Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/hpIZj1aNVGCRsSVDc00BaExDrD4.roa
File: hpIZj1aNVGCRsSVDc00BaExDrD4.roa (raw, json)
Hash identifier: 8bGQ2/PFRjS1aWZOpnSHBKRNTQbhLOIjn95p+sx+IoY=
Subject key identifier: 86:92:19:8F:56:8D:54:60:91:B1:25:43:73:4D:01:68:4C:43:AC:3E
Certificate issuer: /CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Certificate serial: 0194258F7D830FB2CBBDACB3BD8348F5D46F
Authority key identifier: 78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/hpIZj1aNVGCRsSVDc00BaExDrD4.roa
Signing time: Thu 02 Jan 2025 05:49:08 +0000
ROA not before: Thu 02 Jan 2025 05:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51978
IP address blocks: 46.30.112.0/21 maxlen: 21
46.35.32.0/20 maxlen: 20
64.190.238.0/23 maxlen: 23
82.180.64.0/18 maxlen: 18
130.193.112.0/21 maxlen: 21
185.8.136.0/22 maxlen: 22
194.182.192.0/19 maxlen: 19
194.182.200.0/22 maxlen: 22
2a03:b580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7d:83:0f:b2:cb:bd:ac:b3:bd:83:48:f5:d4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Validity
Not Before: Jan 2 05:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8692198f568d546091b12543734d01684c43ac3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9d:53:6d:15:13:fa:f6:90:00:3c:40:6d:6d:
f7:5c:78:27:66:a8:65:82:2e:ec:1e:f1:dd:92:2a:
98:31:da:a8:54:c1:81:44:1a:e5:72:38:4b:94:fc:
79:38:4b:56:97:74:fe:4e:d8:f2:b1:0e:0f:4c:71:
c4:58:9d:d8:e7:5d:38:4e:89:f3:67:33:3d:7b:df:
08:cc:39:62:ef:bb:be:73:33:af:d9:0a:57:eb:21:
46:6d:1f:b6:4c:74:76:84:dc:70:81:ab:30:92:e4:
41:ea:8a:cf:d4:53:0d:f3:1b:50:9f:27:bf:6f:da:
50:34:b2:cd:d8:6d:90:89:6d:d7:c1:ce:69:c3:1d:
7c:bd:9a:5f:3a:02:ab:56:af:4f:0a:99:ef:d9:76:
f8:cf:37:f7:e5:f3:a7:be:5d:42:01:11:95:64:29:
79:79:8e:18:d4:67:19:86:6d:49:3e:f1:62:7e:c4:
70:49:01:a4:0f:2a:a3:5d:c7:1f:54:5e:c6:80:c8:
56:40:e9:22:3f:8c:e4:9e:f5:cd:25:b3:6a:4f:bd:
b4:13:7a:7d:c5:4b:89:cc:15:6c:87:88:67:55:6b:
b6:a5:8d:3e:70:28:96:54:c6:74:e8:23:e1:e4:d4:
21:9f:d4:3d:1a:27:21:55:31:cf:3e:5a:c7:b1:ce:
bb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:92:19:8F:56:8D:54:60:91:B1:25:43:73:4D:01:68:4C:43:AC:3E
X509v3 Authority Key Identifier:
keyid:78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/hpIZj1aNVGCRsSVDc00BaExDrD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/eKTE6u9v4XBWmLAOYZFWd6L7jVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.112.0/21
46.35.32.0/20
64.190.238.0/23
82.180.64.0/18
130.193.112.0/21
185.8.136.0/22
