Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/a_HHfSnnEdlNg0ultiOhxzmWjFo.roa
File: a_HHfSnnEdlNg0ultiOhxzmWjFo.roa (raw, json)
Hash identifier: Xvx8P4+JF036CRUk9QunfpMcTc8ubzmyRZkCP638Vyk=
Subject key identifier: 6B:F1:C7:7D:29:E7:11:D9:4D:83:4B:A5:B6:23:A1:C7:39:96:8C:5A
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0195C8FF018F02CD7F5DA6A89E7D1AB98E84
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/a_HHfSnnEdlNg0ultiOhxzmWjFo.roa
Signing time: Mon 24 Mar 2025 16:31:50 +0000
ROA not before: Mon 24 Mar 2025 16:31:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
2.58.53.0/24 maxlen: 24
5.180.192.0/23 maxlen: 24
5.180.195.0/24 maxlen: 24
45.86.124.0/23 maxlen: 24
45.86.125.0/24 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0c:8905::/32 maxlen: 32
2a0c:8906::/32 maxlen: 32
2a0e:de80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:ff:01:8f:02:cd:7f:5d:a6:a8:9e:7d:1a:b9:8e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Mar 24 16:31:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bf1c77d29e711d94d834ba5b623a1c739968c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e2:dd:43:12:d8:aa:86:80:d0:46:44:73:8e:
94:29:d4:e9:e1:ba:8d:65:a6:2e:a9:21:f3:ba:82:
99:c1:2c:47:3f:2f:c9:06:52:25:04:e4:3b:9a:29:
f9:6e:7c:f0:f0:ba:14:18:f7:22:7d:30:97:ca:45:
83:f8:89:2e:60:af:a9:5a:45:50:20:8c:72:78:d9:
65:ed:10:63:44:74:84:65:c0:f3:f3:7f:62:5f:ae:
6c:61:03:15:b3:61:a5:ac:0f:73:b8:67:12:48:1c:
bf:8a:2b:92:b2:10:f2:18:89:af:3f:85:27:9a:66:
ca:21:71:44:9c:8c:f8:c2:64:0f:b3:cc:90:28:f5:
f8:06:48:fb:98:cc:0d:79:3b:af:39:ce:65:d6:61:
91:89:73:23:35:b1:3c:28:2e:6b:d6:19:d2:a5:96:
9f:a7:e5:a7:30:4c:b0:e9:39:f7:05:ba:45:2c:da:
09:93:be:2f:27:10:8c:4a:93:c5:28:96:64:62:84:
d2:c7:1b:7b:9f:03:3a:8e:ea:80:c4:cc:64:f0:bc:
47:2f:4f:8a:8f:fa:a9:4b:48:8c:b0:67:d4:75:1d:
6b:49:ac:a1:4b:82:c1:5a:7b:10:d5:1c:80:1b:f6:
d1:fe:71:af:49:24:a3:2f:03:3d:27:ba:46:ab:38:
c8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F1:C7:7D:29:E7:11:D9:4D:83:4B:A5:B6:23:A1:C7:39:96:8C:5A
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/a_HHfSnnEdlNg0ultiOhxzmWjFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
5.180.195.0/24
45.86.124.0/23
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
15:ca:2b:e1:a8:b3:bc:39:d8:8f:36:8d:92:0d:55:f7:e3:ca:
62:96:15:cf:93:54:d9:e2:6c:4d:4d:be:47:7b:eb:27:cf:53:
fb:15:55:e4:d6:52:26:97:ef:ae:9d:fa:94:a6:23:1a:a5:f4:
ed:11:e2:d8:60:1c:99:2b:f8:84:ed:59:d0:5f:a8:36:d9:db:
34:bb:07:78:b7:1f:37:f5:43:e8:10:a1:2d:5c:6e:af:12:33:
e7:67:f1:36:07:1d:5d:03:9b:3b:c7:6e:2e:94:75:50:16:9c:
6b:5d:3e:47:0d:33:9b:2f:81:36:35:2a:7d:e7:5a:bb:0a:c9:
3a:bd:a8:ed:6b:e0:a2:22:6c:fc:a3:9c:4b:06:ca:2d:4c:c2:
48:aa:57:b8:c8:25:3d:5b:d6:45:05:65:16:82:bd:fb:32:f3:
87:c4:54:0e:f1:ea:44:b2:70:8f:fe:f1:61:58:9f:b5:ce:80:
1d:cc:ca:51:04:9f:bd:21:f9:ad:07:6c:20:53:91:16:43:9f:
16:2f:61:bb:a6:6f:62:a5:9e:dc:54:05:0d:f3:6f:83:a2:26:
7a:cd:8e:fc:26:bb:ac:a0:6a:f8:88:c6:63:65:7d:e6:7e:ef:
9a:4b:06:c7:cc:59:45:48:52:77:b3:84:72:0a:89:38:f5:03:
82:af:4b:26
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZXI/wGPAs1/Xaaonn0auY6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMzI0MTYzMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmYxYzc3ZDI5ZTcxMWQ5NGQ4MzRiYTViNjIzYTFjNzM5OTY4YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OLdQxLYqoaA0EZEc46UKdTp4bqN
ZaYuqSHzuoKZwSxHPy/JBlIlBOQ7min5bnzw8LoUGPcifTCXykWD+IkuYK+pWkVQ
IIxyeNll7RBjRHSEZcDz839iX65sYQMVs2GlrA9zuGcSSBy/iiuSshDyGImvP4Un
mmbKIXFEnIz4wmQPs8yQKPX4Bkj7mMwNeTuvOc5l1mGRiXMjNbE8KC5r1hnSpZaf
p+WnMEyw6Tn3BbpFLNoJk74vJxCMSpPFKJZkYoTSxxt7nwM6juqAxMxk8LxHL0+K
j/qpS0iMsGfUdR1rSayhS4LBWnsQ1RyAG/bR/nGvSSSjLwM9J7pGqzjIRQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFGvxx30p5xHZTYNLpbYjocc5loxaMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvYV9ISGZTbm5FZGxOZzB1bHRpT2h4em1XakZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQABbTDAwQBLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBABXKK+Gos7w5
2I82jZINVffjymKWFc+TVNnibE1Nvkd76yfPU/sVVeTWUiaX766d+pSmIxql9O0R
4thgHJkr+ITtWdBfqDbZ2zS7B3i3Hzf1Q+gQoS1cbq8SM+dn8TYHHV0DmzvHbi6U
dVAWnGtdPkcNM5svgTY1Kn3nWrsKyTq9qO1r4KIibPyjnEsGyi1MwkiqV7jIJT1b
1kUFZRaCvfsy84fEVA7x6kSycI/+8WFYn7XOgB3MylEEn70h+a0HbCBTkRZDnxYv
Ybumb2KlntxUBQ3zb4OiJnrNjvwmu6ygaviIxmNlfeZ+75pLBsfMWUVIUnezhHIK
iTj1A4KvSyY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:35 2025 by rpki-client