Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/Hsa9B01wYzQuVgyvO2-bkNj0_wY.roa
File: Hsa9B01wYzQuVgyvO2-bkNj0_wY.roa (raw, json)
Hash identifier: DdezXk60i94ZF2OulsTAeuZBcNuFWBHgNv3S98ro9B8=
Subject key identifier: 1E:C6:BD:07:4D:70:63:34:2E:56:0C:AF:3B:6F:9B:90:D8:F4:FF:06
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 0194228DE16681FC9BDEF4F317A0C64D2107
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/Hsa9B01wYzQuVgyvO2-bkNj0_wY.roa
Signing time: Wed 01 Jan 2025 15:48:31 +0000
ROA not before: Wed 01 Jan 2025 15:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50673
IP address blocks: 5.178.64.0/21 maxlen: 24
5.188.12.0/22 maxlen: 22
5.188.12.0/24 maxlen: 24
5.188.13.0/24 maxlen: 24
5.188.14.0/24 maxlen: 24
5.188.15.0/24 maxlen: 24
5.255.64.0/19 maxlen: 24
46.249.32.0/19 maxlen: 24
89.47.1.0/24 maxlen: 24
91.221.69.0/24 maxlen: 24
93.158.200.0/21 maxlen: 24
93.158.208.0/20 maxlen: 24
160.20.152.0/22 maxlen: 22
178.21.16.0/21 maxlen: 24
185.8.176.0/22 maxlen: 22
185.12.12.0/22 maxlen: 24
185.53.160.0/22 maxlen: 22
185.79.112.0/22 maxlen: 24
194.107.76.0/22 maxlen: 24
2a00:1ca8::/32 maxlen: 32
2a00:1ca8:77::/48 maxlen: 48
2a00:1caa::/32 maxlen: 32
2a03:3f40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e1:66:81:fc:9b:de:f4:f3:17:a0:c6:4d:21:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 1 15:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ec6bd074d7063342e560caf3b6f9b90d8f4ff06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:36:40:1d:be:0a:56:49:60:e2:e3:82:f2:1e:
b2:d3:63:b3:e6:f7:8e:c2:8a:39:be:f4:75:91:41:
cd:f3:3c:38:af:bf:e8:30:e2:b5:2e:c5:e5:df:a1:
76:0c:92:dd:b5:65:b8:5d:ef:d7:5f:35:ff:a2:94:
ec:ca:46:a1:2a:00:82:98:d8:af:3e:dc:a8:63:f2:
9e:3a:67:31:c7:35:e7:00:5b:e1:f0:a7:0e:7d:1b:
dc:7b:99:20:ab:04:3a:9a:e4:47:db:2d:64:f1:51:
ed:13:9d:09:16:b1:58:1a:df:9c:e5:04:36:00:a6:
d1:46:95:41:92:e7:16:f2:ee:31:9a:bd:ab:0b:1d:
f9:8c:4e:62:8f:cd:ac:e2:92:77:90:da:8a:ff:ff:
5e:4d:9a:8d:c8:4c:a2:56:7b:a2:94:a8:3e:9d:f2:
8c:d2:00:cd:da:89:24:97:4b:3e:75:87:9d:d1:b2:
e1:5c:32:af:17:a1:2f:2d:4e:1c:90:d2:ce:86:04:
45:15:80:ad:1c:9c:7a:71:80:30:ee:3c:5f:8f:f4:
f1:53:e5:ba:60:d6:78:60:8f:f7:7e:97:1c:9b:6b:
e9:1a:8a:71:65:5f:89:01:36:47:3c:70:d4:1b:59:
c9:f9:85:32:b8:d6:d2:9e:bc:0c:df:68:0d:9f:6a:
51:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C6:BD:07:4D:70:63:34:2E:56:0C:AF:3B:6F:9B:90:D8:F4:FF:06
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/Hsa9B01wYzQuVgyvO2-bkNj0_wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.64.0/21
5.188.12.0/22
5.255.64.0/19
