Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/184500-3336-4cdd-943b-4f6c85fd50f1/1/HP64WtX1yfILpkNOMbG1q1N4a3k.roa
File: HP64WtX1yfILpkNOMbG1q1N4a3k.roa (raw, json)
Hash identifier: qIWMDdKxzjP3RhBE+pArO3QBDZn+hnUGI/cwBEig+dA=
Subject key identifier: 1C:FE:B8:5A:D5:F5:C9:F2:0B:A6:43:4E:31:B1:B5:AB:53:78:6B:79
Certificate issuer: /CN=7e05f5adbb9aab1079b25246e23bbbd6a17e3ed8
Certificate serial: 01941F8CA3C92D2D46BEE68099B8666BC1C1
Authority key identifier: 7E:05:F5:AD:BB:9A:AB:10:79:B2:52:46:E2:3B:BB:D6:A1:7E:3E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fgX1rbuaqxB5slJG4ju71qF-Ptg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/184500-3336-4cdd-943b-4f6c85fd50f1/1/HP64WtX1yfILpkNOMbG1q1N4a3k.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43190
IP address blocks: 91.217.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a3:c9:2d:2d:46:be:e6:80:99:b8:66:6b:c1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e05f5adbb9aab1079b25246e23bbbd6a17e3ed8
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cfeb85ad5f5c9f20ba6434e31b1b5ab53786b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:66:77:40:e1:d4:1c:7f:c4:f0:c0:dd:b6:
c2:be:7e:8e:27:b1:c2:53:e9:d2:6e:2d:54:1f:5c:
df:bf:73:d8:4b:c2:53:78:38:86:04:84:29:a1:66:
9f:25:56:c3:c1:6c:a7:4c:8b:b7:75:5f:98:64:dc:
61:a0:87:20:1b:d1:36:85:3d:eb:2a:da:f4:9d:a6:
34:3b:a4:4e:71:f7:f8:b5:49:3e:0c:98:b1:a7:ec:
61:b4:6d:e5:c4:14:f3:d3:7a:da:5b:5f:34:3f:5a:
0f:bb:6c:1b:76:2d:de:76:22:47:d9:e5:d8:86:3c:
b6:8f:0e:53:fe:d6:ba:6e:02:65:a6:93:cf:e3:fd:
51:ff:51:6f:57:58:0c:ab:5b:38:85:6b:f0:d1:d1:
3e:cd:86:25:ae:be:29:95:26:32:72:db:32:af:87:
22:21:8d:5f:12:89:e9:67:e8:55:d6:25:af:9e:ca:
83:b3:a7:7f:be:62:5e:2e:6c:23:c5:43:64:9e:7d:
f6:1a:5f:27:fa:b5:29:0e:a0:f5:eb:4c:59:5a:dd:
24:c5:7d:be:a2:45:0c:35:15:6d:88:9f:bb:31:7d:
e9:be:c7:e3:db:5a:2a:03:c7:f7:56:d2:7e:74:46:
8d:d6:a9:bb:9a:c4:37:9c:e3:34:bf:62:6e:c7:b8:
91:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FE:B8:5A:D5:F5:C9:F2:0B:A6:43:4E:31:B1:B5:AB:53:78:6B:79
X509v3 Authority Key Identifier:
keyid:7E:05:F5:AD:BB:9A:AB:10:79:B2:52:46:E2:3B:BB:D6:A1:7E:3E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgX1rbuaqxB5slJG4ju71qF-Ptg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/184500-3336-4cdd-943b-4f6c85fd50f1/1/HP64WtX1yfILpkNOMbG1q1N4a3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/184500-3336-4cdd-943b-4f6c85fd50f1/1/fgX1rbuaqxB5slJG4ju71qF-Ptg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.57.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:20:1a:0f:27:70:f4:91:1a:76:f6:1f:6a:b9:b3:f4:18:60:
28:c7:81:54:a1:f8:0b:6f:ba:ea:b8:22:f4:2a:2a:c0:a8:b4:
e7:12:9f:69:66:da:8e:51:2b:60:91:ce:6f:e1:cb:52:dd:9f:
d5:b4:28:ae:8f:a0:d5:11:cd:bd:b1:ab:2c:2d:3c:3e:3b:ca:
f7:48:f8:13:a1:10:d2:05:f5:1c:d0:1e:93:ea:91:79:59:0a:
7d:e3:ed:69:f7:d2:41:32:14:c0:d4:b0:ce:27:d3:8c:7c:a5:
0d:ba:e7:cd:f0:97:03:c7:bb:14:0f:c7:d5:e4:78:d3:5d:1c:
ec:2a:62:2d:fa:ab:09:d2:4d:22:3a:e1:4d:bc:aa:47:9b:d5:
e6:c8:71:2b:53:6b:ad:20:17:36:a6:0f:11:20:95:cd:a4:80:
5c:4c:33:4f:27:e0:e9:fb:07:1d:cb:21:6d:53:57:7b:f8:6a:
0f:97:f2:a0:7b:43:7f:26:43:08:02:50:ce:2d:6e:e3:7c:d3:
cf:13:95:93:20:92:2d:d1:b7:ae:36:e8:c3:83:a0:f4:b9:b8:
26:ee:98:bc:63:74:37:bd:b0:c2:78:df:eb:5a:5a:37:01:ec:
53:2c:2f:22:b3:b3:a0:ce:76:3e:e4:21:e7:88:de:1f:3d:25:
9c:ec:86:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjKPJLS1GvuaAmbhma8HBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDVmNWFkYmI5YWFiMTA3OWIyNTI0NmUyM2JiYmQ2YTE3
ZTNlZDgwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ZlYjg1YWQ1ZjVjOWYyMGJhNjQzNGUzMWIxYjVhYjUzNzg2Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSFmd0Dh1Bx/xPDA3bbCvn6OJ7HC
U+nSbi1UH1zfv3PYS8JTeDiGBIQpoWafJVbDwWynTIu3dV+YZNxhoIcgG9E2hT3r
Ktr0naY0O6ROcff4tUk+DJixp+xhtG3lxBTz03raW180P1oPu2wbdi3ediJH2eXY
hjy2jw5T/ta6bgJlppPP4/1R/1FvV1gMq1s4hWvw0dE+zYYlrr4plSYyctsyr4ci
IY1fEonpZ+hV1iWvnsqDs6d/vmJeLmwjxUNknn32Gl8n+rUpDqD160xZWt0kxX2+
okUMNRVtiJ+7MX3pvsfj21oqA8f3VtJ+dEaN1qm7msQ3nOM0v2Jux7iRwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBz+uFrV9cnyC6ZDTjGxtatTeGt5MB8GA1UdIwQY
MBaAFH4F9a27mqsQebJSRuI7u9ahfj7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdYMXJidWFxeEI1c2xKRzRqdTcxcUYtUHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8xODQ1MDAtMzMzNi00Y2RkLTk0M2It
NGY2Yzg1ZmQ1MGYxLzEvSFA2NFd0WDF5ZklMcGtOT01iRzFxMU40YTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8xODQ1MDAtMzMzNi00Y2RkLTk0M2ItNGY2Yzg1ZmQ1MGYx
LzEvZmdYMXJidWFxeEI1c2xKRzRqdTcxcUYtUHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9k5MA0G
CSqGSIb3DQEBCwUAA4IBAQBKIBoPJ3D0kRp29h9qubP0GGAox4FUofgLb7rquCL0
KirAqLTnEp9pZtqOUStgkc5v4ctS3Z/VtCiuj6DVEc29sassLTw+O8r3SPgToRDS
BfUc0B6T6pF5WQp94+1p99JBMhTA1LDOJ9OMfKUNuufN8JcDx7sUD8fV5HjTXRzs
KmIt+qsJ0k0iOuFNvKpHm9XmyHErU2utIBc2pg8RIJXNpIBcTDNPJ+Dp+wcdyyFt
U1d7+GoPl/Kge0N/JkMIAlDOLW7jfNPPE5WTIJIt0beuNujDg6D0ubgm7pi8Y3Q3
vbDCeN/rWlo3AexTLC8is7OgznY+5CHniN4fPSWc7Ibv
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:03:53 2025 by rpki-client