Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/HgeaiXNp8oaIkVjkrRG17ULDd1I.roa
File: HgeaiXNp8oaIkVjkrRG17ULDd1I.roa (raw, json)
Hash identifier: wPu6bKujUWw8Q6Ywc1kUepdeVq7pWlsdycgmuKRoAys=
Subject key identifier: 1E:07:9A:89:73:69:F2:86:88:91:58:E4:AD:11:B5:ED:42:C3:77:52
Certificate issuer: /CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Certificate serial: 019425FDC841322DDB49061EB911CB698042
Authority key identifier: E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/HgeaiXNp8oaIkVjkrRG17ULDd1I.roa
Signing time: Thu 02 Jan 2025 07:49:36 +0000
ROA not before: Thu 02 Jan 2025 07:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58224
IP address blocks: 45.140.28.0/22 maxlen: 22
89.33.204.0/23 maxlen: 23
89.33.234.0/23 maxlen: 23
89.34.88.0/23 maxlen: 23
89.34.94.0/23 maxlen: 23
89.34.168.0/23 maxlen: 23
89.34.176.0/23 maxlen: 23
89.35.58.0/23 maxlen: 23
89.35.156.0/23 maxlen: 23
89.35.176.0/23 maxlen: 23
89.37.30.0/23 maxlen: 23
89.38.242.0/23 maxlen: 23
89.39.186.0/23 maxlen: 23
89.40.128.0/23 maxlen: 23
89.42.32.0/23 maxlen: 23
89.43.204.0/23 maxlen: 23
89.44.202.0/23 maxlen: 23
89.45.230.0/23 maxlen: 23
89.46.44.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c8:41:32:2d:db:49:06:1e:b9:11:cb:69:80:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Validity
Not Before: Jan 2 07:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e079a897369f286889158e4ad11b5ed42c37752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8a:b3:30:aa:74:23:0e:6c:25:dd:8d:24:f1:
d8:9b:3d:ee:73:cc:d9:6d:f4:e3:eb:33:da:72:57:
48:1a:93:c5:f1:70:3c:36:75:0f:9d:b8:b4:d3:6b:
64:0c:93:4e:79:51:81:5f:51:db:74:e6:a2:4d:c4:
eb:f6:05:ae:9e:07:3f:18:c8:b6:66:03:42:6b:13:
6c:9c:56:7c:08:74:1d:cd:04:bf:6a:00:6a:7a:46:
85:91:2b:46:d0:1d:4a:f7:14:21:26:7c:75:69:aa:
81:fc:52:99:0f:d5:0f:66:14:b2:98:a3:60:a1:1b:
92:f8:84:72:90:82:e7:a1:db:1a:13:61:b5:ee:50:
64:f0:e6:b2:7a:e1:f8:c4:33:99:06:03:0a:cc:e1:
82:78:69:2f:0d:eb:f5:9a:e3:b8:69:6b:4e:05:aa:
fb:e8:3d:bc:65:ce:2a:99:6d:60:47:42:62:ec:ee:
b8:ae:14:be:f7:1d:d3:1e:43:af:af:24:c0:fe:3b:
40:bc:ec:7d:e7:67:f8:f0:d5:51:93:94:db:06:35:
5b:40:98:c5:ab:f6:3d:c6:4e:22:d2:43:37:2a:d1:
d4:2f:1b:81:c7:b4:8f:6f:3e:42:53:1e:72:65:ea:
ca:7c:ca:31:a2:e3:22:3f:ec:2f:31:52:a3:06:d1:
72:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:07:9A:89:73:69:F2:86:88:91:58:E4:AD:11:B5:ED:42:C3:77:52
X509v3 Authority Key Identifier:
keyid:E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/HgeaiXNp8oaIkVjkrRG17ULDd1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.28.0/22
89.33.204.0/23
89.33.234.0/23
89.34.88.0/23
89.34.94.0/23
89.34.168.0/23
89.34.176.0/23
89.35.58.0/23
