Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/Hpq861GqA5RqLih08GH13MdllW0.roa
File: Hpq861GqA5RqLih08GH13MdllW0.roa (raw, json)
Hash identifier: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=
Subject key identifier: 1E:9A:BC:EB:51:AA:03:94:6A:2E:28:74:F0:61:F5:DC:C7:65:95:6D
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 019425216CD569D5B51CDE0C0259F0F05D14
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/Hpq861GqA5RqLih08GH13MdllW0.roa
Signing time: Thu 02 Jan 2025 03:48:55 +0000
ROA not before: Thu 02 Jan 2025 03:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208988
IP address blocks: 31.214.150.0/23 maxlen: 23
37.10.68.0/23 maxlen: 23
37.10.110.0/23 maxlen: 23
62.221.228.0/22 maxlen: 22
85.190.184.0/21 maxlen: 21
85.222.208.0/20 maxlen: 20
91.208.17.0/24 maxlen: 24
94.126.36.0/22 maxlen: 22
109.169.120.0/21 maxlen: 21
128.0.120.0/23 maxlen: 23
185.44.4.0/22 maxlen: 22
185.50.108.0/22 maxlen: 22
185.68.240.0/22 maxlen: 22
185.123.4.0/22 maxlen: 22
185.125.232.0/22 maxlen: 22
185.195.120.0/22 maxlen: 22
2a01:71a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6c:d5:69:d5:b5:1c:de:0c:02:59:f0:f0:5d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Jan 2 03:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e9abceb51aa03946a2e2874f061f5dcc765956d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e2:c0:11:98:c5:b0:1a:96:13:42:7c:ec:c8:
81:5b:c3:c1:6d:75:a6:f3:f3:2c:f2:74:ff:09:e6:
3e:46:cc:b2:e2:b9:a8:af:61:2e:7a:11:27:36:fe:
73:cb:cc:67:56:f5:20:a5:f8:f0:da:50:48:cf:0f:
16:8a:ff:c8:88:82:f4:cf:cf:b8:94:34:8d:9f:04:
e0:9b:15:fd:6c:13:4b:bb:ba:c2:58:3c:55:48:e8:
c0:60:a9:82:7a:b6:7e:5f:cc:e0:38:5e:14:a0:d7:
1a:d9:92:da:ae:d7:cd:17:9d:47:59:2d:63:c1:67:
14:3a:fe:be:dc:d6:df:7e:a9:c9:53:4c:5e:de:d7:
48:60:be:b3:25:73:1a:a4:05:01:3c:d9:bc:9e:77:
fc:e7:c4:1f:72:87:61:8d:b2:69:b0:8f:f2:03:f1:
66:fe:22:82:bf:cd:4a:e1:5d:22:57:91:19:dc:c5:
d1:99:a7:da:34:9d:6b:59:d8:51:da:30:fe:0a:eb:
fe:ca:83:85:8b:33:ce:99:f7:bf:2e:22:3d:77:fd:
3b:65:91:42:51:f1:bd:02:08:8f:dd:1b:2d:42:c1:
d9:f9:8a:c1:41:d6:81:23:f8:34:b0:da:52:49:e7:
ca:ec:c3:90:07:f9:72:4e:a3:59:87:a1:7a:26:78:
13:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9A:BC:EB:51:AA:03:94:6A:2E:28:74:F0:61:F5:DC:C7:65:95:6D
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/Hpq861GqA5RqLih08GH13MdllW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.150.0/23
37.10.68.0/23
37.10.110.0/23
62.221.228.0/22
85.190.184.0/21
85.222.208.0/20
91.208.17.0/24
