Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/Hvxuzsj6EczQMtzXmG3ZXMTDSzY.roa
File: Hvxuzsj6EczQMtzXmG3ZXMTDSzY.roa (raw, json)
Hash identifier: IsEfb4XnUiiJKA1AVKZnGfwgI7NGrVN9fX4TxNoqt/g=
Subject key identifier: 1E:FC:6E:CE:C8:FA:11:CC:D0:32:DC:D7:98:6D:D9:5C:C4:C3:4B:36
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 019426D97D0120E242DE80F6FB138140CFF2
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/Hvxuzsj6EczQMtzXmG3ZXMTDSzY.roa
Signing time: Thu 02 Jan 2025 11:49:34 +0000
ROA not before: Thu 02 Jan 2025 11:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39622
IP address blocks: 193.168.140.0/24 maxlen: 24
193.168.141.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
194.5.248.0/24 maxlen: 24
194.5.249.0/24 maxlen: 24
194.5.250.0/24 maxlen: 24
194.5.251.0/24 maxlen: 24
2a0c:b0c0::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7d:01:20:e2:42:de:80:f6:fb:13:81:40:cf:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Jan 2 11:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1efc6ecec8fa11ccd032dcd7986dd95cc4c34b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c9:8a:5b:e4:7f:be:73:7f:83:f3:06:25:e6:
d2:49:c4:37:b8:c6:36:15:5c:7e:36:e1:96:ff:2f:
22:84:ea:df:68:35:10:42:17:cd:1c:94:ef:71:2b:
1b:71:72:01:1b:95:1c:a2:8c:af:92:6f:7d:d9:ee:
57:ce:d8:a0:01:75:6a:ac:1c:6f:92:9a:0f:32:04:
34:c1:92:30:fd:63:b2:9f:c1:8c:af:7e:f8:d5:a0:
92:6f:d5:d6:4f:99:dd:a5:15:25:50:5f:c8:a3:1f:
18:2f:0b:0f:af:72:cc:2b:cc:ae:a6:20:14:81:96:
cc:3a:8c:8b:85:08:75:61:38:d3:06:fb:e6:cf:ea:
cb:06:92:90:7a:6b:28:bf:26:6c:0b:54:86:17:06:
0c:0a:2b:81:62:0a:3e:7a:72:fe:1d:0d:13:18:48:
25:fe:a9:eb:92:15:9e:60:b5:0e:0b:55:dd:e0:e3:
d5:31:72:5d:a3:c3:c0:5e:a5:0a:10:1e:c5:9d:36:
10:11:44:64:1d:71:25:c5:98:0e:a8:6e:c6:c2:41:
2a:05:e0:7e:1d:44:55:3f:ce:ab:b2:a4:9e:0a:5d:
61:9e:e8:f2:9f:3f:c3:e0:ee:a1:41:55:87:1e:2b:
9c:9b:b2:77:0a:1d:e7:27:32:95:10:91:8e:a4:57:
6e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FC:6E:CE:C8:FA:11:CC:D0:32:DC:D7:98:6D:D9:5C:C4:C3:4B:36
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/Hvxuzsj6EczQMtzXmG3ZXMTDSzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.140.0/22
194.5.248.0/22
IPv6:
2a0c:b0c0::/31
Signature Algorithm: sha256WithRSAEncryption
88:cf:ef:52:99:b9:71:be:48:d0:8a:41:07:12:4f:32:67:76:
df:66:55:37:7c:3d:a6:f2:6f:a5:88:b4:3b:db:17:c4:44:fc:
ac:d7:e8:30:b3:f6:e4:27:55:f0:41:93:31:81:96:da:68:bb:
91:55:dc:67:87:47:7b:98:22:f4:4a:28:ff:97:04:05:b9:87:
98:0a:38:d0:0c:58:52:d4:f4:4c:6a:11:70:3d:be:5d:e1:ed:
c7:f6:3f:01:42:62:52:c4:6d:91:b3:17:d0:ff:dd:af:9f:dc:
95:8d:55:d6:27:4a:7d:fc:3e:09:d2:2a:71:67:23:79:cf:75:
ef:55:71:92:22:4c:d4:cb:59:af:69:a3:c2:cf:ef:3a:82:7e:
5d:89:d9:aa:28:00:ae:cb:7e:c7:ab:9b:df:cd:2e:12:45:22:
e4:72:29:b1:79:2e:88:2e:8a:a5:95:87:e7:d8:8d:19:47:d9:
cd:f7:da:01:5b:28:27:a6:e7:a3:82:6c:bb:7b:eb:bd:de:6c:
ff:64:24:b5:17:27:e6:b5:ec:ad:72:5e:25:3f:ad:0e:fe:c3:
93:0e:55:40:53:aa:dd:f1:a6:00:88:c5:51:ac:ca:11:1d:47:
b1:3f:25:74:6d:50:14:b6:bf:be:6e:4d:8f:c0:be:32:00:60:
4f:c5:8a:23
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2X0BIOJC3oD2+xOBQM/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTA2OWE1ZDc2NGRhMjU1OTU0ZGIyZWU5ZDEyNDNkZTE2
YjkxMDEwHhcNMjUwMTAyMTE0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZjNmVjZWM4ZmExMWNjZDAzMmRjZDc5ODZkZDk1Y2M0YzM0YjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8mKW+R/vnN/g/MGJebSScQ3uMY2
FVx+NuGW/y8ihOrfaDUQQhfNHJTvcSsbcXIBG5Ucooyvkm992e5XztigAXVqrBxv
kpoPMgQ0wZIw/WOyn8GMr3741aCSb9XWT5ndpRUlUF/Iox8YLwsPr3LMK8yupiAU
gZbMOoyLhQh1YTjTBvvmz+rLBpKQemsovyZsC1SGFwYMCiuBYgo+enL+HQ0TGEgl
/qnrkhWeYLUOC1Xd4OPVMXJdo8PAXqUKEB7FnTYQEURkHXElxZgOqG7GwkEqBeB+
HURVP86rsqSeCl1hnujynz/D4O6hQVWHHiucm7J3Ch3nJzKVEJGOpFduZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB78bs7I+hHM0DLc15ht2VzEw0s2MB8GA1UdIwQY
MBaAFJJQaaXXZNolWVTbLunRJD3ha5EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTkt
YTliOGRlNjExYTk2LzEvSHZ4dXpzajZFY3pRTXR6WG1HM1pYTVREU3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTktYTliOGRlNjExYTk2
LzEva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwaiMAwQC
wgX4MA0EAgACMAcDBQEqDLDAMA0GCSqGSIb3DQEBCwUAA4IBAQCIz+9SmblxvkjQ
ikEHEk8yZ3bfZlU3fD2m8m+liLQ72xfERPys1+gws/bkJ1XwQZMxgZbaaLuRVdxn
h0d7mCL0Sij/lwQFuYeYCjjQDFhS1PRMahFwPb5d4e3H9j8BQmJSxG2RsxfQ/92v
n9yVjVXWJ0p9/D4J0ipxZyN5z3XvVXGSIkzUy1mvaaPCz+86gn5didmqKACuy37H
q5vfzS4SRSLkcimxeS6ILoqllYfn2I0ZR9nN99oBWygnpuejgmy7e+u93mz/ZCS1
Fyfmteytcl4lP60O/sOTDlVAU6rd8aYAiMVRrMoRHUexPyV0bVAUtr++bk2PwL4y
AGBPxYoj
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:01:29 2025 by rpki-client