Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/hou3gbHTustq9QfSPCqm4Z4RpOA.roa
File: hou3gbHTustq9QfSPCqm4Z4RpOA.roa (raw, json)
Hash identifier: uPeSAYfLfCGfT6yXfKM2iKTsl2J+SNMtVBvC8QQ/AJk=
Subject key identifier: 86:8B:B7:81:B1:D3:BA:CB:6A:F5:07:D2:3C:2A:A6:E1:9E:11:A4:E0
Certificate issuer: /CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Certificate serial: 0B8A6945
Authority key identifier: 1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/hou3gbHTustq9QfSPCqm4Z4RpOA.roa
Signing time: Wed 06 Apr 2022 14:05:45 +0000
ROA not before: Wed 06 Apr 2022 14:05:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201895
IP address blocks: 85.117.228.0/24 maxlen: 24
185.60.160.0/24 maxlen: 24
185.60.163.0/24 maxlen: 24
185.60.162.0/24 maxlen: 24
185.60.161.0/24 maxlen: 24
2a02:73a0:70::/48 maxlen: 48
2a02:73a0:60::/48 maxlen: 48
2a02:73a0:50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193620293 (0xb8a6945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Validity
Not Before: Apr 6 14:05:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=868bb781b1d3bacb6af507d23c2aa6e19e11a4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b1:c8:82:d7:bd:a5:42:fb:a2:41:f7:7c:0a:
b4:9c:d6:63:58:f3:85:57:c0:0e:13:de:13:96:a1:
d4:10:d7:e6:44:d1:87:46:b0:af:8a:fc:b7:29:ae:
f1:9b:e6:dd:81:ad:53:39:01:ba:ce:38:e2:f4:ab:
8a:d3:ef:22:e3:d0:db:51:a2:ed:c1:25:58:d5:cf:
ee:18:c8:2f:cc:25:5d:70:09:46:b1:a3:40:9e:c8:
4f:23:fb:74:6a:f6:64:64:20:64:12:0f:51:c0:38:
de:b7:5b:79:9b:58:72:44:94:88:b1:9a:7d:1d:17:
3d:6a:ab:7a:10:bb:91:77:b7:87:50:eb:a3:56:53:
b6:f0:c1:bc:f5:4a:dc:74:d7:76:5a:fc:a4:4f:60:
6f:7d:03:ea:da:13:77:d8:d8:9c:66:62:d8:e1:94:
e5:ad:53:e2:5a:ee:c2:73:9c:33:55:e7:08:71:99:
d1:13:7d:9d:d4:97:99:d9:b6:ab:f6:1e:62:93:f5:
de:08:a7:a9:3b:53:15:3e:17:f5:5b:25:b7:fb:60:
4b:6b:0e:e4:87:fb:e9:66:19:56:b6:5d:24:86:8c:
85:25:16:f5:40:ed:32:d3:94:7f:2a:88:1f:38:3f:
ad:07:93:d4:86:86:bc:87:8d:2f:e3:4f:d6:3d:71:
76:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8B:B7:81:B1:D3:BA:CB:6A:F5:07:D2:3C:2A:A6:E1:9E:11:A4:E0
X509v3 Authority Key Identifier:
keyid:1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/hou3gbHTustq9QfSPCqm4Z4RpOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/H-juh4U0Bs2NBLqOOb96Uf-4o7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.228.0/24
185.60.160.0/22
IPv6:
2a02:73a0:50::/48
2a02:73a0:60::/48
2a02:73a0:70::/48
Signature Algorithm: sha256WithRSAEncryption
58:5f:b6:0c:70:b7:be:0f:e9:f3:cb:49:69:e6:fc:3a:dd:1c:
