Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HuKzOD6gwFOw2-7SG5fBLnw9hvg.roa
File: HuKzOD6gwFOw2-7SG5fBLnw9hvg.roa (raw, json)
Hash identifier: 2/sNrM0zzZBJ88qc2tqbypAE3N6ADaf44jAOUELYY6o=
Subject key identifier: 1E:E2:B3:38:3E:A0:C0:53:B0:DB:EE:D2:1B:97:C1:2E:7C:3D:86:F8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942824EFE56F8293722A3D5E493887BC14
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HuKzOD6gwFOw2-7SG5fBLnw9hvg.roa
Signing time: Thu 02 Jan 2025 17:51:36 +0000
ROA not before: Thu 02 Jan 2025 17:51:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
195.133.10.0/23 maxlen: 23
195.133.52.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:ef:e5:6f:82:93:72:2a:3d:5e:49:38:87:bc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ee2b3383ea0c053b0dbeed21b97c12e7c3d86f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:13:0b:fd:39:63:02:51:ed:88:80:30:99:15:
a0:5a:49:b7:18:5d:0f:8f:7b:01:17:b9:b2:63:f6:
9d:f9:71:e3:42:b6:f2:4f:58:3b:43:af:05:96:cd:
3e:1d:aa:83:60:32:cc:45:38:08:e6:d0:dc:89:fc:
58:f8:b2:e3:19:48:6f:d0:0c:3d:1b:ac:45:e6:72:
9b:9c:b8:48:92:4e:ee:49:99:a7:bb:4d:3f:d8:5b:
b3:d3:af:19:fb:1f:6b:0e:d8:45:49:80:83:ba:a4:
60:d4:36:84:5d:f7:d3:ce:65:1a:68:21:39:ad:cb:
54:e4:88:51:ad:c8:c7:9f:33:d4:1e:9e:a1:8d:6d:
0b:75:17:af:48:5b:28:27:fa:0d:7b:00:dd:61:06:
e5:25:8d:75:5a:ab:26:d2:c8:1b:1d:47:ea:fa:74:
d2:2a:d7:a9:09:cb:2d:95:3a:fa:b8:e0:53:c2:fa:
b2:5a:52:de:03:c9:35:75:d8:9b:a9:df:a4:8f:73:
2d:2f:cb:e8:67:14:24:29:78:23:8a:05:4f:5a:04:
0f:3b:4f:df:c4:3f:ce:02:13:df:4d:6e:24:3b:ba:
b9:57:4b:16:b1:d2:f8:a9:7a:34:fb:d1:99:ef:13:
ce:e3:87:b5:11:2a:3d:58:4b:e8:b6:e5:b7:6a:02:
8c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E2:B3:38:3E:A0:C0:53:B0:DB:EE:D2:1B:97:C1:2E:7C:3D:86:F8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/HuKzOD6gwFOw2-7SG5fBLnw9hvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.118.0/23
195.133.10.0/23
195.133.52.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:0b:ae:6e:a6:f1:5e:24:16:3c:9a:65:a0:2a:da:49:a6:54:
97:aa:90:4f:d7:de:bf:b0:f0:a4:28:be:4b:8a:a5:fa:93:1a:
6d:de:45:ac:a1:06:17:d8:1e:fe:91:98:0a:59:0c:83:53:b5:
7e:18:e2:ac:5e:d0:1e:4d:e5:69:e0:17:77:8a:70:7e:4b:5a:
05:70:54:26:b2:27:fa:85:ff:b9:be:2d:9a:61:e0:b8:5a:b9:
e1:95:98:4c:6d:6e:93:05:c0:90:1b:ea:3a:2e:5a:55:ac:89:
07:db:6c:a7:70:44:d5:0e:31:d7:b9:fd:2f:4a:1b:17:96:8c:
cc:52:77:b6:b6:5c:cb:16:4a:02:6f:1a:c5:52:d8:71:22:cb:
0f:1a:e2:64:38:3d:a6:cd:7f:17:11:8d:c8:68:ab:84:8d:1d:
23:92:ae:43:1f:19:e1:8b:fe:1a:ea:47:27:89:ba:ec:89:ed:
9d:f4:02:80:30:8e:62:0b:f6:b3:ff:6f:6d:ad:b0:e1:f3:00:
db:22:89:ad:ef:f5:ab:ac:79:f8:a0:22:6d:fd:d6:79:0e:e7:
40:8e:8c:af:51:c1:06:d1:de:b3:1d:b0:fc:b3:1b:b7:2d:4d:
f7:86:ab:2a:69:89:0b:84:1f:16:2e:97:d0:4e:db:63:07:50:
e0:e7:a1:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJO/lb4KTcio9Xkk4h7wUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWUyYjMzODNlYTBjMDUzYjBkYmVlZDIxYjk3YzEyZTdjM2Q4NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthML/TljAlHtiIAwmRWgWkm3GF0P
j3sBF7myY/ad+XHjQrbyT1g7Q68Fls0+HaqDYDLMRTgI5tDcifxY+LLjGUhv0Aw9
G6xF5nKbnLhIkk7uSZmnu00/2Fuz068Z+x9rDthFSYCDuqRg1DaEXffTzmUaaCE5
rctU5IhRrcjHnzPUHp6hjW0LdRevSFsoJ/oNewDdYQblJY11Wqsm0sgbHUfq+nTS
KtepCcstlTr6uOBTwvqyWlLeA8k1ddibqd+kj3MtL8voZxQkKXgjigVPWgQPO0/f
xD/OAhPfTW4kO7q5V0sWsdL4qXo0+9GZ7xPO44e1ESo9WEvotuW3agKMewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB7iszg+oMBTsNvu0huXwS58PYb4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSHVLek9ENmd3Rk93Mi03U0c1ZkJMbnc5aHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwld2AwQB
w4UKAwQBw4U0MA0GCSqGSIb3DQEBCwUAA4IBAQAeC65upvFeJBY8mmWgKtpJplSX
qpBP196/sPCkKL5LiqX6kxpt3kWsoQYX2B7+kZgKWQyDU7V+GOKsXtAeTeVp4Bd3
inB+S1oFcFQmsif6hf+5vi2aYeC4WrnhlZhMbW6TBcCQG+o6LlpVrIkH22yncETV
DjHXuf0vShsXlozMUne2tlzLFkoCbxrFUthxIssPGuJkOD2mzX8XEY3IaKuEjR0j
kq5DHxnhi/4a6kcnibrsie2d9AKAMI5iC/az/29trbDh8wDbIomt7/WrrHn4oCJt
/dZ5DudAjoyvUcEG0d6zHbD8sxu3LU33hqsqaYkLhB8WLpfQTttjB1Dg56G1
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:06 2025 by rpki-client