Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/hzUgKoXbBv3CJRIA7Xas-eVKMjQ.roa
File: hzUgKoXbBv3CJRIA7Xas-eVKMjQ.roa (raw, json)
Hash identifier: RO7C6LUDj1R9ksySlerfgqbCZKiIyzwGTWcyFyoo2K4=
Subject key identifier: 87:35:20:2A:85:DB:06:FD:C2:25:12:00:ED:76:AC:F9:E5:4A:32:34
Certificate issuer: /CN=06373eb821c966ba267a838d952fc4a418cba107
Certificate serial: 019424B3837A70A028E6A270AC2691C0F280
Authority key identifier: 06:37:3E:B8:21:C9:66:BA:26:7A:83:8D:95:2F:C4:A4:18:CB:A1:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bjc-uCHJZromeoONlS_EpBjLoQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/hzUgKoXbBv3CJRIA7Xas-eVKMjQ.roa
Signing time: Thu 02 Jan 2025 01:48:51 +0000
ROA not before: Thu 02 Jan 2025 01:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206559
IP address blocks: 185.183.36.0/22 maxlen: 22
194.105.132.0/23 maxlen: 23
2a0d:4980::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:83:7a:70:a0:28:e6:a2:70:ac:26:91:c0:f2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06373eb821c966ba267a838d952fc4a418cba107
Validity
Not Before: Jan 2 01:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8735202a85db06fdc2251200ed76acf9e54a3234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9d:db:d6:7d:6d:e4:05:fb:1f:4c:8d:00:ae:
e6:7f:22:7a:67:b6:41:47:48:26:8b:89:cd:d1:5d:
86:66:7e:85:f9:84:b7:dd:43:eb:ae:3e:98:22:e3:
00:58:af:4f:ad:65:7c:d3:dd:50:f5:1f:b5:ec:dc:
31:1e:b2:a4:c8:c6:1e:4b:e7:12:c5:c3:c2:62:12:
91:b8:bd:33:f8:03:7f:f7:24:15:84:39:f5:ad:ad:
26:12:ae:c9:8a:d1:9b:4c:cc:3d:e2:26:f4:c2:5c:
b7:ba:29:90:19:be:5e:99:85:4e:82:ae:89:95:3f:
eb:0b:d9:67:35:ed:9d:55:c1:76:6b:44:7f:1e:a3:
ea:13:09:d5:c5:fa:73:53:78:28:53:15:77:b2:14:
36:31:60:24:5f:13:84:84:80:a3:b5:5f:2e:cb:0a:
d3:21:f5:ca:1d:fb:88:7b:a2:88:ee:da:e2:ac:ad:
a8:72:27:31:9b:e1:47:26:44:f8:e0:06:fb:9f:8e:
62:d0:ea:9e:c6:44:42:75:65:41:97:3d:8d:80:d7:
21:84:8f:ae:5c:00:bb:e1:8f:7b:82:01:ac:e7:01:
19:13:6a:6b:c3:c5:bf:46:73:1a:74:12:7f:2f:42:
fd:e9:3f:97:fb:ef:88:4a:ec:57:40:ce:5e:aa:c0:
1c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:35:20:2A:85:DB:06:FD:C2:25:12:00:ED:76:AC:F9:E5:4A:32:34
X509v3 Authority Key Identifier:
keyid:06:37:3E:B8:21:C9:66:BA:26:7A:83:8D:95:2F:C4:A4:18:CB:A1:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bjc-uCHJZromeoONlS_EpBjLoQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/hzUgKoXbBv3CJRIA7Xas-eVKMjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/Bjc-uCHJZromeoONlS_EpBjLoQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.36.0/22
194.105.132.0/23
IPv6:
2a0d:4980::/32
Signature Algorithm: sha256WithRSAEncryption
3e:b1:4f:04:0a:1f:c7:42:5f:b7:41:1a:7c:ca:eb:4b:01:d1:
22:e8:60:52:43:4b:0e:15:80:3b:ca:7a:24:74:4c:7a:0b:4c:
cd:f3:16:20:cc:39:e6:f0:ef:08:d8:3f:93:c5:01:80:f3:e4:
ed:ad:60:b8:04:5b:10:66:74:5e:0a:19:ec:d0:a4:7d:82:e3:
96:87:5c:bc:43:8f:f8:b2:00:4b:47:ae:fb:9d:c1:ed:72:c4:
ad:a2:f7:88:64:d8:e3:ef:9e:87:75:48:ec:14:86:06:af:fc:
6c:83:ba:54:98:7f:47:37:d7:b8:0f:f1:21:ed:14:4b:eb:7a:
35:b0:28:62:d8:30:3f:cc:d2:f8:75:ee:16:93:8a:23:38:4a:
90:d0:f1:82:ab:99:5c:01:76:ec:ac:3b:49:84:6d:cd:f3:e4:
cc:33:b1:47:08:d2:72:7f:a3:db:cf:c1:06:48:31:9b:16:47:
8d:92:aa:69:92:72:41:75:54:1d:6b:d5:f0:80:5e:2d:4b:2c:
d8:05:2a:b7:13:1a:26:94:d1:f2:34:90:d7:5b:46:96:fb:2c:
4f:72:2e:6f:67:64:49:f7:d4:5d:53:ec:25:4b:dc:b7:24:74:
ef:5a:20:e6:f2:2c:69:d2:87:b4:4f:7f:01:d2:32:1a:cb:70:
48:a4:40:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks4N6cKAo5qJwrCaRwPKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzczZWI4MjFjOTY2YmEyNjdhODM4ZDk1MmZjNGE0MThj
YmExMDcwHhcNMjUwMTAyMDE0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzM1MjAyYTg1ZGIwNmZkYzIyNTEyMDBlZDc2YWNmOWU1NGEzMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4p3b1n1t5AX7H0yNAK7mfyJ6Z7ZB
R0gmi4nN0V2GZn6F+YS33UPrrj6YIuMAWK9PrWV8091Q9R+17NwxHrKkyMYeS+cS
xcPCYhKRuL0z+AN/9yQVhDn1ra0mEq7JitGbTMw94ib0wly3uimQGb5emYVOgq6J
lT/rC9lnNe2dVcF2a0R/HqPqEwnVxfpzU3goUxV3shQ2MWAkXxOEhICjtV8uywrT
IfXKHfuIe6KI7trirK2ocicxm+FHJkT44Ab7n45i0OqexkRCdWVBlz2NgNchhI+u
XAC74Y97ggGs5wEZE2prw8W/RnMadBJ/L0L96T+X+++ISuxXQM5eqsAcQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIc1ICqF2wb9wiUSAO12rPnlSjI0MB8GA1UdIwQY
MBaAFAY3PrghyWa6JnqDjZUvxKQYy6EHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpjLXVDSEpacm9tZW9PTmxTX0VwQmpMb1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi83ZTQ3ZDctYjM2OS00YmFhLWFmNGUt
ZjMzZTNjNWM2NWRiLzEvaHpVZ0tvWGJCdjNDSlJJQTdYYXMtZVZLTWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi83ZTQ3ZDctYjM2OS00YmFhLWFmNGUtZjMzZTNjNWM2NWRi
LzEvQmpjLXVDSEpacm9tZW9PTmxTX0VwQmpMb1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubckAwQB
wmmEMA0EAgACMAcDBQAqDUmAMA0GCSqGSIb3DQEBCwUAA4IBAQA+sU8ECh/HQl+3
QRp8yutLAdEi6GBSQ0sOFYA7ynokdEx6C0zN8xYgzDnm8O8I2D+TxQGA8+TtrWC4
BFsQZnReChns0KR9guOWh1y8Q4/4sgBLR677ncHtcsStoveIZNjj756HdUjsFIYG
r/xsg7pUmH9HN9e4D/Eh7RRL63o1sChi2DA/zNL4de4Wk4ojOEqQ0PGCq5lcAXbs
rDtJhG3N8+TMM7FHCNJyf6Pbz8EGSDGbFkeNkqppknJBdVQda9XwgF4tSyzYBSq3
ExomlNHyNJDXW0aW+yxPci5vZ2RJ99RdU+wlS9y3JHTvWiDm8ixp0oe0T38B0jIa
y3BIpEB4
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:34:35 2025 by rpki-client