Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/HKEHenn7EguAMxlu8X0PMavfllI.roa
File: HKEHenn7EguAMxlu8X0PMavfllI.roa (raw, json)
Hash identifier: Q1kxs4HiA00x+L/BlCzsp0V9iVJn16kS+H5yLVpADws=
Subject key identifier: 1C:A1:07:7A:79:FB:12:0B:80:33:19:6E:F1:7D:0F:31:AB:DF:96:52
Certificate issuer: /CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Certificate serial: 019428230E8636AB9E1BA28073B86A5E91F0
Authority key identifier: AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/HKEHenn7EguAMxlu8X0PMavfllI.roa
Signing time: Thu 02 Jan 2025 17:49:33 +0000
ROA not before: Thu 02 Jan 2025 17:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8879
IP address blocks: 91.216.108.0/24 maxlen: 24
195.66.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:0e:86:36:ab:9e:1b:a2:80:73:b8:6a:5e:91:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Validity
Not Before: Jan 2 17:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ca1077a79fb120b8033196ef17d0f31abdf9652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:e8:15:91:95:e9:39:d1:51:08:df:d5:47:
79:5c:6d:58:b1:b5:0c:1d:19:b0:48:62:4b:a8:a3:
cd:ec:85:71:9c:6f:19:99:61:4d:ee:64:4b:53:17:
24:8f:2a:b0:20:cf:0c:d9:08:d1:c2:dd:9c:05:ba:
9e:c1:ff:e3:9b:98:59:d0:56:fe:29:d3:fb:f7:64:
c3:b2:50:39:af:f7:ed:96:d6:69:c2:48:43:36:4f:
74:fb:4d:61:9c:a5:b4:82:54:3d:01:dd:40:6f:31:
9d:73:07:6a:e6:53:92:d5:5e:de:5c:0a:11:53:97:
55:96:7d:25:e1:01:dc:a7:be:9d:4e:b4:47:5e:6d:
16:8f:be:88:20:06:d8:9d:ac:81:24:be:1c:4a:4b:
4a:17:9c:6d:f7:b8:16:b2:57:d6:c7:20:18:4c:9b:
dd:46:1d:66:3c:45:8b:57:27:7e:9c:13:6c:28:c6:
11:27:fe:f0:5e:fe:ab:47:2c:91:72:a4:5e:e5:48:
ba:5d:19:52:cc:a0:a2:3f:f3:9b:c3:2e:69:0c:45:
82:27:0b:8c:15:02:a8:32:67:09:af:4e:c8:a5:4b:
02:d8:76:08:32:25:7b:b2:2e:68:b0:2d:07:87:b1:
76:59:a7:a9:8b:53:f7:6a:1b:ec:bb:b3:f5:f2:90:
0e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A1:07:7A:79:FB:12:0B:80:33:19:6E:F1:7D:0F:31:AB:DF:96:52
X509v3 Authority Key Identifier:
keyid:AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/HKEHenn7EguAMxlu8X0PMavfllI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.108.0/24
195.66.76.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e9:27:ee:0f:73:f2:b8:86:8c:0e:f5:73:db:38:31:de:8c:
92:b1:67:74:e0:a2:bb:37:5e:b0:7d:ad:2d:85:cb:09:d1:6c:
2d:04:d3:8e:fa:0e:b9:a8:9e:64:3d:98:0a:4b:43:21:d7:fd:
8b:4d:40:ee:f0:2a:a1:e1:35:19:06:e1:9b:70:04:0d:34:59:
91:9b:0f:80:98:77:28:cf:22:9e:71:e4:d1:9c:1f:1e:5b:d7:
bf:aa:c6:5a:53:e4:90:54:1c:70:ce:50:12:50:42:36:ad:95:
bb:52:92:e5:2c:f4:a6:81:1c:72:81:d3:18:f5:d6:f1:6e:e1:
7f:67:62:8b:14:5b:e4:b6:ec:25:1b:43:96:66:8a:3f:f9:bb:
b7:6a:48:db:a6:19:13:ab:a3:38:3e:3e:50:63:54:bb:71:d1:
c7:b6:f5:f1:98:f8:6f:4c:dd:0b:1a:03:77:e1:bb:06:c2:2c:
f9:79:34:53:70:8a:11:ff:6c:8f:40:0c:b5:46:fb:a8:2e:73:
60:b1:af:b7:f9:db:88:e1:66:15:91:f5:62:bb:43:d9:99:04:
a9:af:d3:ae:7e:3a:4c:50:ac:b9:07:5e:2d:6f:50:c3:f7:b6:
3e:a0:b0:c8:5c:c8:e8:28:3c:bc:02:3f:50:b1:34:30:2d:68:
f6:8c:9b:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoIw6GNqueG6KAc7hqXpHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNGM4MzBiMTEyNjE0ODNhNjJiNjY5NmE0YzM3MjBlOGFk
ODhhMGQwHhcNMjUwMTAyMTc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ExMDc3YTc5ZmIxMjBiODAzMzE5NmVmMTdkMGYzMWFiZGY5NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNHoFZGV6TnRUQjf1Ud5XG1YsbUM
HRmwSGJLqKPN7IVxnG8ZmWFN7mRLUxckjyqwIM8M2QjRwt2cBbqewf/jm5hZ0Fb+
KdP792TDslA5r/ftltZpwkhDNk90+01hnKW0glQ9Ad1AbzGdcwdq5lOS1V7eXAoR
U5dVln0l4QHcp76dTrRHXm0Wj76IIAbYnayBJL4cSktKF5xt97gWslfWxyAYTJvd
Rh1mPEWLVyd+nBNsKMYRJ/7wXv6rRyyRcqRe5Ui6XRlSzKCiP/Obwy5pDEWCJwuM
FQKoMmcJr07IpUsC2HYIMiV7si5osC0Hh7F2Waepi1P3ahvsu7P18pAOMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFByhB3p5+xILgDMZbvF9DzGr35ZSMB8GA1UdIwQY
MBaAFK1MgwsRJhSDpitmlqTDcg6K2IoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEt
MjIyY2ViNmMzNDRjLzEvSEtFSGVubjdFZ3VBTXhsdThYMFBNYXZmbGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEtMjIyY2ViNmMzNDRj
LzEvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9hsAwQA
w0JMMA0GCSqGSIb3DQEBCwUAA4IBAQB96SfuD3PyuIaMDvVz2zgx3oySsWd04KK7
N16wfa0thcsJ0WwtBNOO+g65qJ5kPZgKS0Mh1/2LTUDu8Cqh4TUZBuGbcAQNNFmR
mw+AmHcozyKeceTRnB8eW9e/qsZaU+SQVBxwzlASUEI2rZW7UpLlLPSmgRxygdMY
9dbxbuF/Z2KLFFvktuwlG0OWZoo/+bu3akjbphkTq6M4Pj5QY1S7cdHHtvXxmPhv
TN0LGgN34bsGwiz5eTRTcIoR/2yPQAy1RvuoLnNgsa+3+duI4WYVkfViu0PZmQSp
r9OufjpMUKy5B14tb1DD97Y+oLDIXMjoKDy8Aj9QsTQwLWj2jJtB
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:52:01 2025 by rpki-client