Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb10ef-d240-4d68-80c1-41893c4da061/1/hx1AobN52MdMauAKbwiof1BpngE.roa
File: hx1AobN52MdMauAKbwiof1BpngE.roa (raw, json)
Hash identifier: 69thDY3N1zb82iIdJWyRKD2mWa/WKlKqpVSoW/+g4+c=
Subject key identifier: 87:1D:40:A1:B3:79:D8:C7:4C:6A:E0:0A:6F:08:A8:7F:50:69:9E:01
Certificate issuer: /CN=2edffb521ec739ef18265c8cfe7fdf295d87dcf2
Certificate serial: 019420D6551AB4228BFC31C96239791BE893
Authority key identifier: 2E:DF:FB:52:1E:C7:39:EF:18:26:5C:8C:FE:7F:DF:29:5D:87:DC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lt_7Uh7HOe8YJlyM_n_fKV2H3PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb10ef-d240-4d68-80c1-41893c4da061/1/hx1AobN52MdMauAKbwiof1BpngE.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201598
IP address blocks: 185.69.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:55:1a:b4:22:8b:fc:31:c9:62:39:79:1b:e8:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2edffb521ec739ef18265c8cfe7fdf295d87dcf2
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=871d40a1b379d8c74c6ae00a6f08a87f50699e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:84:08:e5:e2:3e:1c:cd:cf:45:5d:a4:a3:40:
ef:c4:16:d8:16:c7:12:a7:72:8b:02:08:61:17:08:
0a:8c:65:4a:55:eb:ab:1b:ae:70:87:d7:62:94:19:
24:ac:59:63:39:e6:0c:e1:4e:4f:99:02:0e:38:9e:
25:8c:64:81:63:25:2b:33:31:ce:2e:d1:14:d7:1c:
65:da:b9:82:77:0b:2e:81:64:15:51:17:24:7b:0b:
f0:eb:5c:85:5b:f6:26:ae:ea:23:58:ef:21:f5:4a:
f7:55:5f:ea:83:b5:c2:9a:ab:da:38:d5:45:ce:5c:
8a:3b:2f:6f:08:c1:1f:bb:c1:fb:c6:85:af:2b:40:
f6:b6:f0:9f:b3:0e:e5:58:64:fd:a5:96:6f:16:58:
55:8d:6a:26:24:ed:4d:55:2f:9d:3a:1c:92:42:88:
3f:0d:c3:17:d7:9e:9f:e2:65:cf:19:ac:3c:77:db:
8a:4c:84:2e:cd:b1:a2:1d:ce:2c:53:a1:d1:3c:6f:
be:e9:6c:92:aa:e3:6c:cf:b3:87:be:57:c7:77:9a:
60:bd:8e:a8:9a:46:da:8b:1f:01:99:1f:fa:33:24:
e0:13:a0:e7:e7:54:72:04:7d:58:00:4c:25:73:67:
a7:6f:2c:f2:3c:25:7c:ff:c5:6f:03:14:70:36:12:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1D:40:A1:B3:79:D8:C7:4C:6A:E0:0A:6F:08:A8:7F:50:69:9E:01
X509v3 Authority Key Identifier:
keyid:2E:DF:FB:52:1E:C7:39:EF:18:26:5C:8C:FE:7F:DF:29:5D:87:DC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lt_7Uh7HOe8YJlyM_n_fKV2H3PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb10ef-d240-4d68-80c1-41893c4da061/1/hx1AobN52MdMauAKbwiof1BpngE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb10ef-d240-4d68-80c1-41893c4da061/1/Lt_7Uh7HOe8YJlyM_n_fKV2H3PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.172.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:5b:a4:76:f1:61:91:78:26:82:e2:35:e4:8d:6e:8f:54:8f:
