Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/HFBEdH3RlWYpvPeNgp6xKhpodko.roa
File: HFBEdH3RlWYpvPeNgp6xKhpodko.roa (raw, json)
Hash identifier: JH1fjI/K5jNqNFebQu9ct1cPojHEsM6BVZLaKE0xEso=
Subject key identifier: 1C:50:44:74:7D:D1:95:66:29:BC:F7:8D:82:9E:B1:2A:1A:68:76:4A
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 019427B3C464532045263E26438C5859BD5B
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/HFBEdH3RlWYpvPeNgp6xKhpodko.roa
Signing time: Thu 02 Jan 2025 15:48:00 +0000
ROA not before: Thu 02 Jan 2025 15:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.56.84.0/24 maxlen: 24
185.56.85.0/24 maxlen: 24
185.56.86.0/24 maxlen: 24
185.56.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:c4:64:53:20:45:26:3e:26:43:8c:58:59:bd:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 2 15:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c5044747dd1956629bcf78d829eb12a1a68764a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:cc:08:4a:21:70:d0:7c:60:0a:ee:b2:93:
2e:5c:43:fd:3f:ee:19:3e:34:33:28:86:e0:0f:be:
66:fe:2f:8c:4d:9f:f8:a6:34:f5:95:22:53:64:49:
10:7a:87:62:5a:b9:86:75:20:69:ca:90:5a:2c:f9:
97:64:00:08:2f:f6:b9:b5:3d:8f:46:c4:9e:58:b5:
ed:8c:98:2d:16:4e:df:a3:87:3e:e8:de:17:28:83:
35:79:a7:ce:13:dc:92:5c:c2:79:2f:6c:fa:43:1d:
da:ac:47:90:83:48:7b:9c:0b:8f:41:e7:2b:49:7b:
25:8b:b7:ea:9d:95:15:75:c5:91:13:20:2a:63:68:
3c:d4:41:98:49:f2:32:81:f2:53:d9:9c:3f:74:60:
1b:c2:f3:c9:06:3f:ab:79:cf:20:35:80:d7:f9:f2:
00:15:55:7a:ec:e4:2d:da:10:77:68:73:b7:53:08:
0a:8f:34:6b:29:68:02:fd:91:0c:94:00:fd:01:1c:
af:ba:c0:47:4f:a1:f3:d5:14:0f:a2:ab:6e:4c:d1:
e7:68:b0:f8:f8:0e:08:0d:77:14:f4:8d:fb:a4:9e:
df:e9:9a:73:00:e9:f9:34:e8:a4:9e:5a:32:d6:45:
cd:14:eb:11:00:ab:de:53:10:4c:10:98:de:2f:e0:
59:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:50:44:74:7D:D1:95:66:29:BC:F7:8D:82:9E:B1:2A:1A:68:76:4A
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/HFBEdH3RlWYpvPeNgp6xKhpodko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.84.0/22
Signature Algorithm: sha256WithRSAEncryption
86:d5:3f:83:20:e6:ed:ad:4d:6e:3a:48:d8:4a:82:85:98:b2:
df:38:a2:3c:88:c3:f3:cf:be:9d:4e:4c:f0:ea:69:64:fe:e9:
f1:12:55:4b:af:f6:04:e5:04:6d:77:d6:78:09:e8:5c:44:2d:
67:62:ce:70:30:d0:18:2b:5e:83:3a:7c:4a:a8:2c:88:e6:49:
0f:7a:1d:c6:b7:d6:dc:c8:c9:4a:e9:38:fd:93:76:81:dc:f5:
9a:1e:58:76:fe:3f:39:69:43:f4:4f:7c:04:f1:1b:c1:31:25:
c9:fe:20:f3:37:d4:e6:43:9a:6d:de:1b:9c:79:de:df:44:f4:
1c:b2:59:62:87:bf:6e:af:42:66:51:08:e4:0d:f7:62:8d:3c:
32:09:cd:a5:f0:df:79:97:6e:e1:1a:76:18:10:5a:27:d5:de:
61:41:b2:5f:68:4b:6f:e4:b4:e9:66:e2:62:c7:4c:df:74:30:
ce:76:49:45:0f:57:38:a1:b0:76:1e:f4:f4:b6:07:a3:46:01:
4b:4e:6f:ee:7e:47:a2:f7:d0:0a:21:f0:12:f8:93:ae:de:0c:
9d:f1:77:d4:de:a5:cf:f3:88:5e:c3:87:8a:5a:1d:4f:77:76:
e1:5a:95:8c:37:f2:40:bd:c1:f5:04:94:44:0d:7c:b5:2a:cc:
86:0b:10:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns8RkUyBFJj4mQ4xYWb1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjUwMTAyMTU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzUwNDQ3NDdkZDE5NTY2MjliY2Y3OGQ4MjllYjEyYTFhNjg3NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0LMCEohcNB8YAruspMuXEP9P+4Z
PjQzKIbgD75m/i+MTZ/4pjT1lSJTZEkQeodiWrmGdSBpypBaLPmXZAAIL/a5tT2P
RsSeWLXtjJgtFk7fo4c+6N4XKIM1eafOE9ySXMJ5L2z6Qx3arEeQg0h7nAuPQecr
SXsli7fqnZUVdcWREyAqY2g81EGYSfIygfJT2Zw/dGAbwvPJBj+rec8gNYDX+fIA
FVV67OQt2hB3aHO3UwgKjzRrKWgC/ZEMlAD9ARyvusBHT6Hz1RQPoqtuTNHnaLD4
+A4IDXcU9I37pJ7f6ZpzAOn5NOiknloy1kXNFOsRAKveUxBMEJjeL+BZHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxQRHR90ZVmKbz3jYKesSoaaHZKMB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvSEZCRWRIM1JsV1lwdlBlTmdwNnhLaHBvZGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuThUMA0G
CSqGSIb3DQEBCwUAA4IBAQCG1T+DIObtrU1uOkjYSoKFmLLfOKI8iMPzz76dTkzw
6mlk/unxElVLr/YE5QRtd9Z4CehcRC1nYs5wMNAYK16DOnxKqCyI5kkPeh3Gt9bc
yMlK6Tj9k3aB3PWaHlh2/j85aUP0T3wE8RvBMSXJ/iDzN9TmQ5pt3huced7fRPQc
sllih79ur0JmUQjkDfdijTwyCc2l8N95l27hGnYYEFon1d5hQbJfaEtv5LTpZuJi
x0zfdDDOdklFD1c4obB2HvT0tgejRgFLTm/ufkei99AKIfAS+JOu3gyd8XfU3qXP
84hew4eKWh1Pd3bhWpWMN/JAvcH1BJREDXy1KsyGCxBv
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:52:52 2025 by rpki-client