Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/HQDN-aj0TQhAX2FXvaTFWzQChUg.roa
File: HQDN-aj0TQhAX2FXvaTFWzQChUg.roa (raw, json)
Hash identifier: blFOlAR9sydif32qAhRClbIbQgCg0n31LrtAjrgoEug=
Subject key identifier: 1D:00:CD:F9:A8:F4:4D:08:40:5F:61:57:BD:A4:C5:5B:34:02:85:48
Certificate issuer: /CN=6284cfa7844340237fe59a3825b54f3f77ed8532
Certificate serial: 0194266C15B06821191802A0E7A21029BA2F
Authority key identifier: 62:84:CF:A7:84:43:40:23:7F:E5:9A:38:25:B5:4F:3F:77:ED:85:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YoTPp4RDQCN_5Zo4JbVPP3fthTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/HQDN-aj0TQhAX2FXvaTFWzQChUg.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49659
IP address blocks: 185.60.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:15:b0:68:21:19:18:02:a0:e7:a2:10:29:ba:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6284cfa7844340237fe59a3825b54f3f77ed8532
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d00cdf9a8f44d08405f6157bda4c55b34028548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:37:c3:44:98:f9:18:87:7c:08:77:ca:ff:9b:
67:07:bf:da:1c:6a:53:5c:16:00:fd:6c:20:dd:3f:
93:4b:4e:67:ee:a2:9c:3a:63:63:d2:73:e5:1e:80:
6c:c7:04:a8:a7:ce:c9:c9:96:81:b1:73:a6:b8:52:
a4:70:89:b0:01:37:f5:a6:77:c3:d4:09:9b:0b:fe:
68:a5:6e:79:f5:a0:65:e2:41:fd:e5:91:da:f2:20:
79:e1:d4:65:34:60:2b:fc:4d:9a:1d:34:45:1b:b0:
eb:0a:a9:7f:3e:46:ba:3d:d8:9a:ea:46:9a:81:0a:
53:a1:04:3b:75:66:2f:6f:1d:5b:fd:09:18:e8:73:
21:ae:0b:e6:0b:66:3b:0b:a9:d6:47:b2:5e:5b:2f:
54:0e:20:64:6e:2d:53:36:81:56:cc:37:c4:16:4c:
c1:4d:96:1e:e5:5c:f2:3b:40:5c:f6:3e:65:0e:de:
53:d4:b5:66:05:e6:4f:f6:ce:ff:30:fa:48:65:3f:
63:84:c1:9f:1c:cf:41:3f:f7:54:cf:ef:99:7f:70:
0c:d5:f5:e8:3d:4e:67:74:f5:c0:f5:98:8d:73:77:
34:30:29:fa:53:6e:c1:a5:82:5c:1c:ed:08:14:19:
66:a0:8a:73:8e:ef:9e:2f:50:e1:7c:4e:be:d6:b5:
91:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:00:CD:F9:A8:F4:4D:08:40:5F:61:57:BD:A4:C5:5B:34:02:85:48
X509v3 Authority Key Identifier:
keyid:62:84:CF:A7:84:43:40:23:7F:E5:9A:38:25:B5:4F:3F:77:ED:85:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YoTPp4RDQCN_5Zo4JbVPP3fthTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/HQDN-aj0TQhAX2FXvaTFWzQChUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/YoTPp4RDQCN_5Zo4JbVPP3fthTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.119.0/24
Signature Algorithm: sha256WithRSAEncryption
90:bf:fe:5d:1a:8a:85:3f:7a:30:4e:ac:fe:bc:24:18:3d:f5:
