Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/hkuhpnMVVYRgPxAr-LQ10OakoTI.roa
File: hkuhpnMVVYRgPxAr-LQ10OakoTI.roa (raw, json)
Hash identifier: oAtibnQ6KN2VeS7D1IHVgfHz1J3VS/wtW0fPG2i0OP0=
Subject key identifier: 86:4B:A1:A6:73:15:55:84:60:3F:10:2B:F8:B4:35:D0:E6:A4:A1:32
Certificate issuer: /CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Certificate serial: 019424459AAC5CB3647A441A2A2A99FF3D52
Authority key identifier: CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/hkuhpnMVVYRgPxAr-LQ10OakoTI.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59491
IP address blocks: 31.6.68.0/23 maxlen: 23
31.6.70.0/23 maxlen: 23
91.188.125.0/24 maxlen: 24
91.238.134.0/23 maxlen: 23
178.19.96.0/24 maxlen: 24
178.19.99.0/24 maxlen: 24
178.19.104.0/21 maxlen: 21
185.24.216.0/24 maxlen: 24
185.24.218.0/23 maxlen: 23
212.59.229.0/24 maxlen: 24
212.59.240.0/23 maxlen: 23
212.59.243.0/24 maxlen: 24
212.59.244.0/22 maxlen: 22
2a02:2430:3::/48 maxlen: 48
2a02:2430:5::/48 maxlen: 48
2a02:2430:6::/48 maxlen: 48
2a02:2430:7::/48 maxlen: 48
2a02:2430:40::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9a:ac:5c:b3:64:7a:44:1a:2a:2a:99:ff:3d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=864ba1a673155584603f102bf8b435d0e6a4a132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:6a:18:65:1d:6c:62:2a:b0:e2:93:d6:e7:
cf:cb:d3:1f:d3:54:90:45:64:23:e6:3d:5a:48:85:
ed:51:62:16:1a:d9:92:6a:cd:53:56:10:1e:be:7b:
60:d4:b6:80:3e:fb:37:f7:18:48:7d:37:d4:e5:56:
19:0a:d8:14:09:00:6a:3f:ef:26:0a:0a:5c:32:da:
b7:3f:e2:94:16:f7:6e:07:e3:46:50:a4:9c:0f:91:
6d:67:fd:57:b8:09:3f:4c:e8:09:f7:79:3c:c8:bd:
06:28:66:88:d1:ab:18:bc:69:2e:5e:89:51:66:fd:
05:f4:0e:53:f1:9d:ac:e3:22:d6:4c:50:50:f4:e5:
53:0c:fa:29:13:eb:13:d9:ce:c5:7a:2f:e3:bb:a4:
15:e8:cc:3e:a8:05:63:37:8c:d4:ea:88:9f:ef:12:
8c:b2:74:9a:40:a9:8d:ba:87:21:d2:3a:bf:d2:cb:
32:23:af:b1:fa:20:44:bf:fe:25:af:0e:7e:09:b6:
12:bc:fe:52:f9:22:c7:48:68:07:12:80:ef:74:f2:
24:fa:77:4e:fb:5e:4e:25:cd:08:e3:4a:b2:ec:51:
df:68:99:31:1f:08:c4:1e:15:2c:56:4d:12:ec:3f:
50:c6:8f:34:a4:95:f2:9b:a9:35:63:09:bb:1e:6a:
f3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4B:A1:A6:73:15:55:84:60:3F:10:2B:F8:B4:35:D0:E6:A4:A1:32
X509v3 Authority Key Identifier:
keyid:CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/hkuhpnMVVYRgPxAr-LQ10OakoTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/zWj3o5G3sWSe1JA0gtPpMe0049g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.68.0/22
91.188.125.0/24
91.238.134.0/23
178.19.96.0/24
178.19.99.0/24
178.19.104.0/21
185.24.216.0/24
185.24.218.0/23
212.59.229.0/24
212.59.240.0/23
