Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/HlpYPKfUTSJ7pDq2oQziu1OJN70.roa
File: HlpYPKfUTSJ7pDq2oQziu1OJN70.roa (raw, json)
Hash identifier: 2/lnsP1apTOPlsNH0YhFprUwFbQM2G9j3yZLF5vZFt4=
Subject key identifier: 1E:5A:58:3C:A7:D4:4D:22:7B:A4:3A:B6:A1:0C:E2:BB:53:89:37:BD
Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Certificate serial: 01941F8C8A68821FA76079195A66C74E6C44
Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/HlpYPKfUTSJ7pDq2oQziu1OJN70.roa
Signing time: Wed 01 Jan 2025 01:48:11 +0000
ROA not before: Wed 01 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205110
IP address blocks: 185.226.88.0/24 maxlen: 24
185.226.90.0/23 maxlen: 23
185.226.90.0/24 maxlen: 24
185.226.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8a:68:82:1f:a7:60:79:19:5a:66:c7:4e:6c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d
Validity
Not Before: Jan 1 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e5a583ca7d44d227ba43ab6a10ce2bb538937bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b8:c0:5a:b9:c7:1d:43:fc:6f:63:44:4e:af:
c6:7f:dc:63:fc:d1:18:e1:87:88:59:9d:73:a6:3d:
2f:90:d8:bb:a7:3b:03:84:3a:ce:a0:1c:6c:e3:31:
34:71:ad:c6:b1:8d:bc:98:c5:12:a7:74:a8:63:5d:
60:9d:f7:69:66:43:19:0d:c8:10:74:09:fd:3d:65:
99:8a:1a:56:c5:3a:4b:ef:9b:9b:fc:bd:ad:b6:ef:
c3:80:73:f6:35:ae:20:72:ee:07:a4:ce:2a:14:16:
5c:ab:f9:a7:69:59:7e:86:fa:ee:78:93:bb:e6:ee:
e0:ac:f6:29:30:d9:10:79:96:f2:94:db:cd:0e:54:
ef:58:67:04:dc:18:91:f3:02:56:bf:2f:e4:3d:18:
14:c8:91:08:0d:43:d1:a6:76:7d:3e:20:63:c2:7e:
25:e9:c7:d7:ce:0a:93:57:ad:61:9b:bd:96:44:51:
f2:70:0d:61:b9:20:4f:40:81:47:1e:1e:5e:7d:09:
b8:55:be:a6:64:1a:ac:3a:ea:27:5c:87:e9:a2:df:
c1:15:11:e0:54:fb:28:cc:e7:d8:a7:0c:1b:ef:8d:
85:d2:9c:6b:d4:4c:a0:d4:8d:f8:f2:ed:6f:c0:9c:
8c:b4:ae:e0:b6:d4:dd:67:7a:c4:e5:85:58:2b:35:
7a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5A:58:3C:A7:D4:4D:22:7B:A4:3A:B6:A1:0C:E2:BB:53:89:37:BD
X509v3 Authority Key Identifier:
keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/HlpYPKfUTSJ7pDq2oQziu1OJN70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.88.0/24
185.226.90.0/23
Signature Algorithm: sha256WithRSAEncryption
91:1d:cf:2c:34:64:c4:3b:ad:3a:c6:91:c3:82:89:a7:7e:5f:
b2:7f:e7:b7:83:47:78:c5:21:8e:0d:15:85:fc:c3:06:21:ca:
78:61:b9:7b:78:8c:af:75:54:56:90:cc:29:8a:ca:ff:6a:30:
1a:0a:76:55:f0:51:89:2d:ab:e5:a6:c6:73:6c:1b:7a:92:8f:
63:0d:96:40:15:7a:90:ce:4e:a5:21:8b:a6:58:da:bc:44:b7:
59:bc:56:a2:26:76:f6:94:9f:0a:e7:ba:4a:7c:1d:35:77:23:
98:01:0b:d2:e9:4a:0f:74:b6:c2:d7:a8:69:76:27:7d:32:fa:
86:52:08:cc:a2:e0:73:bc:b6:12:62:5b:a9:f9:e3:0b:71:0f:
4d:c3:1a:b6:a0:ba:19:78:f3:1c:f7:10:21:fd:bd:30:cf:6d:
da:4b:8f:7a:85:98:ac:d3:8d:e4:4d:6a:99:63:9e:a1:75:56:
be:cf:7c:37:2e:b2:b2:b2:1c:e5:39:78:26:01:83:8e:e9:e6:
ea:e7:bf:33:28:7c:ee:f2:61:b7:a6:fd:76:40:c0:9f:22:51:
b4:db:9f:8c:6f:e5:60:4a:f6:1b:0d:fc:a8:36:c4:cb:2f:76:
86:b4:33:e7:34:3d:1a:80:20:b1:b6:57:50:fe:aa:36:1d:1e:
1c:24:69:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjIpogh+nYHkZWmbHTmxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi
NmNmNWQwHhcNMjUwMTAxMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVhNTgzY2E3ZDQ0ZDIyN2JhNDNhYjZhMTBjZTJiYjUzODkzN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLjAWrnHHUP8b2NETq/Gf9xj/NEY
4YeIWZ1zpj0vkNi7pzsDhDrOoBxs4zE0ca3GsY28mMUSp3SoY11gnfdpZkMZDcgQ
dAn9PWWZihpWxTpL75ub/L2ttu/DgHP2Na4gcu4HpM4qFBZcq/mnaVl+hvrueJO7
5u7grPYpMNkQeZbylNvNDlTvWGcE3BiR8wJWvy/kPRgUyJEIDUPRpnZ9PiBjwn4l
6cfXzgqTV61hm72WRFHycA1huSBPQIFHHh5efQm4Vb6mZBqsOuonXIfpot/BFRHg
VPsozOfYpwwb742F0pxr1Eyg1I348u1vwJyMtK7gttTdZ3rE5YVYKzV6LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5aWDyn1E0ie6Q6tqEM4rtTiTe9MB8GA1UdIwQY
MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt
OWViM2M2ODJiMDA5LzEvSGxwWVBLZlVUU0o3cERxMm9Reml1MU9KTjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5
LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueJYAwQB
ueJaMA0GCSqGSIb3DQEBCwUAA4IBAQCRHc8sNGTEO606xpHDgomnfl+yf+e3g0d4
xSGODRWF/MMGIcp4Ybl7eIyvdVRWkMwpisr/ajAaCnZV8FGJLavlpsZzbBt6ko9j
DZZAFXqQzk6lIYumWNq8RLdZvFaiJnb2lJ8K57pKfB01dyOYAQvS6UoPdLbC16hp
did9MvqGUgjMouBzvLYSYlup+eMLcQ9Nwxq2oLoZePMc9xAh/b0wz23aS496hZis
043kTWqZY56hdVa+z3w3LrKyshzlOXgmAYOO6ebq578zKHzu8mG3pv12QMCfIlG0
25+Mb+VgSvYbDfyoNsTLL3aGtDPnND0agCCxtldQ/qo2HR4cJGkw
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:58:16 2025 by rpki-client