e0:58:b8:58:9e:58:30:cb:a2:b3:0c:e3:36:66:77:ec:f4:d8:
14:4a:61:7a:a0:e9:94:1b:83:53:c4:72:a6:79:43:3d:5f:14:
33:63:c4:d9:c0:2a:fc:00:8c:a0:6b:c1:91:bd:ad:83:7d:91:
2a:b2:7e:04:a7:75:28:0a:11:c1:cd:14:3e:2a:d1:b7:67:27:
4e:97:59:ba:e8:2d:0d:e1:fd:6f:3b:8c:27:16:23:5b:11:ca:
d3:7b:85:ea:e8:4f:ac:4b:f4:f1:b4:0b:69:56:22:e2:71:82:
22:3a:44:3d:2c:f7:c8:ac:66:fe:0f:46:72:2c:27:53:d2:7e:
8c:c9:51:82:5e:76:ee:22:08:fb:ea:82:74:4f:6d:d0:03:7c:
a9:06:60:f0:ab:d5:4e:02:53:22:55:97:d8:b1:36:65:02:0b:
7b:b0:c5:22:b4:0d:52:e0:59:b2:cd:29:fc:14:de:f0:6a:c9:
9d:97:4a:04:01:80:29:14:e5:d2:f1:dc:a8:55:85:e3:af:40:
a4:4e:5b:27:4e:d6:1c:64:1c:5f:1f:3b:f5:ed:12:a5:2f:dc:
46:47:0a:da:dd:78:73:ea:15:0a:03:9e:a9:43:11:aa:b7:0f:
37:d1:d3:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbBWwaCEZGAKg56IQKbovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODRjZmE3ODQ0MzQwMjM3ZmU1OWEzODI1YjU0ZjNmNzdl
ZDg1MzIwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDAwY2RmOWE4ZjQ0ZDA4NDA1ZjYxNTdiZGE0YzU1YjM0MDI4NTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjfDRJj5GId8CHfK/5tnB7/aHGpT
XBYA/Wwg3T+TS05n7qKcOmNj0nPlHoBsxwSop87JyZaBsXOmuFKkcImwATf1pnfD
1AmbC/5opW559aBl4kH95ZHa8iB54dRlNGAr/E2aHTRFG7DrCql/Pka6Pdia6kaa
gQpToQQ7dWYvbx1b/QkY6HMhrgvmC2Y7C6nWR7JeWy9UDiBkbi1TNoFWzDfEFkzB
TZYe5VzyO0Bc9j5lDt5T1LVmBeZP9s7/MPpIZT9jhMGfHM9BP/dUz++Zf3AM1fXo
PU5ndPXA9ZiNc3c0MCn6U27BpYJcHO0IFBlmoIpzju+eL1DhfE6+1rWRkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0Azfmo9E0IQF9hV72kxVs0AoVIMB8GA1UdIwQY
MBaAFGKEz6eEQ0Ajf+WaOCW1Tz937YUyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9UUHA0UkRRQ05fNVpvNEpiVlBQM2Z0aFRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9mYzFlMzItMGJhNy00ZjhkLWE1YWEt
ZjM4ZjhmZTc5NGQ0LzEvSFFETi1hajBUUWhBWDJGWHZhVEZXelFDaFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9mYzFlMzItMGJhNy00ZjhkLWE1YWEtZjM4ZjhmZTc5NGQ0
LzEvWW9UUHA0UkRRQ05fNVpvNEpiVlBQM2Z0aFRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTx3MA0G
CSqGSIb3DQEBCwUAA4IBAQCQv/5dGoqFP3owTqz+vCQYPfXgWLhYnlgwy6KzDOM2
Znfs9NgUSmF6oOmUG4NTxHKmeUM9XxQzY8TZwCr8AIyga8GRva2DfZEqsn4Ep3Uo
ChHBzRQ+KtG3ZydOl1m66C0N4f1vO4wnFiNbEcrTe4Xq6E+sS/TxtAtpViLicYIi
OkQ9LPfIrGb+D0ZyLCdT0n6MyVGCXnbuIgj76oJ0T23QA3ypBmDwq9VOAlMiVZfY
sTZlAgt7sMUitA1S4FmyzSn8FN7wasmdl0oEAYApFOXS8dyoVYXjr0CkTlsnTtYc
ZBxfHzv17RKlL9xGRwra3Xhz6hUKA56pQxGqtw830dN0
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:31:40 2025 by rpki-client