Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hSgBHHThYWLMq7IM_RhmvJjVoy8.roa
File: hSgBHHThYWLMq7IM_RhmvJjVoy8.roa (raw, json)
Hash identifier: yk5O3mBEXBBlOjTQEVo6JL+3ssclyXQPHynxuCap0Z4=
Subject key identifier: 85:28:01:1C:74:E1:61:62:CC:AB:B2:0C:FD:18:66:BC:98:D5:A3:2F
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A529A24FB7F37D183622CB0F14889
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hSgBHHThYWLMq7IM_RhmvJjVoy8.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210405
IP address blocks: 185.223.164.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:52:9a:24:fb:7f:37:d1:83:62:2c:b0:f1:48:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8528011c74e16162ccabb20cfd1866bc98d5a32f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:cc:85:a6:d9:2e:94:49:f4:cd:8c:cd:aa:
57:05:93:d4:c6:c8:5b:6c:f9:ff:f4:e7:26:c2:46:
2d:cd:24:55:a0:91:ae:9d:ee:c5:3e:bf:79:5b:82:
29:e5:ec:a4:16:cd:5c:f4:b1:00:fd:9c:99:b0:b6:
a0:0b:6f:54:df:89:03:82:35:70:7f:ba:1c:cb:2b:
f0:b0:9e:4d:9b:9f:1b:29:18:46:f0:cb:24:44:bb:
5e:9e:bd:e6:f1:a7:5a:46:40:fc:93:7e:b2:1d:9f:
e6:dd:b6:d5:dd:31:e6:6d:d6:43:f8:ce:f8:1d:5e:
07:7c:9c:78:66:07:45:e9:14:ed:64:5e:84:48:9c:
f6:37:5e:80:93:84:0f:5d:dd:b3:1a:cc:47:35:e1:
8b:a9:65:db:06:87:5d:2a:31:3d:a5:51:c3:ff:42:
60:48:7c:24:9a:9a:1d:90:05:98:a3:e9:31:38:37:
1f:5b:ae:33:e2:e2:f6:bf:f9:05:31:84:be:70:c2:
cf:2e:d0:c4:68:a2:29:7e:c9:72:5e:2e:c2:67:b8:
45:ca:18:1c:b0:ab:13:57:6d:11:e6:e1:b7:22:be:
35:08:89:2d:c4:77:01:bc:e2:b5:ee:13:d2:03:b1:
56:5d:4b:4c:05:97:60:75:cd:c4:6e:c5:91:8d:46:
98:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:28:01:1C:74:E1:61:62:CC:AB:B2:0C:FD:18:66:BC:98:D5:A3:2F
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hSgBHHThYWLMq7IM_RhmvJjVoy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.164.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7a:41:8d:3f:59:ad:06:80:62:68:2b:4d:9b:45:57:9d:7e:
df:3d:1e:93:65:43:1f:b7:ff:4d:bb:af:b5:c6:34:66:e2:b7:
14:3b:8e:7c:7e:2c:c0:9e:43:2c:f3:04:82:ff:b9:2b:f9:e7:
b2:bd:f4:00:ad:55:a5:66:85:ad:99:23:f8:67:f8:88:5f:9a:
5b:87:17:0e:73:4f:c2:91:61:b4:9f:0f:b3:65:a4:86:2b:23:
1a:cd:32:50:84:5b:bd:64:76:bd:62:16:fd:37:08:49:ed:7a:
91:ce:34:29:d6:de:c8:23:db:42:e3:84:3f:e6:c0:36:54:fa:
4f:b0:bb:61:04:aa:b4:aa:11:a9:e7:ac:a3:9c:04:91:b4:3b:
1b:f7:3f:e3:b6:a7:f7:48:5d:06:4e:93:57:a5:3e:93:91:a9:
3c:d8:3f:1a:0d:42:c7:bf:25:f5:b3:61:f0:40:ae:fb:ba:63:
cc:b7:9b:b1:2c:39:b5:f2:a0:b5:94:ee:bd:de:c9:22:89:31:
8e:79:b6:25:fa:d0:21:9d:82:15:1e:b3:da:66:6d:ef:59:06:
28:d2:c5:90:3d:b5:45:04:12:11:61:58:7e:bc:84:38:da:88:
04:f2:a3:2f:ed:4f:47:a5:da:6c:ba:e2:6b:87:cc:0c:50:65:
b8:9c:07:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjalKaJPt/N9GDYiyw8UiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTI4MDExYzc0ZTE2MTYyY2NhYmIyMGNmZDE4NjZiYzk4ZDVhMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp7MhabZLpRJ9M2MzapXBZPUxshb
bPn/9OcmwkYtzSRVoJGune7FPr95W4Ip5eykFs1c9LEA/ZyZsLagC29U34kDgjVw
f7ocyyvwsJ5Nm58bKRhG8MskRLtenr3m8adaRkD8k36yHZ/m3bbV3THmbdZD+M74
HV4HfJx4ZgdF6RTtZF6ESJz2N16Ak4QPXd2zGsxHNeGLqWXbBoddKjE9pVHD/0Jg
SHwkmpodkAWYo+kxODcfW64z4uL2v/kFMYS+cMLPLtDEaKIpfslyXi7CZ7hFyhgc
sKsTV20R5uG3Ir41CIktxHcBvOK17hPSA7FWXUtMBZdgdc3EbsWRjUaY8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUoARx04WFizKuyDP0YZryY1aMvMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvaFNnQkhIVGhZV0xNcTdJTV9SaG12SmpWb3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud+kMA0G
CSqGSIb3DQEBCwUAA4IBAQB0ekGNP1mtBoBiaCtNm0VXnX7fPR6TZUMft/9Nu6+1
xjRm4rcUO458fizAnkMs8wSC/7kr+eeyvfQArVWlZoWtmSP4Z/iIX5pbhxcOc0/C
kWG0nw+zZaSGKyMazTJQhFu9ZHa9Yhb9NwhJ7XqRzjQp1t7II9tC44Q/5sA2VPpP
sLthBKq0qhGp56yjnASRtDsb9z/jtqf3SF0GTpNXpT6Tkak82D8aDULHvyX1s2Hw
QK77umPMt5uxLDm18qC1lO693skiiTGOebYl+tAhnYIVHrPaZm3vWQYo0sWQPbVF
BBIRYVh+vIQ42ogE8qMv7U9HpdpsuuJrh8wMUGW4nAeO
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:40:24 2025 by rpki-client