Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/HWKuq43ra0KbMfQ1sxyaLKRxMYU.roa
File: HWKuq43ra0KbMfQ1sxyaLKRxMYU.roa (raw, json)
Hash identifier: OmDhJNZj5y5DErtiCu3LMFfMUdiwxKehyMoTP4Ak7ls=
Subject key identifier: 1D:62:AE:AB:8D:EB:6B:42:9B:31:F4:35:B3:1C:9A:2C:A4:71:31:85
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019422FBA445D5B9997C73C392FA19A2B775
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/HWKuq43ra0KbMfQ1sxyaLKRxMYU.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211619
IP address blocks: 45.9.168.0/24 maxlen: 24
77.242.152.0/24 maxlen: 24
77.242.153.0/24 maxlen: 24
77.242.155.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a4:45:d5:b9:99:7c:73:c3:92:fa:19:a2:b7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d62aeab8deb6b429b31f435b31c9a2ca4713185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a0:8a:86:2c:1b:51:90:2a:f9:ff:77:a9:d9:
12:14:b3:e4:1f:f1:53:c2:ef:fd:11:26:a2:b2:19:
11:5e:eb:24:36:f0:54:34:8a:b0:0c:46:6e:00:0a:
75:dd:c4:36:18:77:df:42:44:09:bc:f3:e0:8a:aa:
a0:14:f2:6e:50:c6:7e:08:bf:e0:ef:6e:c1:b3:02:
5a:9f:0a:7d:8f:a4:f2:e8:40:22:c4:ab:df:ab:d7:
05:27:bf:6b:90:23:8f:23:33:3e:3b:ee:df:b6:ce:
c2:d7:5a:8b:fa:88:d5:f0:34:b9:84:9b:49:fc:fc:
49:a1:e9:dd:19:c9:b0:e3:cf:75:fc:90:61:33:aa:
67:69:77:a7:81:3b:fb:96:92:0c:3b:83:7b:4e:ce:
09:fb:4e:5a:ee:2a:4e:b3:10:55:90:3d:a8:99:14:
98:53:14:f4:f9:b3:cd:8e:6f:92:9f:0d:f8:e9:c7:
5a:7d:4f:00:6b:3d:a9:6d:77:0e:ec:98:0b:5d:fe:
b2:c4:aa:e5:69:d0:fb:51:2b:08:de:61:48:ab:2e:
28:ef:c8:1a:d6:2d:04:78:68:39:1b:50:b6:0e:90:
96:e2:23:b8:9e:29:c2:19:ef:54:84:31:ad:3c:e1:
00:ef:e5:08:1c:3f:0b:1e:1d:1f:22:58:09:19:c1:
57:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:62:AE:AB:8D:EB:6B:42:9B:31:F4:35:B3:1C:9A:2C:A4:71:31:85
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/HWKuq43ra0KbMfQ1sxyaLKRxMYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.168.0/24
77.242.152.0/23
77.242.155.0/24
88.209.205.0/24
88.209.228.0/24
92.52.217.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:72:91:a4:a6:3e:8d:ff:19:cf:80:3d:a7:94:ae:db:3a:2d:
ea:b7:73:b0:6a:0c:90:ec:d3:b6:d6:e0:28:72:dc:09:f0:05:
b6:88:92:64:ba:e0:46:26:0f:2c:83:00:c7:cb:10:23:ef:1b:
50:99:23:fc:ab:17:03:e2:b6:44:6a:31:28:6e:e0:ae:72:c7:
17:e8:e4:5f:ff:47:18:64:37:44:05:3b:54:53:ae:88:73:d4:
73:e6:3e:2f:73:ec:99:3d:58:13:28:73:16:cd:fe:00:c2:30:
7c:5f:74:36:c9:67:58:7a:57:38:53:4c:8e:27:86:94:60:7d:
14:7c:d0:de:4a:54:af:7b:bc:7f:06:6d:18:29:51:50:6e:da:
ac:c8:d4:3c:42:0e:e9:b5:ed:84:8f:31:d3:30:ac:97:b2:69:
ae:b0:22:59:ab:98:9e:e6:04:19:e0:89:25:87:9f:23:16:d7:
29:93:c0:62:e0:17:44:80:7c:9f:b2:60:df:c7:bc:d6:70:aa:
68:72:8f:7a:64:f9:9e:b7:0b:b7:71:ba:a8:57:f6:d7:a1:8d:
1f:4f:1a:31:2e:fe:42:23:14:c6:12:09:56:d4:64:5f:62:06:
58:d4:aa:e1:e5:39:30:01:b2:05:83:9f:c5:21:4d:e1:fd:a2:
61:31:12:16
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQi+6RF1bmZfHPDkvoZord1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDYyYWVhYjhkZWI2YjQyOWIzMWY0MzViMzFjOWEyY2E0NzEzMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKCKhiwbUZAq+f93qdkSFLPkH/FT
wu/9ESaishkRXuskNvBUNIqwDEZuAAp13cQ2GHffQkQJvPPgiqqgFPJuUMZ+CL/g
727BswJanwp9j6Ty6EAixKvfq9cFJ79rkCOPIzM+O+7fts7C11qL+ojV8DS5hJtJ
/PxJoendGcmw4891/JBhM6pnaXengTv7lpIMO4N7Ts4J+05a7ipOsxBVkD2omRSY
UxT0+bPNjm+Snw346cdafU8Aaz2pbXcO7JgLXf6yxKrladD7USsI3mFIqy4o78ga
1i0EeGg5G1C2DpCW4iO4ninCGe9UhDGtPOEA7+UIHD8LHh0fIlgJGcFXKQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB1irquN62tCmzH0NbMcmiykcTGFMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSFdLdXE0M3JhMEtiTWZRMXN4eWFMS1J4TVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQmoAwQB
TfKYAwQATfKbAwQAWNHNAwQAWNHkAwQAXDTZAwQAwikvMA0GCSqGSIb3DQEBCwUA
A4IBAQBqcpGkpj6N/xnPgD2nlK7bOi3qt3OwagyQ7NO21uAoctwJ8AW2iJJkuuBG
Jg8sgwDHyxAj7xtQmSP8qxcD4rZEajEobuCucscX6ORf/0cYZDdEBTtUU66Ic9Rz
5j4vc+yZPVgTKHMWzf4AwjB8X3Q2yWdYelc4U0yOJ4aUYH0UfNDeSlSve7x/Bm0Y
KVFQbtqsyNQ8Qg7pte2EjzHTMKyXsmmusCJZq5ie5gQZ4Iklh58jFtcpk8Bi4BdE
gHyfsmDfx7zWcKpoco96ZPmetwu3cbqoV/bXoY0fTxoxLv5CIxTGEglW1GRfYgZY
1Krh5TkwAbIFg5/FIU3h/aJhMRIW
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:42:01 2025 by rpki-client