Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/hl-bZEBFsh1ZChc40Z0fl2eFeDc.roa
File: hl-bZEBFsh1ZChc40Z0fl2eFeDc.roa (raw, json)
Hash identifier: GoC7lm4BXzEaLJBGVeCTSYenfrijER5VgtT8WvoxW4g=
Subject key identifier: 86:5F:9B:64:40:45:B2:1D:59:0A:17:38:D1:9D:1F:97:67:85:78:37
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 019420D62CF80AFAB4FA798D8A16E4F49FBA
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/hl-bZEBFsh1ZChc40Z0fl2eFeDc.roa
Signing time: Wed 01 Jan 2025 07:48:14 +0000
ROA not before: Wed 01 Jan 2025 07:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205925
IP address blocks: 185.197.212.0/22 maxlen: 22
185.197.212.0/24 maxlen: 24
185.197.213.0/24 maxlen: 24
185.197.214.0/24 maxlen: 24
2a0a:7c40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2c:f8:0a:fa:b4:fa:79:8d:8a:16:e4:f4:9f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Jan 1 07:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=865f9b644045b21d590a1738d19d1f9767857837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:b2:33:9b:23:a4:a6:aa:82:64:76:f6:63:
ca:4c:b7:9d:66:e1:77:1e:bd:f4:9d:89:ea:7d:75:
51:d0:9e:90:7d:0f:db:23:27:7a:3f:3e:fb:b2:48:
41:1c:a6:b3:45:88:9a:5d:e4:0f:70:2b:24:4e:ab:
d9:03:87:f2:e1:40:e4:3a:c8:a7:a1:e7:7a:df:7b:
47:01:02:dd:05:8a:f1:4d:a9:19:6b:93:09:59:b4:
3f:af:34:47:e8:69:cd:5f:50:5f:4d:7a:dc:2a:99:
16:07:32:62:3f:73:43:9e:f8:da:71:ff:5c:8a:76:
c9:bb:fa:0c:5c:7f:8d:77:46:73:ed:d6:be:77:6a:
ae:77:a7:f6:55:dc:0c:38:51:c8:de:2d:69:31:20:
3e:bd:d7:e5:9b:7f:fc:92:8a:c6:f2:5a:a0:b1:22:
03:e6:a5:07:02:67:93:74:ea:75:38:51:d1:32:ff:
7a:3a:9e:a0:59:da:92:be:7b:ab:59:82:a4:6d:7b:
85:c5:0a:ea:27:f5:d9:2f:25:0e:b9:f0:6f:27:91:
e7:07:fd:8b:74:72:69:d6:69:03:42:61:18:a1:96:
62:f3:f9:9b:08:21:35:a8:c6:a6:61:a0:6c:92:8d:
3e:d4:84:30:74:bb:95:db:73:92:3a:aa:a8:04:db:
b1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5F:9B:64:40:45:B2:1D:59:0A:17:38:D1:9D:1F:97:67:85:78:37
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/hl-bZEBFsh1ZChc40Z0fl2eFeDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.212.0/22
IPv6:
2a0a:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
bb:a4:18:07:b7:c1:d6:01:cf:d0:47:e7:a0:04:0d:9d:7f:f7:
b0:3e:97:ea:37:19:a5:2e:f1:2e:28:0b:14:a5:f8:9f:12:71:
34:90:57:88:0f:7b:71:7c:a1:39:e8:83:11:0e:49:2b:ae:51:
80:93:c1:ee:73:9c:a4:6f:46:1f:ab:98:6d:61:5a:be:73:c2:
ac:7c:c5:ed:83:d5:6e:a9:50:07:6a:7c:c1:39:9b:16:f7:bd:
bb:fe:de:9f:ec:ae:7d:e0:b5:e8:13:a4:5a:65:57:85:2e:43:
04:a1:33:c3:12:b8:ca:c6:b8:25:32:c9:79:e8:a9:31:72:d8:
e0:a4:41:6a:09:22:f5:28:e1:77:64:bd:db:d7:04:a5:70:05:
3d:35:04:ea:e4:ed:ba:cc:e4:5c:63:4f:52:bb:e1:2f:d5:a1:
1a:5d:f8:c6:05:3b:3c:2d:01:07:8a:ee:fb:de:6b:02:e6:f7:
ff:63:e3:00:7b:61:29:78:6c:2e:7e:ed:60:ba:7c:7e:15:08:
26:15:13:4e:00:40:f2:ed:d9:cb:dd:f5:90:39:09:08:c8:17:
67:ce:20:27:f9:28:7d:e2:0b:3f:00:02:8e:c7:09:94:8d:dd:
e4:9b:6d:69:d2:e9:bb:19:39:ea:c8:9d:08:ce:e8:82:69:71:
1c:f7:a8:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1iz4Cvq0+nmNihbk9J+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjUwMTAxMDc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVmOWI2NDQwNDViMjFkNTkwYTE3MzhkMTlkMWY5NzY3ODU3ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFGyM5sjpKaqgmR29mPKTLedZuF3
Hr30nYnqfXVR0J6QfQ/bIyd6Pz77skhBHKazRYiaXeQPcCskTqvZA4fy4UDkOsin
oed633tHAQLdBYrxTakZa5MJWbQ/rzRH6GnNX1BfTXrcKpkWBzJiP3NDnvjacf9c
inbJu/oMXH+Nd0Zz7da+d2qud6f2VdwMOFHI3i1pMSA+vdflm3/8korG8lqgsSID
5qUHAmeTdOp1OFHRMv96Op6gWdqSvnurWYKkbXuFxQrqJ/XZLyUOufBvJ5HnB/2L
dHJp1mkDQmEYoZZi8/mbCCE1qMamYaBsko0+1IQwdLuV23OSOqqoBNuxGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIZfm2RARbIdWQoXONGdH5dnhXg3MB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaGwtYlpFQkZzaDFaQ2hjNDBaMGZsMmVGZURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucXUMA0E
AgACMAcDBQAqCnxAMA0GCSqGSIb3DQEBCwUAA4IBAQC7pBgHt8HWAc/QR+egBA2d
f/ewPpfqNxmlLvEuKAsUpfifEnE0kFeID3txfKE56IMRDkkrrlGAk8Huc5ykb0Yf
q5htYVq+c8KsfMXtg9VuqVAHanzBOZsW9727/t6f7K594LXoE6RaZVeFLkMEoTPD
ErjKxrglMsl56KkxctjgpEFqCSL1KOF3ZL3b1wSlcAU9NQTq5O26zORcY09Su+Ev
1aEaXfjGBTs8LQEHiu773msC5vf/Y+MAe2EpeGwufu1gunx+FQgmFRNOAEDy7dnL
3fWQOQkIyBdnziAn+Sh94gs/AAKOxwmUjd3km21p0um7GTnqyJ0IzuiCaXEc96iJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:36:02 2025 by rpki-client