86:2f:18:25:c2:3b:b7:8c:85:23:53:39:6e:c7:f7:2f:40:0f:
68:5c:a7:6b:d9:0c:21:1f:16:c6:ad:fe:5c:6a:d0:cd:40:4b:
57:62:cd:a7:d3:93:e8:eb:97:7e:78:fd:15:53:89:37:b6:ec:
71:a5:ee:70:e9:0c:22:c7:09:7c:de:f7:c7:0b:ad:12:dc:57:
3e:e9:97:2e:54:14:93:01:38:58:b5:fb:8e:a5:f0:eb:fa:7e:
c4:53:97:cb:59:28:b6:6b:b7:c0:09:fd:7d:ce:3d:88:13:31:
c3:d2:e5:10:86:ae:42:bb:49:3f:9d:38:02:04:dc:e0:9d:78:
b0:13:45:00:b2:21:c1:16:8f:db:c5:9f:b8:62:55:74:fd:71:
c9:26:3e:8d:9e:56:99:bf:30:74:96:77:fe:b9:80:bb:83:dd:
36:d7:5e:3c:f5:35:7f:a4:38:fc:e9:32:12:b3:20:fa:05:cf:
2d:ec:9a:4f:99:2b:6a:1f:30:7e:63:61:16:30:3f:ee:0a:39:
43:cb:bb:3c:9d:a7:01:7e:45:58:e9:56:3c:d1:30:18:34:ac:
65:cb:b6:94:18:45:f0:aa:58:3f:21:c3:08:5b:d0:42:e1:dc:
3e:1b:a8:1c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEC4ppRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmU4ZWU4Nzg1MzQwNmNkOGQwNGJhOGUzOWJmN2E1MWZmYjhhM2JjMB4XDTIyMDQw
NjE0MDU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY4YmI3ODFiMWQz
YmFjYjZhZjUwN2QyM2MyYWE2ZTE5ZTExYTRlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+xyILXvaVC+6JB93wKtJzWY1jzhVfADhPeE5ah1BDX5kTR
h0awr4r8tymu8Zvm3YGtUzkBus444vSritPvIuPQ21Gi7cElWNXP7hjIL8wlXXAJ
RrGjQJ7ITyP7dGr2ZGQgZBIPUcA43rdbeZtYckSUiLGafR0XPWqrehC7kXe3h1Dr
o1ZTtvDBvPVK3HTXdlr8pE9gb30D6toTd9jYnGZi2OGU5a1T4lruwnOcM1XnCHGZ
0RN9ndSXmdm2q/YeYpP13ginqTtTFT4X9Vslt/tgS2sO5If76WYZVrZdJIaMhSUW
9UDtMtOUfyqIHzg/rQeT1IaGvIeNL+NP1j1xdgECAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBSGi7eBsdO6y2r1B9I8KqbhnhGk4DAfBgNVHSMEGDAWgBQf6O6HhTQGzY0E
uo45v3pR/7ijvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gtanVoNFUwQnMyTkJMcU9PYjk2VWYtNG83dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvMDA0NDFkLTgwZTQtNGQxOC05NTgxLTVjNWVhYjhhOWUzYy8x
L2hvdTNnYkhUdXN0cTlRZlNQQ3FtNFo0UnBPQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
MDA0NDFkLTgwZTQtNGQxOC05NTgxLTVjNWVhYjhhOWUzYy8xL0gtanVoNFUwQnMy
TkJMcU9PYjk2VWYtNG83dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwEgQCAAEwDAMEAFV15AMEArk8oDAhBAIAAjAbAwcA
KgJzoABQAwcAKgJzoABgAwcAKgJzoABwMA0GCSqGSIb3DQEBCwUAA4IBAQBYX7YM
cLe+D+nzy0lp5vw63RyGLxglwju3jIUjUzlux/cvQA9oXKdr2QwhHxbGrf5catDN
QEtXYs2n05Po65d+eP0VU4k3tuxxpe5w6Qwixwl83vfHC60S3Fc+6ZcuVBSTAThY
tfuOpfDr+n7EU5fLWSi2a7fACf19zj2IEzHD0uUQhq5Cu0k/nTgCBNzgnXiwE0UA
siHBFo/bxZ+4YlV0/XHJJj6NnlaZvzB0lnf+uYC7g90211489TV/pDj86TISsyD6
Bc8t7JpPmStqHzB+Y2EWMD/uCjlDy7s8nacBfkVY6VY80TAYNKxly7aUGEXwqlg/
IcMIW9BC4dw+G6gc
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:43:51 2025 by rpki-client