Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/HgoiN2xvBcSdlfoPiZyfH4GmOLw.roa
File: HgoiN2xvBcSdlfoPiZyfH4GmOLw.roa (raw, json)
Hash identifier: 19954JTyljo7WkBl6LXQOFDJUNxjyNHfcCdnqyTSs94=
Subject key identifier: 1E:0A:22:37:6C:6F:05:C4:9D:95:FA:0F:89:9C:9F:1F:81:A6:38:BC
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 019427474AFB52840EDED17FDDF45B8B583A
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/HgoiN2xvBcSdlfoPiZyfH4GmOLw.roa
Signing time: Thu 02 Jan 2025 13:49:31 +0000
ROA not before: Thu 02 Jan 2025 13:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48716
IP address blocks: 77.240.38.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
78.40.108.0/23 maxlen: 24
82.115.40.0/22 maxlen: 24
85.202.194.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.92.0/24 maxlen: 24
91.147.93.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
91.201.214.0/23 maxlen: 24
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.139.0/24 maxlen: 32
94.247.128.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
185.4.180.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
185.102.72.0/22 maxlen: 24
185.146.0.0/22 maxlen: 24
194.32.140.0/22 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.66.0/24 maxlen: 24
194.39.67.0/24 maxlen: 24
194.110.54.0/23 maxlen: 24
195.49.209.0/24 maxlen: 24
195.49.210.0/23 maxlen: 23
195.49.210.0/24 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/22 maxlen: 22
195.49.212.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
195.93.152.0/23 maxlen: 24
195.210.46.0/23 maxlen: 24
2a00:5da0::/36 maxlen: 48
2a00:5da0:1000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:4a:fb:52:84:0e:de:d1:7f:dd:f4:5b:8b:58:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jan 2 13:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e0a22376c6f05c49d95fa0f899c9f1f81a638bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:7d:6a:24:bb:ce:4d:67:53:fe:a1:35:94:
00:fa:4e:76:fb:4f:82:dd:d5:69:5e:90:a6:cb:9a:
25:63:0e:ce:96:88:2c:74:0c:74:74:bd:de:3e:fa:
c3:99:dc:06:c8:f1:6c:5b:70:ce:0c:9f:97:c9:91:
9e:93:28:9b:2f:22:86:b0:6e:76:38:94:69:1c:e0:
f5:b1:9f:32:c3:f6:cd:69:09:81:94:f4:db:c7:91:
7c:20:cb:32:41:f8:1c:31:56:d2:3b:ce:2c:b0:6e:
ee:2a:ab:14:40:93:44:ad:55:17:21:fc:0c:dd:08:
1a:de:a3:00:a0:2b:d6:35:de:e3:78:a6:4b:1c:3f:
f8:df:ff:47:e7:e1:a4:fd:d9:98:2b:c1:ec:e6:43:
f8:08:5f:5c:11:38:11:7f:2a:c1:8a:e3:d6:e2:f5:
56:59:ab:d3:81:03:45:ba:72:7e:cc:b6:eb:c6:69:
79:43:9a:ca:af:24:de:3f:e9:60:b1:ac:1e:09:4a:
09:09:d2:88:48:45:23:b5:17:27:80:b1:87:ee:f0:
93:f4:74:53:3e:a0:2c:25:cc:91:1a:fa:38:fb:1b:
2c:25:1e:38:13:63:74:8a:e7:35:ad:dd:ad:d2:f5:
86:fb:9a:20:a5:a2:82:a4:70:d0:87:25:92:02:27:
54:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0A:22:37:6C:6F:05:C4:9D:95:FA:0F:89:9C:9F:1F:81:A6:38:BC
