Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/HMayfNdgxzPgTIksbOz-A7oqLCk.roa
File: HMayfNdgxzPgTIksbOz-A7oqLCk.roa (raw, json)
Hash identifier: 3k2Q130datVFrgfiHucYcHqZP3tKnpk1Z1BK3tttEV8=
Subject key identifier: 1C:C6:B2:7C:D7:60:C7:33:E0:4C:89:2C:6C:EC:FE:03:BA:2A:2C:29
Certificate issuer: /CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Certificate serial: 0196192671A51EB2B5B280007363BA228D02
Authority key identifier: E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/HMayfNdgxzPgTIksbOz-A7oqLCk.roa
Signing time: Wed 09 Apr 2025 06:04:31 +0000
ROA not before: Wed 09 Apr 2025 06:04:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57119
IP address blocks: 149.62.152.0/21 maxlen: 21
149.62.154.0/24 maxlen: 24
185.64.148.0/22 maxlen: 22
185.64.148.0/23 maxlen: 23
185.64.149.0/24 maxlen: 24
185.64.150.0/24 maxlen: 24
185.64.151.0/24 maxlen: 24
2a02:7680::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:26:71:a5:1e:b2:b5:b2:80:00:73:63:ba:22:8d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Validity
Not Before: Apr 9 06:04:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cc6b27cd760c733e04c892c6cecfe03ba2a2c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:65:cb:77:35:99:b7:70:91:be:02:d7:5b:83:
fb:12:35:d3:9d:6c:ef:27:3e:b2:7b:f4:45:fd:09:
42:d2:58:a6:6c:9e:ab:a1:0a:f7:a0:f4:93:36:67:
f3:ac:bf:b0:e4:73:08:73:00:0f:70:80:ac:a0:ae:
dc:71:a7:ec:12:c1:2c:f4:e2:08:2e:bf:59:db:57:
37:bd:a1:3c:2f:33:4f:80:6d:2c:a3:8c:75:54:c0:
73:be:be:fe:6a:67:8b:86:07:ca:83:66:9b:0f:aa:
27:6b:94:48:39:6a:73:17:eb:36:a7:4a:49:89:99:
4b:4e:ab:9b:0c:cd:83:b4:04:ce:39:c1:0b:49:cb:
f5:dd:9f:68:30:c9:05:4b:12:8f:81:9d:d4:bb:25:
f0:00:ae:f8:71:44:e4:e3:c1:41:ab:15:89:c6:74:
dc:53:95:e2:48:02:f0:f1:64:62:4b:61:fa:1f:8a:
6f:41:3f:13:40:57:78:b1:f7:9b:71:e8:64:38:e1:
4d:94:e5:56:e7:e7:84:46:c2:5f:97:55:09:17:f3:
cd:71:7d:84:95:da:77:63:a1:33:a3:9d:02:ab:45:
9b:11:ad:70:90:12:70:f7:69:a0:93:67:c5:19:37:
6d:f7:63:c4:53:67:37:21:12:cc:4c:21:db:d2:9e:
23:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C6:B2:7C:D7:60:C7:33:E0:4C:89:2C:6C:EC:FE:03:BA:2A:2C:29
X509v3 Authority Key Identifier:
keyid:E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/HMayfNdgxzPgTIksbOz-A7oqLCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/5BqMQuzom1-_whDce1VMcupPNUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.152.0/21
185.64.148.0/22
IPv6:
2a02:7680::/32
Signature Algorithm: sha256WithRSAEncryption
