Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/hpKUEYSoGHkE0FTfiYlqZGeAk1A.roa
File: hpKUEYSoGHkE0FTfiYlqZGeAk1A.roa (raw, json)
Hash identifier: aS+EY09klLsP1Q0iTAqB6odVzuvAAWvABKFa+TlzvPA=
Subject key identifier: 86:92:94:11:84:A8:18:79:04:D0:54:DF:89:89:6A:64:67:80:93:50
Certificate issuer: /CN=7b24358c4f16c19ffad37f3cafe0c8f6acbf65b1
Certificate serial: 019422FB8C0F42EE2D891B27659FB4F782FD
Authority key identifier: 7B:24:35:8C:4F:16:C1:9F:FA:D3:7F:3C:AF:E0:C8:F6:AC:BF:65:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eyQ1jE8WwZ_60388r-DI9qy_ZbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/hpKUEYSoGHkE0FTfiYlqZGeAk1A.roa
Signing time: Wed 01 Jan 2025 17:48:18 +0000
ROA not before: Wed 01 Jan 2025 17:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39405
IP address blocks: 213.178.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:8c:0f:42:ee:2d:89:1b:27:65:9f:b4:f7:82:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b24358c4f16c19ffad37f3cafe0c8f6acbf65b1
Validity
Not Before: Jan 1 17:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8692941184a8187904d054df89896a6467809350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fb:4b:23:0d:dc:c6:d1:38:73:e6:78:30:38:
93:fb:a8:45:cd:ac:17:a5:1f:13:21:df:6e:98:bb:
52:b9:bb:87:e8:69:76:03:c0:95:81:47:86:d2:5c:
98:cd:55:52:b5:45:c7:8a:06:42:83:f0:4f:aa:c0:
25:ff:0b:4e:82:13:c3:a9:e3:72:0e:be:e2:d5:2d:
67:fe:2d:84:64:1b:fc:ff:7e:58:2d:a5:1a:34:43:
ba:06:ed:2c:4e:3c:b9:78:4a:d3:32:35:43:53:b3:
73:9f:5c:3e:97:e7:0d:6d:00:17:0a:04:fb:1c:5a:
1a:4b:f8:74:37:51:a6:40:9f:5e:8f:f7:7b:04:c8:
d6:49:14:c7:f3:1f:d3:78:09:31:e4:73:ce:bb:33:
df:69:c6:3f:c7:2a:a7:ed:99:9e:3f:9d:78:eb:66:
00:fa:ca:9b:ed:67:a0:ec:38:c1:99:9c:63:43:a0:
a3:8d:a6:df:b3:42:97:35:c8:e5:fc:8d:66:b0:61:
d2:f0:1a:15:58:f4:76:d0:c0:d7:3b:c0:24:c4:a3:
dd:e1:a5:46:57:13:78:d2:5e:a0:ea:be:e9:a3:a9:
75:f9:5a:ba:e5:89:09:ea:6d:62:61:f9:07:eb:3f:
45:28:93:2e:5f:0c:c2:49:db:39:35:d3:43:b2:dd:
03:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:92:94:11:84:A8:18:79:04:D0:54:DF:89:89:6A:64:67:80:93:50
X509v3 Authority Key Identifier:
keyid:7B:24:35:8C:4F:16:C1:9F:FA:D3:7F:3C:AF:E0:C8:F6:AC:BF:65:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eyQ1jE8WwZ_60388r-DI9qy_ZbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/hpKUEYSoGHkE0FTfiYlqZGeAk1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa63b-7647-4073-9e66-0d7c52154183/1/eyQ1jE8WwZ_60388r-DI9qy_ZbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.178.148.0/22