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/HgoiN2xvBcSdlfoPiZyfH4GmOLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
82.115.40.0/22
85.202.194.0/23
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.32.140.0/22
194.39.64.0/22
194.110.54.0/23
195.49.209.0-195.49.215.255
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/35
Signature Algorithm: sha256WithRSAEncryption
8d:1f:d9:22:a3:41:77:32:d0:dc:8f:33:33:ae:66:20:22:e8:
ab:c2:b3:23:ed:b0:84:6a:c5:3c:46:d0:fa:3a:a2:7f:56:dd:
5f:93:cd:65:41:68:a6:1e:c8:97:62:9f:07:21:6a:fa:52:85:
b7:bf:a8:0f:fc:9d:57:f0:6e:8e:46:b1:72:c6:89:99:41:6c:
64:a7:8d:d9:97:c1:55:28:05:a1:3b:77:bf:08:71:92:0d:b9:
7a:54:68:1e:6b:02:d6:33:27:33:73:58:f6:19:23:c9:4c:40:
ee:82:31:22:f5:59:43:6f:f1:21:31:bd:14:04:dc:63:7f:25:
b8:63:7a:5d:f0:df:32:60:fa:17:01:72:a7:38:70:99:9d:76:
56:ad:35:fb:d7:4d:26:49:76:70:79:9c:c2:a9:a2:e5:be:93:
f1:d4:30:9c:51:a2:18:46:ff:05:7d:3b:93:79:33:d8:75:c8:
d4:5c:c0:1b:a1:f8:39:6f:2e:e4:5a:44:7c:5f:0a:5c:78:e7:
a3:dc:bd:37:a5:6d:0a:80:12:a1:58:bd:2a:f7:ae:36:74:52:
8f:91:77:71:57:1f:7e:7f:bb:fc:76:70:a7:32:c5:87:4e:ac:
1f:d8:9a:8a:5c:d0:75:89:1f:32:36:90:51:3e:55:60:68:a5:
e1:70:9e:1b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZQnR0r7UoQO3tF/3fRbi1g6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjUwMTAyMTM0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTBhMjIzNzZjNmYwNWM0OWQ5NWZhMGY4OTljOWYxZjgxYTYzOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnox9aiS7zk1nU/6hNZQA+k52+0+C
3dVpXpCmy5olYw7OlogsdAx0dL3ePvrDmdwGyPFsW3DODJ+XyZGekyibLyKGsG52
OJRpHOD1sZ8yw/bNaQmBlPTbx5F8IMsyQfgcMVbSO84ssG7uKqsUQJNErVUXIfwM
3Qga3qMAoCvWNd7jeKZLHD/43/9H5+Gk/dmYK8Hs5kP4CF9cETgRfyrBiuPW4vVW
WavTgQNFunJ+zLbrxml5Q5rKryTeP+lgsaweCUoJCdKISEUjtRcngLGH7vCT9HRT
PqAsJcyRGvo4+xssJR44E2N0iuc1rd2t0vWG+5ogpaKCpHDQhyWSAidUmQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFB4KIjdsbwXEnZX6D4mcnx+Bpji8MB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvSGdvaU4yeHZCY1NkbGZvUGlaeWZINEdtT0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBmQQCAAEwgZIDBAFN
8CYDBAFN81ADBAFOKGwDBAJScygDBAFVysIDBAJZ2yADBAJbk1wDBAJbk2gDBAFb
ydYDBAJb14gDBANe94ADBAJt6WwDBAK5BLQDBAK5FkADBAG5I94DBAK5ZkgDBAK5
kgADBALCIIwDBALCJ0ADBAHCbjYwDAMEAMMx0QMEA8Mx0AMEAcNdmAMEAcPSLjAO
BAIAAjAIAwYFKgBdoAAwDQYJKoZIhvcNAQELBQADggEBAI0f2SKjQXcy0NyPMzOu
ZiAi6KvCsyPtsIRqxTxG0Po6on9W3V+TzWVBaKYeyJdinwchavpShbe/qA/8nVfw
bo5GsXLGiZlBbGSnjdmXwVUoBaE7d78IcZINuXpUaB5rAtYzJzNzWPYZI8lMQO6C
MSL1WUNv8SExvRQE3GN/Jbhjel3w3zJg+hcBcqc4cJmddlatNfvXTSZJdnB5nMKp
ouW+k/HUMJxRohhG/wV9O5N5M9h1yNRcwBuh+DlvLuRaRHxfClx456PcvTelbQqA
EqFYvSr3rjZ0Uo+Rd3FXH35/u/x2cKcyxYdOrB/Ymopc0HWJHzI2kFE+VWBopeFw
nhs=
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:57:36 2025 by rpki-client