c2:58:88:3b:63:72:5f:65:17:b9:4a:00:5f:18:fb:cf:c4:5d:
56:15:2e:1d:28:84:78:98:03:82:59:ca:ff:60:d6:6c:41:f0:
72:64:c1:3a:63:39:ad:da:eb:37:0d:68:e6:4a:b0:d3:61:3a:
1f:44:17:42:f5:82:e5:e4:4f:40:8b:6f:77:62:0e:12:1f:37:
df:8c:41:9f:f1:6e:01:fe:3f:90:fc:57:e0:cc:b7:04:d2:c4:
67:82:a3:22:57:35:47:ea:4d:54:d1:05:17:1d:21:2b:bb:eb:
4a:4a:61:5f:da:a0:e2:1f:f1:bb:53:57:c1:2b:d9:8d:9f:2e:
62:5d:5f:64:83:5e:fc:03:06:36:8b:cc:be:35:54:96:7d:66:
e5:98:1f:76:94:62:9e:01:52:d8:e2:7d:19:b8:ee:ec:cd:4e:
09:4d:62:91:b9:f7:92:0b:73:ff:4d:a4:41:ac:03:75:7b:ca:
85:68:83:29:d2:47:7b:bc:5a:61:0d:07:3a:30:d4:25:97:14:
48:4f:b9:bb:46:0e:94:3a:b0:15:72:7f:42:9f:84:8d:0a:5a:
e6:da:36:e3:1f:e9:99:f5:e7:ea:60:b5:b3:cd:2f:2a:16:06:
e2:24:c6:b2:c3:40:b0:f4:2a:3d:84:3b:ee:1b:ac:e1:3a:2b:
52:7d:c5:2e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZYZJnGlHrK1soAAc2O6Io0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MWE4YzQyZWNlODliNWZiZmMyMTBkYzdiNTU0YzcyZWE0
ZjM1NDQwHhcNMjUwNDA5MDYwNDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M2YjI3Y2Q3NjBjNzMzZTA0Yzg5MmM2Y2VjZmUwM2JhMmEyYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGXLdzWZt3CRvgLXW4P7EjXTnWzv
Jz6ye/RF/QlC0limbJ6roQr3oPSTNmfzrL+w5HMIcwAPcICsoK7ccafsEsEs9OII
Lr9Z21c3vaE8LzNPgG0so4x1VMBzvr7+ameLhgfKg2abD6ona5RIOWpzF+s2p0pJ
iZlLTqubDM2DtATOOcELScv13Z9oMMkFSxKPgZ3UuyXwAK74cUTk48FBqxWJxnTc
U5XiSALw8WRiS2H6H4pvQT8TQFd4sfebcehkOOFNlOVW5+eERsJfl1UJF/PNcX2E
ldp3Y6Ezo50Cq0WbEa1wkBJw92mgk2fFGTdt92PEU2c3IRLMTCHb0p4jmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBzGsnzXYMcz4EyJLGzs/gO6KiwpMB8GA1UdIwQY
MBaAFOQajELs6Jtfv8IQ3HtVTHLqTzVEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJxTVF1em9tMS1fd2hEY2UxVk1jdXBQTlVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kMTljMmQtMzhjMy00NTI2LWE3Y2Yt
MWQ2NjZjNDIyYzZhLzEvSE1heWZOZGd4elBnVElrc2JPei1BN29xTENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kMTljMmQtMzhjMy00NTI2LWE3Y2YtMWQ2NjZjNDIyYzZh
LzEvNUJxTVF1em9tMS1fd2hEY2UxVk1jdXBQTlVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDlT6YAwQC
uUCUMA0EAgACMAcDBQAqAnaAMA0GCSqGSIb3DQEBCwUAA4IBAQDCWIg7Y3JfZRe5
SgBfGPvPxF1WFS4dKIR4mAOCWcr/YNZsQfByZME6Yzmt2us3DWjmSrDTYTofRBdC
9YLl5E9Ai293Yg4SHzffjEGf8W4B/j+Q/FfgzLcE0sRngqMiVzVH6k1U0QUXHSEr
u+tKSmFf2qDiH/G7U1fBK9mNny5iXV9kg178AwY2i8y+NVSWfWblmB92lGKeAVLY
4n0ZuO7szU4JTWKRufeSC3P/TaRBrAN1e8qFaIMp0kd7vFphDQc6MNQllxRIT7m7
Rg6UOrAVcn9Cn4SNClrm2jbjH+mZ9efqYLWzzS8qFgbiJMayw0Cw9Co9hDvuG6zh
OitSfcUu
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net