Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/HLsqpW_Z-fbGO_aC3llZw59d0HA.roa
File: HLsqpW_Z-fbGO_aC3llZw59d0HA.roa (raw, json)
Hash identifier: zNqiqKUQYXwQHeg5g/DJfaZuunabikgAw4lZ3lENgDM=
Subject key identifier: 1C:BB:2A:A5:6F:D9:F9:F6:C6:3B:F6:82:DE:59:59:C3:9F:5D:D0:70
Certificate issuer: /CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Certificate serial: 019427473D13DF6F0B5509C8838CD7D3D9C4
Authority key identifier: FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/HLsqpW_Z-fbGO_aC3llZw59d0HA.roa
Signing time: Thu 02 Jan 2025 13:49:27 +0000
ROA not before: Thu 02 Jan 2025 13:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25581
IP address blocks: 45.81.12.0/22 maxlen: 22
45.90.8.0/22 maxlen: 22
91.207.130.0/23 maxlen: 23
185.34.148.0/22 maxlen: 22
185.34.149.0/24 maxlen: 24
185.170.216.0/21 maxlen: 21
2a00:da60::/32 maxlen: 32
2a00:da60:b01::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:3d:13:df:6f:0b:55:09:c8:83:8c:d7:d3:d9:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Validity
Not Before: Jan 2 13:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cbb2aa56fd9f9f6c63bf682de5959c39f5dd070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:f2:e3:8e:c8:bf:54:27:77:21:55:fc:d6:
21:b2:8a:6e:bd:ca:7e:36:2f:4a:85:5d:d9:4c:08:
d6:65:73:fe:46:96:c1:d6:64:bb:91:e9:b4:a5:e2:
a5:11:7e:9b:d2:19:54:3d:34:c0:d6:9d:e0:40:fd:
49:1a:8a:4f:b8:92:dc:ad:1f:9f:c2:14:40:e0:f8:
c5:52:95:42:83:ab:f8:c0:97:3e:60:08:48:3c:54:
a9:21:5b:68:dd:70:25:86:bb:4f:28:19:57:84:03:
90:dc:93:b4:6c:bb:60:d7:70:99:60:84:d4:8c:2c:
b6:f4:0f:5a:c5:56:35:e8:61:b9:e6:b2:20:e5:4a:
93:b6:33:71:aa:a2:a0:af:59:98:3c:59:3f:2b:52:
9d:aa:2b:69:40:aa:fa:4d:f6:f9:40:2b:10:f5:54:
30:e0:b1:e3:b9:8d:7f:37:59:ed:be:76:65:69:4a:
9d:b9:25:74:3d:c6:c6:78:bf:a6:ea:f0:44:90:23:
58:f5:f2:c0:71:42:18:94:ea:9d:99:7a:4e:8d:e3:
2e:c7:d5:0d:22:f0:1f:27:b4:f8:8b:d8:68:ab:3e:
cb:84:7b:c2:16:9d:52:ed:1a:d0:5e:04:06:69:74:
80:55:27:e9:f3:b5:36:d0:5a:91:f9:a4:84:08:1a:
ad:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BB:2A:A5:6F:D9:F9:F6:C6:3B:F6:82:DE:59:59:C3:9F:5D:D0:70
X509v3 Authority Key Identifier:
keyid:FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/HLsqpW_Z-fbGO_aC3llZw59d0HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/1-83RF-rHV7b485QoZTrhJQjMaYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.12.0/22
45.90.8.0/22
91.207.130.0/23
185.34.148.0/22
185.170.216.0/21
IPv6:
2a00:da60::/32
Signature Algorithm: sha256WithRSAEncryption
