Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/haHKJrHUqbm5DebtyDYhDiGIt7A.roa
File: haHKJrHUqbm5DebtyDYhDiGIt7A.roa (raw, json)
Hash identifier: Cz3j+Dv+gBqpFYF7WEnyvYZy+IRYW0vriwmXpF2DtvM=
Subject key identifier: 85:A1:CA:26:B1:D4:A9:B9:B9:0D:E6:ED:C8:36:21:0E:21:88:B7:B0
Certificate issuer: /CN=fe53426e2361ba665d8f25bd3cfaefc20ebda488
Certificate serial: 019426D9DAC212B0BDA67D26E18B3A8C5649
Authority key identifier: FE:53:42:6E:23:61:BA:66:5D:8F:25:BD:3C:FA:EF:C2:0E:BD:A4:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lNCbiNhumZdjyW9PPrvwg69pIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/haHKJrHUqbm5DebtyDYhDiGIt7A.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31234
IP address blocks: 185.115.36.0/22 maxlen: 22
195.225.228.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:da:c2:12:b0:bd:a6:7d:26:e1:8b:3a:8c:56:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe53426e2361ba665d8f25bd3cfaefc20ebda488
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85a1ca26b1d4a9b9b90de6edc836210e2188b7b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6a:1e:c0:12:e8:23:69:74:3a:b2:97:87:11:
9b:36:5f:7d:07:6f:16:69:12:eb:a4:96:9a:9b:92:
ef:4e:7f:33:76:3c:84:c5:e7:df:ab:91:0f:1b:c5:
79:d1:10:a5:89:7c:6f:a2:da:bd:85:61:1d:e9:79:
65:ae:ef:a3:f7:42:4e:c3:57:b8:aa:99:b8:9a:dc:
26:91:92:3c:82:00:f7:45:97:1d:e4:dc:32:d1:b5:
5a:64:f9:e5:e0:cc:eb:8d:3b:ee:8c:64:69:0b:64:
27:b6:1a:f2:93:be:2d:66:29:61:9d:4f:7a:3f:d2:
5b:73:ad:37:d0:60:29:cb:7d:a6:94:1c:a4:0c:75:
01:9f:1d:06:01:96:42:ad:96:26:9a:9a:78:d0:42:
7d:01:21:f3:10:f5:6c:bd:08:8f:47:49:ca:02:33:
89:4a:d2:81:12:8c:2b:fe:4c:c0:78:de:de:26:a6:
eb:7f:2e:12:9e:b9:3d:86:b8:af:16:be:d8:ea:db:
3a:f2:0c:64:0c:aa:94:e4:b3:3c:ec:b8:e7:ca:ec:
6e:13:e7:08:e3:88:d8:93:ea:1a:8b:26:0f:48:ca:
10:5b:f4:ea:85:f1:1d:bb:ac:4e:67:1d:9b:63:16:
b7:b3:89:12:b6:3e:d8:db:97:91:1f:9b:ea:29:c4:
bc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A1:CA:26:B1:D4:A9:B9:B9:0D:E6:ED:C8:36:21:0E:21:88:B7:B0
X509v3 Authority Key Identifier:
keyid:FE:53:42:6E:23:61:BA:66:5D:8F:25:BD:3C:FA:EF:C2:0E:BD:A4:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lNCbiNhumZdjyW9PPrvwg69pIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/haHKJrHUqbm5DebtyDYhDiGIt7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/7083b8-158f-40d2-91cc-9775a5d6604c/1/_lNCbiNhumZdjyW9PPrvwg69pIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.36.0/22
