Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/HVKHyWK-3ZYz5KzbpJqwzo297Wc.roa
File: HVKHyWK-3ZYz5KzbpJqwzo297Wc.roa (raw, json)
Hash identifier: OXPJlcYgMDd9TeVLc/h7NB1E8LuM//ZUW90WT8mlIsU=
Subject key identifier: 1D:52:87:C9:62:BE:DD:96:33:E4:AC:DB:A4:9A:B0:CE:8D:BD:ED:67
Certificate issuer: /CN=09c746f67b7ac56ea6dd85951ec022cbbd67af06
Certificate serial: 01942369A265881167B999E3556CCBA91652
Authority key identifier: 09:C7:46:F6:7B:7A:C5:6E:A6:DD:85:95:1E:C0:22:CB:BD:67:AF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CcdG9nt6xW6m3YWVHsAiy71nrwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/HVKHyWK-3ZYz5KzbpJqwzo297Wc.roa
Signing time: Wed 01 Jan 2025 19:48:32 +0000
ROA not before: Wed 01 Jan 2025 19:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30742
IP address blocks: 185.204.96.0/22 maxlen: 24
185.204.96.0/24 maxlen: 24
185.204.97.0/24 maxlen: 24
185.204.98.0/24 maxlen: 24
185.204.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a2:65:88:11:67:b9:99:e3:55:6c:cb:a9:16:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09c746f67b7ac56ea6dd85951ec022cbbd67af06
Validity
Not Before: Jan 1 19:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d5287c962bedd9633e4acdba49ab0ce8dbded67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:04:aa:7d:9a:07:1e:f1:29:cf:fd:fa:a9:1e:
3e:15:1e:57:b0:fc:2b:eb:5f:80:df:4f:13:09:d8:
8d:b0:06:3c:cc:db:07:8f:9e:9e:45:51:ef:0e:a5:
ac:89:7d:94:57:e5:3c:5c:3f:15:ea:c2:26:6e:08:
0e:8f:03:ad:f4:35:ce:9f:54:87:53:e9:ba:57:3d:
5b:18:26:66:75:51:cb:58:d4:b0:2b:60:e9:10:1d:
96:dd:79:d8:b9:64:e9:89:97:64:4b:ba:56:0b:36:
10:6a:6d:0b:57:ea:cd:56:dd:25:26:bf:a8:6c:bf:
36:67:05:26:12:c8:a3:53:ae:48:f7:a3:7d:c5:b0:
6e:11:d5:9d:ff:84:f3:33:7b:8a:c6:56:f4:91:71:
48:ec:3e:b1:43:e0:3f:30:93:07:9f:e2:6d:74:1c:
3e:75:31:4f:6e:bc:73:c1:f6:5c:db:26:99:bb:82:
49:40:9e:0a:13:93:d4:c4:cc:56:d4:03:57:4c:8f:
5f:ab:03:42:8e:96:66:22:c0:9c:58:99:2f:1c:f2:
b9:6c:1d:d5:ac:69:eb:b0:af:01:26:a0:35:ba:f8:
13:de:13:be:5f:a9:55:93:7c:f4:6a:b3:3e:80:06:
93:e3:3c:0e:72:37:c8:a2:49:16:ed:7c:04:56:bd:
96:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:52:87:C9:62:BE:DD:96:33:E4:AC:DB:A4:9A:B0:CE:8D:BD:ED:67
X509v3 Authority Key Identifier:
keyid:09:C7:46:F6:7B:7A:C5:6E:A6:DD:85:95:1E:C0:22:CB:BD:67:AF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CcdG9nt6xW6m3YWVHsAiy71nrwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/HVKHyWK-3ZYz5KzbpJqwzo297Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/93af97-3b9e-4961-8904-a6f611a8ab93/1/CcdG9nt6xW6m3YWVHsAiy71nrwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.96.0/22
