Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/hvWaFS0EttocYGvPpBWtHglH1UU.roa
File: hvWaFS0EttocYGvPpBWtHglH1UU.roa (raw, json)
Hash identifier: 5kJHcJE58dfjo4vnxy+41rEzTCWfIQJ14p7YHDvJKE4=
Subject key identifier: 86:F5:9A:15:2D:04:B6:DA:1C:60:6B:CF:A4:15:AD:1E:09:47:D5:45
Certificate issuer: /CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Certificate serial: 0194221FACC9DABB7F26AAF603422403C9CA
Authority key identifier: 9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/hvWaFS0EttocYGvPpBWtHglH1UU.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 193.111.212.0/22 maxlen: 22
193.111.212.0/24 maxlen: 24
2001:67c:2878::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ac:c9:da:bb:7f:26:aa:f6:03:42:24:03:c9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e505f2e67a1e604b3f963ce4c367d1958bd4b78
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86f59a152d04b6da1c606bcfa415ad1e0947d545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:37:a6:73:63:6d:09:fc:dd:58:7a:33:09:54:
9a:4d:b6:2f:e7:a2:bd:00:6b:a1:d8:c3:f5:48:ad:
0e:14:c0:67:29:29:e8:01:9a:2d:93:1e:88:10:06:
1f:e0:f3:29:57:6f:1b:bd:46:d1:d5:64:c5:10:f4:
8c:9f:a3:0a:7d:da:4e:5e:30:79:51:a2:09:5e:f4:
fb:c6:0e:d4:e4:84:c4:f3:e5:ec:3a:2d:19:9d:bf:
90:6f:77:a9:25:ac:cb:10:53:ef:3c:c2:94:1c:5f:
1a:17:e5:a0:a9:13:ac:74:46:75:49:1f:97:d9:87:
de:2c:6a:56:d7:30:b6:6a:fc:52:1e:1d:b1:5c:38:
aa:e3:64:d9:67:78:49:17:71:27:c1:16:59:b5:f3:
7b:1b:83:83:17:32:3e:aa:1a:28:25:a0:94:f7:7e:
3c:85:24:8f:c4:6f:31:2c:23:ae:2c:67:5e:09:e3:
1a:20:8c:91:16:6a:9d:43:df:f3:c5:c6:36:ca:b7:
5e:b7:54:b0:61:1e:23:c3:86:bb:c6:bc:1c:e1:98:
d8:93:14:91:c0:bc:fa:f3:64:19:3f:03:e5:6e:f7:
ed:b5:90:35:84:63:54:2a:b8:b4:18:be:ec:03:47:
ed:13:a6:6f:b3:44:46:61:ea:68:ba:52:ed:40:05:
2d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F5:9A:15:2D:04:B6:DA:1C:60:6B:CF:A4:15:AD:1E:09:47:D5:45
X509v3 Authority Key Identifier:
keyid:9E:50:5F:2E:67:A1:E6:04:B3:F9:63:CE:4C:36:7D:19:58:BD:4B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/hvWaFS0EttocYGvPpBWtHglH1UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/fb7864-5795-4208-abe0-08542454d16b/1/nlBfLmeh5gSz-WPOTDZ9GVi9S3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.212.0/22
IPv6:
2001:67c:2878::/48
Signature Algorithm: sha256WithRSAEncryption
89:83:a2:2f:82:22:70:31:47:af:78:8e:e6:0f:22:63:fc:6d:
66:32:4d:eb:41:34:c1:00:83:59:2d:59:45:77:c7:3e:fd:47:
bd:4a:07:b6:f1:8e:b2:04:c2:fe:a8:ef:4e:d6:43:b8:71:cb:
6c:a7:b3:c5:26:5e:57:e9:47:24:39:8f:d1:b0:26:19:a6:f9:
ee:26:19:14:13:ed:8f:df:dc:9e:4a:d4:ae:be:c9:37:c1:b1:
ca:4a:e1:e4:90:2c:6c:17:13:be:ce:17:ed:c9:66:a3:ef:3a:
11:b2:5a:0b:43:2c:95:64:21:cf:eb:f0:d8:90:b7:4e:4c:3d:
b4:8c:a3:13:5d:6c:ad:29:b8:a4:bb:7a:9f:15:da:2b:c3:38:
18:96:ca:fd:63:b0:bc:86:29:2e:55:02:ba:86:db:17:64:29:
4e:aa:8e:6d:db:00:dc:5f:10:ed:27:a0:a1:83:f0:2f:8f:67:
5c:81:f1:bb:07:99:fe:e4:13:61:20:3d:c0:47:ca:83:d3:e7:
1e:8f:89:55:34:1b:09:88:af:07:80:49:ab:08:b2:c9:31:31:
ac:b4:2e:37:24:0f:91:89:ec:a2:e1:f1:d1:16:78:b2:d7:f5:
20:3f:6b:b6:0a:6b:69:7e:55:c0:9a:80:e2:e5:33:83:60:23:
e7:b7:48:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiH6zJ2rt/Jqr2A0IkA8nKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTA1ZjJlNjdhMWU2MDRiM2Y5NjNjZTRjMzY3ZDE5NThi
ZDRiNzgwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmY1OWExNTJkMDRiNmRhMWM2MDZiY2ZhNDE1YWQxZTA5NDdkNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTemc2NtCfzdWHozCVSaTbYv56K9
AGuh2MP1SK0OFMBnKSnoAZotkx6IEAYf4PMpV28bvUbR1WTFEPSMn6MKfdpOXjB5
UaIJXvT7xg7U5ITE8+XsOi0Znb+Qb3epJazLEFPvPMKUHF8aF+WgqROsdEZ1SR+X
2YfeLGpW1zC2avxSHh2xXDiq42TZZ3hJF3EnwRZZtfN7G4ODFzI+qhooJaCU9348
hSSPxG8xLCOuLGdeCeMaIIyRFmqdQ9/zxcY2yrdet1SwYR4jw4a7xrwc4ZjYkxSR
wLz682QZPwPlbvfttZA1hGNUKri0GL7sA0ftE6Zvs0RGYepoulLtQAUtOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIb1mhUtBLbaHGBrz6QVrR4JR9VFMB8GA1UdIwQY
MBaAFJ5QXy5noeYEs/ljzkw2fRlYvUt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAt
MDg1NDI0NTRkMTZiLzEvaHZXYUZTMEV0dG9jWUd2UHBCV3RIZ2xIMVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mYjc4NjQtNTc5NS00MjA4LWFiZTAtMDg1NDI0NTRkMTZi
LzEvbmxCZkxtZWg1Z1N6LVdQT1REWjlHVmk5UzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwW/UMA8E
AgACMAkDBwAgAQZ8KHgwDQYJKoZIhvcNAQELBQADggEBAImDoi+CInAxR694juYP
ImP8bWYyTetBNMEAg1ktWUV3xz79R71KB7bxjrIEwv6o707WQ7hxy2yns8UmXlfp
RyQ5j9GwJhmm+e4mGRQT7Y/f3J5K1K6+yTfBscpK4eSQLGwXE77OF+3JZqPvOhGy
WgtDLJVkIc/r8NiQt05MPbSMoxNdbK0puKS7ep8V2ivDOBiWyv1jsLyGKS5VArqG
2xdkKU6qjm3bANxfEO0noKGD8C+PZ1yB8bsHmf7kE2EgPcBHyoPT5x6PiVU0GwmI
rweASasIsskxMay0LjckD5GJ7KLh8dEWeLLX9SA/a7YKa2l+VcCagOLlM4NgI+e3
SIQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:15:28 2025 by rpki-client