Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/hTpNhFY8zAcwwfOh77lSbhxqTos.roa
File: hTpNhFY8zAcwwfOh77lSbhxqTos.roa (raw, json)
Hash identifier: cdrD151T5AgMtnKbnjdF/uj6Z9J/lazp+jmtu+2GF5s=
Subject key identifier: 85:3A:4D:84:56:3C:CC:07:30:C1:F3:A1:EF:B9:52:6E:1C:6A:4E:8B
Certificate issuer: /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial: 019471BB484E9634FAE60E70A84CC88F02A9
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/hTpNhFY8zAcwwfOh77lSbhxqTos.roa
Signing time: Fri 17 Jan 2025 00:48:06 +0000
ROA not before: Fri 17 Jan 2025 00:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60751
IP address blocks: 185.24.233.0/24 maxlen: 24
185.24.235.0/24 maxlen: 24
185.104.216.0/22 maxlen: 24
2a04:2e00::/32 maxlen: 36
2a04:2e03::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:71:bb:48:4e:96:34:fa:e6:0e:70:a8:4c:c8:8f:02:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Validity
Not Before: Jan 17 00:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=853a4d84563ccc0730c1f3a1efb9526e1c6a4e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:ea:2d:97:f7:eb:1f:df:29:2b:9c:89:e7:
c0:a1:fa:96:bf:8e:2a:13:c9:68:8c:c2:0e:5c:4d:
44:d9:9e:51:49:8e:c0:5d:9f:30:f2:f0:02:b5:0a:
1d:80:5e:fe:2b:9b:73:95:4d:48:83:53:8f:76:7e:
c3:fe:1d:df:21:1e:e3:1f:04:71:98:10:da:40:0b:
68:1e:3d:ec:a5:7d:56:d7:9e:b0:19:2f:6e:d4:1c:
7d:8e:c9:a5:d9:e2:2c:fe:cd:cb:39:bd:89:58:ba:
bb:4c:ae:71:80:eb:6f:e8:ce:df:b4:1c:52:44:f9:
13:21:6e:7e:49:37:5f:8e:1b:74:f5:78:3d:bc:9e:
c1:24:51:c6:f1:1f:04:41:ba:5c:cd:fc:52:d4:c6:
d9:57:aa:b0:ce:56:ab:30:f1:4d:af:7c:2f:2a:2e:
77:20:17:cd:8d:df:92:49:72:c3:fa:29:dd:1d:06:
4e:e9:4b:63:d4:35:fb:4f:6e:1f:4c:6b:02:7c:a3:
41:36:d6:91:b7:09:e7:94:23:0d:3d:8d:b4:97:a9:
a5:35:0e:bb:1c:56:47:5a:a3:ed:3b:f9:0a:5e:3f:
ab:07:8a:31:78:11:c6:ed:b0:b0:84:a3:c4:e7:ea:
31:0c:cd:f3:d3:b3:8e:72:62:ff:a6:9c:90:c2:34:
09:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3A:4D:84:56:3C:CC:07:30:C1:F3:A1:EF:B9:52:6E:1C:6A:4E:8B
X509v3 Authority Key Identifier:
keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/hTpNhFY8zAcwwfOh77lSbhxqTos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.233.0/24
185.24.235.0/24
185.104.216.0/22
IPv6:
2a04:2e00::/32
2a04:2e03::/32
Signature Algorithm: sha256WithRSAEncryption
04:dd:89:32:2b:8d:20:d2:b3:de:11:3f:d5:92:d6:6e:b1:50:
06:13:c4:d2:b2:76:0d:9b:58:3a:1a:85:8e:9f:79:6c:5f:71:
38:a5:0c:98:48:9a:a4:67:24:1d:01:2c:ec:52:69:f2:9e:57:
d2:ba:fd:e6:78:a2:92:8c:a3:b9:a0:cb:f0:c5:d9:cb:27:fd:
53:40:98:29:00:54:c2:6e:5f:d1:ee:4e:40:ff:9b:b1:63:10:
51:98:bd:8e:64:14:14:8a:91:56:4a:32:58:8a:14:1b:97:6c:
27:78:8e:f1:84:0e:fa:60:3d:7a:c4:e6:7d:53:85:9e:ed:41:
7f:b3:52:65:45:cb:7d:98:ee:b9:a5:4f:88:22:26:57:f4:19:
4c:1e:ad:09:f6:55:ec:ea:1e:ce:76:96:c7:27:5c:a5:df:ba:
bb:c6:89:ca:5d:bb:8a:4f:e6:8e:94:b6:7e:2a:98:ba:ca:40:
53:6e:ca:d9:2c:d8:6e:5d:b7:8b:bd:7c:02:e3:b3:6e:dc:f1:
0e:9c:bc:99:b0:ce:97:73:af:b9:2e:8c:32:ca:24:4e:0a:43:
74:3f:85:01:20:e7:e9:94:63:55:cb:05:e2:52:11:4d:19:af:
a7:f5:24:44:9c:d8:3a:62:6d:9e:85:80:00:8d:af:1b:4c:e0:
ab:58:25:c9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZRxu0hOljT65g5wqEzIjwKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjUwMTE3MDA0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNhNGQ4NDU2M2NjYzA3MzBjMWYzYTFlZmI5NTI2ZTFjNmE0ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHTqLZf36x/fKSuciefAofqWv44q
E8lojMIOXE1E2Z5RSY7AXZ8w8vACtQodgF7+K5tzlU1Ig1OPdn7D/h3fIR7jHwRx
mBDaQAtoHj3spX1W156wGS9u1Bx9jsml2eIs/s3LOb2JWLq7TK5xgOtv6M7ftBxS
RPkTIW5+STdfjht09Xg9vJ7BJFHG8R8EQbpczfxS1MbZV6qwzlarMPFNr3wvKi53
IBfNjd+SSXLD+indHQZO6Utj1DX7T24fTGsCfKNBNtaRtwnnlCMNPY20l6mlNQ67
HFZHWqPtO/kKXj+rB4oxeBHG7bCwhKPE5+oxDM3z07OOcmL/ppyQwjQJNwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIU6TYRWPMwHMMHzoe+5Um4cak6LMB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvaFRwTmhGWTh6QWN3d2ZPaDc3bFNiaHhxVG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAuRjpAwQA
uRjrAwQCuWjYMBQEAgACMA4DBQAqBC4AAwUAKgQuAzANBgkqhkiG9w0BAQsFAAOC
AQEABN2JMiuNINKz3hE/1ZLWbrFQBhPE0rJ2DZtYOhqFjp95bF9xOKUMmEiapGck
HQEs7FJp8p5X0rr95niikoyjuaDL8MXZyyf9U0CYKQBUwm5f0e5OQP+bsWMQUZi9
jmQUFIqRVkoyWIoUG5dsJ3iO8YQO+mA9esTmfVOFnu1Bf7NSZUXLfZjuuaVPiCIm
V/QZTB6tCfZV7OoeznaWxydcpd+6u8aJyl27ik/mjpS2fiqYuspAU27K2SzYbl23
i718AuOzbtzxDpy8mbDOl3OvuS6MMsokTgpDdD+FASDn6ZRjVcsF4lIRTRmvp/Uk
RJzYOmJtnoWAAI2vG0zgq1glyQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:28 2025 by rpki-client