Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/hioMXdeaeDX5ZwJdBDoUC1hMGLo.roa
File: hioMXdeaeDX5ZwJdBDoUC1hMGLo.roa (raw, json)
Hash identifier: FQzlEOIGmKTMKyev68yd0Z/p1ylOojH96N0RveKYIkI=
Subject key identifier: 86:2A:0C:5D:D7:9A:78:35:F9:67:02:5D:04:3A:14:0B:58:4C:18:BA
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 01942823096C2607F3B78CC51661C63FF271
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/hioMXdeaeDX5ZwJdBDoUC1hMGLo.roa
Signing time: Thu 02 Jan 2025 17:49:32 +0000
ROA not before: Thu 02 Jan 2025 17:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213780
IP address blocks: 89.208.119.0/24 maxlen: 24
92.38.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:09:6c:26:07:f3:b7:8c:c5:16:61:c6:3f:f2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Jan 2 17:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=862a0c5dd79a7835f967025d043a140b584c18ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:14:e1:94:ee:f7:28:ba:9d:c2:85:90:58:5f:
64:4c:42:36:50:7c:30:ff:e4:e3:f4:0f:a6:b5:bf:
27:5f:55:29:43:45:16:87:c4:5a:68:98:44:e8:23:
55:28:55:f0:6c:76:1b:a5:45:07:63:cf:fd:c9:16:
96:9e:3c:8b:eb:29:63:ee:35:12:8c:ed:d8:bd:ac:
ad:f2:69:80:c8:a4:61:4d:12:77:3f:78:77:b0:04:
b7:72:38:b5:a3:50:59:c8:11:1f:cf:34:1b:4e:30:
4d:08:95:b1:7f:bb:83:ca:59:38:14:68:36:c4:75:
90:4b:d7:79:41:1f:1b:6b:ec:09:fd:1f:06:1d:24:
2c:e4:93:41:b4:63:3b:ac:c4:89:eb:9a:38:4c:9e:
4c:c9:46:11:33:36:51:65:99:dd:bb:56:4b:15:a6:
51:8d:9a:ae:db:70:08:16:9a:06:4a:00:f2:bf:a5:
4a:25:e2:7d:f0:82:fb:fe:cd:d4:6d:dd:cb:51:09:
91:80:21:f4:52:68:f2:1c:8f:1e:f2:16:7a:cf:4a:
f4:24:af:fc:6e:b9:5c:2a:c8:17:ba:22:51:27:11:
c9:97:c4:77:77:7b:cd:91:4e:bc:9d:58:74:26:06:
19:93:01:c7:2b:27:2c:06:75:a8:f7:56:f7:10:b8:
bb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2A:0C:5D:D7:9A:78:35:F9:67:02:5D:04:3A:14:0B:58:4C:18:BA
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/hioMXdeaeDX5ZwJdBDoUC1hMGLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.119.0/24
92.38.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:a1:63:c0:0f:14:6e:d1:a9:e0:81:a1:c9:9d:22:a2:21:6e:
5f:da:d8:a8:b2:a5:61:b0:46:74:8f:c1:8d:dd:7c:7f:45:7c:
db:a3:64:94:7a:9f:cf:ef:46:c5:55:81:6c:7b:8d:c6:c7:fd:
35:dd:99:7c:94:e5:4d:40:52:36:9d:aa:1b:f8:2c:fc:bb:e1:
5c:ab:0b:c7:38:09:6b:7d:61:0a:90:ae:a6:bf:55:c8:cb:ba:
68:e5:68:4b:3c:f3:f7:5d:be:c0:a5:b5:6e:0e:75:72:b0:70:
95:55:97:d3:7b:22:68:db:2d:d4:06:1d:17:56:25:c7:fa:24:
fb:8f:33:5c:44:6d:f2:55:9e:a6:f2:b0:3c:16:78:20:4f:ec:
44:f7:23:32:8f:15:50:78:2b:45:b0:01:da:15:7a:e2:4d:98:
14:bc:19:79:8b:75:ea:fc:4d:e2:a4:13:64:85:e0:26:11:00:
1a:01:f9:7c:43:18:6e:b4:74:7a:64:7b:f8:44:73:21:02:a2:
30:41:f0:6f:b8:ff:b2:23:ad:cb:23:e3:2f:82:ce:c9:08:56:
51:93:a1:55:2e:f3:0d:ec:84:78:78:07:b0:2c:e1:23:8a:50:
26:9a:8a:cf:42:fa:4f:1e:17:c9:1d:85:59:69:c6:ab:18:96:
f5:8f:52:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoIwlsJgfzt4zFFmHGP/JxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjUwMTAyMTc0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjJhMGM1ZGQ3OWE3ODM1Zjk2NzAyNWQwNDNhMTQwYjU4NGMxOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRThlO73KLqdwoWQWF9kTEI2UHww
/+Tj9A+mtb8nX1UpQ0UWh8RaaJhE6CNVKFXwbHYbpUUHY8/9yRaWnjyL6ylj7jUS
jO3Yvayt8mmAyKRhTRJ3P3h3sAS3cji1o1BZyBEfzzQbTjBNCJWxf7uDylk4FGg2
xHWQS9d5QR8ba+wJ/R8GHSQs5JNBtGM7rMSJ65o4TJ5MyUYRMzZRZZndu1ZLFaZR
jZqu23AIFpoGSgDyv6VKJeJ98IL7/s3Ubd3LUQmRgCH0UmjyHI8e8hZ6z0r0JK/8
brlcKsgXuiJRJxHJl8R3d3vNkU68nVh0JgYZkwHHKycsBnWo91b3ELi7TwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIYqDF3Xmng1+WcCXQQ6FAtYTBi6MB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvaGlvTVhkZWFlRFg1WndKZEJEb1VDMWhNR0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdB3AwQA
XCbeMA0GCSqGSIb3DQEBCwUAA4IBAQCKoWPADxRu0anggaHJnSKiIW5f2tiosqVh
sEZ0j8GN3Xx/RXzbo2SUep/P70bFVYFse43Gx/013Zl8lOVNQFI2naob+Cz8u+Fc
qwvHOAlrfWEKkK6mv1XIy7po5WhLPPP3Xb7ApbVuDnVysHCVVZfTeyJo2y3UBh0X
ViXH+iT7jzNcRG3yVZ6m8rA8FnggT+xE9yMyjxVQeCtFsAHaFXriTZgUvBl5i3Xq
/E3ipBNkheAmEQAaAfl8QxhutHR6ZHv4RHMhAqIwQfBvuP+yI63LI+Mvgs7JCFZR
k6FVLvMN7IR4eAewLOEjilAmmorPQvpPHhfJHYVZacarGJb1j1Jv
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:05:02 2025 by rpki-client