Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/hnHVyGRLcu1kg1RVRTq8QzQI8Mw.roa
File: hnHVyGRLcu1kg1RVRTq8QzQI8Mw.roa (raw, json)
Hash identifier: gB+giofzDq/t4wm+GqFajWlrkh/milAjApkGfh5nqaQ=
Subject key identifier: 86:71:D5:C8:64:4B:72:ED:64:83:54:55:45:3A:BC:43:34:08:F0:CC
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018CCA2A073E98D5874579A1D22E68A29162
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/hnHVyGRLcu1kg1RVRTq8QzQI8Mw.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44679
IP address blocks: 185.193.55.0/24 maxlen: 24
185.193.52.0/24 maxlen: 24
185.193.54.0/24 maxlen: 24
185.193.53.0/24 maxlen: 24
84.239.4.0/24 maxlen: 24
84.239.11.0/24 maxlen: 24
84.239.8.0/24 maxlen: 24
84.239.9.0/24 maxlen: 24
84.239.13.0/24 maxlen: 24
84.239.15.0/24 maxlen: 24
84.239.14.0/24 maxlen: 24
84.239.32.0/24 maxlen: 24
84.239.34.0/24 maxlen: 24
84.239.36.0/24 maxlen: 24
84.239.35.0/24 maxlen: 24
84.239.38.0/24 maxlen: 24
84.239.39.0/24 maxlen: 24
84.239.40.0/24 maxlen: 24
84.239.44.0/24 maxlen: 24
84.239.49.0/24 maxlen: 24
84.239.51.0/24 maxlen: 24
84.239.46.0/24 maxlen: 24
84.239.55.0/24 maxlen: 24
84.239.57.0/24 maxlen: 24
84.239.56.0/24 maxlen: 24
84.239.58.0/24 maxlen: 24
84.239.59.0/24 maxlen: 24
84.239.62.0/24 maxlen: 24
84.239.63.0/24 maxlen: 24
2a02:2160:8000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:07:3e:98:d5:87:45:79:a1:d2:2e:68:a2:91:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8671d5c8644b72ed64835455453abc433408f0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cd:3d:cf:8d:59:be:d7:5d:e5:48:86:61:5d:
6a:85:59:6e:ef:ea:30:6d:aa:55:89:ea:23:f5:16:
de:9c:8e:67:f4:9e:5b:4f:7b:94:cb:d4:a4:ae:8f:
d4:2a:07:5e:14:ef:54:18:43:31:62:db:d4:d9:3a:
31:0b:26:6a:e2:3e:f3:a0:b1:ff:5c:0b:7e:54:ed:
0c:f0:5a:2b:00:c0:54:05:bc:7a:20:3d:1b:5b:95:
07:49:7d:3e:2b:35:c9:bc:ff:7c:17:2d:1f:57:ff:
6b:61:af:c4:f7:b7:cf:92:0d:b2:53:00:47:9c:81:
98:c3:15:6e:7c:f1:be:e9:4a:b2:cf:b1:d9:0e:ed:
4b:4e:cb:e2:dc:76:01:2c:d8:26:75:53:51:d0:fc:
15:09:b1:7d:47:d1:b6:e0:50:77:77:12:57:64:fd:
f2:aa:77:f4:de:f6:e9:f1:02:8f:5b:6b:be:b7:2d:
52:bc:ad:0b:6e:a0:b9:b8:24:19:f2:4b:de:f3:eb:
9b:be:a5:54:61:3a:6d:f6:9c:0b:f6:a2:48:4c:ae:
46:77:da:77:58:c4:7f:e6:5d:b4:8b:01:96:0a:8e:
d4:9d:ce:92:8c:be:86:84:7d:8d:33:b0:18:80:db:
ef:d6:8e:9e:35:a5:a1:8a:cc:ed:8d:b8:c1:1b:f3:
04:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:71:D5:C8:64:4B:72:ED:64:83:54:55:45:3A:BC:43:34:08:F0:CC
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/hnHVyGRLcu1kg1RVRTq8QzQI8Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.4.0/24