94.126.36.0/22
109.169.120.0/21
128.0.120.0/23
185.44.4.0/22
185.50.108.0/22
185.68.240.0/22
185.123.4.0/22
185.125.232.0/22
185.195.120.0/22
IPv6:
2a01:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
78:44:c2:02:fe:72:c8:3c:47:75:cb:c8:45:3e:22:02:92:72:
55:92:35:59:95:d7:c7:62:3f:80:8f:ad:78:40:dd:08:07:1e:
93:04:89:1a:cc:e1:96:f3:74:51:90:eb:94:52:21:f4:bb:32:
0d:2d:df:71:52:c1:8c:7d:6e:bc:e1:ff:a6:c9:90:71:ba:93:
b0:31:61:62:e6:e7:1c:52:e3:22:af:b3:d7:17:69:a2:54:03:
e3:59:34:60:ee:65:79:2e:d7:99:c4:15:10:10:cf:67:86:c8:
49:d2:f4:ce:f2:92:f0:e6:02:7c:a5:2c:31:6a:4d:68:f2:7d:
83:e2:64:45:22:81:76:be:ec:c8:d9:83:6a:b4:3d:bc:bf:51:
ca:84:d4:24:0c:f5:82:58:cc:db:fc:ad:dd:84:97:39:12:33:
c7:6f:bd:0e:0a:70:71:0b:ae:fb:de:30:db:25:6a:27:b0:1f:
80:28:14:05:05:d0:17:ec:52:66:5d:06:17:40:d2:7e:3b:88:
e1:55:cd:c1:8a:62:7c:31:52:3c:44:ac:f6:4f:6f:fa:b4:de:
d2:4d:be:e6:49:04:b1:44:1d:0f:17:39:47:ae:35:69:03:00:
e7:f7:da:1e:7c:b8:f8:ee:e9:a7:8d:52:4c:14:40:a1:54:1d:
b6:27:ce:e3
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZQlIWzVadW1HN4MAlnw8F0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjUwMTAyMDM0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTlhYmNlYjUxYWEwMzk0NmEyZTI4NzRmMDYxZjVkY2M3NjU5NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eLAEZjFsBqWE0J87MiBW8PBbXWm
8/Ms8nT/CeY+Rsyy4rmor2EuehEnNv5zy8xnVvUgpfjw2lBIzw8Wiv/IiIL0z8+4
lDSNnwTgmxX9bBNLu7rCWDxVSOjAYKmCerZ+X8zgOF4UoNca2ZLartfNF51HWS1j
wWcUOv6+3NbffqnJU0xe3tdIYL6zJXMapAUBPNm8nnf858QfcodhjbJpsI/yA/Fm
/iKCv81K4V0iV5EZ3MXRmafaNJ1rWdhR2jD+Cuv+yoOFizPOmfe/LiI9d/07ZZFC
UfG9AgiP3RstQsHZ+YrBQdaBI/g0sNpSSefK7MOQB/lyTqNZh6F6JngTLwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFB6avOtRqgOUai4odPBh9dzHZZVtMB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvSHBxODYxR3FBNVJxTGloMDhHSDEzTWRsbFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAR/WlgME
ASUKRAMEASUKbgMEAj7d5AMEA1W+uAMEBFXe0AMEAFvQEQMEAl5+JAMEA22peAME
AYAAeAMEArksBAMEArkybAMEArlE8AMEArl7BAMEArl96AMEArnDeDANBAIAAjAH
AwUAKgFxoDANBgkqhkiG9w0BAQsFAAOCAQEAeETCAv5yyDxHdcvIRT4iApJyVZI1
WZXXx2I/gI+teEDdCAcekwSJGszhlvN0UZDrlFIh9LsyDS3fcVLBjH1uvOH/psmQ
cbqTsDFhYubnHFLjIq+z1xdpolQD41k0YO5leS7XmcQVEBDPZ4bISdL0zvKS8OYC
fKUsMWpNaPJ9g+JkRSKBdr7syNmDarQ9vL9RyoTUJAz1gljM2/yt3YSXORIzx2+9
DgpwcQuu+94w2yVqJ7AfgCgUBQXQF+xSZl0GF0DSfjuI4VXNwYpifDFSPESs9k9v
+rTe0k2+5kkEsUQdDxc5R641aQMA5/faHny4+O7pp41STBRAoVQdtifO4w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:51 2025 by rpki-client on console.sobornost.net