212.59.243.0-212.59.247.255
IPv6:
2a02:2430:3::/48
2a02:2430:5::-2a02:2430:7:ffff:ffff:ffff:ffff:ffff
2a02:2430:40::/42
Signature Algorithm: sha256WithRSAEncryption
84:8c:5e:d3:8b:22:83:e5:7c:5b:ca:6d:6c:87:e7:96:6c:58:
1f:3e:73:d2:35:1f:cf:50:78:2b:93:99:8b:91:48:50:98:a8:
ee:bc:c1:bf:83:23:dc:98:93:b3:a9:39:4c:69:24:05:07:46:
2d:ac:3e:f7:82:f2:68:af:c8:8a:87:d1:6e:6a:20:5b:bf:f1:
49:14:cb:e1:2b:2d:ba:ea:ed:db:81:da:8b:6f:d4:fa:4f:64:
4d:16:8d:35:09:a1:78:9a:8c:a0:20:49:c1:bd:f5:79:87:2b:
d0:a6:a4:72:1c:6e:b5:3f:3c:ae:ff:89:f3:a7:77:41:eb:2b:
e1:56:bb:56:e6:3c:e6:a8:a9:5c:15:47:0f:19:73:0d:d2:ed:
94:22:38:23:0c:cc:f1:63:aa:9e:81:ab:53:f3:1d:8e:50:f2:
cd:4c:b5:4c:f0:3e:ca:72:2e:5d:5c:a3:4a:af:5c:b1:11:9a:
1d:f0:a3:9f:bc:7c:56:13:2b:52:55:38:80:fe:19:b5:ac:74:
20:c1:04:b0:a4:a0:c3:3c:4f:cc:10:1a:1a:52:98:3f:60:3b:
32:a7:a8:c8:fa:9b:7e:4b:12:82:42:71:ca:03:d0:6f:a8:52:
b0:7e:b9:1b:b2:85:4d:ee:85:84:1a:56:f6:bc:e4:d1:3a:37:
31:9c:44:93
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZQkRZqsXLNkekQaKiqZ/z1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjhmN2EzOTFiN2IxNjQ5ZWQ0OTAzNDgyZDNlOTMxZWQz
NGUzZDgwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRiYTFhNjczMTU1NTg0NjAzZjEwMmJmOGI0MzVkMGU2YTRhMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs91qGGUdbGIqsOKT1ufPy9Mf01SQ
RWQj5j1aSIXtUWIWGtmSas1TVhAevntg1LaAPvs39xhIfTfU5VYZCtgUCQBqP+8m
CgpcMtq3P+KUFvduB+NGUKScD5FtZ/1XuAk/TOgJ93k8yL0GKGaI0asYvGkuXolR
Zv0F9A5T8Z2s4yLWTFBQ9OVTDPopE+sT2c7Fei/ju6QV6Mw+qAVjN4zU6oif7xKM
snSaQKmNuoch0jq/0ssyI6+x+iBEv/4lrw5+CbYSvP5S+SLHSGgHEoDvdPIk+ndO
+15OJc0I40qy7FHfaJkxHwjEHhUsVk0S7D9Qxo80pJXym6k1Ywm7HmrzHwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFIZLoaZzFVWEYD8QK/i0NdDmpKEyMB8GA1UdIwQY
MBaAFM1o96ORt7FkntSQNILT6THtNOPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQt
MTY3M2FkOGM0MDEyLzEvaGt1aHBuTVZWWVJnUHhBci1MUTEwT2Frb1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQtMTY3M2FkOGM0MDEy
LzEveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBQBAIAATBKAwQCHwZE
AwQAW7x9AwQBW+6GAwQAshNgAwQAshNjAwQDshNoAwQAuRjYAwQBuRjaAwQA1Dvl
AwQB1DvwMAwDBADUO/MDBAPUO/AwLAQCAAIwJgMHACoCJDAAAzASAwcAKgIkMAAF
AwcDKgIkMAAAAwcGKgIkMABAMA0GCSqGSIb3DQEBCwUAA4IBAQCEjF7TiyKD5Xxb
ym1sh+eWbFgfPnPSNR/PUHgrk5mLkUhQmKjuvMG/gyPcmJOzqTlMaSQFB0YtrD73
gvJor8iKh9FuaiBbv/FJFMvhKy266u3bgdqLb9T6T2RNFo01CaF4moygIEnBvfV5
hyvQpqRyHG61Pzyu/4nzp3dB6yvhVrtW5jzmqKlcFUcPGXMN0u2UIjgjDMzxY6qe
gatT8x2OUPLNTLVM8D7Kci5dXKNKr1yxEZod8KOfvHxWEytSVTiA/hm1rHQgwQSw
pKDDPE/MEBoaUpg/YDsyp6jI+pt+SxKCQnHKA9BvqFKwfrkbsoVN7oWEGlb2vOTR
OjcxnEST
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:01:56 2025 by rpki-client