Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/HNZKASXvOu7ez_JH9PuMKg51dfc.roa
File: HNZKASXvOu7ez_JH9PuMKg51dfc.roa (raw, json)
Hash identifier: E5GVRIyB2FPDqpFEdeZFkQOEeY/IVLgHRxxoYqNwjnk=
Subject key identifier: 1C:D6:4A:01:25:EF:3A:EE:DE:CF:F2:47:F4:FB:8C:2A:0E:75:75:F7
Certificate issuer: /CN=256452a3420f4f18dfa3a14d26b3348fdfcf3d3b
Certificate serial: 019425FDA3C8C3DD71D44EDA4A2DE079D25A
Authority key identifier: 25:64:52:A3:42:0F:4F:18:DF:A3:A1:4D:26:B3:34:8F:DF:CF:3D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JWRSo0IPTxjfo6FNJrM0j9_PPTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/HNZKASXvOu7ez_JH9PuMKg51dfc.roa
Signing time: Thu 02 Jan 2025 07:49:27 +0000
ROA not before: Thu 02 Jan 2025 07:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41480
IP address blocks: 193.25.96.0/24 maxlen: 24
193.25.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a3:c8:c3:dd:71:d4:4e:da:4a:2d:e0:79:d2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=256452a3420f4f18dfa3a14d26b3348fdfcf3d3b
Validity
Not Before: Jan 2 07:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cd64a0125ef3aeedecff247f4fb8c2a0e7575f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ae:85:e7:18:22:48:ea:27:19:8c:3a:cd:47:
91:f8:88:7a:10:d0:ab:51:c3:bd:5b:18:7b:34:aa:
8d:d5:09:68:60:34:e2:03:36:7e:ee:c8:db:33:17:
cd:a5:68:25:1d:74:b1:d4:33:be:cb:c4:e6:d0:35:
06:fa:45:7d:78:f6:f0:5c:44:89:ab:a5:cc:53:d2:
07:0e:d9:05:ad:a8:81:a6:a6:7d:26:d8:c5:53:7c:
7c:bc:f3:65:7a:ce:7a:e5:22:1f:f7:19:7a:ee:37:
80:ca:86:db:07:5b:7e:55:44:d0:8a:70:b5:4f:5f:
34:de:0a:a9:53:95:10:55:55:e0:17:06:cf:5c:38:
a8:e2:b1:13:de:7c:5f:21:bd:58:e9:2d:b6:ee:37:
fb:4f:37:cc:bc:50:80:ce:d7:84:41:01:eb:2a:ab:
f1:a5:1d:cf:4d:28:2e:0e:be:0a:12:4b:13:ad:42:
4a:db:b4:67:ac:67:e1:fe:c5:42:a1:cc:db:c9:f2:
e6:0e:7a:7e:3b:20:34:f3:c4:13:40:d1:df:8c:34:
3a:a4:49:e5:63:4c:6b:3a:93:df:fc:fc:7d:48:8c:
ab:46:68:1a:84:5d:82:b0:65:5b:93:27:79:df:42:
96:63:cb:2f:98:59:85:7b:50:d7:bb:da:72:ec:61:
d5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D6:4A:01:25:EF:3A:EE:DE:CF:F2:47:F4:FB:8C:2A:0E:75:75:F7
X509v3 Authority Key Identifier:
keyid:25:64:52:A3:42:0F:4F:18:DF:A3:A1:4D:26:B3:34:8F:DF:CF:3D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWRSo0IPTxjfo6FNJrM0j9_PPTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/HNZKASXvOu7ez_JH9PuMKg51dfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/JWRSo0IPTxjfo6FNJrM0j9_PPTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.96.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:95:85:b1:83:2c:6d:e5:2c:67:c6:7c:fa:78:79:b7:f2:a5:
40:5c:97:93:c7:9f:c2:94:d9:cb:ad:81:61:52:6c:00:ba:4b:
0e:3b:3f:d1:d2:3d:a7:01:db:92:8a:b8:f6:fa:d8:db:8a:0f:
01:d5:3a:70:5b:ac:27:4d:8d:d2:b1:5e:6a:da:34:3f:bc:aa:
0f:55:2e:4d:c2:d8:ec:d3:30:79:5a:06:39:45:c9:db:e7:a1:
85:6a:1b:19:13:a2:f3:88:1c:25:16:d0:68:32:db:a2:fd:11:
66:2c:9c:17:7b:ec:27:1e:9b:4e:92:ac:e2:70:e8:4e:bf:0d:
f7:c0:45:51:9a:7c:25:2f:60:29:c4:ca:90:70:70:b1:7d:01:
41:f0:f1:25:a1:53:62:99:86:87:a3:20:5a:00:b6:ad:3c:42:
67:bb:04:a5:f2:fa:08:e6:74:6b:14:1b:5d:82:21:0c:40:8a:
53:b3:d5:c6:be:9d:23:16:8e:04:b8:70:7f:0b:b5:67:bd:e3:
96:11:e0:24:2c:40:71:44:a2:c5:90:3b:25:fb:00:32:6d:fc:
40:09:60:b6:b4:2f:c0:d9:02:bc:94:8f:e7:73:3b:a8:f2:13:
33:10:26:96:d3:6d:23:43:2a:e1:28:87:66:fd:1e:3e:10:78:
10:d0:d1:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/aPIw91x1E7aSi3gedJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NjQ1MmEzNDIwZjRmMThkZmEzYTE0ZDI2YjMzNDhmZGZj
ZjNkM2IwHhcNMjUwMTAyMDc0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q2NGEwMTI1ZWYzYWVlZGVjZmYyNDdmNGZiOGMyYTBlNzU3NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK6F5xgiSOonGYw6zUeR+Ih6ENCr
UcO9Wxh7NKqN1QloYDTiAzZ+7sjbMxfNpWglHXSx1DO+y8Tm0DUG+kV9ePbwXESJ
q6XMU9IHDtkFraiBpqZ9JtjFU3x8vPNles565SIf9xl67jeAyobbB1t+VUTQinC1
T1803gqpU5UQVVXgFwbPXDio4rET3nxfIb1Y6S227jf7TzfMvFCAzteEQQHrKqvx
pR3PTSguDr4KEksTrUJK27RnrGfh/sVCoczbyfLmDnp+OyA088QTQNHfjDQ6pEnl
Y0xrOpPf/Px9SIyrRmgahF2CsGVbkyd530KWY8svmFmFe1DXu9py7GHVQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzWSgEl7zru3s/yR/T7jCoOdXX3MB8GA1UdIwQY
MBaAFCVkUqNCD08Y36OhTSazNI/fzz07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSldSU28wSVBUeGpmbzZGTkpyTTBqOV9QUFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9hNDgzODgtMmVkNy00NGNmLTk1NTct
ZjM4YjI4OWZmOTY5LzEvSE5aS0FTWHZPdTdlel9KSDlQdU1LZzUxZGZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9hNDgzODgtMmVkNy00NGNmLTk1NTctZjM4YjI4OWZmOTY5
LzEvSldSU28wSVBUeGpmbzZGTkpyTTBqOV9QUFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRlgMA0G
CSqGSIb3DQEBCwUAA4IBAQCOlYWxgyxt5Sxnxnz6eHm38qVAXJeTx5/ClNnLrYFh
UmwAuksOOz/R0j2nAduSirj2+tjbig8B1TpwW6wnTY3SsV5q2jQ/vKoPVS5Nwtjs
0zB5WgY5Rcnb56GFahsZE6LziBwlFtBoMtui/RFmLJwXe+wnHptOkqzicOhOvw33
wEVRmnwlL2ApxMqQcHCxfQFB8PEloVNimYaHoyBaALatPEJnuwSl8voI5nRrFBtd
giEMQIpTs9XGvp0jFo4EuHB/C7VnveOWEeAkLEBxRKLFkDsl+wAybfxACWC2tC/A
2QK8lI/nczuo8hMzECaW020jQyrhKIdm/R4+EHgQ0NF3
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:28:47 2025 by rpki-client