Signature Algorithm: sha256WithRSAEncryption
47:ff:e6:5b:37:b3:d3:cc:a2:fe:76:cf:7d:f8:ec:30:0e:23:
29:5a:d4:50:42:3f:06:15:36:bd:34:90:0d:ac:ef:27:c2:03:
97:e1:06:8f:0d:7c:be:dd:6c:15:cc:3d:96:83:a3:aa:44:7a:
d0:f7:31:ca:ae:33:2d:ea:91:aa:93:3a:36:96:0a:14:31:34:
18:16:d1:f9:d4:54:cf:52:9f:4d:17:c8:7a:36:c1:52:17:6b:
6e:73:50:72:00:30:1e:7d:a4:a8:0f:85:2e:4c:61:26:56:5c:
b5:8b:fa:50:26:8e:3e:5d:7f:af:09:a6:e7:a4:6a:54:ff:bf:
0c:e4:4c:0b:45:7c:12:eb:b3:75:2f:1a:de:b7:ee:78:83:91:
63:23:9e:ce:d2:47:d5:9e:eb:6b:77:a6:96:8a:cd:c9:1c:e5:
02:aa:46:6f:66:41:3e:7f:d0:17:00:8c:a7:c3:9c:32:57:9d:
8e:74:00:88:59:a7:f4:8d:7e:15:9a:11:16:c5:3c:4a:3a:a0:
5b:18:36:17:ce:86:21:1a:82:3e:b2:86:7c:7b:0e:78:1a:43:
20:8e:85:b6:1b:c8:4d:4d:7b:ea:e4:39:5d:ad:08:b0:c9:4c:
e5:3a:63:38:a2:b1:8c:b7:20:77:f4:8b:03:b6:72:fe:ff:17:
60:3e:05:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4wPQu4tiRsnZZ+094L9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMjQzNThjNGYxNmMxOWZmYWQzN2YzY2FmZTBjOGY2YWNi
ZjY1YjEwHhcNMjUwMTAxMTc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkyOTQxMTg0YTgxODc5MDRkMDU0ZGY4OTg5NmE2NDY3ODA5MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/tLIw3cxtE4c+Z4MDiT+6hFzawX
pR8TId9umLtSubuH6Gl2A8CVgUeG0lyYzVVStUXHigZCg/BPqsAl/wtOghPDqeNy
Dr7i1S1n/i2EZBv8/35YLaUaNEO6Bu0sTjy5eErTMjVDU7Nzn1w+l+cNbQAXCgT7
HFoaS/h0N1GmQJ9ej/d7BMjWSRTH8x/TeAkx5HPOuzPfacY/xyqn7ZmeP51462YA
+sqb7Weg7DjBmZxjQ6Cjjabfs0KXNcjl/I1msGHS8BoVWPR20MDXO8AkxKPd4aVG
VxN40l6g6r7po6l1+Vq65YkJ6m1iYfkH6z9FKJMuXwzCSds5NdNDst0DPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaSlBGEqBh5BNBU34mJamRngJNQMB8GA1UdIwQY
MBaAFHskNYxPFsGf+tN/PK/gyPasv2WxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXlRMWpFOFd3Wl82MDM4OHItREk5cXlfWmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85YWE2M2ItNzY0Ny00MDczLTllNjYt
MGQ3YzUyMTU0MTgzLzEvaHBLVUVZU29HSGtFMEZUZmlZbHFaR2VBazFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85YWE2M2ItNzY0Ny00MDczLTllNjYtMGQ3YzUyMTU0MTgz
LzEvZXlRMWpFOFd3Wl82MDM4OHItREk5cXlfWmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1bKUMA0G
CSqGSIb3DQEBCwUAA4IBAQBH/+ZbN7PTzKL+ds99+OwwDiMpWtRQQj8GFTa9NJAN
rO8nwgOX4QaPDXy+3WwVzD2Wg6OqRHrQ9zHKrjMt6pGqkzo2lgoUMTQYFtH51FTP
Up9NF8h6NsFSF2tuc1ByADAefaSoD4UuTGEmVly1i/pQJo4+XX+vCabnpGpU/78M
5EwLRXwS67N1Lxret+54g5FjI57O0kfVnutrd6aWis3JHOUCqkZvZkE+f9AXAIyn
w5wyV52OdACIWaf0jX4VmhEWxTxKOqBbGDYXzoYhGoI+soZ8ew54GkMgjoW2G8hN
TXvq5DldrQiwyUzlOmM4orGMtyB39IsDtnL+/xdgPgUl
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:09:33 2025 by rpki-client