Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HH-lKuWiBimDieegu4XfychnOYs.roa
File: HH-lKuWiBimDieegu4XfychnOYs.roa (raw, json)
Hash identifier: e32rO/0kjNnh+4ufwbPyEOf5WyfEyxUybZujJQg61Bk=
Subject key identifier: 1C:7F:A5:2A:E5:A2:06:29:83:89:E7:A0:BB:85:DF:C9:C8:67:39:8B
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 01953DF37FE61F141E2F23EF6A0C9F220822
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HH-lKuWiBimDieegu4XfychnOYs.roa
Signing time: Tue 25 Feb 2025 16:32:02 +0000
ROA not before: Tue 25 Feb 2025 16:32:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3319
IP address blocks: 185.143.56.0/22 maxlen: 24
195.178.132.0/24 maxlen: 24
195.178.133.0/24 maxlen: 24
195.178.134.0/24 maxlen: 24
195.178.135.0/24 maxlen: 24
195.178.144.0/23 maxlen: 23
195.178.147.0/24 maxlen: 24
195.178.152.0/22 maxlen: 22
212.111.207.0/24 maxlen: 24
212.111.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:f3:7f:e6:1f:14:1e:2f:23:ef:6a:0c:9f:22:08:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Feb 25 16:32:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c7fa52ae5a206298389e7a0bb85dfc9c867398b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f0:7a:96:e9:8d:37:b2:50:c1:a7:ed:7e:78:
f9:7a:13:a0:5b:47:19:3a:69:97:c3:b4:49:eb:59:
bd:86:23:7e:0e:2a:f3:ef:a0:eb:36:a6:67:eb:b9:
6c:96:85:95:98:4a:e5:4b:07:76:76:47:50:64:19:
8e:50:40:bd:22:e5:da:2a:52:63:3a:d2:7a:ba:6d:
76:27:7e:2a:cc:c6:c1:41:61:94:2c:41:8d:28:19:
f3:43:2a:bf:4f:07:fc:f1:e4:48:2e:77:1d:3b:d8:
f2:d4:07:d0:f6:09:36:52:f5:43:6b:35:5f:e9:1b:
ca:5a:fe:4b:fd:7a:67:57:2a:a4:77:12:f3:89:d6:
56:6f:5e:e2:3e:db:af:f0:4a:79:a2:c0:76:c2:08:
8c:71:95:64:48:fb:bf:ae:26:61:b5:6d:ce:83:e6:
96:79:2d:f7:e5:73:51:ee:79:f8:df:6f:f1:bf:b1:
8d:37:a3:e9:e1:ca:9d:c0:ef:e1:46:75:0b:6f:b9:
cc:38:f7:59:78:00:84:e2:3e:08:ac:6f:5a:1b:39:
a4:26:9f:38:c2:e6:c3:9e:c8:1d:0b:11:08:ec:03:
e7:ab:89:5f:9e:98:15:7c:5e:96:d1:f2:d5:7e:cd:
75:34:36:2c:e7:cc:6b:8c:d5:8f:11:94:bd:27:96:
92:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7F:A5:2A:E5:A2:06:29:83:89:E7:A0:BB:85:DF:C9:C8:67:39:8B
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/HH-lKuWiBimDieegu4XfychnOYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.56.0/22
195.178.132.0/22
195.178.144.0/23
195.178.147.0/24
195.178.152.0/22
212.111.207.0/24
212.111.216.0/24
Signature Algorithm: sha256WithRSAEncryption
08:cd:21:8c:21:4a:5c:7a:3e:1e:83:1b:d6:eb:60:66:e9:8d:
09:6a:8a:c1:c7:14:50:77:ea:7f:24:ac:44:46:cc:a7:21:fa:
1c:ed:70:10:41:5a:ce:dc:47:73:da:06:97:1c:da:cf:2e:86:
e1:75:92:0b:56:1f:e1:4b:77:0d:94:22:b8:52:32:aa:69:a7:
34:f1:62:7f:3a:aa:db:78:59:fd:98:c7:b9:11:b4:9d:03:30:
e2:cf:b0:72:0f:c4:f8:21:c2:4d:ec:16:44:3a:e2:a0:1c:0a:
da:6e:21:18:78:6a:d8:ea:af:1a:6c:c9:8b:ce:32:91:82:be:
53:b4:47:30:2a:41:a3:4e:73:ca:da:80:23:42:f5:05:8c:61:
d9:1a:38:72:dd:e7:75:0a:29:24:eb:ec:59:2b:e7:a3:52:94:
c1:06:5c:fb:97:60:ff:02:8e:d2:37:8e:81:ba:2d:d8:b4:d6:
38:42:c1:06:e4:0b:aa:0b:b7:70:85:4d:6e:d9:1c:ff:ce:cf:
1a:58:9d:12:36:77:a4:82:87:6f:d8:e4:f2:7b:0f:a8:8c:c6:
70:79:87:3e:94:80:f9:04:d8:7f:9c:46:38:93:db:59:e6:5a:
ae:b4:7a:33:65:14:b5:3f:9a:d9:2d:21:a2:c3:ac:26:74:79:
5b:c0:2f:60
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZU983/mHxQeLyPvagyfIggiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMjI1MTYzMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzdmYTUyYWU1YTIwNjI5ODM4OWU3YTBiYjg1ZGZjOWM4NjczOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vB6lumNN7JQwaftfnj5ehOgW0cZ
OmmXw7RJ61m9hiN+Dirz76DrNqZn67lsloWVmErlSwd2dkdQZBmOUEC9IuXaKlJj
OtJ6um12J34qzMbBQWGULEGNKBnzQyq/Twf88eRILncdO9jy1AfQ9gk2UvVDazVf
6RvKWv5L/XpnVyqkdxLzidZWb17iPtuv8Ep5osB2wgiMcZVkSPu/riZhtW3Og+aW
eS335XNR7nn432/xv7GNN6Pp4cqdwO/hRnULb7nMOPdZeACE4j4IrG9aGzmkJp84
wubDnsgdCxEI7APnq4lfnpgVfF6W0fLVfs11NDYs58xrjNWPEZS9J5aSUQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBx/pSrlogYpg4nnoLuF38nIZzmLMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvSEgtbEt1V2lCaW1EaWVlZ3U0WGZ5Y2huT1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCuY84AwQC
w7KEAwQBw7KQAwQAw7KTAwQCw7KYAwQA1G/PAwQA1G/YMA0GCSqGSIb3DQEBCwUA
A4IBAQAIzSGMIUpcej4egxvW62Bm6Y0JaorBxxRQd+p/JKxERsynIfoc7XAQQVrO
3Edz2gaXHNrPLobhdZILVh/hS3cNlCK4UjKqaac08WJ/OqrbeFn9mMe5EbSdAzDi
z7ByD8T4IcJN7BZEOuKgHArabiEYeGrY6q8abMmLzjKRgr5TtEcwKkGjTnPK2oAj
QvUFjGHZGjhy3ed1Cikk6+xZK+ejUpTBBlz7l2D/Ao7SN46Bui3YtNY4QsEG5Auq
C7dwhU1u2Rz/zs8aWJ0SNnekgodv2OTyew+ojMZweYc+lID5BNh/nEY4k9tZ5lqu
tHozZRS1P5rZLSGiw6wmdHlbwC9g
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:21:16 2025 by rpki-client