Signature Algorithm: sha256WithRSAEncryption
45:ef:43:10:eb:95:d2:5d:59:cd:d2:de:e5:8d:c5:b8:e2:ec:
25:86:e4:2a:a1:94:ff:66:a5:68:ae:09:a5:7b:f8:54:13:0b:
43:81:08:03:41:bb:5a:f8:53:35:1d:b8:aa:ac:95:3e:4f:a8:
96:07:b5:d5:6a:37:f0:e0:a1:15:14:e3:dc:de:ca:0e:1d:99:
d4:61:ea:d5:78:cc:2e:fd:42:c5:d5:66:3f:b9:4c:d6:99:3a:
a7:63:fa:1a:78:8e:32:55:9e:35:d0:9e:fa:45:68:01:fc:75:
d1:39:0f:d4:a6:32:53:67:0c:c4:5b:d0:b4:8b:35:6a:e2:64:
03:c1:42:31:0e:68:80:e4:20:9c:91:7c:ff:c0:29:d3:45:4c:
8c:70:ed:e3:e2:24:b5:d2:0d:1b:c4:12:30:c2:81:c7:46:33:
3e:69:f7:0c:51:0f:02:2f:9f:c1:d7:c6:90:84:0f:70:68:f4:
36:e9:30:5c:bd:bc:67:1d:e9:ff:e6:43:86:79:d0:9f:7f:51:
c9:1b:0e:0d:20:99:6c:f6:3e:3d:49:89:60:ea:b0:4c:90:f7:
b4:9c:71:84:f7:19:21:eb:46:72:b9:5f:51:23:ae:e0:ef:f8:
92:12:7d:6e:17:d5:67:1e:81:92:2b:71:5c:98:a6:a0:34:7f:
a9:a8:6c:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaaJliBFnuZnjVWzLqRZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5Yzc0NmY2N2I3YWM1NmVhNmRkODU5NTFlYzAyMmNiYmQ2
N2FmMDYwHhcNMjUwMTAxMTk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDUyODdjOTYyYmVkZDk2MzNlNGFjZGJhNDlhYjBjZThkYmRlZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwSqfZoHHvEpz/36qR4+FR5XsPwr
61+A308TCdiNsAY8zNsHj56eRVHvDqWsiX2UV+U8XD8V6sImbggOjwOt9DXOn1SH
U+m6Vz1bGCZmdVHLWNSwK2DpEB2W3XnYuWTpiZdkS7pWCzYQam0LV+rNVt0lJr+o
bL82ZwUmEsijU65I96N9xbBuEdWd/4TzM3uKxlb0kXFI7D6xQ+A/MJMHn+JtdBw+
dTFPbrxzwfZc2yaZu4JJQJ4KE5PUxMxW1ANXTI9fqwNCjpZmIsCcWJkvHPK5bB3V
rGnrsK8BJqA1uvgT3hO+X6lVk3z0arM+gAaT4zwOcjfIokkW7XwEVr2WPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1Sh8livt2WM+Ss26SasM6Nve1nMB8GA1UdIwQY
MBaAFAnHRvZ7esVupt2FlR7AIsu9Z68GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2NkRzludDZ4VzZtM1lXVkhzQWl5NzFucndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85M2FmOTctM2I5ZS00OTYxLTg5MDQt
YTZmNjExYThhYjkzLzEvSFZLSHlXSy0zWll6NUt6YnBKcXd6bzI5N1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85M2FmOTctM2I5ZS00OTYxLTg5MDQtYTZmNjExYThhYjkz
LzEvQ2NkRzludDZ4VzZtM1lXVkhzQWl5NzFucndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucxgMA0G
CSqGSIb3DQEBCwUAA4IBAQBF70MQ65XSXVnN0t7ljcW44uwlhuQqoZT/ZqVorgml
e/hUEwtDgQgDQbta+FM1HbiqrJU+T6iWB7XVajfw4KEVFOPc3soOHZnUYerVeMwu
/ULF1WY/uUzWmTqnY/oaeI4yVZ410J76RWgB/HXROQ/UpjJTZwzEW9C0izVq4mQD
wUIxDmiA5CCckXz/wCnTRUyMcO3j4iS10g0bxBIwwoHHRjM+afcMUQ8CL5/B18aQ
hA9waPQ26TBcvbxnHen/5kOGedCff1HJGw4NIJls9j49SYlg6rBMkPe0nHGE9xkh
60ZyuV9RI67g7/iSEn1uF9VnHoGSK3FcmKagNH+pqGyZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:49:15 2025 by rpki-client