Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HXwHo-wRi12TcgJsmfi3-ivFDJc.roa
File: HXwHo-wRi12TcgJsmfi3-ivFDJc.roa (raw, json)
Hash identifier: OGgsBRdZD+viAT3WL7RRm4j0CEjdc/ZtwoBXiyprz0E=
Subject key identifier: 1D:7C:07:A3:EC:11:8B:5D:93:72:02:6C:99:F8:B7:FA:2B:C5:0C:97
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0194228D2CAE59A17752C305214A69C3E572
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HXwHo-wRi12TcgJsmfi3-ivFDJc.roa
Signing time: Wed 01 Jan 2025 15:47:44 +0000
ROA not before: Wed 01 Jan 2025 15:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35298
IP address blocks: 31.173.176.0/20 maxlen: 20
37.29.76.0/22 maxlen: 22
78.41.100.0/22 maxlen: 22
178.176.154.0/23 maxlen: 23
2a03:d000:8703::/48 maxlen: 48
2a03:d000:8704::/48 maxlen: 48
2a03:d000:8740::/48 maxlen: 48
2a03:d000:8741::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:2c:ae:59:a1:77:52:c3:05:21:4a:69:c3:e5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 15:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d7c07a3ec118b5d9372026c99f8b7fa2bc50c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:85:33:9e:16:24:7a:07:26:82:ab:b8:48:
f0:96:d1:d5:9b:f9:1c:b5:47:c2:ca:43:59:be:d4:
c0:21:94:58:b5:fb:71:59:f2:47:84:79:09:4a:dc:
e6:91:5a:03:8f:b2:ce:24:9a:3d:ec:b6:df:d6:be:
2e:34:02:69:db:40:e0:2b:e8:c8:7b:f2:57:bb:9e:
bc:52:02:41:8e:9e:47:b4:ac:4f:c3:8d:2e:9b:44:
21:49:60:f9:27:b9:e7:06:99:b7:a9:0b:30:45:85:
49:47:22:83:3a:42:6f:a4:42:58:df:02:a6:b0:85:
1f:ab:77:d7:fd:f9:eb:28:b8:98:72:8b:b6:fb:0d:
97:35:3e:82:81:7d:9e:1a:7b:ed:f6:58:f1:ad:95:
1b:d4:c3:db:e3:48:7d:12:14:ec:93:2b:16:0e:f6:
a6:65:65:cf:e2:16:d9:f3:13:89:3d:1e:f9:db:d0:
c8:9f:8b:50:54:19:ce:bd:fb:6e:04:11:2b:5e:a0:
2a:7e:13:28:e5:0d:00:56:e4:6f:eb:6a:30:cc:6b:
a0:2e:28:c1:1f:01:93:cb:5c:fa:1e:34:43:6e:ab:
02:46:9b:c3:2a:77:05:38:13:40:e7:6e:6a:42:ca:
92:2d:38:e5:2f:09:f6:09:63:a5:48:0a:42:e0:88:
c4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:7C:07:A3:EC:11:8B:5D:93:72:02:6C:99:F8:B7:FA:2B:C5:0C:97
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HXwHo-wRi12TcgJsmfi3-ivFDJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.176.0/20
37.29.76.0/22
78.41.100.0/22
178.176.154.0/23
IPv6:
2a03:d000:8703::-2a03:d000:8704:ffff:ffff:ffff:ffff:ffff
2a03:d000:8740::/47
Signature Algorithm: sha256WithRSAEncryption
ab:9c:1b:01:5d:1b:b2:4f:fe:11:8c:d8:42:2e:37:da:a8:48:
78:97:fd:93:4e:80:d5:e5:90:51:48:72:2a:5d:a9:f2:15:09:
41:3a:52:27:8a:53:f9:d3:08:83:92:9f:fc:93:f6:41:c2:a3:
f1:ce:58:eb:81:2e:4e:c4:00:b3:f1:a0:17:43:44:3a:48:bd:
e0:47:67:bc:05:02:85:da:9a:24:fa:ca:3d:7a:7f:74:19:de:
77:a0:ec:e2:40:8a:eb:1e:d8:0e:a2:17:0e:be:52:15:b9:ac:
c3:4b:52:26:fc:ea:a0:10:c1:a4:7f:18:ab:5c:65:4b:a2:a4:
62:00:b1:99:31:ce:46:50:18:61:39:3c:0e:01:15:bd:69:d0:
44:aa:77:3e:4c:99:cd:78:ed:80:b4:10:76:79:e3:16:88:84:
24:e7:68:7f:20:04:3a:43:ca:4d:88:1c:03:85:66:c5:6c:eb:
44:93:4a:3d:94:ec:2e:00:3e:88:37:d7:6d:2e:19:42:a9:71:
ec:68:8c:82:a5:90:dc:7e:0b:d5:a2:b9:ef:3e:8a:b2:d2:0e:
eb:d6:22:e5:bd:8b:9d:41:b8:9c:c6:fb:15:f5:d9:15:b1:82:
8e:68:f8:9c:85:7e:eb:af:7c:9e:01:fd:11:ad:a2:ff:87:0b:
58:9e:5d:5f
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZQijSyuWaF3UsMFIUppw+VyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDdjMDdhM2VjMTE4YjVkOTM3MjAyNmM5OWY4YjdmYTJiYzUwYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO2FM54WJHoHJoKruEjwltHVm/kc
tUfCykNZvtTAIZRYtftxWfJHhHkJStzmkVoDj7LOJJo97Lbf1r4uNAJp20DgK+jI
e/JXu568UgJBjp5HtKxPw40um0QhSWD5J7nnBpm3qQswRYVJRyKDOkJvpEJY3wKm
sIUfq3fX/fnrKLiYcou2+w2XNT6CgX2eGnvt9ljxrZUb1MPb40h9EhTskysWDvam
ZWXP4hbZ8xOJPR7529DIn4tQVBnOvftuBBErXqAqfhMo5Q0AVuRv62owzGugLijB
HwGTy1z6HjRDbqsCRpvDKncFOBNA525qQsqSLTjlLwn2CWOlSApC4IjEJwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFB18B6PsEYtdk3ICbJn4t/orxQyXMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSFh3SG8td1JpMTJUY2dKc21maTMtaXZGREpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAeBAIAATAYAwQEH62wAwQC
JR1MAwQCTilkAwQBsrCaMCMEAgACMB0wEgMHACoD0ACHAwMHACoD0ACHBAMHASoD
0ACHQDANBgkqhkiG9w0BAQsFAAOCAQEAq5wbAV0bsk/+EYzYQi432qhIeJf9k06A
1eWQUUhyKl2p8hUJQTpSJ4pT+dMIg5Kf/JP2QcKj8c5Y64EuTsQAs/GgF0NEOki9
4EdnvAUChdqaJPrKPXp/dBned6Ds4kCK6x7YDqIXDr5SFbmsw0tSJvzqoBDBpH8Y
q1xlS6KkYgCxmTHORlAYYTk8DgEVvWnQRKp3PkyZzXjtgLQQdnnjFoiEJOdofyAE
OkPKTYgcA4VmxWzrRJNKPZTsLgA+iDfXbS4ZQqlx7GiMgqWQ3H4L1aK57z6KstIO
69Yi5b2LnUG4nMb7FfXZFbGCjmj4nIV+6698ngH9Ea2i/4cLWJ5dXw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:13 2025 by rpki-client