Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/HUiYQLYoRn-P8-AKIUmGnSk_fUQ.roa
File: HUiYQLYoRn-P8-AKIUmGnSk_fUQ.roa (raw, json)
Hash identifier: ozdi5qHnRcow/nH1EVH0214AE7vAhAxmdAJcuT+IzE4=
Subject key identifier: 1D:48:98:40:B6:28:46:7F:8F:F3:E0:0A:21:49:86:9D:29:3F:7D:44
Certificate issuer: /CN=d648294443aed16d06b86af14f5a5f0a5083774a
Certificate serial: 01942827987BCD633FF7491EFF8E9E8F06AD
Authority key identifier: D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/HUiYQLYoRn-P8-AKIUmGnSk_fUQ.roa
Signing time: Thu 02 Jan 2025 17:54:31 +0000
ROA not before: Thu 02 Jan 2025 17:54:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197712
IP address blocks: 46.16.56.0/21 maxlen: 24
134.0.8.0/21 maxlen: 24
185.22.200.0/22 maxlen: 24
185.34.192.0/22 maxlen: 24
185.42.104.0/22 maxlen: 24
185.66.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:98:7b:cd:63:3f:f7:49:1e:ff:8e:9e:8f:06:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d648294443aed16d06b86af14f5a5f0a5083774a
Validity
Not Before: Jan 2 17:54:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d489840b628467f8ff3e00a2149869d293f7d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:19:91:df:4e:80:07:dc:24:48:be:13:55:
bb:97:72:00:df:4d:47:8f:5d:bb:82:9c:71:e2:3b:
1f:3d:54:55:26:13:89:65:b1:4c:81:2d:70:81:e1:
a2:bd:6e:55:88:b9:b4:28:15:e8:0b:60:cb:a5:b4:
5a:9b:cc:d5:93:0a:2b:a1:4f:c6:c1:d8:8c:38:6d:
92:02:eb:65:a1:ca:6b:ba:b3:ac:fa:f3:19:b5:02:
4c:70:8b:9a:af:d7:d0:2b:5a:e7:5e:67:76:57:94:
00:61:c0:9a:99:fd:fe:1c:bf:a4:66:25:df:cf:63:
f2:ef:7f:4c:e7:69:90:ec:5d:de:07:2b:9a:72:87:
40:12:60:44:4c:0b:f6:ca:14:3c:48:e8:4d:a4:18:
3c:0c:af:48:66:f9:7d:15:0f:84:e7:1b:2c:49:a8:
c9:51:b2:18:fc:f8:2c:64:e2:d1:93:29:55:4c:b1:
5a:c2:77:df:b3:9f:7f:29:9c:df:27:76:56:e8:fe:
ca:1e:a9:06:1c:d0:c1:2c:f9:20:b0:c1:7e:2e:00:
8f:b5:e7:98:43:de:14:b0:71:e0:d9:07:02:ad:cf:
18:53:46:ca:00:6a:35:d1:81:a3:f3:54:c7:6c:61:
4f:d1:42:45:f9:e7:75:05:39:96:1c:90:34:f5:5b:
dc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:48:98:40:B6:28:46:7F:8F:F3:E0:0A:21:49:86:9D:29:3F:7D:44
X509v3 Authority Key Identifier:
keyid:D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/HUiYQLYoRn-P8-AKIUmGnSk_fUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.56.0/21
134.0.8.0/21
185.22.200.0/22
185.34.192.0/22
185.42.104.0/22
185.66.40.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:24:ca:53:65:c3:e0:d2:7f:5a:11:b4:9f:48:bf:e5:09:12:
b5:76:35:d9:a8:32:6a:61:3b:6a:14:2e:06:06:e1:f6:df:05:
82:b5:fa:01:d7:ec:d1:e3:dd:10:fd:f0:a9:e5:53:db:e9:61:
c2:74:77:d2:20:da:b1:0d:8c:ed:80:36:cf:11:af:4c:77:4a:
99:da:f4:95:7f:dd:f3:1e:e0:f6:41:cd:7e:c7:55:19:20:b9:
55:ca:d8:c3:10:bf:36:09:3b:13:b7:18:c6:3b:87:da:57:fb:
16:01:25:72:44:db:f8:2c:91:6d:a3:8b:08:38:c7:18:0b:31:
f1:04:f4:58:b2:2e:bb:ab:cd:14:cb:38:6f:24:d8:03:78:1d:
ee:1b:ec:22:d6:00:87:4d:36:aa:92:8e:1d:39:b6:d9:82:a8:
35:6a:52:50:cc:d5:80:0a:a3:1d:3c:83:ae:1e:b0:75:76:28:
1c:ed:1c:12:3a:6d:63:31:55:11:e6:6e:17:f2:63:3e:5b:59:
72:36:28:97:3b:5c:e3:f1:46:3b:cb:7f:19:e0:8b:62:72:88:
f0:55:9d:d4:bf:ba:48:80:65:07:db:94:a3:3a:a7:02:98:3b:
63:c2:c7:03:4b:7c:6a:da:d7:bb:ee:af:c3:64:33:2e:30:13:
67:66:53:52
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQoJ5h7zWM/90ke/46ejwatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NDgyOTQ0NDNhZWQxNmQwNmI4NmFmMTRmNWE1ZjBhNTA4
Mzc3NGEwHhcNMjUwMTAyMTc1NDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ4OTg0MGI2Mjg0NjdmOGZmM2UwMGEyMTQ5ODY5ZDI5M2Y3ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPIZkd9OgAfcJEi+E1W7l3IA301H
j127gpxx4jsfPVRVJhOJZbFMgS1wgeGivW5ViLm0KBXoC2DLpbRam8zVkworoU/G
wdiMOG2SAutlocprurOs+vMZtQJMcIuar9fQK1rnXmd2V5QAYcCamf3+HL+kZiXf
z2Py739M52mQ7F3eByuacodAEmBETAv2yhQ8SOhNpBg8DK9IZvl9FQ+E5xssSajJ
UbIY/PgsZOLRkylVTLFawnffs59/KZzfJ3ZW6P7KHqkGHNDBLPkgsMF+LgCPteeY
Q94UsHHg2QcCrc8YU0bKAGo10YGj81THbGFP0UJF+ed1BTmWHJA09Vvc4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB1ImEC2KEZ/j/PgCiFJhp0pP31EMB8GA1UdIwQY
MBaAFNZIKURDrtFtBrhq8U9aXwpQg3dKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDkt
ZTU3Y2M4MWY1MjMzLzEvSFVpWVFMWW9Sbi1QOC1BS0lVbUduU2tfZlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTg3ZTktMzNhOS00YTg2LThjZDktZTU3Y2M4MWY1MjMz
LzEvMWtncFJFT3UwVzBHdUdyeFQxcGZDbENEZDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLhA4AwQD
hgAIAwQCuRbIAwQCuSLAAwQCuSpoAwQCuUIoMA0GCSqGSIb3DQEBCwUAA4IBAQCe
JMpTZcPg0n9aEbSfSL/lCRK1djXZqDJqYTtqFC4GBuH23wWCtfoB1+zR490Q/fCp
5VPb6WHCdHfSINqxDYztgDbPEa9Md0qZ2vSVf93zHuD2Qc1+x1UZILlVytjDEL82
CTsTtxjGO4faV/sWASVyRNv4LJFto4sIOMcYCzHxBPRYsi67q80UyzhvJNgDeB3u
G+wi1gCHTTaqko4dObbZgqg1alJQzNWACqMdPIOuHrB1digc7RwSOm1jMVUR5m4X
8mM+W1lyNiiXO1zj8UY7y38Z4IticojwVZ3Uv7pIgGUH25SjOqcCmDtjwscDS3xq
2te77q/DZDMuMBNnZlNS
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:14:22 2025 by rpki-client