Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/Hk8OntQ5zqlTFn040DQPSldzYiE.roa
File: Hk8OntQ5zqlTFn040DQPSldzYiE.roa (raw, json)
Hash identifier: KP+8WLsncYNj0fRydYrCKf8Ah12qAHLXgrBdfpvlTN0=
Subject key identifier: 1E:4F:0E:9E:D4:39:CE:A9:53:16:7D:38:D0:34:0F:4A:57:73:62:21
Certificate issuer: /CN=695c537d2656db4dd0c3c32fe981b3c771443e5b
Certificate serial: 01942143E848AF7D8B7AB6BC27877C9134D1
Authority key identifier: 69:5C:53:7D:26:56:DB:4D:D0:C3:C3:2F:E9:81:B3:C7:71:44:3E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVxTfSZW203Qw8Mv6YGzx3FEPls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/Hk8OntQ5zqlTFn040DQPSldzYiE.roa
Signing time: Wed 01 Jan 2025 09:48:05 +0000
ROA not before: Wed 01 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31305
IP address blocks: 193.151.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e8:48:af:7d:8b:7a:b6:bc:27:87:7c:91:34:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=695c537d2656db4dd0c3c32fe981b3c771443e5b
Validity
Not Before: Jan 1 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e4f0e9ed439cea953167d38d0340f4a57736221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:67:d6:7d:98:df:d4:8d:3a:7c:33:d4:3e:e1:
5b:c7:18:79:e1:28:7e:8f:e8:5b:62:3a:03:bd:82:
25:ec:5c:95:94:f6:69:50:b9:cc:e8:db:c7:a4:f8:
a3:e9:5b:fa:b7:71:16:5b:f5:9b:16:39:ef:4d:8c:
5f:d8:3d:74:61:60:e3:cf:fa:53:c0:fa:65:70:4a:
48:5b:c5:68:7a:ac:fb:95:ae:be:1c:80:61:3c:fc:
ef:a1:7d:fd:6a:d7:f4:25:aa:bd:88:a6:54:d3:97:
a0:b3:8c:10:71:70:8e:f3:58:78:fb:70:02:1f:dd:
26:59:8f:84:e7:df:39:09:ed:a6:23:ef:a5:06:13:
7e:ac:ab:d2:16:66:16:dc:c1:8c:fb:18:f0:65:db:
fe:6f:b6:31:ca:b9:11:bd:fd:28:94:ee:46:ad:57:
3f:90:17:20:4f:98:4d:bc:3a:d5:9e:98:58:cd:50:
0a:fe:2e:1f:ef:cb:29:f9:28:f2:92:be:f9:5c:94:
4e:b3:dd:f0:0b:18:ff:b7:fc:c1:b6:af:f6:5b:8a:
db:48:d4:70:10:d6:90:05:cc:f2:9b:05:76:db:f0:
05:76:c9:60:04:64:75:f1:9e:a7:7e:63:dc:2e:de:
12:91:fd:21:a8:9e:cd:25:db:95:0a:16:77:65:c8:
44:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4F:0E:9E:D4:39:CE:A9:53:16:7D:38:D0:34:0F:4A:57:73:62:21
X509v3 Authority Key Identifier:
keyid:69:5C:53:7D:26:56:DB:4D:D0:C3:C3:2F:E9:81:B3:C7:71:44:3E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVxTfSZW203Qw8Mv6YGzx3FEPls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/Hk8OntQ5zqlTFn040DQPSldzYiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/a94966-03e5-42ea-ac26-a8beb5657d76/1/aVxTfSZW203Qw8Mv6YGzx3FEPls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.12.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:0e:90:3c:13:63:dd:38:7a:b3:26:10:17:65:d0:fc:92:2b:
