Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/hLFJquKo-2HrHgS3tC85H4343DU.roa
File: hLFJquKo-2HrHgS3tC85H4343DU.roa (raw, json)
Hash identifier: nh7NbrSlckvvLuSFfKgI45STQ6KlvJNVJOtaSTVOkeY=
Subject key identifier: 84:B1:49:AA:E2:A8:FB:61:EB:1E:04:B7:B4:2F:39:1F:8D:F8:DC:35
Certificate issuer: /CN=049926e1cc5e61c5c80eb46a9d7b6f5f63a1661c
Certificate serial: 01942444FC4275974E8F370574CB08D136AC
Authority key identifier: 04:99:26:E1:CC:5E:61:C5:C8:0E:B4:6A:9D:7B:6F:5F:63:A1:66:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BJkm4cxeYcXIDrRqnXtvX2OhZhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/hLFJquKo-2HrHgS3tC85H4343DU.roa
Signing time: Wed 01 Jan 2025 23:48:08 +0000
ROA not before: Wed 01 Jan 2025 23:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25304
IP address blocks: 193.254.230.0/23 maxlen: 23
2001:678:ecc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:fc:42:75:97:4e:8f:37:05:74:cb:08:d1:36:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=049926e1cc5e61c5c80eb46a9d7b6f5f63a1661c
Validity
Not Before: Jan 1 23:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84b149aae2a8fb61eb1e04b7b42f391f8df8dc35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7c:d6:7e:b7:64:ca:5c:cb:ce:ce:41:50:7f:
27:74:92:8e:32:27:90:2c:91:29:98:e8:df:ec:fd:
e2:c6:57:17:23:63:d6:ad:fc:88:1d:12:c6:a2:95:
ae:86:18:a8:47:bc:e4:2a:2d:d8:c1:e1:f0:c0:03:
29:26:b3:c8:e7:c6:29:77:b6:b1:b0:65:49:58:79:
24:84:90:3e:61:c4:6b:7c:25:8e:e6:7f:ab:06:5c:
5a:a8:8b:15:a6:83:f3:e9:74:d2:2a:ce:9d:ca:22:
e8:e2:c3:06:82:4d:58:1e:fe:a1:0a:6c:65:9b:cd:
40:25:d5:a5:cd:1b:8f:51:cf:07:81:0a:99:8e:a0:
7b:8a:35:66:8b:a1:42:8a:8d:b1:70:fe:11:73:9a:
31:22:6c:d4:d3:06:f5:20:96:8b:6f:8c:cc:89:10:
93:71:7e:82:c2:55:9e:6b:86:64:81:18:c8:48:83:
00:d7:bb:25:6a:c5:45:34:88:eb:a9:2f:30:d4:ce:
18:7b:f3:35:3c:ac:f3:f9:37:f7:22:6b:cf:07:59:
6b:14:2b:f4:8d:a8:38:f3:6e:6a:f7:38:37:03:60:
0d:1c:27:70:ad:8b:2e:f8:c9:16:55:19:e6:73:9d:
80:63:13:63:fd:77:22:4e:d0:c5:3f:3d:b4:81:dc:
c5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B1:49:AA:E2:A8:FB:61:EB:1E:04:B7:B4:2F:39:1F:8D:F8:DC:35
X509v3 Authority Key Identifier:
keyid:04:99:26:E1:CC:5E:61:C5:C8:0E:B4:6A:9D:7B:6F:5F:63:A1:66:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BJkm4cxeYcXIDrRqnXtvX2OhZhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/hLFJquKo-2HrHgS3tC85H4343DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/BJkm4cxeYcXIDrRqnXtvX2OhZhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.254.230.0/23
IPv6:
2001:678:ecc::/48