89.35.156.0/23
89.35.176.0/23
89.37.30.0/23
89.38.242.0/23
89.39.186.0/23
89.40.128.0/23
89.42.32.0/23
89.43.204.0/23
89.44.202.0/23
89.45.230.0/23
89.46.44.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:9d:f0:13:6d:5b:73:a2:34:41:f4:2f:e4:e9:74:d0:81:9c:
18:ab:a8:90:b0:ec:ce:dc:78:80:bf:29:90:8e:4f:ff:33:f6:
f7:8c:35:d0:c5:8a:6f:d9:87:ab:ad:7b:30:e5:69:5e:9d:ab:
f2:6c:88:7a:7f:88:e7:57:99:2a:7a:a4:c1:32:e5:04:b2:84:
df:ab:0a:87:49:8a:7c:29:07:cc:9e:72:66:11:9b:a6:fc:e5:
45:d8:f7:dc:5d:2d:79:4a:b8:75:5b:6a:ef:c5:ad:81:2c:c2:
93:2b:36:03:d4:a8:24:eb:f6:b2:71:2e:98:4a:ae:78:37:e4:
e9:4b:5d:1d:92:90:e0:5e:a9:c8:f6:98:05:90:03:74:49:c6:
2b:e3:fc:7b:70:29:98:9e:02:7b:28:76:58:d4:e7:6e:f6:32:
73:c3:46:cd:c5:7c:43:28:1e:64:a9:68:62:01:a5:a7:6e:3f:
9c:04:50:79:2c:d3:ec:e4:fd:8e:50:45:5b:8f:1e:15:85:61:
76:3c:80:8d:c1:db:25:0f:4d:f7:dd:75:2b:91:a8:62:46:e8:
03:82:48:b4:28:58:4e:02:f0:1a:aa:59:21:3d:bf:43:5b:0e:
2b:59:e1:6d:b6:f0:30:ee:b3:dd:c1:b3:12:36:07:d2:0e:cf:
01:45:e1:28
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZQl/chBMi3bSQYeuRHLaYBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVkNGU3NzgyMDljM2NhZTkzZDRiNzZkMzUwNzA0NDYy
YzNhYWIwHhcNMjUwMTAyMDc0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA3OWE4OTczNjlmMjg2ODg5MTU4ZTRhZDExYjVlZDQyYzM3NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YqzMKp0Iw5sJd2NJPHYmz3uc8zZ
bfTj6zPacldIGpPF8XA8NnUPnbi002tkDJNOeVGBX1HbdOaiTcTr9gWungc/GMi2
ZgNCaxNsnFZ8CHQdzQS/agBqekaFkStG0B1K9xQhJnx1aaqB/FKZD9UPZhSymKNg
oRuS+IRykILnodsaE2G17lBk8OayeuH4xDOZBgMKzOGCeGkvDev1muO4aWtOBar7
6D28Zc4qmW1gR0Ji7O64rhS+9x3THkOvryTA/jtAvOx952f48NVRk5TbBjVbQJjF
q/Y9xk4i0kM3KtHULxuBx7SPbz5CUx5yZerKfMoxouMiP+wvMVKjBtFypwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFB4HmolzafKGiJFY5K0Rte1Cw3dSMB8GA1UdIwQY
MBaAFOf+1Od4IJw8rpPUt201BwRGLDqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQt
OGJiODAxNTJhYjM0LzEvSGdlYWlYTnA4b2FJa1Zqa3JSRzE3VUxEZDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQtOGJiODAxNTJhYjM0
LzEvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAi2MHAME
AVkhzAMEAVkh6gMEAVkiWAMEAVkiXgMEAVkiqAMEAVkisAMEAVkjOgMEAVkjnAME
AVkjsAMEAVklHgMEAVkm8gMEAVknugMEAVkogAMEAVkqIAMEAVkrzAMEAVksygME
AVkt5gMEAVkuLDANBgkqhkiG9w0BAQsFAAOCAQEArJ3wE21bc6I0QfQv5Ol00IGc
GKuokLDsztx4gL8pkI5P/zP294w10MWKb9mHq617MOVpXp2r8myIen+I51eZKnqk
wTLlBLKE36sKh0mKfCkHzJ5yZhGbpvzlRdj33F0teUq4dVtq78WtgSzCkys2A9So
JOv2snEumEqueDfk6UtdHZKQ4F6pyPaYBZADdEnGK+P8e3ApmJ4Ceyh2WNTnbvYy
c8NGzcV8QygeZKloYgGlp24/nARQeSzT7OT9jlBFW48eFYVhdjyAjcHbJQ9N9911
K5GoYkboA4JItChYTgLwGqpZIT2/Q1sOK1nhbbbwMO6z3cGzEjYH0g7PAUXhKA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:28:33 2025 by rpki-client