Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/848406-5826-4dbc-b93e-5d27c75aae6f/1/HO38BQkZbk8sOl9HIcFWqylWAn0.roa
File: HO38BQkZbk8sOl9HIcFWqylWAn0.roa (raw, json)
Hash identifier: f5PO7xcOqg4j7osu62n1SoIVysgleTKMRASaV5PScOY=
Subject key identifier: 1C:ED:FC:05:09:19:6E:4F:2C:3A:5F:47:21:C1:56:AB:29:56:02:7D
Certificate issuer: /CN=8c07ecd7666ccef91e82f7ecbce0ba285336fb45
Certificate serial: 01941F8C42CED24661F613934EB26D0D0631
Authority key identifier: 8C:07:EC:D7:66:6C:CE:F9:1E:82:F7:EC:BC:E0:BA:28:53:36:FB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAfs12ZszvkegvfsvOC6KFM2-0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/848406-5826-4dbc-b93e-5d27c75aae6f/1/HO38BQkZbk8sOl9HIcFWqylWAn0.roa
Signing time: Wed 01 Jan 2025 01:47:53 +0000
ROA not before: Wed 01 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48303
IP address blocks: 185.199.104.0/22 maxlen: 22
2a0a:9bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:42:ce:d2:46:61:f6:13:93:4e:b2:6d:0d:06:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c07ecd7666ccef91e82f7ecbce0ba285336fb45
Validity
Not Before: Jan 1 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cedfc0509196e4f2c3a5f4721c156ab2956027d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:60:5f:5c:74:f1:f3:3a:38:08:da:f9:84:14:
a5:cf:bb:7f:34:89:80:88:f6:d9:f3:d9:02:9a:e1:
0a:93:df:3f:ff:3f:2b:36:71:63:89:67:a3:08:ca:
1f:bb:0d:ff:f5:d1:a7:96:75:43:cd:2f:f1:71:99:
a1:a4:f7:ff:7d:6d:2e:a7:e4:0a:8f:52:90:5c:7d:
48:fc:43:db:9f:2a:ba:0b:8e:24:13:26:53:dd:b9:
a8:9b:a7:e5:43:db:74:76:04:97:34:d3:a9:52:80:
a9:ac:02:67:04:a0:95:41:c2:82:a2:69:35:b4:c6:
a1:f1:7c:46:45:a9:1f:34:44:96:61:05:43:2b:3c:
b9:24:78:80:9e:44:93:8c:67:05:87:01:9c:09:4e:
b3:15:5d:20:7f:9a:0f:54:61:d4:6b:8d:36:0c:62:
f0:b7:2b:4d:84:a7:3f:0b:9b:76:3b:da:1d:09:fb:
1e:10:20:2f:7b:45:ff:e0:59:6b:db:41:5f:1c:43:
1f:33:2e:55:7a:30:4c:b2:81:aa:27:cf:f3:48:5d:
31:e6:71:b6:77:15:79:7b:bc:58:1a:0f:a3:ac:7b:
6d:75:f5:82:a0:d2:77:9e:1b:2e:cb:da:6f:86:16:
a5:98:5e:f9:12:4d:13:b8:67:76:01:10:74:0a:06:
9e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:ED:FC:05:09:19:6E:4F:2C:3A:5F:47:21:C1:56:AB:29:56:02:7D
X509v3 Authority Key Identifier:
keyid:8C:07:EC:D7:66:6C:CE:F9:1E:82:F7:EC:BC:E0:BA:28:53:36:FB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAfs12ZszvkegvfsvOC6KFM2-0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/848406-5826-4dbc-b93e-5d27c75aae6f/1/HO38BQkZbk8sOl9HIcFWqylWAn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/848406-5826-4dbc-b93e-5d27c75aae6f/1/jAfs12ZszvkegvfsvOC6KFM2-0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.104.0/22
