Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/hEJxhg9SzRAq0K6L58EjzXPZnDg.roa
File: hEJxhg9SzRAq0K6L58EjzXPZnDg.roa (raw, json)
Hash identifier: ccaUWhka+1gikh07jNowzbblvhiIUCKQLkaV3vwDt2Q=
Subject key identifier: 84:42:71:86:0F:52:CD:10:2A:D0:AE:8B:E7:C1:23:CD:73:D9:9C:38
Certificate issuer: /CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Certificate serial: 019422FC1BE94673E8436E6141BDCFA92E12
Authority key identifier: 8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/hEJxhg9SzRAq0K6L58EjzXPZnDg.roa
Signing time: Wed 01 Jan 2025 17:48:55 +0000
ROA not before: Wed 01 Jan 2025 17:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205959
IP address blocks: 185.151.164.0/22 maxlen: 22
2a07:7980::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1b:e9:46:73:e8:43:6e:61:41:bd:cf:a9:2e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdac18a7ad501ba7ea13567909f17e4f7327413
Validity
Not Before: Jan 1 17:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=844271860f52cd102ad0ae8be7c123cd73d99c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:da:43:93:cc:08:df:84:3f:3e:d2:f1:e4:8b:
3c:2a:12:d6:72:f3:84:c1:2f:c9:0d:0e:ac:a3:ca:
b3:c5:b1:aa:f5:7c:6c:bc:69:9e:55:50:84:5e:3d:
1e:02:9a:59:b7:11:01:6e:58:bb:03:3a:36:c2:6c:
c1:cd:5d:e3:f3:4b:a2:11:e8:b0:c5:4b:78:e3:8e:
fb:dc:a4:16:50:70:8d:4e:d1:bd:96:41:c4:19:8c:
8f:e8:08:a6:f6:9a:64:26:67:45:06:6f:39:d4:c9:
96:3b:fc:81:63:85:65:b2:63:b1:56:3a:c3:39:97:
1b:3b:04:08:24:18:24:3f:5c:b6:fb:cb:dd:e3:d4:
43:b5:c7:d3:fa:a1:17:a3:48:1d:6c:66:21:f0:ba:
88:ff:05:03:14:94:d0:8f:86:50:c4:df:53:80:57:
60:2c:40:8a:fa:70:82:32:fa:12:06:a3:84:4d:b8:
6f:45:93:d8:f5:e3:24:dc:4c:53:57:70:ea:b8:97:
9e:a2:96:ce:a3:e9:3e:ed:c9:9c:18:ed:22:c4:b2:
7b:9a:f2:de:f8:85:b3:cb:52:17:39:35:0e:27:71:
0f:3b:5d:45:39:2c:af:98:bc:e5:3d:da:11:0f:6f:
7e:71:e7:70:63:37:ba:b8:d9:2c:f4:b8:48:a6:bb:
3d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:42:71:86:0F:52:CD:10:2A:D0:AE:8B:E7:C1:23:CD:73:D9:9C:38
X509v3 Authority Key Identifier:
keyid:8B:DA:C1:8A:7A:D5:01:BA:7E:A1:35:67:90:9F:17:E4:F7:32:74:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9rBinrVAbp-oTVnkJ8X5PcydBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/hEJxhg9SzRAq0K6L58EjzXPZnDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/374fd1-02c2-4671-bdc9-c3cc5de1ece9/1/i9rBinrVAbp-oTVnkJ8X5PcydBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.164.0/22
IPv6:
2a07:7980::/29
