Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-HMJB1jWihnkbZjeMueFQzTMjvI.roa
File: 1-HMJB1jWihnkbZjeMueFQzTMjvI.roa (raw, json)
Hash identifier: p9B5xR4Q8A8YpLVg2haTDkPo+o5SElkZqnQnVLrJ7WM=
Subject key identifier: F8:73:09:07:58:D6:8A:19:E4:6D:98:DE:32:E7:85:43:34:CC:8E:F2
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01946EA7ED81E4285D9A3BEA3AC168EBB456
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-HMJB1jWihnkbZjeMueFQzTMjvI.roa
Signing time: Thu 16 Jan 2025 10:28:06 +0000
ROA not before: Thu 16 Jan 2025 10:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 14.102.60.0/24 maxlen: 24
14.102.61.0/24 maxlen: 24
84.51.232.0/24 maxlen: 24
92.51.234.0/24 maxlen: 24
92.51.235.0/24 maxlen: 24
92.51.255.0/24 maxlen: 24
103.210.196.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
192.140.220.0/24 maxlen: 24
192.140.221.0/24 maxlen: 24
203.188.165.0/24 maxlen: 24
203.188.181.0/24 maxlen: 24
213.254.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:a7:ed:81:e4:28:5d:9a:3b:ea:3a:c1:68:eb:b4:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 16 10:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f873090758d68a19e46d98de32e7854334cc8ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:be:83:bd:20:da:8e:61:22:53:01:12:fd:11:
1d:ca:d5:08:c5:be:84:04:51:25:83:59:26:e5:6a:
2d:81:7d:1e:29:c5:a2:c6:1c:d5:15:1a:82:d8:66:
cf:3a:72:a6:d2:02:89:6a:2d:12:c1:8e:8b:89:94:
14:a3:1a:be:bf:04:9c:8c:29:79:66:3a:3b:f6:85:
fe:f6:81:3a:f4:87:f6:07:93:c3:39:ee:63:b9:ca:
65:ec:3b:7c:2f:82:29:bb:6a:84:65:22:1d:79:09:
8d:21:74:32:e0:43:da:05:c6:75:e3:61:b0:d5:a5:
32:f6:d2:32:b3:93:c4:17:a1:5b:c5:0e:c7:0d:fc:
19:d6:a6:3a:2c:6a:7b:6b:54:30:06:b7:4e:9e:22:
59:5c:6c:ae:a1:b4:6f:d4:d9:5a:51:da:80:7b:48:
04:b7:f2:0e:e8:f9:09:7b:78:3a:c3:c8:1d:55:f3:
41:b5:a5:36:ca:ec:64:a3:d1:e4:48:b3:f0:f8:e3:
f3:1e:0a:84:98:36:01:93:00:b8:97:2c:8a:58:95:
29:4e:47:50:d5:a9:1c:dc:97:e9:83:09:83:48:b0:
c4:74:9c:73:6c:14:eb:5b:16:4a:89:ef:da:fb:7d:
21:9c:68:cc:78:73:e6:90:ea:67:10:54:6a:40:a3:
19:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:73:09:07:58:D6:8A:19:E4:6D:98:DE:32:E7:85:43:34:CC:8E:F2
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-HMJB1jWihnkbZjeMueFQzTMjvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.60.0/23
84.51.232.0/24
92.51.234.0/23
92.51.255.0/24
103.210.196.0/24
107.150.166.0/24
185.161.111.0/24
192.140.220.0/23
203.188.165.0/24