77:40:e6:cb:00:25:ee:bf:50:87:38:c4:72:bf:c2:52:bf:5d:
ec:03:fb:05:c8:78:4c:ea:19:c3:77:2f:5d:e7:44:82:bb:93:
9f:7f:cb:5c:72:31:6a:00:d3:4b:d7:78:44:fd:8b:79:32:80:
c1:ac:4d:b8:a5:8f:91:08:11:30:2d:52:20:a4:13:4f:e0:b1:
7c:69:73:93:77:36:8c:28:14:1d:15:a6:75:b6:38:f1:2d:57:
bc:a8:db:d9:a5:ed:b6:6e:41:b9:1a:6e:a0:5d:12:95:1a:a2:
cf:4b:8b:80:fd:f6:08:5c:7f:af:fb:d1:14:ab:35:09:80:7c:
6c:86:2a:0c:2f:68:d5:6e:54:e1:3e:2f:db:be:53:75:6c:6f:
8f:63:26:78:08:67:d5:06:b3:ae:82:4d:8b:18:ea:bc:b2:1a:
00:52:ef:0b:0a:e1:4e:f7:e7:c4:a5:66:81:ba:4a:0d:67:8b:
d1:b3:b3:b6:88:4b:8a:0f:38:8f:17:f4:e3:94:d8:d7:7d:3f:
5e:98:f3:4a:dd:ee:51:17:70:fc:93:40:58:b4:07:f2:dc:c2:
00:6f:41:a9:02:9a:03:1a:20:56:f8:c4:6a:4c:09:61:8d:57:
a3:6e:55:46:3a:77:4a:78:fe:6d:00:f7:15:74:78:5a:29:96:
6a:6a:24:35
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQnRz0T328LVQnIg4zX09nEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2RkMTE3ZWFjNzU3YjZmOGYzOTQyODY1M2FlMTI1MDhj
YzY5ODkwHhcNMjUwMTAyMTM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JiMmFhNTZmZDlmOWY2YzYzYmY2ODJkZTU5NTljMzlmNWRkMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnLy447Iv1QndyFV/NYhsopuvcp+
Ni9KhV3ZTAjWZXP+RpbB1mS7kem0peKlEX6b0hlUPTTA1p3gQP1JGopPuJLcrR+f
whRA4PjFUpVCg6v4wJc+YAhIPFSpIVto3XAlhrtPKBlXhAOQ3JO0bLtg13CZYITU
jCy29A9axVY16GG55rIg5UqTtjNxqqKgr1mYPFk/K1KdqitpQKr6Tfb5QCsQ9VQw
4LHjuY1/N1ntvnZlaUqduSV0PcbGeL+m6vBEkCNY9fLAcUIYlOqdmXpOjeMux9UN
IvAfJ7T4i9hoqz7LhHvCFp1S7RrQXgQGaXSAVSfp87U20FqR+aSECBqtSwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBy7KqVv2fn2xjv2gt5ZWcOfXdBwMB8GA1UdIwQY
MBaAFPvN0Rfqx1e2+POUKGU64SUIzGmJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04M1JGLXJIVjdiNDg1UW9aVHJoSlFqTWFZay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5
LTk2NDQyNWMxOGM2Zi8xL0hMc3FwV19aLWZiR09fYUMzbGxadzU5ZDBIQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5LTk2NDQyNWMxOGM2
Zi8xLzEtODNSRi1ySFY3YjQ4NVFvWlRyaEpRak1hWWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAItUQwD
BAItWggDBAFbz4IDBAK5IpQDBAO5qtgwDQQCAAIwBwMFACoA2mAwDQYJKoZIhvcN
AQELBQADggEBAHdA5ssAJe6/UIc4xHK/wlK/XewD+wXIeEzqGcN3L13nRIK7k59/
y1xyMWoA00vXeET9i3kygMGsTbilj5EIETAtUiCkE0/gsXxpc5N3NowoFB0VpnW2
OPEtV7yo29ml7bZuQbkabqBdEpUaos9Li4D99ghcf6/70RSrNQmAfGyGKgwvaNVu
VOE+L9u+U3Vsb49jJngIZ9UGs66CTYsY6ryyGgBS7wsK4U7358SlZoG6Sg1ni9Gz
s7aIS4oPOI8X9OOU2Nd9P16Y80rd7lEXcPyTQFi0B/LcwgBvQakCmgMaIFb4xGpM
CWGNV6NuVUY6d0p4/m0A9xV0eFoplmpqJDU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:18:18 2025 by rpki-client