f1:8c:4a:ee:f0:0b:eb:c2:ad:a1:19:f8:4b:44:f5:43:68:10:
96:cf:de:49:fd:a7:f6:f3:16:76:3d:09:b5:1f:a4:6d:db:bb:
39:a3:13:25:4d:7a:93:30:ce:64:0d:28:37:cf:19:d0:7c:3a:
6a:5e:70:ae:a3:c1:ab:4e:d4:f9:8d:d7:81:27:2f:1e:62:82:
3c:37:7b:9c:e6:4e:24:a6:e7:bf:a0:d6:b0:f9:77:38:16:b2:
b6:7e:a6:04:6b:d8:8f:e4:25:6a:2a:1b:2c:1f:5c:b1:f8:11:
0e:15:bc:b5:e1:18:6e:4b:54:da:f3:05:c0:8e:4e:e3:53:f8:
60:67:b1:38:6f:fc:09:e5:4d:bc:18:df:4b:c3:c7:64:84:7f:
89:d4:1b:b0:98:79:29:14:f1:a1:5a:a6:02:11:a7:26:ae:2c:
9d:90:16:99:e0:15:05:81:f0:a5:50:1e:5d:5a:37:dd:ce:af:
d5:5f:72:c0:fa:97:95:87:e2:76:39:cf:30:77:e1:c7:0c:32:
bb:0d:bd:be:e2:28:2c:dc:e7:e2:7f:c8:b3:2c:22:44:92:58:
3b:36:9b:1e:6d:6b:2a:37:5c:83:af:70:25:d5:1e:d4:95:02:
94:27:0c:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+hIr32Lera8J4d8kTTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NWM1MzdkMjY1NmRiNGRkMGMzYzMyZmU5ODFiM2M3NzE0
NDNlNWIwHhcNMjUwMTAxMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRmMGU5ZWQ0MzljZWE5NTMxNjdkMzhkMDM0MGY0YTU3NzM2MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWfWfZjf1I06fDPUPuFbxxh54Sh+
j+hbYjoDvYIl7FyVlPZpULnM6NvHpPij6Vv6t3EWW/WbFjnvTYxf2D10YWDjz/pT
wPplcEpIW8Voeqz7la6+HIBhPPzvoX39atf0Jaq9iKZU05egs4wQcXCO81h4+3AC
H90mWY+E5985Ce2mI++lBhN+rKvSFmYW3MGM+xjwZdv+b7YxyrkRvf0olO5GrVc/
kBcgT5hNvDrVnphYzVAK/i4f78sp+Sjykr75XJROs93wCxj/t/zBtq/2W4rbSNRw
ENaQBczymwV22/AFdslgBGR18Z6nfmPcLt4Skf0hqJ7NJduVChZ3ZchEdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5PDp7UOc6pUxZ9ONA0D0pXc2IhMB8GA1UdIwQY
MBaAFGlcU30mVttN0MPDL+mBs8dxRD5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZ4VGZTWlcyMDNRdzhNdjZZR3p4M0ZFUGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9hOTQ5NjYtMDNlNS00MmVhLWFjMjYt
YThiZWI1NjU3ZDc2LzEvSGs4T250UTV6cWxURm4wNDBEUVBTbGR6WWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9hOTQ5NjYtMDNlNS00MmVhLWFjMjYtYThiZWI1NjU3ZDc2
LzEvYVZ4VGZTWlcyMDNRdzhNdjZZR3p4M0ZFUGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwZcMMA0G
CSqGSIb3DQEBCwUAA4IBAQAbDpA8E2PdOHqzJhAXZdD8kivxjEru8Avrwq2hGfhL
RPVDaBCWz95J/af28xZ2PQm1H6Rt27s5oxMlTXqTMM5kDSg3zxnQfDpqXnCuo8Gr
TtT5jdeBJy8eYoI8N3uc5k4kpue/oNaw+Xc4FrK2fqYEa9iP5CVqKhssH1yx+BEO
Fby14RhuS1Ta8wXAjk7jU/hgZ7E4b/wJ5U28GN9Lw8dkhH+J1BuwmHkpFPGhWqYC
EacmriydkBaZ4BUFgfClUB5dWjfdzq/VX3LA+peVh+J2Oc8wd+HHDDK7Db2+4igs
3Ofif8izLCJEklg7NpsebWsqN1yDr3Al1R7UlQKUJwwy
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:04:11 2025 by rpki-client