Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/HM44YU_keUzYw0-k8-_A-z_iUEg.roa
File: HM44YU_keUzYw0-k8-_A-z_iUEg.roa (raw, json)
Hash identifier: SXS4UlPdGWp6+QLYLhTDdcpIKj693zGOOUmfQDbJfCI=
Subject key identifier: 1C:CE:38:61:4F:E4:79:4C:D8:C3:4F:A4:F3:EF:C0:FB:3F:E2:50:48
Certificate issuer: /CN=40339d304499d069aecd8bd0e8fba02e522f576a
Certificate serial: 0194266C05732B69B0F5FF020F343327C267
Authority key identifier: 40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/HM44YU_keUzYw0-k8-_A-z_iUEg.roa
Signing time: Thu 02 Jan 2025 09:50:00 +0000
ROA not before: Thu 02 Jan 2025 09:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52063
IP address blocks: 46.254.184.0/21 maxlen: 24
185.109.116.0/22 maxlen: 24
2a00:9400::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:05:73:2b:69:b0:f5:ff:02:0f:34:33:27:c2:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40339d304499d069aecd8bd0e8fba02e522f576a
Validity
Not Before: Jan 2 09:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cce38614fe4794cd8c34fa4f3efc0fb3fe25048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3d:d9:49:92:f0:38:e0:c3:e5:50:c2:82:18:
78:4c:e9:7d:1c:9b:05:c6:8e:1e:ca:83:a4:2a:76:
54:3b:50:54:72:70:e9:1b:0e:f0:00:71:de:93:e5:
b9:c0:08:62:10:db:04:0d:ef:3a:d5:09:df:c4:0d:
16:85:a1:97:ac:0e:09:fc:9f:eb:40:de:89:db:e8:
f2:59:19:ae:a9:d8:85:b4:5d:05:e2:34:25:b4:66:
43:2d:84:22:26:d5:60:70:de:44:8a:bd:f4:10:1e:
78:d1:ce:1a:a3:21:d2:2a:6f:ee:e9:f1:49:20:61:
00:9e:20:cf:12:9f:66:6d:0a:70:99:8d:e5:4a:ad:
4e:e0:8f:92:2b:0e:35:65:94:2e:1a:7a:2a:f3:0a:
7d:c4:5a:ca:08:71:43:14:7a:c5:80:82:be:a7:d9:
7e:b6:12:78:48:58:d6:d3:70:af:c5:88:4b:67:91:
48:d6:50:1d:76:26:a3:73:a8:d6:2f:21:af:c0:92:
1f:e9:2e:c0:c9:5c:21:e0:14:bc:9b:94:94:54:ca:
63:40:83:64:a4:14:93:ad:c7:54:cf:38:59:b9:81:
e2:25:33:60:bc:76:a6:97:b7:f1:9c:dc:79:16:ef:
03:44:52:d3:e6:61:95:ef:29:66:f2:67:04:e1:e0:
de:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CE:38:61:4F:E4:79:4C:D8:C3:4F:A4:F3:EF:C0:FB:3F:E2:50:48
X509v3 Authority Key Identifier:
keyid:40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/HM44YU_keUzYw0-k8-_A-z_iUEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/QDOdMESZ0GmuzYvQ6PugLlIvV2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.184.0/21
185.109.116.0/22
IPv6:
2a00:9400::/32
Signature Algorithm: sha256WithRSAEncryption
4b:9e:d5:23:fd:7f:42:1c:e0:0b:c6:60:51:9d:e4:8c:23:68:
dc:26:be:fd:03:c6:e5:96:0d:88:46:e8:7d:96:2f:1d:ec:ac:
e5:bb:16:c4:78:b2:3c:67:e2:49:d3:fe:d0:d9:9e:f8:de:4c:
e4:4b:cb:c1:99:09:83:7e:d1:f3:a3:18:55:c4:dc:66:f7:ac:
cd:6c:d8:22:3b:37:7b:2a:61:9c:67:38:95:59:72:7f:c7:39:
ad:80:a4:61:ed:7c:7a:d9:65:93:6b:d3:f5:ec:30:9b:ee:84:
b5:21:01:02:e2:f3:e1:ea:af:1f:5c:03:e7:68:81:87:ce:dd:
78:ac:83:1f:df:7f:86:23:f4:e1:33:6f:b0:9a:3d:3d:d6:f0:
0e:89:d2:3f:26:94:21:cf:6f:7f:22:1e:cf:ff:d7:2d:f4:25:
2a:6c:50:9b:26:eb:05:4c:31:fe:29:46:e7:cb:55:ac:48:23:
13:38:41:18:ef:bc:8a:22:6f:49:70:15:be:5e:f2:50:8a:8b:
9d:b3:cf:60:7a:e8:a4:35:93:ce:df:6a:8f:90:06:c0:86:36:
1f:aa:ba:86:25:55:32:bc:22:71:3d:e0:88:fb:e3:5a:ed:5a:
e1:05:0b:a6:7b:c3:62:4a:f8:d2:3d:35:ca:4a:63:d4:24:87:
5c:30:3a:8d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQmbAVzK2mw9f8CDzQzJ8JnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMzM5ZDMwNDQ5OWQwNjlhZWNkOGJkMGU4ZmJhMDJlNTIy
ZjU3NmEwHhcNMjUwMTAyMDk1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2NlMzg2MTRmZTQ3OTRjZDhjMzRmYTRmM2VmYzBmYjNmZTI1MDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD3ZSZLwOODD5VDCghh4TOl9HJsF
xo4eyoOkKnZUO1BUcnDpGw7wAHHek+W5wAhiENsEDe861QnfxA0WhaGXrA4J/J/r
QN6J2+jyWRmuqdiFtF0F4jQltGZDLYQiJtVgcN5Eir30EB540c4aoyHSKm/u6fFJ
IGEAniDPEp9mbQpwmY3lSq1O4I+SKw41ZZQuGnoq8wp9xFrKCHFDFHrFgIK+p9l+
thJ4SFjW03CvxYhLZ5FI1lAddiajc6jWLyGvwJIf6S7AyVwh4BS8m5SUVMpjQINk
pBSTrcdUzzhZuYHiJTNgvHaml7fxnNx5Fu8DRFLT5mGV7ylm8mcE4eDeuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBzOOGFP5HlM2MNPpPPvwPs/4lBIMB8GA1UdIwQY
MBaAFEAznTBEmdBprs2L0Oj7oC5SL1dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgt
MDMxZTU4OTA1OTIzLzEvSE00NFlVX2tlVXpZdzAtazgtX0Etel9pVUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgtMDMxZTU4OTA1OTIz
LzEvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv64AwQC
uW10MA0EAgACMAcDBQAqAJQAMA0GCSqGSIb3DQEBCwUAA4IBAQBLntUj/X9CHOAL
xmBRneSMI2jcJr79A8bllg2IRuh9li8d7KzluxbEeLI8Z+JJ0/7Q2Z743kzkS8vB
mQmDftHzoxhVxNxm96zNbNgiOzd7KmGcZziVWXJ/xzmtgKRh7Xx62WWTa9P17DCb
7oS1IQEC4vPh6q8fXAPnaIGHzt14rIMf33+GI/ThM2+wmj091vAOidI/JpQhz29/
Ih7P/9ct9CUqbFCbJusFTDH+KUbny1WsSCMTOEEY77yKIm9JcBW+XvJQiouds89g
euikNZPO32qPkAbAhjYfqrqGJVUyvCJxPeCI++Na7VrhBQume8NiSvjSPTXKSmPU
JIdcMDqN
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:47 2025 by rpki-client on console.sobornost.net