2e:06:f4:0c:88:40:97:4b:eb:5f:41:c6:7c:24:bb:d0:d7:f7:
d8:7b:60:0b:5c:1a:3e:4c:03:ff:4e:eb:3e:fd:12:33:dc:41:
9d:83:41:74:6a:4e:f8:2b:19:18:c7:ae:fa:56:a9:95:9c:6f:
2e:d2:95:98:84:9f:23:f3:6d:08:d6:a4:48:3a:ee:2c:f0:c1:
ba:cd:be:b4:e5:d8:02:fe:38:34:e7:a2:92:92:04:46:d1:e7:
f9:ca:97:16:f3:99:95:7a:06:22:45:72:ff:a7:c4:1d:82:71:
99:7a:03:e4:97:6d:c5:1c:e3:63:96:e0:ee:19:a8:5b:ac:a2:
47:0d:aa:81:d3:3f:3b:e4:93:a5:4c:d5:52:4c:36:3a:a9:17:
d3:9f:9f:6b:5b:7f:cc:8b:8a:75:54:6b:79:c1:55:e0:f6:84:
70:e3:b8:98:b2:ca:a7:95:dd:a7:a3:6b:ff:b4:a1:ab:b2:d4:
15:4d:6b:1f:36:f5:3a:45:6a:7c:ed:d0:cf:cc:2f:ba:71:1d:
f4:c5:9a:e6:f8:a1:1b:c6:b5:93:8e:a7:36:ea:a7:77:07:c3:
8d:2f:f7:3c:f4:5c:49:41:8f:b4:88:ef:2b:c6:db:1f:90:36:
44:3f:e5:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1lUatCKL/DHJYjl5G+iTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZGZmYjUyMWVjNzM5ZWYxODI2NWM4Y2ZlN2ZkZjI5NWQ4
N2RjZjIwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFkNDBhMWIzNzlkOGM3NGM2YWUwMGE2ZjA4YTg3ZjUwNjk5ZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIQI5eI+HM3PRV2ko0DvxBbYFscS
p3KLAghhFwgKjGVKVeurG65wh9dilBkkrFljOeYM4U5PmQIOOJ4ljGSBYyUrMzHO
LtEU1xxl2rmCdwsugWQVURckewvw61yFW/YmruojWO8h9Ur3VV/qg7XCmqvaONVF
zlyKOy9vCMEfu8H7xoWvK0D2tvCfsw7lWGT9pZZvFlhVjWomJO1NVS+dOhySQog/
DcMX156f4mXPGaw8d9uKTIQuzbGiHc4sU6HRPG++6WySquNsz7OHvlfHd5pgvY6o
mkbaix8BmR/6MyTgE6Dn51RyBH1YAEwlc2enbyzyPCV8/8VvAxRwNhKZIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcdQKGzedjHTGrgCm8IqH9QaZ4BMB8GA1UdIwQY
MBaAFC7f+1IexznvGCZcjP5/3yldh9zyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHRfN1VoN0hPZThZSmx5TV9uX2ZLVjJIM1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjEwZWYtZDI0MC00ZDY4LTgwYzEt
NDE4OTNjNGRhMDYxLzEvaHgxQW9iTjUyTWRNYXVBS2J3aW9mMUJwbmdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjEwZWYtZDI0MC00ZDY4LTgwYzEtNDE4OTNjNGRhMDYx
LzEvTHRfN1VoN0hPZThZSmx5TV9uX2ZLVjJIM1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUWsMA0G
CSqGSIb3DQEBCwUAA4IBAQA6W6R28WGReCaC4jXkjW6PVI8uBvQMiECXS+tfQcZ8
JLvQ1/fYe2ALXBo+TAP/Tus+/RIz3EGdg0F0ak74KxkYx676VqmVnG8u0pWYhJ8j
820I1qRIOu4s8MG6zb605dgC/jg056KSkgRG0ef5ypcW85mVegYiRXL/p8QdgnGZ
egPkl23FHONjluDuGahbrKJHDaqB0z875JOlTNVSTDY6qRfTn59rW3/Mi4p1VGt5
wVXg9oRw47iYssqnld2no2v/tKGrstQVTWsfNvU6RWp87dDPzC+6cR30xZrm+KEb
xrWTjqc26qd3B8ONL/c89FxJQY+0iO8rxtsfkDZEP+Ws
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:50:34 2025 by rpki-client