Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/HY-O7nz9WFCioriwjTbU8KPH4Os.roa
File: HY-O7nz9WFCioriwjTbU8KPH4Os.roa (raw, json)
Hash identifier: sJGbzhgmDBlhZciijooXLahul8Bi+iskV8aFfpuqRbc=
Subject key identifier: 1D:8F:8E:EE:7C:FD:58:50:A2:A2:B8:B0:8D:36:D4:F0:A3:C7:E0:EB
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 0194282365FC58C13DB01FAD75E9DABC906D
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/HY-O7nz9WFCioriwjTbU8KPH4Os.roa
Signing time: Thu 02 Jan 2025 17:49:56 +0000
ROA not before: Thu 02 Jan 2025 17:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12462
IP address blocks: 212.163.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:65:fc:58:c1:3d:b0:1f:ad:75:e9:da:bc:90:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Jan 2 17:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d8f8eee7cfd5850a2a2b8b08d36d4f0a3c7e0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:10:f6:f8:f7:4e:09:eb:1b:c6:7f:a8:11:6a:
93:17:9f:0c:f8:77:26:09:24:75:8c:a0:6d:98:d6:
f0:40:4b:c9:16:eb:e2:1e:a2:5a:a3:7a:6a:70:00:
8c:2a:2b:f9:ba:35:81:fc:ac:e9:b9:47:bd:84:3a:
a2:ab:19:5b:a7:05:bb:26:fa:17:6b:f3:53:d3:0c:
c7:ca:e8:22:1f:64:81:42:5f:46:38:e4:d9:0f:4a:
2c:ea:f0:0c:d9:0d:9a:a8:74:ad:fa:b8:9a:ef:9a:
89:70:2d:93:ee:dd:72:38:e7:84:c5:9c:42:bf:dd:
89:87:a7:53:e9:e9:c9:a1:07:40:f4:c0:03:fa:3d:
0c:c3:dd:8e:42:d5:46:e1:a4:b2:a1:4e:72:cb:bb:
74:ab:12:74:8d:6f:da:3c:30:e6:ff:11:e6:ad:0f:
d6:f2:d0:d6:73:3d:9d:59:51:7e:29:0e:8f:98:c5:
5e:f2:ea:70:6a:8a:7d:de:50:8e:79:25:8d:09:9a:
05:6a:14:9b:cf:a3:82:d5:36:f4:2e:b2:8d:6f:f6:
c7:b5:1c:52:c7:c1:7e:80:e0:ee:1f:72:af:a8:15:
9e:4b:40:04:c9:7f:fb:e3:f1:76:a1:56:26:e9:e9:
d7:82:eb:c4:a1:26:dc:22:75:cf:d8:22:54:ed:63:
15:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8F:8E:EE:7C:FD:58:50:A2:A2:B8:B0:8D:36:D4:F0:A3:C7:E0:EB
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/HY-O7nz9WFCioriwjTbU8KPH4Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.163.31.0/24
Signature Algorithm: sha256WithRSAEncryption
33:af:e0:01:94:a6:ed:1b:43:96:24:1c:06:c5:cc:ea:48:69:
c7:a3:33:0b:3f:ee:22:c7:aa:62:c9:0c:13:87:34:cf:66:fc:
36:b6:2f:fb:7c:4e:d0:9f:e4:73:a2:e7:10:c6:50:ef:8d:98:
91:bb:1a:7b:ee:3c:49:7d:6b:75:80:5f:7a:16:0d:a0:61:ec:
bb:fd:12:db:eb:fc:df:05:e8:f2:43:02:02:ae:7c:ee:0e:f3:
2d:79:e8:9a:3d:7f:fe:f7:37:d5:63:9d:be:43:da:d6:db:70:
b0:ec:5d:f1:66:7b:b5:f1:c8:13:0c:97:32:ce:c1:33:01:ac:
80:8c:49:19:56:e6:43:52:a6:bb:85:23:c0:10:f2:d8:e5:b2:
a7:35:15:3d:21:c8:8e:79:8d:fe:38:7a:56:87:40:16:2f:a6:
35:da:91:83:d5:7b:f6:6c:9e:24:24:c1:e2:42:d7:bc:be:d5:
77:31:c8:af:bf:7b:99:1d:46:57:cc:f8:95:00:a8:36:0d:99:
60:83:de:05:65:66:62:d8:e7:71:6a:e1:c4:2d:5c:cc:21:8f:
3b:09:23:72:f4:55:c8:d7:45:05:70:a1:a6:fc:9b:b6:d7:30:
8a:84:33:1f:ed:0e:9a:57:77:c6:88:bd:7b:64:cc:89:0a:60:
90:a9:0b:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI2X8WME9sB+tdenavJBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjUwMTAyMTc0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDhmOGVlZTdjZmQ1ODUwYTJhMmI4YjA4ZDM2ZDRmMGEzYzdlMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxD2+PdOCesbxn+oEWqTF58M+Hcm
CSR1jKBtmNbwQEvJFuviHqJao3pqcACMKiv5ujWB/KzpuUe9hDqiqxlbpwW7JvoX
a/NT0wzHyugiH2SBQl9GOOTZD0os6vAM2Q2aqHSt+ria75qJcC2T7t1yOOeExZxC
v92Jh6dT6enJoQdA9MAD+j0Mw92OQtVG4aSyoU5yy7t0qxJ0jW/aPDDm/xHmrQ/W
8tDWcz2dWVF+KQ6PmMVe8upwaop93lCOeSWNCZoFahSbz6OC1Tb0LrKNb/bHtRxS
x8F+gODuH3KvqBWeS0AEyX/74/F2oVYm6enXguvEoSbcInXP2CJU7WMVNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2Pju58/VhQoqK4sI021PCjx+DrMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvSFktTzduejlXRkNpb3Jpd2pUYlU4S1BINE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1KMfMA0G
CSqGSIb3DQEBCwUAA4IBAQAzr+ABlKbtG0OWJBwGxczqSGnHozMLP+4ix6piyQwT
hzTPZvw2ti/7fE7Qn+RzoucQxlDvjZiRuxp77jxJfWt1gF96Fg2gYey7/RLb6/zf
BejyQwICrnzuDvMteeiaPX/+9zfVY52+Q9rW23Cw7F3xZnu18cgTDJcyzsEzAayA
jEkZVuZDUqa7hSPAEPLY5bKnNRU9IciOeY3+OHpWh0AWL6Y12pGD1Xv2bJ4kJMHi
Qte8vtV3Mcivv3uZHUZXzPiVAKg2DZlgg94FZWZi2OdxauHELVzMIY87CSNy9FXI
10UFcKGm/Ju21zCKhDMf7Q6aV3fGiL17ZMyJCmCQqQus
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:23:12 2025 by rpki-client