Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/heeGDLviBMl1vF5Zbjvq6fTed7g.roa
File: heeGDLviBMl1vF5Zbjvq6fTed7g.roa (raw, json)
Hash identifier: cRDDBBpd8BeTbZa8h3z0CLG5of55GqXqgBbWU/LBe+M=
Subject key identifier: 85:E7:86:0C:BB:E2:04:C9:75:BC:5E:59:6E:3B:EA:E9:F4:DE:77:B8
Certificate issuer: /CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Certificate serial: 019424B362D280F6F508350BFF39620BE485
Authority key identifier: A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/heeGDLviBMl1vF5Zbjvq6fTed7g.roa
Signing time: Thu 02 Jan 2025 01:48:43 +0000
ROA not before: Thu 02 Jan 2025 01:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207063
IP address blocks: 193.177.128.0/22 maxlen: 24
193.177.128.0/24 maxlen: 24
193.177.129.0/24 maxlen: 24
2a0c:dec0::/29 maxlen: 48
2a0c:dec0:3008::/48 maxlen: 48
2a0c:dec0:f100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:62:d2:80:f6:f5:08:35:0b:ff:39:62:0b:e4:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Validity
Not Before: Jan 2 01:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85e7860cbbe204c975bc5e596e3beae9f4de77b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:60:6b:fd:53:c9:78:1f:8e:79:66:56:25:35:
17:07:26:0f:e7:83:66:a0:15:08:4b:f4:5f:61:3d:
fe:7d:12:15:db:27:d7:d0:30:2c:30:f7:95:49:4e:
d8:a3:a2:6b:a0:df:fb:a6:ea:22:80:ba:f9:62:c3:
d8:0f:32:c9:8a:da:1a:ad:6c:fa:c0:1b:8c:5f:a1:
76:04:27:c2:63:de:f8:1c:2a:d1:fa:53:9b:66:c0:
7c:0a:89:71:74:83:51:cd:bc:a1:6f:63:97:58:30:
2c:15:42:81:96:aa:52:f0:8b:5f:aa:1a:2c:f0:8f:
c8:46:b3:71:70:3e:fd:40:5d:b9:d9:9f:40:b8:2f:
02:0d:73:8a:09:5a:9c:8d:0b:fa:02:65:58:f5:a5:
b9:b6:b1:21:ad:da:38:96:33:a6:9c:cf:19:c8:01:
6b:72:a2:ae:f0:2a:84:fd:82:f8:5f:6b:78:cb:4f:
50:2c:c1:71:80:79:74:dd:f3:ff:10:f7:1f:dc:1c:
1a:d7:e1:30:4c:69:48:3f:1a:f7:65:fa:f5:79:f0:
ab:5d:ce:79:c7:3c:25:fd:22:9a:f1:9d:66:a2:bb:
ac:b3:ef:fc:cc:c4:f2:dc:9d:b8:ed:9f:07:2d:7e:
91:56:58:84:c3:bb:ff:75:bb:86:e0:01:ab:4a:74:
09:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E7:86:0C:BB:E2:04:C9:75:BC:5E:59:6E:3B:EA:E9:F4:DE:77:B8
X509v3 Authority Key Identifier:
keyid:A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/heeGDLviBMl1vF5Zbjvq6fTed7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/ow9vtvXIDKSmA4J8lrO99grVY6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.128.0/22
IPv6:
2a0c:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:91:3e:4f:fb:bd:4d:53:09:fe:62:dc:f6:b5:df:4e:f2:47:
60:cc:53:b4:95:ec:59:31:21:f2:f9:6b:5e:52:ee:6d:7d:bc:
ef:d2:f3:26:54:57:03:47:41:3e:2c:87:56:c3:17:dd:8b:9c:
0d:22:7a:58:ba:2c:3c:1f:8b:68:2d:c3:c3:5e:2d:65:55:67:
c1:a5:01:50:26:f2:9c:e8:34:fb:7d:24:ab:c0:ca:cc:2b:ba:
84:a9:ce:95:c2:6b:3b:5b:18:25:20:12:47:48:0d:2a:ee:11:
e7:86:0d:d0:1c:8b:ab:74:ad:78:71:a7:c2:01:25:51:eb:19:
d3:70:53:28:94:4f:32:ec:f3:2b:2f:b1:64:94:44:1d:71:16:
19:0c:15:88:26:9d:1a:80:86:aa:0c:53:fe:da:5c:07:43:a5:
70:6e:9b:42:c2:72:d7:7c:44:7c:92:51:48:09:4a:78:34:a4:
1e:08:8f:5d:db:ac:bb:17:f7:64:7d:31:98:54:bf:e7:42:5d:
91:88:7a:32:8b:60:59:2d:d1:96:c1:fd:7e:f2:89:b1:31:ac:
f6:21:a1:af:89:db:2b:35:db:71:93:13:d7:d7:d7:32:9a:78:
c9:3d:d7:25:b3:f7:04:2e:f6:a8:2e:40:70:46:eb:55:8d:07:
65:39:b0:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks2LSgPb1CDUL/zliC+SFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMGY2ZmI2ZjVjODBjYTRhNjAzODI3Yzk2YjNiZGY2MGFk
NTYzYWEwHhcNMjUwMTAyMDE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWU3ODYwY2JiZTIwNGM5NzViYzVlNTk2ZTNiZWFlOWY0ZGU3N2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWBr/VPJeB+OeWZWJTUXByYP54Nm
oBUIS/RfYT3+fRIV2yfX0DAsMPeVSU7Yo6JroN/7puoigLr5YsPYDzLJitoarWz6
wBuMX6F2BCfCY974HCrR+lObZsB8ColxdINRzbyhb2OXWDAsFUKBlqpS8Itfqhos
8I/IRrNxcD79QF252Z9AuC8CDXOKCVqcjQv6AmVY9aW5trEhrdo4ljOmnM8ZyAFr
cqKu8CqE/YL4X2t4y09QLMFxgHl03fP/EPcf3Bwa1+EwTGlIPxr3Zfr1efCrXc55
xzwl/SKa8Z1moruss+/8zMTy3J247Z8HLX6RVliEw7v/dbuG4AGrSnQJewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIXnhgy74gTJdbxeWW476un03ne4MB8GA1UdIwQY
MBaAFKMPb7b1yAykpgOCfJazvfYK1WOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3c5dnR2WElES1NtQTRKOGxyTzk5Z3JWWTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kN2U2NjgtZjA3ZS00MzhiLTlmYTgt
ODBhYjc3OWVlZDEwLzEvaGVlR0RMdmlCTWwxdkY1WmJqdnE2ZlRlZDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kN2U2NjgtZjA3ZS00MzhiLTlmYTgtODBhYjc3OWVlZDEw
LzEvb3c5dnR2WElES1NtQTRKOGxyTzk5Z3JWWTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbGAMA0E
AgACMAcDBQMqDN7AMA0GCSqGSIb3DQEBCwUAA4IBAQB9kT5P+71NUwn+Ytz2td9O
8kdgzFO0lexZMSHy+WteUu5tfbzv0vMmVFcDR0E+LIdWwxfdi5wNInpYuiw8H4to
LcPDXi1lVWfBpQFQJvKc6DT7fSSrwMrMK7qEqc6Vwms7WxglIBJHSA0q7hHnhg3Q
HIurdK14cafCASVR6xnTcFMolE8y7PMrL7FklEQdcRYZDBWIJp0agIaqDFP+2lwH
Q6VwbptCwnLXfER8klFICUp4NKQeCI9d26y7F/dkfTGYVL/nQl2RiHoyi2BZLdGW
wf1+8omxMaz2IaGvidsrNdtxkxPX19cymnjJPdcls/cELvaoLkBwRutVjQdlObAc
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:58:01 2025 by rpki-client