195.225.228.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:d0:83:f4:52:58:1f:ba:06:17:b2:e2:01:94:e8:1b:8a:05:
a8:86:54:78:45:93:27:b5:6e:f9:6a:a4:d8:4a:2d:66:5e:0f:
07:ec:b9:8e:80:0a:4a:a6:d1:c6:96:00:97:4c:19:f5:07:c2:
2c:42:49:79:a2:05:bc:d8:28:84:e2:d8:a1:4d:1e:b2:bc:3f:
72:df:be:52:1d:dc:45:d7:9d:a3:5c:60:28:1e:ae:09:e1:56:
5f:a3:42:46:92:cb:6b:e6:1a:1f:5f:b4:5f:83:87:93:a2:dd:
bf:3f:16:31:24:ac:86:c2:43:6d:7c:57:6c:7c:1d:98:2b:46:
50:16:5d:c7:aa:bd:fc:73:c3:9a:85:c8:24:f6:a2:39:13:c4:
d0:38:16:ec:c2:73:f1:a9:b0:b3:4a:11:ff:0c:6e:62:e9:78:
cb:f4:ef:13:80:cc:a1:fd:fd:bf:10:ab:b4:34:be:66:1c:dd:
77:18:c6:1d:c1:be:0e:c3:31:a6:dd:71:d5:6a:65:5a:c4:f5:
fc:0f:bd:64:fb:41:c1:15:71:2f:d5:ef:1d:a5:2e:d2:63:f3:
04:6b:ce:98:e9:f4:65:9a:ab:31:43:79:f5:ec:5e:5d:c9:a9:
29:fd:94:67:6a:63:30:96:bb:16:c9:16:3e:72:3a:05:60:3c:
74:f6:1b:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2drCErC9pn0m4Ys6jFZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTM0MjZlMjM2MWJhNjY1ZDhmMjViZDNjZmFlZmMyMGVi
ZGE0ODgwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWExY2EyNmIxZDRhOWI5YjkwZGU2ZWRjODM2MjEwZTIxODhiN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWoewBLoI2l0OrKXhxGbNl99B28W
aRLrpJaam5LvTn8zdjyExeffq5EPG8V50RCliXxvotq9hWEd6Xllru+j90JOw1e4
qpm4mtwmkZI8ggD3RZcd5Nwy0bVaZPnl4MzrjTvujGRpC2Qnthryk74tZilhnU96
P9Jbc6030GApy32mlBykDHUBnx0GAZZCrZYmmpp40EJ9ASHzEPVsvQiPR0nKAjOJ
StKBEowr/kzAeN7eJqbrfy4Snrk9hrivFr7Y6ts68gxkDKqU5LM87LjnyuxuE+cI
44jYk+oaiyYPSMoQW/TqhfEdu6xOZx2bYxa3s4kStj7Y25eRH5vqKcS8LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIWhyiax1Km5uQ3m7cg2IQ4hiLewMB8GA1UdIwQY
MBaAFP5TQm4jYbpmXY8lvTz678IOvaSIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xOQ2JpTmh1bVpkanlXOVBQcnZ3ZzY5cElnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83MDgzYjgtMTU4Zi00MGQyLTkxY2Mt
OTc3NWE1ZDY2MDRjLzEvaGFIS0pySFVxYm01RGVidHlEWWhEaUdJdDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83MDgzYjgtMTU4Zi00MGQyLTkxY2MtOTc3NWE1ZDY2MDRj
LzEvX2xOQ2JpTmh1bVpkanlXOVBQcnZ3ZzY5cElnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXMkAwQC
w+HkMA0GCSqGSIb3DQEBCwUAA4IBAQBu0IP0UlgfugYXsuIBlOgbigWohlR4RZMn
tW75aqTYSi1mXg8H7LmOgApKptHGlgCXTBn1B8IsQkl5ogW82CiE4tihTR6yvD9y
375SHdxF152jXGAoHq4J4VZfo0JGkstr5hofX7Rfg4eTot2/PxYxJKyGwkNtfFds
fB2YK0ZQFl3Hqr38c8Oahcgk9qI5E8TQOBbswnPxqbCzShH/DG5i6XjL9O8TgMyh
/f2/EKu0NL5mHN13GMYdwb4OwzGm3XHVamVaxPX8D71k+0HBFXEv1e8dpS7SY/ME
a86Y6fRlmqsxQ3n17F5dyakp/ZRnamMwlrsWyRY+cjoFYDx09htm
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:42:30 2025 by rpki-client