Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/he-9O0rw1scVnV8QKLbFYmxFilo.roa
File: he-9O0rw1scVnV8QKLbFYmxFilo.roa (raw, json)
Hash identifier: 5u76H6F4zhHuyIDIEsIVg7UrT9YlgKHZ6fwd0Bucupw=
Subject key identifier: 85:EF:BD:3B:4A:F0:D6:C7:15:9D:5F:10:28:B6:C5:62:6C:45:8A:5A
Certificate issuer: /CN=d897faea94815e0520b46f185c3ebec29b376ef0
Certificate serial: 01942521D25E737F818CB17D8E5721689A09
Authority key identifier: D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/he-9O0rw1scVnV8QKLbFYmxFilo.roa
Signing time: Thu 02 Jan 2025 03:49:20 +0000
ROA not before: Thu 02 Jan 2025 03:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212882
IP address blocks: 91.237.218.0/24 maxlen: 24
95.130.184.0/22 maxlen: 23
95.130.186.0/23 maxlen: 23
95.130.188.0/22 maxlen: 22
185.14.108.0/24 maxlen: 24
185.14.109.0/24 maxlen: 24
185.14.110.0/24 maxlen: 24
185.14.111.0/24 maxlen: 24
2a03:ac40:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d2:5e:73:7f:81:8c:b1:7d:8e:57:21:68:9a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d897faea94815e0520b46f185c3ebec29b376ef0
Validity
Not Before: Jan 2 03:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85efbd3b4af0d6c7159d5f1028b6c5626c458a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9c:0d:95:11:03:f9:f5:44:0c:7b:ea:14:83:
6c:b2:05:e8:f5:1c:ff:60:c7:46:91:0f:20:5d:05:
4f:b0:5a:89:49:50:48:6f:fe:0c:aa:14:b5:ba:a6:
c3:e1:46:96:fd:41:b3:cd:68:50:87:cb:23:f2:10:
d1:ca:97:2c:92:05:a8:04:9c:bd:d2:10:9d:62:ea:
43:61:5e:9c:bf:f2:10:64:5b:0b:ee:f8:3d:f3:b0:
19:df:f4:c0:20:46:fe:0a:33:24:84:fd:48:26:b3:
f8:57:89:43:ae:ee:14:b4:ca:fb:09:fa:af:b6:91:
6a:be:0f:1d:b9:d5:72:d6:58:0d:ad:30:1d:a6:5d:
6d:c5:7b:68:8b:ce:35:2f:69:dd:3d:67:01:ff:c8:
89:3b:76:51:63:38:83:f7:3c:34:69:c2:f9:4f:e8:
d4:27:93:fe:ca:4a:d9:3c:cb:87:a3:1d:53:93:eb:
84:ff:58:f4:7c:77:28:12:f2:e6:3b:79:52:3e:24:
e0:07:54:49:6f:5b:95:8c:88:b0:3b:b8:12:65:08:
cd:64:7a:ad:b0:55:80:41:71:57:f9:3a:99:74:69:
25:26:03:c4:83:95:b7:5a:4a:d3:37:28:9a:a7:ba:
f3:0c:d5:aa:9f:8c:8e:99:56:36:26:85:67:6b:5d:
82:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EF:BD:3B:4A:F0:D6:C7:15:9D:5F:10:28:B6:C5:62:6C:45:8A:5A
X509v3 Authority Key Identifier:
keyid:D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/he-9O0rw1scVnV8QKLbFYmxFilo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/2Jf66pSBXgUgtG8YXD6-wps3bvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.218.0/24
95.130.184.0/21
185.14.108.0/22
IPv6:
2a03:ac40:1::/48