Signature Algorithm: sha256WithRSAEncryption
bb:28:12:12:04:41:e9:04:fb:b0:94:b2:26:81:c7:c1:52:14:
8c:0d:90:c0:6d:5b:ab:84:9d:50:27:be:ff:cd:77:4b:34:fe:
be:7f:b5:1f:7e:2c:16:9d:23:c8:f1:0e:95:53:86:dd:1c:84:
0b:c3:c6:39:8a:68:11:57:93:a3:c5:cd:ce:1d:fb:01:a0:ff:
e4:1d:fa:5b:46:2a:ed:a9:7a:d1:e9:0d:16:94:e5:e8:19:50:
1c:34:91:69:96:cb:77:d9:3e:11:88:44:15:d7:aa:96:5b:d3:
7f:bc:73:99:b5:ca:50:e9:3c:a8:68:4a:1b:1e:03:08:cf:0c:
f8:d5:7c:8f:d8:01:89:46:8e:1e:06:ff:28:42:a7:20:c6:0e:
a4:11:be:2a:64:e3:48:d5:c2:e1:61:8b:12:ec:d0:67:26:66:
dd:e0:79:b6:08:42:62:da:5c:a5:6c:36:86:af:c0:50:01:ad:
75:fd:0f:10:de:a5:76:1d:a5:54:1e:a5:61:8e:03:23:92:96:
cc:df:7b:06:23:3a:e2:d1:98:80:37:bd:93:23:b4:fd:ef:8c:
21:84:91:ca:7a:38:2e:e6:64:f2:33:9c:28:82:89:9a:3d:6e:
61:d7:d4:dd:a2:b9:ea:cb:b4:5e:8f:04:ee:c7:6d:96:52:a1:
3e:6a:3d:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRPxCdZdOjzcFdMsI0TasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OTkyNmUxY2M1ZTYxYzVjODBlYjQ2YTlkN2I2ZjVmNjNh
MTY2MWMwHhcNMjUwMTAxMjM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGIxNDlhYWUyYThmYjYxZWIxZTA0YjdiNDJmMzkxZjhkZjhkYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13zWfrdkylzLzs5BUH8ndJKOMieQ
LJEpmOjf7P3ixlcXI2PWrfyIHRLGopWuhhioR7zkKi3YweHwwAMpJrPI58Ypd7ax
sGVJWHkkhJA+YcRrfCWO5n+rBlxaqIsVpoPz6XTSKs6dyiLo4sMGgk1YHv6hCmxl
m81AJdWlzRuPUc8HgQqZjqB7ijVmi6FCio2xcP4Rc5oxImzU0wb1IJaLb4zMiRCT
cX6CwlWea4ZkgRjISIMA17slasVFNIjrqS8w1M4Ye/M1PKzz+Tf3ImvPB1lrFCv0
jag4825q9zg3A2ANHCdwrYsu+MkWVRnmc52AYxNj/XciTtDFPz20gdzFGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFISxSariqPth6x4Et7QvOR+N+Nw1MB8GA1UdIwQY
MBaAFASZJuHMXmHFyA60ap17b19joWYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkprbTRjeGVZY1hJRHJScW5YdHZYMk9oWmh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jMzljYWYtYjc3Ny00OTRkLWI2ODIt
OGU5ZGY5NmRjZTQ1LzEvaExGSnF1S28tMkhySGdTM3RDODVINDM0M0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jMzljYWYtYjc3Ny00OTRkLWI2ODItOGU5ZGY5NmRjZTQ1
LzEvQkprbTRjeGVZY1hJRHJScW5YdHZYMk9oWmh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwf7mMA8E
AgACMAkDBwAgAQZ4DswwDQYJKoZIhvcNAQELBQADggEBALsoEhIEQekE+7CUsiaB
x8FSFIwNkMBtW6uEnVAnvv/Nd0s0/r5/tR9+LBadI8jxDpVTht0chAvDxjmKaBFX
k6PFzc4d+wGg/+Qd+ltGKu2petHpDRaU5egZUBw0kWmWy3fZPhGIRBXXqpZb03+8
c5m1ylDpPKhoShseAwjPDPjVfI/YAYlGjh4G/yhCpyDGDqQRvipk40jVwuFhixLs
0GcmZt3gebYIQmLaXKVsNoavwFABrXX9DxDepXYdpVQepWGOAyOSlszfewYjOuLR
mIA3vZMjtP3vjCGEkcp6OC7mZPIznCiCiZo9bmHX1N2iuerLtF6PBO7HbZZSoT5q
PQU=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:28:59 2025 by rpki-client