Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/hBPWaPUnRQGBA94yIFLf_gO1B4o.roa
File: hBPWaPUnRQGBA94yIFLf_gO1B4o.roa (raw, json)
Hash identifier: motmkS2R+RX1ZVasoBsOLqY3DBqrbnkq1hF5KyGJ7v4=
Subject key identifier: 84:13:D6:68:F5:27:45:01:81:03:DE:32:20:52:DF:FE:03:B5:07:8A
Certificate issuer: /CN=41e48b13551c4f302722a80f8c62e6efd5369edc
Certificate serial: 018CC2DB1B28952D393D71A5C6A8F661945E
Authority key identifier: 41:E4:8B:13:55:1C:4F:30:27:22:A8:0F:8C:62:E6:EF:D5:36:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QeSLE1UcTzAnIqgPjGLm79U2ntw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/hBPWaPUnRQGBA94yIFLf_gO1B4o.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34660
IP address blocks: 185.52.220.0/22 maxlen: 22
178.23.160.0/21 maxlen: 21
217.168.144.0/20 maxlen: 20
2a00:1fb0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1b:28:95:2d:39:3d:71:a5:c6:a8:f6:61:94:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41e48b13551c4f302722a80f8c62e6efd5369edc
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8413d668f52745018103de322052dffe03b5078a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:68:51:64:74:43:79:12:e7:41:80:8e:da:c5:
2a:ed:7f:60:0f:52:53:af:c9:aa:e0:bb:4e:33:cf:
1e:30:c5:fa:75:e3:6a:c7:82:ef:8f:26:a0:19:65:
2e:c5:37:ac:16:02:03:07:d7:04:b3:34:d8:87:ef:
8a:44:c0:61:74:af:93:17:b3:a9:b9:a9:62:00:36:
52:1f:08:50:18:af:23:28:9a:23:e0:45:8d:e4:b0:
4e:6a:b0:b7:e7:50:bf:67:63:3a:ce:a0:c3:76:f3:
91:1c:d1:4a:82:94:cc:ca:eb:40:db:6b:7d:c1:31:
51:33:f2:63:88:32:b1:0c:ee:2e:06:49:8c:db:61:
58:06:ed:87:69:e9:7a:8d:d1:a6:92:32:31:2c:8d:
b1:20:59:0d:00:74:6e:e7:8b:46:40:1e:ad:df:91:
b7:03:b2:93:23:c6:ec:58:7a:d8:2b:ec:c2:57:64:
92:dd:0a:43:7a:0d:8f:36:7e:e5:1f:82:1b:02:1e:
f1:92:1a:9e:cf:ee:c8:e9:c6:5a:09:08:cf:c3:65:
98:ec:df:6d:d5:30:8b:76:c3:d2:d1:64:7d:5f:14:
a3:9a:f8:02:c4:cb:14:91:08:67:61:05:68:21:c9:
26:3c:7e:51:6a:f9:a5:35:0b:40:13:fb:c9:ce:ca:
25:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:13:D6:68:F5:27:45:01:81:03:DE:32:20:52:DF:FE:03:B5:07:8A
X509v3 Authority Key Identifier:
keyid:41:E4:8B:13:55:1C:4F:30:27:22:A8:0F:8C:62:E6:EF:D5:36:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeSLE1UcTzAnIqgPjGLm79U2ntw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/hBPWaPUnRQGBA94yIFLf_gO1B4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/179684-cb21-4dcc-9621-5f911603945a/1/QeSLE1UcTzAnIqgPjGLm79U2ntw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.160.0/21
185.52.220.0/22
217.168.144.0/20
IPv6:
2a00:1fb0::/29
