Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Hclo7mgAV-Jk6Qp5sVlZMDADheQ.roa
File: Hclo7mgAV-Jk6Qp5sVlZMDADheQ.roa (raw, json)
Hash identifier: cVUhTfbeGPClCYhj8aCdhEzcQl8l864NJzclgxFTC+Y=
Subject key identifier: 1D:C9:68:EE:68:00:57:E2:64:E9:0A:79:B1:59:59:30:30:03:85:E4
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 01941FFA2FD025E2B69856BA48E504D7C501
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Hclo7mgAV-Jk6Qp5sVlZMDADheQ.roa
Signing time: Wed 01 Jan 2025 03:47:57 +0000
ROA not before: Wed 01 Jan 2025 03:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28716
IP address blocks: 147.123.80.0/22 maxlen: 24
147.123.84.0/22 maxlen: 24
147.123.88.0/22 maxlen: 24
147.123.92.0/22 maxlen: 24
147.123.96.0/22 maxlen: 24
147.123.100.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2f:d0:25:e2:b6:98:56:ba:48:e5:04:d7:c5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Jan 1 03:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dc968ee680057e264e90a79b1595930300385e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cf:02:17:02:3b:7e:cb:21:c8:63:1b:0e:61:
47:b9:e0:f5:5b:8e:fe:ef:6f:42:c3:97:89:14:96:
fc:98:11:0b:a5:6f:96:60:4c:d3:d3:b3:69:22:b1:
19:05:18:18:6e:c1:16:3a:09:75:b7:ab:d6:5c:47:
27:5a:ba:d1:d2:52:5e:0f:92:fb:52:bf:7b:8a:b3:
e2:5c:d4:71:96:a8:27:87:2b:b3:43:8b:c1:8f:13:
17:d0:cc:e2:f1:31:ad:6b:86:8a:4b:84:35:16:08:
0f:b3:92:f1:23:b6:61:a0:8a:dc:6c:4f:a4:b2:23:
b2:45:f6:3f:ea:ac:6c:7d:7a:46:9b:e3:20:6b:76:
4e:fe:55:1c:94:15:50:67:4a:6f:11:9c:8b:8f:4d:
06:f7:7f:ac:55:8f:5f:13:a5:b1:1e:1b:4a:71:50:
35:56:9f:ec:af:db:8f:3e:9c:4a:c9:d4:a4:87:fa:
d1:0c:ac:84:66:e8:21:e7:12:42:68:f9:9d:bc:d9:
ae:56:3f:b6:bc:ea:6c:10:a3:69:94:ab:08:2a:65:
3f:34:a1:8a:5f:b2:6a:7d:29:4f:ad:21:c0:3f:75:
c7:37:f7:f1:87:3f:81:56:23:ee:03:0b:77:d7:e8:
05:ef:0e:c3:41:af:9b:54:4d:55:5f:15:0b:e7:2c:
26:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C9:68:EE:68:00:57:E2:64:E9:0A:79:B1:59:59:30:30:03:85:E4
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/Hclo7mgAV-Jk6Qp5sVlZMDADheQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.123.80.0-147.123.103.255
Signature Algorithm: sha256WithRSAEncryption
03:d3:ea:1f:a3:31:6b:2a:24:47:88:c5:ee:43:b4:5c:cd:49:
6b:aa:cb:54:bf:df:32:b7:fc:e5:81:c8:1a:f8:e6:da:fc:f3:
2f:ca:6d:28:02:a5:a6:fc:79:95:c3:dd:42:0c:9a:86:cd:a1:
86:d2:53:73:fe:ba:21:be:a5:49:4f:2c:66:4f:b0:b9:43:f8:
5d:bc:9f:42:5d:5b:7d:0d:4c:4b:f0:14:97:5f:ef:68:e0:af:
21:83:d8:03:14:93:fd:2b:24:5d:65:f7:80:20:b3:4c:67:8c:
c9:2c:38:a0:4e:93:f9:ab:b4:25:6c:4f:5c:82:f8:d6:ba:79:
06:b5:58:95:c9:84:44:37:aa:12:c0:4a:e9:e1:da:5d:3b:c4:
61:dc:dd:1b:21:30:61:8a:a1:24:1e:b2:db:c3:9f:54:69:38:
f6:f6:a2:32:97:a5:e8:43:d6:4a:f5:19:3c:dd:db:7c:95:13:
c9:83:c6:45:c0:82:1b:c9:f1:0b:20:b7:c9:75:47:a2:02:b7:
f7:a4:3f:e5:42:a2:41:94:49:c5:de:e4:40:75:dc:b2:56:e8:
3c:29:4d:62:0b:23:16:0f:74:ae:4c:ce:83:ac:7f:71:3c:f8:
54:a8:25:19:86:4c:7e:72:55:c7:7a:50:fc:be:b9:de:1c:b8:
81:3e:e0:f7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQf+i/QJeK2mFa6SOUE18UBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjUwMTAxMDM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM5NjhlZTY4MDA1N2UyNjRlOTBhNzliMTU5NTkzMDMwMDM4NWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1M8CFwI7fsshyGMbDmFHueD1W47+
729Cw5eJFJb8mBELpW+WYEzT07NpIrEZBRgYbsEWOgl1t6vWXEcnWrrR0lJeD5L7
Ur97irPiXNRxlqgnhyuzQ4vBjxMX0Mzi8TGta4aKS4Q1FggPs5LxI7ZhoIrcbE+k
siOyRfY/6qxsfXpGm+Mga3ZO/lUclBVQZ0pvEZyLj00G93+sVY9fE6WxHhtKcVA1
Vp/sr9uPPpxKydSkh/rRDKyEZugh5xJCaPmdvNmuVj+2vOpsEKNplKsIKmU/NKGK
X7JqfSlPrSHAP3XHN/fxhz+BViPuAwt31+gF7w7DQa+bVE1VXxUL5ywmQQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB3JaO5oAFfiZOkKebFZWTAwA4XkMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvSGNsbzdtZ0FWLUprNlFwNXNWbFpNREFEaGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASTe1AD
BAOTe2AwDQYJKoZIhvcNAQELBQADggEBAAPT6h+jMWsqJEeIxe5DtFzNSWuqy1S/
3zK3/OWByBr45tr88y/KbSgCpab8eZXD3UIMmobNoYbSU3P+uiG+pUlPLGZPsLlD
+F28n0JdW30NTEvwFJdf72jgryGD2AMUk/0rJF1l94Ags0xnjMksOKBOk/mrtCVs
T1yC+Na6eQa1WJXJhEQ3qhLASunh2l07xGHc3RshMGGKoSQestvDn1RpOPb2ojKX
pehD1kr1GTzd23yVE8mDxkXAghvJ8Qsgt8l1R6ICt/ekP+VCokGUScXe5EB13LJW
6DwpTWILIxYPdK5MzoOsf3E8+FSoJRmGTH5yVcd6UPy+ud4cuIE+4Pc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:55:31 2025 by rpki-client