDjbqn0JJTBafQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBzvlhe6B3s6X8MFd8FBuwBK7U5RMB8GA1UdIwQY
MBaAFF2Kn9fFGSbiLqiqM7O4g46T6L7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMt
NjZjNTNmMmIxZjAyLzEvSE8tV0Y3b0hlenBmd3dWM3dVRzdBRXJ0VGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMtNjZjNTNmMmIxZjAy
LzEvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWiQAwQF
1YyAMA0EAgACMAcDBQAqAiKYMA0GCSqGSIb3DQEBCwUAA4IBAQA29x8v1PakOtyM
V9mMi630qPwXUe73jpJ9tH//jqOLFC+DoyXb9PWsWoKDnxcQ9pxfBD63dVaZ6hEd
UlmtvHyzp7bjT+Y9FxCk6ciMWsoAf+Yn1acLZ5Oua6Ig8ieZPsgAhbyrk1sADzGs
ut2MVnr4PAp/q+EX/krDnmEseQAnpVLvPzkjYsuwDGtd7a4zGSbb6jLgCJZEjTE/
Oa4H49zhaiWoCLsDZ2RdHldyL+f8pEvtPPSXVOaD89ngxUZvLS/uIwYDFa+CLdP0
ROANlwXF3h6RdKO/IxU4n+r102tCUpeihPI751XWq2ke22OpzTGAj35XHd+kEZYj
4Ohpgx0T
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:43:19 2025 by rpki-client