Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hsfl80x5VHUMFr0lmcz8HpKkvzo.roa
File: hsfl80x5VHUMFr0lmcz8HpKkvzo.roa (raw, json)
Hash identifier: uJ57SCgthle9PnyhH3i7GREqI2DgfWb3NMFmQlJhYeo=
Subject key identifier: 86:C7:E5:F3:4C:79:54:75:0C:16:BD:25:99:CC:FC:1E:92:A4:BF:3A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0195AD92801FE2111B83B9CB8AB2C04C5427
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hsfl80x5VHUMFr0lmcz8HpKkvzo.roa
Signing time: Wed 19 Mar 2025 08:43:34 +0000
ROA not before: Wed 19 Mar 2025 08:43:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 94.177.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ad:92:80:1f:e2:11:1b:83:b9:cb:8a:b2:c0:4c:54:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 19 08:43:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86c7e5f34c7954750c16bd2599ccfc1e92a4bf3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c4:4d:0c:87:ca:ce:8d:26:7c:00:7b:84:5d:
ea:e6:3d:78:8c:e6:51:27:58:73:23:21:85:52:82:
7e:53:14:65:b9:bd:01:d0:0e:a6:ad:9c:37:78:83:
48:98:28:40:e6:68:35:52:5a:ea:63:0f:95:23:77:
5a:a5:81:fc:c3:aa:a5:21:b8:7e:42:4a:75:43:69:
2a:f0:86:b6:8c:f0:65:b7:e4:84:74:7e:48:0b:cf:
33:a2:1e:e4:a2:4a:db:2d:fa:3c:5f:4c:e5:28:38:
20:25:97:b3:c2:95:e5:b4:41:ec:18:b8:bb:6a:5d:
79:32:fb:ff:e9:97:44:85:d2:28:7b:cd:de:49:c1:
1f:07:7d:12:62:22:2e:1e:1c:a4:2a:21:80:d5:3e:
68:86:f9:61:b3:7e:a7:1e:ee:71:bf:0d:c7:5b:15:
ab:0a:8c:3a:ee:66:0a:5e:9a:22:f8:b2:50:93:3c:
70:ff:0f:52:60:b7:c2:e6:c9:89:40:25:0b:34:b2:
7c:6b:0d:d0:54:77:f4:62:1e:57:05:de:ac:46:c2:
02:5a:52:87:ac:fb:ef:d3:4f:02:8f:eb:07:e2:fb:
fe:69:a6:e4:d8:13:5a:ce:35:b7:f8:39:ab:96:b2:
c9:6b:95:62:49:97:05:cd:c0:43:c0:c6:e0:c6:ab:
48:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C7:E5:F3:4C:79:54:75:0C:16:BD:25:99:CC:FC:1E:92:A4:BF:3A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hsfl80x5VHUMFr0lmcz8HpKkvzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.150.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:0d:b1:e5:59:ab:5d:34:60:39:e6:90:4a:8d:5b:73:b6:62:
de:83:5f:3b:ac:21:f5:3d:44:53:45:53:29:a7:6c:df:93:e5:
7d:a6:ee:61:ab:53:ac:42:f2:ca:9d:e1:46:25:73:59:45:b8:
c4:6c:7b:08:e2:c9:4f:bb:e4:e7:a8:b9:e3:80:41:d4:bb:fe:
5a:29:9d:1a:a5:28:61:44:30:27:b2:82:d4:01:da:5c:c9:d9:
19:fd:c7:27:53:2e:a2:3a:98:41:01:ae:1b:34:1b:c5:5c:f2:
42:ac:03:18:20:e8:05:b4:ec:20:78:ec:2c:3f:7e:2c:a8:9b:
8b:a1:70:87:61:f3:0b:ec:2f:ad:60:ab:c3:cc:4b:a9:b2:ce:
75:26:0f:0d:f8:40:2c:50:cc:e8:a5:2f:30:66:97:fc:de:ff:
a8:13:2a:40:85:e2:7b:81:28:69:50:45:4e:33:e3:75:71:0f:
86:f0:b1:28:bd:48:82:21:8c:44:98:a2:87:a2:0f:1a:af:8b:
da:03:3f:59:1b:1b:a4:52:98:ba:40:ea:a0:cb:77:f8:47:f4:
4a:e7:d9:4d:f6:b6:de:33:7c:cf:3c:ef:e2:71:b0:e8:3f:8b:
a2:f9:04:de:e1:40:77:52:f6:e6:57:f7:c8:54:80:6a:92:92:
76:79:b2:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWtkoAf4hEbg7nLirLATFQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMzE5MDg0MzM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM3ZTVmMzRjNzk1NDc1MGMxNmJkMjU5OWNjZmMxZTkyYTRiZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMRNDIfKzo0mfAB7hF3q5j14jOZR
J1hzIyGFUoJ+UxRlub0B0A6mrZw3eINImChA5mg1UlrqYw+VI3dapYH8w6qlIbh+
Qkp1Q2kq8Ia2jPBlt+SEdH5IC88zoh7kokrbLfo8X0zlKDggJZezwpXltEHsGLi7
al15Mvv/6ZdEhdIoe83eScEfB30SYiIuHhykKiGA1T5ohvlhs36nHu5xvw3HWxWr
Cow67mYKXpoi+LJQkzxw/w9SYLfC5smJQCULNLJ8aw3QVHf0Yh5XBd6sRsICWlKH
rPvv008Cj+sH4vv+aabk2BNazjW3+DmrlrLJa5ViSZcFzcBDwMbgxqtILQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbH5fNMeVR1DBa9JZnM/B6SpL86MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaHNmbDgweDVWSFVNRnIwbG1jejhIcEtrdnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrGWMA0G
CSqGSIb3DQEBCwUAA4IBAQBbDbHlWatdNGA55pBKjVtztmLeg187rCH1PURTRVMp
p2zfk+V9pu5hq1OsQvLKneFGJXNZRbjEbHsI4slPu+TnqLnjgEHUu/5aKZ0apShh
RDAnsoLUAdpcydkZ/ccnUy6iOphBAa4bNBvFXPJCrAMYIOgFtOwgeOwsP34sqJuL
oXCHYfML7C+tYKvDzEupss51Jg8N+EAsUMzopS8wZpf83v+oEypAheJ7gShpUEVO
M+N1cQ+G8LEovUiCIYxEmKKHog8ar4vaAz9ZGxukUpi6QOqgy3f4R/RK59lN9rbe
M3zPPO/icbDoP4ui+QTe4UB3UvbmV/fIVIBqkpJ2ebKf
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:23:06 2025 by rpki-client