Signature Algorithm: sha256WithRSAEncryption
4d:48:50:cb:d9:96:ef:69:40:9f:32:c1:67:e8:e8:cb:e8:d7:
bc:d5:b2:c0:52:ea:cd:eb:8e:2f:9e:ea:64:68:f8:05:2e:11:
06:a8:a3:81:62:64:28:4d:33:50:77:b6:1c:14:63:9d:15:55:
ab:6f:e5:05:bf:2f:6c:9c:81:81:07:cf:2e:d5:c6:f7:0d:85:
6f:ed:48:13:61:9c:e5:14:8e:40:76:a6:9a:34:39:cf:90:81:
e2:80:6e:eb:8e:4b:c9:a9:d0:bd:08:ce:b6:7e:fd:9c:a7:2e:
99:91:0b:97:a2:8d:63:7b:90:78:a7:a7:3a:58:2d:2f:41:60:
5f:d5:26:0f:59:f9:98:7d:2b:85:e3:5f:12:c9:23:65:f2:f4:
52:c0:b3:39:ba:d0:78:e3:d5:9e:a3:2e:72:69:f1:ab:35:96:
07:a0:18:e7:bb:8d:a1:3b:15:c4:22:5f:0a:bf:e7:0a:b1:80:
97:82:8f:bb:ca:3e:94:82:e5:2b:e4:cb:f1:33:39:58:49:71:
74:b8:bd:8a:f9:df:5e:be:42:26:7d:0e:e8:f7:cc:49:18:da:
96:03:58:ea:29:ce:aa:92:00:a6:64:c2:2c:fe:72:9b:b9:fc:
2c:55:b5:63:69:c2:99:db:9c:f8:b7:65:bf:fa:7a:1d:8f:c7:
08:cd:d1:26
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQlIdJec3+BjLF9jlchaJoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTdmYWVhOTQ4MTVlMDUyMGI0NmYxODVjM2ViZWMyOWIz
NzZlZjAwHhcNMjUwMTAyMDM0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWVmYmQzYjRhZjBkNmM3MTU5ZDVmMTAyOGI2YzU2MjZjNDU4YTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pwNlRED+fVEDHvqFINssgXo9Rz/
YMdGkQ8gXQVPsFqJSVBIb/4MqhS1uqbD4UaW/UGzzWhQh8sj8hDRypcskgWoBJy9
0hCdYupDYV6cv/IQZFsL7vg987AZ3/TAIEb+CjMkhP1IJrP4V4lDru4UtMr7Cfqv
tpFqvg8dudVy1lgNrTAdpl1txXtoi841L2ndPWcB/8iJO3ZRYziD9zw0acL5T+jU
J5P+ykrZPMuHox1Tk+uE/1j0fHcoEvLmO3lSPiTgB1RJb1uVjIiwO7gSZQjNZHqt
sFWAQXFX+TqZdGklJgPEg5W3WkrTNyiap7rzDNWqn4yOmVY2JoVna12CpwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIXvvTtK8NbHFZ1fECi2xWJsRYpaMB8GA1UdIwQY
MBaAFNiX+uqUgV4FILRvGFw+vsKbN27wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpmNjZwU0JYZ1VndEc4WVhENi13cHMzYnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NmEyMTYtY2FlNy00ODg2LThlNzct
YzgxM2NlMGY1ZTQ3LzEvaGUtOU8wcncxc2NWblY4UUtMYkZZbXhGaWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3
LzEvMkpmNjZwU0JYZ1VndEc4WVhENi13cHMzYnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW+3aAwQD
X4K4AwQCuQ5sMA8EAgACMAkDBwAqA6xAAAEwDQYJKoZIhvcNAQELBQADggEBAE1I
UMvZlu9pQJ8ywWfo6Mvo17zVssBS6s3rji+e6mRo+AUuEQaoo4FiZChNM1B3thwU
Y50VVatv5QW/L2ycgYEHzy7VxvcNhW/tSBNhnOUUjkB2ppo0Oc+QgeKAbuuOS8mp
0L0IzrZ+/ZynLpmRC5eijWN7kHinpzpYLS9BYF/VJg9Z+Zh9K4XjXxLJI2Xy9FLA
szm60Hjj1Z6jLnJp8as1lgegGOe7jaE7FcQiXwq/5wqxgJeCj7vKPpSC5Svky/Ez
OVhJcXS4vYr5316+QiZ9Duj3zEkY2pYDWOopzqqSAKZkwiz+cpu5/CxVtWNpwpnb
nPi3Zb/6eh2PxwjN0SY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:44:15 2025 by rpki-client