46.249.32.0/19
89.47.1.0/24
91.221.69.0/24
93.158.200.0-93.158.223.255
160.20.152.0/22
178.21.16.0/21
185.8.176.0/22
185.12.12.0/22
185.53.160.0/22
185.79.112.0/22
194.107.76.0/22
IPv6:
2a00:1ca8::/32
2a00:1caa::/32
2a03:3f40::/32
Signature Algorithm: sha256WithRSAEncryption
58:f8:a5:fa:50:10:00:fa:bb:4b:b9:62:93:72:74:df:cb:4d:
c8:85:d7:f6:47:87:2d:d3:36:c8:5b:df:ed:8f:e3:69:ab:8b:
34:7b:f2:02:0a:de:95:71:85:7d:cb:ee:6d:95:cf:08:70:d7:
91:7d:79:a9:8e:1c:d9:11:22:8a:fe:64:9f:45:18:65:93:6b:
81:ef:f6:8d:db:38:82:c0:23:b7:b6:92:fc:ca:7f:e4:e2:68:
94:7e:4a:9c:bc:08:82:11:81:48:50:02:ed:86:85:87:2a:28:
ec:ae:f0:ef:93:a4:c8:32:aa:3f:3f:d0:00:e7:57:86:4f:6a:
fe:8d:20:9e:65:1b:3c:e1:19:98:e8:c2:49:9f:28:a4:2f:d1:
d2:1e:e4:0d:5e:c4:ef:81:62:56:65:c5:fa:80:ee:64:32:79:
d7:82:21:58:3a:1b:b6:62:dd:70:0f:30:87:a6:b8:ee:89:3e:
36:69:77:47:c4:33:b0:fd:6a:78:d0:97:fd:e1:5b:fd:a3:4e:
ec:eb:a8:6a:56:09:cb:a1:1e:02:0c:8c:13:ac:57:6d:1a:c3:
4c:8f:87:ad:0f:21:d1:c7:52:c9:9c:fb:17:c6:c6:10:64:f8:
85:30:61:36:e4:94:51:1d:2a:2a:4e:d3:9b:b4:80:90:8c:7c:
da:ac:a2:6c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZQijeFmgfyb3vTzF6DGTSEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjUwMTAxMTU0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWM2YmQwNzRkNzA2MzM0MmU1NjBjYWYzYjZmOWI5MGQ4ZjRmZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDZAHb4KVklg4uOC8h6y02Oz5veO
woo5vvR1kUHN8zw4r7/oMOK1LsXl36F2DJLdtWW4Xe/XXzX/opTsykahKgCCmNiv
PtyoY/KeOmcxxzXnAFvh8KcOfRvce5kgqwQ6muRH2y1k8VHtE50JFrFYGt+c5QQ2
AKbRRpVBkucW8u4xmr2rCx35jE5ij82s4pJ3kNqK//9eTZqNyEyiVnuilKg+nfKM
0gDN2okkl0s+dYed0bLhXDKvF6EvLU4ckNLOhgRFFYCtHJx6cYAw7jxfj/TxU+W6
YNZ4YI/3fpccm2vpGopxZV+JATZHPHDUG1nJ+YUyuNbSnrwM32gNn2pRRwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFB7GvQdNcGM0LlYMrztvm5DY9P8GMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvSHNhOUIwMXdZelF1Vmd5dk8yLWJrTmowX3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBiBAIAATBcAwQDBbJA
AwQCBbwMAwQFBf9AAwQFLvkgAwQAWS8BAwQAW91FMAwDBANdnsgDBAVdnsADBAKg
FJgDBAOyFRADBAK5CLADBAK5DAwDBAK5NaADBAK5T3ADBALCa0wwGwQCAAIwFQMF
ACoAHKgDBQAqAByqAwUAKgM/QDANBgkqhkiG9w0BAQsFAAOCAQEAWPil+lAQAPq7
S7lik3J038tNyIXX9keHLdM2yFvf7Y/jaauLNHvyAgrelXGFfcvubZXPCHDXkX15
qY4c2REiiv5kn0UYZZNrge/2jds4gsAjt7aS/Mp/5OJolH5KnLwIghGBSFAC7YaF
hyoo7K7w75OkyDKqPz/QAOdXhk9q/o0gnmUbPOEZmOjCSZ8opC/R0h7kDV7E74Fi
VmXF+oDuZDJ514IhWDobtmLdcA8wh6a47ok+Nml3R8QzsP1qeNCX/eFb/aNO7Ouo
alYJy6EeAgyME6xXbRrDTI+HrQ8h0cdSyZz7F8bGEGT4hTBhNuSUUR0qKk7Tm7SA
kIx82qyibA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:09 2025 by rpki-client