Signature Algorithm: sha256WithRSAEncryption
93:9d:37:a0:f3:d9:e0:e3:a2:52:59:03:73:a4:1b:fe:31:9d:
fb:a6:ac:5b:db:ca:b3:65:d6:ab:5c:a1:37:96:39:e7:c8:56:
9e:f8:cc:9f:b3:04:77:50:da:4c:54:87:15:5d:4e:73:53:28:
0e:3f:78:11:65:78:b3:1e:08:26:db:d5:55:25:fd:b7:40:e2:
3b:68:82:e0:01:d2:c7:d0:7f:51:8a:4e:39:e3:21:e2:86:eb:
fc:55:7c:d8:4b:ec:59:7d:13:c2:43:c0:23:97:25:76:76:13:
f2:02:4e:01:f4:dc:7d:58:2e:2c:de:78:77:41:c2:23:13:8d:
3c:e2:1e:4d:e8:41:63:8e:30:72:08:fc:4d:62:ed:68:87:b9:
b0:8e:d8:9f:9b:a5:2e:7e:3a:33:a3:d9:c6:b9:3a:cf:ed:49:
e2:ed:b7:b4:64:ba:c9:6d:38:b6:4c:6a:17:e8:51:42:5f:18:
16:61:f7:94:26:77:b4:7d:71:d4:2b:03:9e:f1:35:4e:67:2f:
a5:18:32:1b:d4:4e:27:19:92:1d:12:c0:8e:ba:13:6a:20:c9:
8a:7b:1d:a8:bb:aa:65:52:4e:da:48:36:f9:44:c5:d7:b6:72:
08:d7:55:3b:15:4b:94:cd:80:4b:b5:0e:8f:3c:46:82:e3:22:
6f:e5:dd:48
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2xsolS05PXGlxqj2YZReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZTQ4YjEzNTUxYzRmMzAyNzIyYTgwZjhjNjJlNmVmZDUz
NjllZGMwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEzZDY2OGY1Mjc0NTAxODEwM2RlMzIyMDUyZGZmZTAzYjUwNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2hRZHRDeRLnQYCO2sUq7X9gD1JT
r8mq4LtOM88eMMX6deNqx4LvjyagGWUuxTesFgIDB9cEszTYh++KRMBhdK+TF7Op
ualiADZSHwhQGK8jKJoj4EWN5LBOarC351C/Z2M6zqDDdvORHNFKgpTMyutA22t9
wTFRM/JjiDKxDO4uBkmM22FYBu2Hael6jdGmkjIxLI2xIFkNAHRu54tGQB6t35G3
A7KTI8bsWHrYK+zCV2SS3QpDeg2PNn7lH4IbAh7xkhqez+7I6cZaCQjPw2WY7N9t
1TCLdsPS0WR9XxSjmvgCxMsUkQhnYQVoIckmPH5RavmlNQtAE/vJzsolEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIQT1mj1J0UBgQPeMiBS3/4DtQeKMB8GA1UdIwQY
MBaAFEHkixNVHE8wJyKoD4xi5u/VNp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWVTTEUxVWNUekFuSXFnUGpHTG03OVUybnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xNzk2ODQtY2IyMS00ZGNjLTk2MjEt
NWY5MTE2MDM5NDVhLzEvaEJQV2FQVW5SUUdCQTk0eUlGTGZfZ08xQjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xNzk2ODQtY2IyMS00ZGNjLTk2MjEtNWY5MTE2MDM5NDVh
LzEvUWVTTEUxVWNUekFuSXFnUGpHTG03OVUybnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDshegAwQC
uTTcAwQE2aiQMA0EAgACMAcDBQMqAB+wMA0GCSqGSIb3DQEBCwUAA4IBAQCTnTeg
89ng46JSWQNzpBv+MZ37pqxb28qzZdarXKE3ljnnyFae+MyfswR3UNpMVIcVXU5z
UygOP3gRZXizHggm29VVJf23QOI7aILgAdLH0H9Rik454yHihuv8VXzYS+xZfRPC
Q8AjlyV2dhPyAk4B9Nx9WC4s3nh3QcIjE4084h5N6EFjjjByCPxNYu1oh7mwjtif
m6Uufjozo9nGuTrP7Uni7be0ZLrJbTi2TGoX6FFCXxgWYfeUJne0fXHUKwOe8TVO
Zy+lGDIb1E4nGZIdEsCOuhNqIMmKex2ou6plUk7aSDb5RMXXtnII11U7FUuUzYBL
tQ6PPEaC4yJv5d1I
-----END CERTIFICATE-----
Generated at Thu Jun 19 11:04:16 2025 by rpki-client