Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HcZRHkSWJv8SDVy_N4upDNiTMhc.roa
File: HcZRHkSWJv8SDVy_N4upDNiTMhc.roa (raw, json)
Hash identifier: Ch0POtAbErfxZoYYcbkDJtFIJwgoP8+OgFwYC+UKa3w=
Subject key identifier: 1D:C6:51:1E:44:96:26:FF:12:0D:5C:BF:37:8B:A9:0C:D8:93:32:17
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422203110B9632F68B80F11D017DB738D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HcZRHkSWJv8SDVy_N4upDNiTMhc.roa
Signing time: Wed 01 Jan 2025 13:48:42 +0000
ROA not before: Wed 01 Jan 2025 13:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 185.194.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:31:10:b9:63:2f:68:b8:0f:11:d0:17:db:73:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dc6511e449626ff120d5cbf378ba90cd8933217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:63:6c:e3:70:79:5d:2f:0e:bf:c8:9d:d0:85:
21:97:68:d5:6d:29:69:b9:39:fb:44:4c:00:37:84:
9d:3f:ee:67:01:0c:02:a7:89:98:52:80:ca:7d:24:
7c:4e:05:e2:2b:63:11:bc:30:cc:7c:ad:12:9e:32:
b1:6c:51:05:f5:cf:62:39:71:1f:d3:c4:47:b3:79:
e3:67:3e:03:3d:65:1b:3a:b9:6d:2e:0d:a8:34:71:
f8:ef:df:4f:62:6b:cd:4d:07:f3:f0:a9:74:72:5a:
7e:db:6d:ca:ad:01:50:75:40:a1:77:e5:0f:d5:92:
d6:27:97:11:d8:ac:b8:76:17:16:c8:7e:2f:bb:a0:
fe:25:0b:6c:6b:32:ec:81:4e:ea:a8:42:ce:e7:e2:
d9:cb:23:75:78:1b:f8:f5:5b:1e:e1:f8:d3:37:cf:
8e:18:c1:fa:cf:1e:bd:41:45:85:b2:c3:ed:1f:cb:
0c:99:19:1c:fd:2d:5a:21:81:a9:8b:ab:a6:da:0b:
ab:b5:18:19:bc:d9:43:a4:7d:50:5a:8b:a2:a7:eb:
3f:22:54:ef:81:f3:52:03:dd:92:21:35:24:ac:f1:
59:dd:b9:a6:b4:cc:2b:dd:cb:03:de:73:d7:58:87:
ff:5e:7c:40:ad:04:52:4f:13:33:b1:67:bb:a9:70:
8c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C6:51:1E:44:96:26:FF:12:0D:5C:BF:37:8B:A9:0C:D8:93:32:17
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HcZRHkSWJv8SDVy_N4upDNiTMhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.179.0/24
Signature Algorithm: sha256WithRSAEncryption
85:b7:10:6d:c1:f6:7d:f2:22:12:dd:31:86:73:fa:be:d7:cd:
11:57:47:f8:60:98:16:76:f6:5e:2d:8a:13:9c:ae:da:03:e6:
54:6b:f7:54:12:96:2f:20:c8:19:a0:c0:3a:cb:02:cc:9e:98:
f6:68:01:19:6a:bd:ad:ed:d9:67:9a:e0:13:72:da:70:ec:94:
9d:56:92:92:0e:a1:e7:89:3d:b3:b4:b0:9f:f8:91:86:2f:96:
70:4e:a4:78:02:8a:76:f8:69:cf:67:a6:18:39:43:db:fa:b1:
18:b7:34:86:56:19:b7:e3:f4:df:14:97:00:c7:ff:46:05:8a:
ab:f3:13:6a:44:38:d2:b3:e9:d3:bc:b7:16:32:33:d4:f6:7a:
f5:57:f0:f0:fe:79:84:25:49:44:43:14:8a:f4:71:de:f8:86:
df:25:75:d4:32:30:cc:b8:58:5a:6c:e6:08:09:98:d5:3c:7d:
e5:00:b4:e6:00:6f:2a:38:a7:8e:48:7d:c9:13:b9:ef:39:7d:
de:14:45:fa:77:31:78:38:2b:7f:60:3d:6b:62:a5:bc:2d:08:
07:a9:66:46:de:68:c1:93:51:7d:75:c2:6b:7a:01:a0:48:ec:
b0:f2:06:f9:a7:5e:88:be:9e:2f:a3:f1:99:f3:ca:93:e8:4f:
24:64:ee:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIDEQuWMvaLgPEdAX23ONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM2NTExZTQ0OTYyNmZmMTIwZDVjYmYzNzhiYTkwY2Q4OTMzMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2Ns43B5XS8Ov8id0IUhl2jVbSlp
uTn7REwAN4SdP+5nAQwCp4mYUoDKfSR8TgXiK2MRvDDMfK0SnjKxbFEF9c9iOXEf
08RHs3njZz4DPWUbOrltLg2oNHH4799PYmvNTQfz8Kl0clp+223KrQFQdUChd+UP
1ZLWJ5cR2Ky4dhcWyH4vu6D+JQtsazLsgU7qqELO5+LZyyN1eBv49Vse4fjTN8+O
GMH6zx69QUWFssPtH8sMmRkc/S1aIYGpi6um2gurtRgZvNlDpH1QWouip+s/IlTv
gfNSA92SITUkrPFZ3bmmtMwr3csD3nPXWIf/XnxArQRSTxMzsWe7qXCMMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3GUR5Elib/Eg1cvzeLqQzYkzIXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSGNaUkhrU1dKdjhTRFZ5X040dXBETmlUTWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucKzMA0G
CSqGSIb3DQEBCwUAA4IBAQCFtxBtwfZ98iIS3TGGc/q+180RV0f4YJgWdvZeLYoT
nK7aA+ZUa/dUEpYvIMgZoMA6ywLMnpj2aAEZar2t7dlnmuATctpw7JSdVpKSDqHn
iT2ztLCf+JGGL5ZwTqR4Aop2+GnPZ6YYOUPb+rEYtzSGVhm34/TfFJcAx/9GBYqr
8xNqRDjSs+nTvLcWMjPU9nr1V/Dw/nmEJUlEQxSK9HHe+IbfJXXUMjDMuFhabOYI
CZjVPH3lALTmAG8qOKeOSH3JE7nvOX3eFEX6dzF4OCt/YD1rYqW8LQgHqWZG3mjB
k1F9dcJregGgSOyw8gb5p16Ivp4vo/GZ88qT6E8kZO6U
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:28:25 2025 by rpki-client