203.188.181.0/24
213.254.160.0/24
Signature Algorithm: sha256WithRSAEncryption
06:0c:63:22:28:02:0f:ed:97:e1:66:c1:c2:23:ff:04:32:04:
48:f3:2f:06:97:f1:37:e9:8c:21:11:3a:b6:29:d9:32:c0:e7:
53:22:3f:7c:2e:e9:88:f7:f0:b5:05:ad:5b:b3:46:55:96:07:
1e:01:d2:16:4b:d2:33:3d:87:55:c9:05:cf:4c:55:ff:38:8e:
48:b3:6c:d8:86:50:95:bb:99:47:18:e2:9f:0a:3c:71:32:38:
1b:86:1c:9e:75:26:5c:bb:b1:d6:b5:bf:f3:de:92:70:7a:fe:
f7:d2:ad:17:a2:40:36:78:72:2d:c7:3b:67:1e:c5:74:7d:16:
e0:17:66:46:e7:e3:26:4a:3f:da:20:f2:3f:09:04:0a:f3:29:
51:8e:43:d8:04:62:8b:01:ca:8b:f7:86:d3:73:c4:39:4c:61:
c5:e7:cf:a3:6a:d4:25:cb:53:2f:a3:11:17:27:14:e4:b9:da:
f3:c3:7a:5b:be:c5:6c:b0:e2:2b:80:ea:05:ad:f6:b6:1e:20:
a3:1f:52:59:88:09:39:4f:8a:cd:68:be:b3:91:0d:e7:3b:87:
0d:e3:b7:c3:7a:12:1e:04:b3:19:2a:ce:de:af:71:a9:f2:78:
53:d5:92:99:f6:e2:82:6d:c1:e9:19:55:50:79:49:89:41:31:
bf:62:c4:ff
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZRup+2B5ChdmjvqOsFo67RWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTE2MTAyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODczMDkwNzU4ZDY4YTE5ZTQ2ZDk4ZGUzMmU3ODU0MzM0Y2M4ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr6DvSDajmEiUwES/REdytUIxb6E
BFElg1km5WotgX0eKcWixhzVFRqC2GbPOnKm0gKJai0SwY6LiZQUoxq+vwScjCl5
Zjo79oX+9oE69If2B5PDOe5jucpl7Dt8L4Ipu2qEZSIdeQmNIXQy4EPaBcZ142Gw
1aUy9tIys5PEF6FbxQ7HDfwZ1qY6LGp7a1QwBrdOniJZXGyuobRv1NlaUdqAe0gE
t/IO6PkJe3g6w8gdVfNBtaU2yuxko9HkSLPw+OPzHgqEmDYBkwC4lyyKWJUpTkdQ
1akc3JfpgwmDSLDEdJxzbBTrWxZKie/a+30hnGjMeHPmkOpnEFRqQKMZqQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFPhzCQdY1ooZ5G2Y3jLnhUM0zI7yMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMS1ITUpCMWpXaWhua2JaamVNdWVGUXpUTWp2SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvMmJhOTdlLTU5OGItNDhkZC04ZDU2LWY1ZmI3MWI5YTUx
Zi8xLzhFcFlCSDgzdThCWGxFdV9qSzJIUW9lVmt0by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAQ5mPAME
AFQz6AMEAVwz6gMEAFwz/wMEAGfSxAMEAGuWpgMEALmhbwMEAcCM3AMEAMu8pQME
AMu8tQMEANX+oDANBgkqhkiG9w0BAQsFAAOCAQEABgxjIigCD+2X4WbBwiP/BDIE
SPMvBpfxN+mMIRE6tinZMsDnUyI/fC7piPfwtQWtW7NGVZYHHgHSFkvSMz2HVckF
z0xV/ziOSLNs2IZQlbuZRxjinwo8cTI4G4YcnnUmXLux1rW/896ScHr+99KtF6JA
NnhyLcc7Zx7FdH0W4BdmRufjJko/2iDyPwkECvMpUY5D2ARiiwHKi/eG03PEOUxh
xefPo2rUJctTL6MRFycU5Lna88N6W77FbLDiK4DqBa32th4gox9SWYgJOU+KzWi+
s5EN5zuHDeO3w3oSHgSzGSrO3q9xqfJ4U9WSmfbigm3B6RlVUHlJiUExv2LE/w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:27:04 2025 by rpki-client