84.239.8.0/23
84.239.11.0/24
84.239.13.0-84.239.15.255
84.239.32.0/24
84.239.34.0-84.239.36.255
84.239.38.0-84.239.40.255
84.239.44.0/24
84.239.46.0/24
84.239.49.0/24
84.239.51.0/24
84.239.55.0-84.239.59.255
84.239.62.0/23
185.193.52.0/22
IPv6:
2a02:2160:8000::/36
Signature Algorithm: sha256WithRSAEncryption
2b:da:f7:fc:26:bb:b4:5a:e3:5f:38:89:d5:9b:6e:76:18:42:
94:0a:b5:60:1c:cb:66:b0:d9:1d:85:d7:97:1b:40:50:3e:71:
49:f8:73:52:94:43:59:fc:48:33:e4:35:5b:16:da:98:f7:56:
71:28:3b:96:fa:c8:2d:85:b0:be:06:ba:22:59:d0:03:35:d5:
a9:aa:60:b6:7b:72:28:0a:5d:6e:4a:59:f7:42:cd:d6:00:16:
36:02:f8:db:d1:d9:5f:65:dd:be:bd:f9:e1:fb:d5:63:24:27:
de:6d:df:7d:e0:61:e9:0a:46:43:68:0c:f0:e6:00:4b:09:b0:
11:2b:d9:22:b9:37:2a:70:f5:2f:67:50:bf:f0:ae:d2:06:87:
77:42:dd:9a:ba:34:5f:87:ef:0a:aa:53:c5:a7:12:1b:ae:ef:
3c:1e:fb:c8:25:57:83:ba:3b:a3:06:d2:c5:48:26:84:5c:b7:
1b:31:1c:99:d5:20:b8:77:a9:ec:dd:ba:b7:e8:d8:c6:e0:82:
b2:f6:1b:50:c0:79:22:42:10:85:80:e9:85:c7:22:f4:9e:bc:
bd:e7:b2:99:d9:14:6a:91:0a:df:8a:dd:c3:b9:a9:dc:a0:ca:
7f:83:ea:78:c6:84:dc:5a:a8:8f:f1:d6:7e:81:31:e9:dc:cf:
dc:d3:f9:b6
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzKKgc+mNWHRXmh0i5oopFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjcxZDVjODY0NGI3MmVkNjQ4MzU0NTU0NTNhYmM0MzM0MDhmMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs09z41Zvtdd5UiGYV1qhVlu7+ow
bapVieoj9RbenI5n9J5bT3uUy9Skro/UKgdeFO9UGEMxYtvU2ToxCyZq4j7zoLH/
XAt+VO0M8ForAMBUBbx6ID0bW5UHSX0+KzXJvP98Fy0fV/9rYa/E97fPkg2yUwBH
nIGYwxVufPG+6Uqyz7HZDu1LTsvi3HYBLNgmdVNR0PwVCbF9R9G24FB3dxJXZP3y
qnf03vbp8QKPW2u+ty1SvK0LbqC5uCQZ8kve8+ubvqVUYTpt9pwL9qJITK5Gd9p3
WMR/5l20iwGWCo7Unc6SjL6GhH2NM7AYgNvv1o6eNaWhisztjbjBG/MEfQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFIZx1chkS3LtZINUVUU6vEM0CPDMMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvaG5IVnlHUkxjdTFrZzFSVlJUcThRelFJOE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB6BAIAATB0AwQAVO8E
AwQBVO8IAwQAVO8LMAwDBABU7w0DBARU7wADBABU7yAwDAMEAVTvIgMEAFTvJDAM
AwQBVO8mAwQAVO8oAwQAVO8sAwQAVO8uAwQAVO8xAwQAVO8zMAwDBABU7zcDBAJU
7zgDBAFU7z4DBAK5wTQwDgQCAAIwCAMGBCoCIWCAMA0GCSqGSIb3DQEBCwUAA4IB
AQAr2vf8Jru0WuNfOInVm252GEKUCrVgHMtmsNkdhdeXG0BQPnFJ+HNSlENZ/Egz
5DVbFtqY91ZxKDuW+sgthbC+BroiWdADNdWpqmC2e3IoCl1uSln3Qs3WABY2Avjb
0dlfZd2+vfnh+9VjJCfebd994GHpCkZDaAzw5gBLCbARK9kiuTcqcPUvZ1C/8K7S
Bod3Qt2aujRfh+8KqlPFpxIbru88HvvIJVeDujujBtLFSCaEXLcbMRyZ1SC4d6ns
3bq36NjG4IKy9htQwHkiQhCFgOmFxyL0nry957KZ2RRqkQrfit3DuancoMp/g+p4
xoTcWqiP8dZ+gTHp3M/c0/m2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:20 2025 by rpki-client