Signature Algorithm: sha256WithRSAEncryption
7c:ce:1f:5a:84:7d:0d:80:ec:41:08:b8:90:11:a2:52:f5:a7:
be:d4:89:88:58:91:49:79:c9:b0:58:0c:29:f1:3a:88:9f:f1:
88:a1:52:d8:a3:56:5a:67:97:b6:c1:1d:77:ef:eb:75:dd:49:
9d:6d:b6:d3:1c:5a:33:c7:6a:42:63:63:23:67:2c:1d:8b:ec:
ae:4e:31:57:3e:26:f0:3d:1e:80:96:12:fb:36:2f:8d:78:6f:
e5:f3:0c:41:09:57:d5:56:f0:cb:03:5b:8a:0b:96:9d:6f:80:
81:60:98:94:de:36:8b:d4:f3:ab:ac:b2:d1:ac:2d:44:2d:76:
46:28:ed:0f:09:76:37:35:ed:9d:2e:8d:b8:2f:92:88:18:ae:
97:f1:c6:ef:0e:24:22:39:82:7e:2d:04:70:11:31:9c:21:a2:
3b:8c:eb:7c:96:93:d1:61:fa:aa:be:f5:06:82:c8:88:e2:eb:
bb:97:bb:ee:dc:4b:1e:d9:e3:f3:e5:3a:d9:10:84:b6:31:79:
09:cc:27:bc:53:df:31:99:fa:99:77:a6:5b:e1:c3:46:9c:23:
6c:57:21:d0:3d:fc:c1:4e:b0:f4:9b:53:78:02:6e:39:f5:7a:
f0:af:c3:ac:37:4a:82:94:40:81:f2:1c:e3:db:c5:6d:fe:4e:
2f:b5:e9:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/BvpRnPoQ25hQb3PqS4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGFjMThhN2FkNTAxYmE3ZWExMzU2NzkwOWYxN2U0Zjcz
Mjc0MTMwHhcNMjUwMTAxMTc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQyNzE4NjBmNTJjZDEwMmFkMGFlOGJlN2MxMjNjZDczZDk5YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tpDk8wI34Q/PtLx5Is8KhLWcvOE
wS/JDQ6so8qzxbGq9XxsvGmeVVCEXj0eAppZtxEBbli7Azo2wmzBzV3j80uiEeiw
xUt444773KQWUHCNTtG9lkHEGYyP6Aim9ppkJmdFBm851MmWO/yBY4VlsmOxVjrD
OZcbOwQIJBgkP1y2+8vd49RDtcfT+qEXo0gdbGYh8LqI/wUDFJTQj4ZQxN9TgFdg
LECK+nCCMvoSBqOETbhvRZPY9eMk3ExTV3DquJeeopbOo+k+7cmcGO0ixLJ7mvLe
+IWzy1IXOTUOJ3EPO11FOSyvmLzlPdoRD29+cedwYze6uNks9LhIprs9xQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIRCcYYPUs0QKtCui+fBI81z2Zw4MB8GA1UdIwQY
MBaAFIvawYp61QG6fqE1Z5CfF+T3MnQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzkt
YzNjYzVkZTFlY2U5LzEvaEVKeGhnOVN6UkFxMEs2TDU4RWp6WFBabkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zNzRmZDEtMDJjMi00NjcxLWJkYzktYzNjYzVkZTFlY2U5
LzEvaTlyQmluclZBYnAtb1RWbmtKOFg1UGN5ZEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZekMA0E
AgACMAcDBQMqB3mAMA0GCSqGSIb3DQEBCwUAA4IBAQB8zh9ahH0NgOxBCLiQEaJS
9ae+1ImIWJFJecmwWAwp8TqIn/GIoVLYo1ZaZ5e2wR137+t13UmdbbbTHFozx2pC
Y2MjZywdi+yuTjFXPibwPR6AlhL7Ni+NeG/l8wxBCVfVVvDLA1uKC5adb4CBYJiU
3jaL1POrrLLRrC1ELXZGKO0PCXY3Ne2dLo24L5KIGK6X8cbvDiQiOYJ+LQRwETGc
IaI7jOt8lpPRYfqqvvUGgsiI4uu7l7vu3Ese2ePz5TrZEIS2MXkJzCe8U98xmfqZ
d6Zb4cNGnCNsVyHQPfzBTrD0m1N4Am459Xrwr8OsN0qClECB8hzj28Vt/k4vtem9
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:46:37 2025 by rpki-client