194.182.192.0/19
IPv6:
2a03:b580::/32
Signature Algorithm: sha256WithRSAEncryption
bc:99:68:bf:38:f4:4e:99:2e:3e:11:c6:98:08:dd:76:3f:9a:
97:aa:c8:9f:71:23:15:ea:82:7c:66:69:74:06:95:f6:4d:07:
01:cf:6e:70:1d:55:7b:01:3f:aa:1a:2b:4e:f6:33:e8:8d:be:
5a:4d:3b:b6:46:c2:09:05:44:0d:34:90:11:6b:3e:de:e2:3c:
ce:df:a8:98:e2:8c:1b:17:28:26:e5:48:cd:2a:dd:fe:5c:f7:
b8:b2:cd:72:1c:01:34:37:73:1a:5f:24:d2:97:7e:9a:cb:04:
e9:1e:31:45:5a:a2:d3:f1:d1:30:77:9c:0c:91:80:25:3a:6f:
3b:41:27:d2:9e:81:3f:c3:6f:ff:0f:3b:91:04:eb:7d:33:fe:
ec:24:e5:da:02:00:c3:51:cd:93:10:49:3a:6c:3b:57:de:26:
94:52:6c:ad:1c:82:0f:a4:02:d3:76:6b:10:a8:1f:15:1c:db:
3c:5a:b8:a8:da:81:d2:df:fa:72:a3:79:80:fb:26:d8:d7:d6:
d7:db:9e:0c:73:01:e6:83:1b:21:80:b6:6f:c7:52:15:6c:46:
ad:07:6d:84:16:a9:c7:45:0f:cf:9a:4a:97:74:c6:e1:26:92:
a1:54:ad:a0:d9:9b:4b:5a:ac:a7:51:8f:2c:88:75:4a:2a:95:
73:6c:31:60
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQlj32DD7LLvayzvYNI9dRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YTRjNGVhZWY2ZmUxNzA1Njk4YjAwZTYxOTE1Njc3YTJm
YjhkNWIwHhcNMjUwMTAyMDU0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkyMTk4ZjU2OGQ1NDYwOTFiMTI1NDM3MzRkMDE2ODRjNDNhYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp1TbRUT+vaQADxAbW33XHgnZqhl
gi7sHvHdkiqYMdqoVMGBRBrlcjhLlPx5OEtWl3T+TtjysQ4PTHHEWJ3Y5104Tonz
ZzM9e98IzDli77u+czOv2QpX6yFGbR+2THR2hNxwgaswkuRB6orP1FMN8xtQnye/
b9pQNLLN2G2QiW3Xwc5pwx18vZpfOgKrVq9PCpnv2Xb4zzf35fOnvl1CARGVZCl5
eY4Y1GcZhm1JPvFifsRwSQGkDyqjXccfVF7GgMhWQOkiP4zknvXNJbNqT720E3p9
xUuJzBVsh4hnVWu2pY0+cCiWVMZ06CPh5NQhn9Q9GichVTHPPlrHsc67pQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIaSGY9WjVRgkbElQ3NNAWhMQ6w+MB8GA1UdIwQY
MBaAFHikxOrvb+FwVpiwDmGRVnei+41bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzct
NDI5MzA3ZjI0MzIwLzEvaHBJWmoxYU5WR0NSc1NWRGMwMEJhRXhEckQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzctNDI5MzA3ZjI0MzIw
LzEvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLh5wAwQE
LiMgAwQBQL7uAwQGUrRAAwQDgsFwAwQCuQiIAwQFwrbAMA0EAgACMAcDBQAqA7WA
MA0GCSqGSIb3DQEBCwUAA4IBAQC8mWi/OPROmS4+EcaYCN12P5qXqsifcSMV6oJ8
Zml0BpX2TQcBz25wHVV7AT+qGitO9jPojb5aTTu2RsIJBUQNNJARaz7e4jzO36iY
4owbFygm5UjNKt3+XPe4ss1yHAE0N3MaXyTSl36aywTpHjFFWqLT8dEwd5wMkYAl
Om87QSfSnoE/w2//DzuRBOt9M/7sJOXaAgDDUc2TEEk6bDtX3iaUUmytHIIPpALT
dmsQqB8VHNs8Wrio2oHS3/pyo3mA+ybY19bX254McwHmgxshgLZvx1IVbEatB22E
FqnHRQ/PmkqXdMbhJpKhVK2g2ZtLWqynUY8siHVKKpVzbDFg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:25 2025 by rpki-client on console.sobornost.net