IPv6:
2a0a:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
03:c8:94:fe:94:b0:3e:f6:e1:38:3b:f7:1d:66:a8:c5:20:fc:
5f:75:e1:6f:8c:28:f1:95:40:bf:f7:e4:14:56:d0:9e:4f:aa:
fc:30:24:47:56:56:a4:4c:d5:82:0f:ed:37:d9:62:ef:64:aa:
86:75:7c:17:16:bc:b7:44:87:27:c3:4b:d2:00:c2:c7:d8:ec:
e4:2a:dd:4b:e6:c2:e8:72:ae:f1:e6:ac:dd:76:48:17:25:cf:
0d:66:b2:60:9b:c4:52:c9:51:e7:98:f4:2c:2a:4b:32:64:ac:
66:d9:88:4f:cb:6b:27:ee:80:9e:22:b8:30:96:29:6a:c6:82:
8f:a7:0d:ac:61:23:5f:e9:ff:3b:5b:d0:04:28:3d:a9:a1:33:
f9:7b:f9:2e:a5:5d:f2:7c:3d:e1:3a:57:a2:c6:99:fc:8c:ee:
0c:14:22:1c:6d:09:a0:1a:85:3b:32:db:e4:de:d0:4e:ca:4d:
84:d0:d5:ab:a5:6d:d6:62:4f:bb:3a:6b:61:53:9f:00:04:67:
d2:7a:5d:b1:37:97:32:2f:97:81:7a:4c:ad:80:1d:6e:43:af:
be:6d:bd:bb:77:58:bf:71:00:97:e4:3b:86:43:62:ed:4d:f2:
6f:48:bb:26:53:67:28:a0:4c:21:18:9e:99:f9:e6:63:f2:78:
70:8e:d8:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjELO0kZh9hOTTrJtDQYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMDdlY2Q3NjY2Y2NlZjkxZTgyZjdlY2JjZTBiYTI4NTMz
NmZiNDUwHhcNMjUwMTAxMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2VkZmMwNTA5MTk2ZTRmMmMzYTVmNDcyMWMxNTZhYjI5NTYwMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2BfXHTx8zo4CNr5hBSlz7t/NImA
iPbZ89kCmuEKk98//z8rNnFjiWejCMofuw3/9dGnlnVDzS/xcZmhpPf/fW0up+QK
j1KQXH1I/EPbnyq6C44kEyZT3bmom6flQ9t0dgSXNNOpUoCprAJnBKCVQcKComk1
tMah8XxGRakfNESWYQVDKzy5JHiAnkSTjGcFhwGcCU6zFV0gf5oPVGHUa402DGLw
tytNhKc/C5t2O9odCfseECAve0X/4Flr20FfHEMfMy5VejBMsoGqJ8/zSF0x5nG2
dxV5e7xYGg+jrHttdfWCoNJ3nhsuy9pvhhalmF75Ek0TuGd2ARB0CgaeFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBzt/AUJGW5PLDpfRyHBVqspVgJ9MB8GA1UdIwQY
MBaAFIwH7NdmbM75HoL37LzguihTNvtFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakFmczEyWnN6dmtlZ3Zmc3ZPQzZLRk0yLTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84NDg0MDYtNTgyNi00ZGJjLWI5M2Ut
NWQyN2M3NWFhZTZmLzEvSE8zOEJRa1piazhzT2w5SEljRldxeWxXQW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84NDg0MDYtNTgyNi00ZGJjLWI5M2UtNWQyN2M3NWFhZTZm
LzEvakFmczEyWnN6dmtlZ3Zmc3ZPQzZLRk0yLTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucdoMA0E
AgACMAcDBQMqCpvAMA0GCSqGSIb3DQEBCwUAA4IBAQADyJT+lLA+9uE4O/cdZqjF
IPxfdeFvjCjxlUC/9+QUVtCeT6r8MCRHVlakTNWCD+032WLvZKqGdXwXFry3RIcn
w0vSAMLH2OzkKt1L5sLocq7x5qzddkgXJc8NZrJgm8RSyVHnmPQsKksyZKxm2YhP
y2sn7oCeIrgwlilqxoKPpw2sYSNf6f87W9AEKD2poTP5e/kupV3yfD3hOleixpn8
jO4MFCIcbQmgGoU7Mtvk3tBOyk2E0NWrpW3WYk+7OmthU58ABGfSel2xN5cyL5eB
ekytgB1uQ6++bb27d1i/cQCX5DuGQ2LtTfJvSLsmU2cooEwhGJ6Z+eZj8nhwjthl
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:53:13 2025 by rpki-client