Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa
File: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (raw, json)
Hash identifier: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=
Subject key identifier: 1C:33:A1:CF:3D:23:05:AF:C6:A7:D0:09:50:CC:B6:EC:3F:42:8E:58
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 01941F8C0223332A5F49E7F81D049F5A2699
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51823
IP address blocks: 91.220.132.0/24 maxlen: 24
193.3.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:02:23:33:2a:5f:49:e7:f8:1d:04:9f:5a:26:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c33a1cf3d2305afc6a7d00950ccb6ec3f428e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2b:a6:cd:56:63:6d:4f:8a:fd:dc:ce:78:6b:
3f:8c:05:5c:57:b6:d7:e7:cb:70:80:a4:44:74:6a:
67:df:cd:e5:f6:90:e2:b0:68:aa:bc:0c:bb:90:ec:
42:ef:e1:67:3d:a8:39:7b:d4:54:26:5c:09:15:51:
6c:e1:b0:54:53:c3:8b:63:7e:0b:56:39:eb:d3:56:
c8:35:85:1d:4d:52:09:56:18:46:d6:71:b0:0d:80:
c0:62:44:0b:7c:b5:39:ec:08:06:c4:80:d8:da:90:
4d:8b:5f:17:b4:0f:5d:81:6b:81:b3:3d:9f:7e:3a:
e3:c5:3e:14:04:49:14:ab:5c:1c:70:9b:bb:65:51:
58:17:4e:d3:c2:3f:68:04:15:63:0d:92:5f:55:ca:
eb:56:a9:ee:f7:a1:56:92:84:b7:56:70:14:95:c0:
fa:d7:67:ad:c1:70:52:a7:df:ed:88:b2:18:b0:ae:
fa:bf:68:5c:04:e1:3e:41:62:eb:cd:da:60:ed:b9:
f4:b9:17:2e:a1:8e:b5:82:38:94:56:33:ee:01:a8:
d2:c1:fe:a8:6c:21:1f:8d:f4:1c:f7:59:c9:06:62:
c8:9d:95:02:ad:e0:11:cd:1b:90:4f:5f:f7:ca:44:
35:06:a8:e3:2f:f5:d2:80:0f:43:56:e8:49:56:32:
7f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:33:A1:CF:3D:23:05:AF:C6:A7:D0:09:50:CC:B6:EC:3F:42:8E:58
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.132.0/24
193.3.172.0/24
Signature Algorithm: sha256WithRSAEncryption
07:91:1c:b2:ca:b1:17:8f:06:48:16:5e:d2:6a:45:b1:0d:54:
85:43:c1:78:24:d9:29:e5:61:37:92:52:2f:2c:84:7a:f2:53:
08:70:be:8c:59:e3:8a:fe:89:e4:40:45:07:e9:67:58:8b:0a:
8d:7c:d3:db:a4:55:24:8e:bd:45:4c:3d:7a:75:3f:02:68:33:
4c:ef:80:c9:a5:8d:b7:ea:9e:3d:07:bf:95:2c:d3:26:4c:75:
5b:92:81:58:80:eb:b7:3a:b5:38:0c:73:c6:cb:95:7c:48:f2:
0f:b2:72:10:f4:5b:e2:83:5d:63:84:5c:8c:9c:84:8c:40:ab:
49:9f:b1:18:f1:35:20:11:04:a1:2a:ba:33:13:ce:3f:7e:d7:
1b:49:c2:48:00:54:a1:82:b8:8e:78:ac:4d:91:a3:e0:70:75:
44:dc:88:1a:b1:5f:8f:7f:f2:94:6f:c0:7e:44:27:3f:d5:bc:
4f:68:00:1b:e6:e0:5e:44:40:15:25:aa:9c:c9:f9:d6:cd:c1:
3e:7e:0c:e3:83:56:f7:43:ec:5a:21:09:bf:fb:c1:10:78:72:
24:c5:54:25:a8:f8:e4:43:de:9f:bb:27:00:d3:c9:b4:e0:8f:
5d:00:04:9f:40:be:4e:51:c4:d1:75:14:43:1e:c8:40:67:26:
95:ba:b6:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQfjAIjMypfSef4HQSfWiaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMzYTFjZjNkMjMwNWFmYzZhN2QwMDk1MGNjYjZlYzNmNDI4ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSumzVZjbU+K/dzOeGs/jAVcV7bX
58twgKREdGpn383l9pDisGiqvAy7kOxC7+FnPag5e9RUJlwJFVFs4bBUU8OLY34L
Vjnr01bINYUdTVIJVhhG1nGwDYDAYkQLfLU57AgGxIDY2pBNi18XtA9dgWuBsz2f
fjrjxT4UBEkUq1wccJu7ZVFYF07Twj9oBBVjDZJfVcrrVqnu96FWkoS3VnAUlcD6
12etwXBSp9/tiLIYsK76v2hcBOE+QWLrzdpg7bn0uRcuoY61gjiUVjPuAajSwf6o
bCEfjfQc91nJBmLInZUCreARzRuQT1/3ykQ1BqjjL/XSgA9DVuhJVjJ/mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBwzoc89IwWvxqfQCVDMtuw/Qo5YMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvSERPaHp6MGpCYV9HcDlBSlVNeTI3RDlDamxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yEAwQA
wQOsMA0GCSqGSIb3DQEBCwUAA4IBAQAHkRyyyrEXjwZIFl7SakWxDVSFQ8F4JNkp
5WE3klIvLIR68lMIcL6MWeOK/onkQEUH6WdYiwqNfNPbpFUkjr1FTD16dT8CaDNM
74DJpY236p49B7+VLNMmTHVbkoFYgOu3OrU4DHPGy5V8SPIPsnIQ9Fvig11jhFyM
nISMQKtJn7EY8TUgEQShKrozE84/ftcbScJIAFShgriOeKxNkaPgcHVE3IgasV+P
f/KUb8B+RCc/1bxPaAAb5uBeREAVJaqcyfnWzcE+fgzjg1b3Q+xaIQm/+8EQeHIk
xVQlqPjkQ96fuycA08m04I9dAASfQL5OUcTRdRRDHshAZyaVurYK
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:43:51 2025 by rpki-client