Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/hbj2DwbTO4-tmysNHMyxl2vxyPM.roa
File: hbj2DwbTO4-tmysNHMyxl2vxyPM.roa (raw, json)
Hash identifier: W6g4GPDJbcaX24i4+eflWzczpsq5sBQlzCM+vJ6ScIM=
Subject key identifier: 85:B8:F6:0F:06:D3:3B:8F:AD:9B:2B:0D:1C:CC:B1:97:6B:F1:C8:F3
Certificate issuer: /CN=db2d75c6d547750642241b0749cfa052c8c17f34
Certificate serial: 019427B54BEC4479395E5F1189FC62AC8251
Authority key identifier: DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/hbj2DwbTO4-tmysNHMyxl2vxyPM.roa
Signing time: Thu 02 Jan 2025 15:49:40 +0000
ROA not before: Thu 02 Jan 2025 15:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206366
IP address blocks: 45.142.68.0/22 maxlen: 24
185.188.148.0/22 maxlen: 24
193.37.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:4b:ec:44:79:39:5e:5f:11:89:fc:62:ac:82:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db2d75c6d547750642241b0749cfa052c8c17f34
Validity
Not Before: Jan 2 15:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85b8f60f06d33b8fad9b2b0d1cccb1976bf1c8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2c:7d:02:73:fe:aa:af:ce:b8:42:50:dc:58:
ee:d6:05:f5:83:d5:12:f0:d6:e6:79:00:5a:c5:92:
7a:38:93:3f:cd:6a:a9:17:06:f3:9b:68:d4:d7:f8:
32:99:0d:10:fc:9a:54:f4:fe:5f:fb:ba:af:54:3a:
7b:67:b1:c8:c6:c8:94:d9:f2:43:ab:ee:77:1a:00:
bd:32:9d:59:69:36:a0:29:50:b6:18:cf:1c:d5:75:
06:80:3f:ee:5a:bd:9b:43:d1:94:a2:85:60:8f:71:
51:c7:f2:1a:85:ea:51:11:67:6e:71:ee:61:d8:c9:
8d:2c:43:11:6a:a6:b4:b3:67:5c:7d:73:85:16:47:
6c:de:60:a5:80:be:3f:cf:b7:e4:32:30:74:d4:c2:
cb:10:e8:64:53:5d:fb:b4:88:f3:bc:96:9d:d8:24:
43:87:68:c3:02:e3:9f:00:6a:64:9f:cb:c3:98:d4:
b8:fe:c5:a3:e8:de:4c:96:35:22:3f:91:2d:67:31:
ea:44:0e:6a:59:36:03:21:3c:bb:52:e5:47:cf:4e:
ec:e9:51:23:e6:43:07:be:ab:2c:d6:0b:c1:8e:d9:
40:62:08:8d:f6:41:9d:eb:3b:51:54:56:dd:c4:34:
32:5f:ae:ea:bb:9f:2a:d9:1c:77:cd:b3:34:49:1e:
fb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B8:F6:0F:06:D3:3B:8F:AD:9B:2B:0D:1C:CC:B1:97:6B:F1:C8:F3
X509v3 Authority Key Identifier:
keyid:DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/hbj2DwbTO4-tmysNHMyxl2vxyPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.68.0/22
185.188.148.0/22
193.37.60.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:68:b1:7a:6f:b2:d0:f9:a4:2e:61:50:dd:ec:7c:5b:68:ee:
3a:c1:9f:22:8d:05:74:cf:fb:26:90:2e:2e:ae:78:ef:e3:f1:
e1:09:ee:38:0b:99:90:97:51:ce:9e:55:5f:e7:c1:d1:ff:4b:
51:1c:05:1c:63:dd:2e:09:a4:a4:ed:08:f6:ee:3c:61:10:01:
31:13:62:69:9e:46:9d:25:01:66:7a:07:a7:0b:b7:1f:57:64:
fc:01:e8:cc:f4:97:e4:6d:09:15:ce:01:2c:c5:a6:72:91:f1:
71:ef:a2:c5:e1:f5:43:19:bb:a6:52:22:47:0a:71:e1:a6:fd:
86:28:89:c6:5e:e6:b4:f1:67:ba:e4:eb:61:77:2f:c4:ae:ba:
96:21:d1:03:82:36:3d:4e:2b:e5:51:80:7b:84:f4:34:90:7f:
3b:ac:6d:ad:c1:42:9c:fe:88:32:2c:f6:53:51:69:28:a7:a9:
9f:66:df:fb:54:60:3a:f5:1e:5c:04:45:82:20:3c:01:87:1c:
e0:5d:a5:21:d3:af:8e:be:90:99:e4:d8:4f:b8:bf:f3:43:a1:
ee:1a:96:42:b0:49:c9:81:bf:0c:5e:b0:14:a9:47:d8:04:29:
86:3a:a2:91:8d:6d:59:68:bb:2c:8e:0a:1d:02:8b:ca:89:b5:
b4:25:50:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntUvsRHk5Xl8RifxirIJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMmQ3NWM2ZDU0Nzc1MDY0MjI0MWIwNzQ5Y2ZhMDUyYzhj
MTdmMzQwHhcNMjUwMTAyMTU0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI4ZjYwZjA2ZDMzYjhmYWQ5YjJiMGQxY2NjYjE5NzZiZjFjOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Cx9AnP+qq/OuEJQ3Fju1gX1g9US
8NbmeQBaxZJ6OJM/zWqpFwbzm2jU1/gymQ0Q/JpU9P5f+7qvVDp7Z7HIxsiU2fJD
q+53GgC9Mp1ZaTagKVC2GM8c1XUGgD/uWr2bQ9GUooVgj3FRx/IahepREWduce5h
2MmNLEMRaqa0s2dcfXOFFkds3mClgL4/z7fkMjB01MLLEOhkU137tIjzvJad2CRD
h2jDAuOfAGpkn8vDmNS4/sWj6N5MljUiP5EtZzHqRA5qWTYDITy7UuVHz07s6VEj
5kMHvqss1gvBjtlAYgiN9kGd6ztRVFbdxDQyX67qu58q2Rx3zbM0SR77jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIW49g8G0zuPrZsrDRzMsZdr8cjzMB8GA1UdIwQY
MBaAFNstdcbVR3UGQiQbB0nPoFLIwX80MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgt
YTkwMWUwMzRhZmU1LzEvaGJqMkR3YlRPNC10bXlzTkhNeXhsMnZ4eVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgtYTkwMWUwMzRhZmU1
LzEvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY5EAwQC
ubyUAwQCwSU8MA0GCSqGSIb3DQEBCwUAA4IBAQAtaLF6b7LQ+aQuYVDd7HxbaO46
wZ8ijQV0z/smkC4urnjv4/HhCe44C5mQl1HOnlVf58HR/0tRHAUcY90uCaSk7Qj2
7jxhEAExE2JpnkadJQFmegenC7cfV2T8AejM9JfkbQkVzgEsxaZykfFx76LF4fVD
GbumUiJHCnHhpv2GKInGXua08We65Othdy/ErrqWIdEDgjY9TivlUYB7hPQ0kH87
rG2twUKc/ogyLPZTUWkop6mfZt/7VGA69R5cBEWCIDwBhxzgXaUh06+OvpCZ5NhP
uL/zQ6HuGpZCsEnJgb8MXrAUqUfYBCmGOqKRjW1ZaLssjgodAovKibW0JVCg
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:03 2025 by rpki-client on console.sobornost.net