Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/hVAUlTcyucowr3hAPgxflMe9oEo.roa
File: hVAUlTcyucowr3hAPgxflMe9oEo.roa (raw, json)
Hash identifier: CVSEmw9r2Z/kGdrcVf3e/aEHgpxL62EvBMGWQUBYY5k=
Subject key identifier: 85:50:14:95:37:32:B9:CA:30:AF:78:40:3E:0C:5F:94:C7:BD:A0:4A
Certificate issuer: /CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Certificate serial: 2FB79B98
Authority key identifier: 6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/hVAUlTcyucowr3hAPgxflMe9oEo.roa
Signing time: Sat 01 Jan 2022 11:53:37 +0000
ROA not before: Sat 01 Jan 2022 11:53:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 27970
IP address blocks: 194.143.130.0/23 maxlen: 24
193.16.100.0/24 maxlen: 24
185.5.134.0/24 maxlen: 24
195.246.98.0/24 maxlen: 24
185.5.135.0/24 maxlen: 24
195.246.99.0/24 maxlen: 24
2a00:12f0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800562072 (0x2fb79b98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Validity
Not Before: Jan 1 11:53:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=855014953732b9ca30af78403e0c5f94c7bda04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:64:62:64:62:c6:f6:d9:50:c6:c5:29:f6:73:
3e:e0:4f:58:4f:5d:b2:bf:c3:07:8c:0a:8d:62:d9:
f4:da:70:34:ce:d3:35:0c:be:77:31:90:84:52:df:
42:63:90:39:ff:b8:d2:ae:12:e7:b9:9e:bc:29:a6:
9d:81:2b:df:46:d7:2f:54:c4:7f:e0:a6:bd:59:6a:
8f:49:8c:f7:88:b7:9e:44:67:78:83:39:8b:30:5a:
93:83:3b:35:bb:58:2d:0a:cb:c3:1c:8b:13:ea:da:
5b:49:13:b0:6c:ca:7a:90:60:85:a2:3f:41:45:6b:
7c:79:62:5c:96:8e:15:b3:79:c2:05:d3:ba:72:8b:
1a:44:ae:e8:9b:14:fc:b7:76:11:a3:57:c6:7d:37:
cd:2c:fe:2f:21:73:9c:8c:11:52:1e:a2:38:cf:30:
7d:85:e3:53:cc:ea:ae:6b:f1:59:96:65:34:5d:f8:
c2:f3:e4:d2:6a:1d:48:27:e7:3a:25:e4:9f:26:d9:
db:4d:a3:28:42:8b:c2:68:7f:a7:95:fd:28:94:a4:
93:83:2e:82:2b:1b:70:55:01:8e:99:8b:cb:62:63:
2f:6a:69:a2:61:d2:64:05:1a:53:29:6e:47:8d:d5:
af:56:9a:c5:c1:59:a8:6d:83:12:d8:d7:80:21:36:
a0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:50:14:95:37:32:B9:CA:30:AF:78:40:3E:0C:5F:94:C7:BD:A0:4A
X509v3 Authority Key Identifier:
keyid:6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/hVAUlTcyucowr3hAPgxflMe9oEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.134.0/23
193.16.100.0/24
194.143.130.0/23
195.246.98.0/23
IPv6:
2a00:12f0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:66:8c:6a:0e:c8:e3:45:1a:97:fa:73:e2:42:99:9e:c1:c2:
60:49:d2:9e:e1:21:65:a6:9d:e2:b0:54:4d:5e:73:5e:95:48:
96:37:bc:61:73:b9:5a:45:d1:74:36:f9:f0:3b:cd:e2:2a:75:
b1:fc:72:ad:9f:42:81:ec:f7:98:f2:ab:f0:ea:1c:53:ff:93:
47:29:ca:15:23:6f:bb:2e:fa:94:aa:62:5e:ec:10:bb:13:16:
b6:07:6d:d8:d8:7e:ac:2e:e2:25:82:b4:9f:34:bb:72:c8:7c:
04:f3:5a:0f:15:b8:2d:09:c7:c4:9b:63:69:5c:d7:4c:8d:82:
05:35:b9:47:55:9f:fe:e1:4e:26:5e:91:91:8d:c3:10:a1:0e:
c1:2e:26:25:ae:66:18:2b:3a:aa:ca:f2:f4:7e:cb:48:f5:68:
3f:53:a2:3e:68:bd:4f:4d:6f:73:07:95:8e:e8:82:ae:33:dd:
01:57:79:b0:ce:fe:46:96:51:d6:88:0a:f3:a1:b2:21:e8:43:
e1:96:89:87:62:23:7c:85:41:2b:c8:e2:61:29:5a:b3:46:d7:
4f:55:6b:33:9a:8a:0a:c5:b1:c6:fe:92:5b:13:e0:a2:fa:b4:
ec:c0:4d:f8:ff:c2:d4:97:76:a2:c3:4d:d4:7b:61:00:03:d5:
1c:1f:37:84
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEL7ebmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDNlZTFhNTJhNWQ2NWI5MDkxZGU1YTViNDY0ZmI5NzAzMmQwZTliMB4XDTIyMDEw
MTExNTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU1MDE0OTUzNzMy
YjljYTMwYWY3ODQwM2UwYzVmOTRjN2JkYTA0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJkYmRixvbZUMbFKfZzPuBPWE9dsr/DB4wKjWLZ9NpwNM7T
NQy+dzGQhFLfQmOQOf+40q4S57mevCmmnYEr30bXL1TEf+CmvVlqj0mM94i3nkRn
eIM5izBak4M7NbtYLQrLwxyLE+raW0kTsGzKepBghaI/QUVrfHliXJaOFbN5wgXT
unKLGkSu6JsU/Ld2EaNXxn03zSz+LyFznIwRUh6iOM8wfYXjU8zqrmvxWZZlNF34
wvPk0modSCfnOiXknybZ202jKEKLwmh/p5X9KJSkk4MugisbcFUBjpmLy2JjL2pp
omHSZAUaUyluR43Vr1aaxcFZqG2DEtjXgCE2oAkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSFUBSVNzK5yjCveEA+DF+Ux72gSjAfBgNVHSMEGDAWgBRtPuGlKl1luQkd
5aW0ZPuXAy0OmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JUN2hwU3BkWmJrSkhlV2x0R1Q3bHdNdERwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvMTJlN2Q1LTNhMGYtNGJjNi05NjExLTA1NDM1ZWZkOGJmNi8x
L2hWQVVsVGN5dWNvd3IzaEFQZ3hmbE1lOW9Fby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
MTJlN2Q1LTNhMGYtNGJjNi05NjExLTA1NDM1ZWZkOGJmNi8xL2JUN2hwU3BkWmJr
SkhlV2x0R1Q3bHdNdERwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAbkFhgMEAMEQZAMEAcKPggMEAcP2
YjANBAIAAjAHAwUAKgAS8DANBgkqhkiG9w0BAQsFAAOCAQEASmaMag7I40Ual/pz
4kKZnsHCYEnSnuEhZaad4rBUTV5zXpVIlje8YXO5WkXRdDb58DvN4ip1sfxyrZ9C
gez3mPKr8OocU/+TRynKFSNvuy76lKpiXuwQuxMWtgdt2Nh+rC7iJYK0nzS7csh8
BPNaDxW4LQnHxJtjaVzXTI2CBTW5R1Wf/uFOJl6RkY3DEKEOwS4mJa5mGCs6qsry
9H7LSPVoP1OiPmi9T01vcweVjuiCrjPdAVd5sM7+RpZR1ogK86GyIehD4ZaJh2Ij
fIVBK8jiYSlas0bXT1VrM5qKCsWxxv6SWxPgovq07MBN+P/C1Jd2osNN1HthAAPV
HB83hA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:01 2025 by rpki-client