Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/8ed7c9-0b45-4d21-a203-fc7521a25bba/1/hQR0mmyfCcP0k0VyVReQd9TwA2Y.roa
File: hQR0mmyfCcP0k0VyVReQd9TwA2Y.roa (raw, json)
Hash identifier: /yk+WBXgj9/PFpjinmPki6KFsYrLmbEwlVJawiNfh5M=
Subject key identifier: 85:04:74:9A:6C:9F:09:C3:F4:93:45:72:55:17:90:77:D4:F0:03:66
Certificate issuer: /CN=1c72566ad628935c6ec75d0eddd317c7b0a76693
Certificate serial: 019423D7D81FF037AB19026A0B4E2FE2702D
Authority key identifier: 1C:72:56:6A:D6:28:93:5C:6E:C7:5D:0E:DD:D3:17:C7:B0:A7:66:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHJWatYok1xux10O3dMXx7CnZpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/8ed7c9-0b45-4d21-a203-fc7521a25bba/1/hQR0mmyfCcP0k0VyVReQd9TwA2Y.roa
Signing time: Wed 01 Jan 2025 21:48:55 +0000
ROA not before: Wed 01 Jan 2025 21:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197336
IP address blocks: 185.153.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d8:1f:f0:37:ab:19:02:6a:0b:4e:2f:e2:70:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c72566ad628935c6ec75d0eddd317c7b0a76693
Validity
Not Before: Jan 1 21:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8504749a6c9f09c3f493457255179077d4f00366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8d:15:b7:74:eb:99:b3:29:f2:48:fa:4d:7f:
fc:d6:67:99:17:58:99:22:bc:c6:91:65:d2:74:71:
2f:3e:74:e1:51:7f:7e:e9:6d:8b:f9:19:77:6b:22:
9a:f7:54:62:a3:80:bf:b1:81:5d:08:2e:42:e3:ce:
e6:aa:cd:b3:45:e3:90:2d:f1:69:74:65:ca:de:78:
5e:2d:61:6c:ea:e7:d1:dd:59:3d:70:83:f0:0c:f8:
f2:a2:92:f1:d2:a3:09:3a:1a:a8:d7:a9:68:61:e7:
77:4e:d4:4d:94:d3:94:89:25:db:27:30:34:16:77:
15:55:15:fd:81:38:87:3d:85:f0:64:99:19:42:b1:
31:61:6d:e7:ff:f9:df:1d:36:44:58:d7:e6:f2:d8:
f5:9f:43:f6:d5:05:34:f4:a4:22:e4:b3:ef:45:a5:
1c:7a:d6:49:7a:d8:9f:7a:26:b3:13:87:e7:0c:52:
9d:51:b9:42:50:90:3f:1e:29:4e:7b:12:57:37:68:
6b:38:7f:eb:44:a3:17:84:7a:07:15:15:0b:64:4a:
d9:78:05:08:b1:63:cd:ff:05:a2:e9:ba:85:39:92:
03:eb:90:dc:dd:b5:00:9e:c0:d8:d8:c3:0b:1d:09:
79:dc:16:c3:e2:7f:39:86:5a:2c:0a:21:f6:2b:12:
7f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:04:74:9A:6C:9F:09:C3:F4:93:45:72:55:17:90:77:D4:F0:03:66
X509v3 Authority Key Identifier:
keyid:1C:72:56:6A:D6:28:93:5C:6E:C7:5D:0E:DD:D3:17:C7:B0:A7:66:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHJWatYok1xux10O3dMXx7CnZpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8ed7c9-0b45-4d21-a203-fc7521a25bba/1/hQR0mmyfCcP0k0VyVReQd9TwA2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8ed7c9-0b45-4d21-a203-fc7521a25bba/1/HHJWatYok1xux10O3dMXx7CnZpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:22:a9:7e:a2:1e:6f:ab:41:ea:06:af:ad:a8:e9:c8:fd:eb:
8d:15:32:ad:41:0a:7a:f6:66:77:1a:09:85:99:c5:14:cc:c2:
09:6d:dc:67:89:2d:89:b3:b7:f2:32:6f:63:f2:99:a4:17:39:
d0:bc:7c:eb:9c:57:76:ca:4e:40:1d:39:f7:c1:ed:02:c9:d0:
cd:f4:58:f4:18:74:d0:3d:c8:87:55:4c:50:b7:77:ac:1b:1a:
b0:f4:29:a3:06:8f:a3:20:5f:ce:0a:7d:4f:e4:5d:38:b9:2e:
1d:12:82:f6:13:76:96:33:9b:6c:57:1e:5e:ff:bf:d2:3e:4b:
dd:3a:da:c5:64:51:c6:e8:93:6c:bc:11:c8:10:2e:df:ff:c8:
b2:f7:39:9e:a0:9e:d8:a0:49:64:17:46:2d:d9:99:f6:0d:4f:
8b:75:a6:71:8c:1c:f6:c3:c4:2c:ba:fb:93:ac:98:28:bf:ae:
20:d0:06:fd:17:6a:69:2a:95:fd:25:9a:8d:0d:95:73:65:ad:
3d:32:0c:cf:8d:40:c1:73:ee:20:cd:8d:3a:99:24:12:e5:e5:
27:35:d9:67:1b:e2:a3:82:f3:5d:ce:67:a2:98:8b:2e:95:c9:
3d:17:f6:df:8c:00:7e:90:19:3a:b0:fa:4c:e2:5b:09:88:27:
76:7a:59:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj19gf8DerGQJqC04v4nAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzI1NjZhZDYyODkzNWM2ZWM3NWQwZWRkZDMxN2M3YjBh
NzY2OTMwHhcNMjUwMTAxMjE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA0NzQ5YTZjOWYwOWMzZjQ5MzQ1NzI1NTE3OTA3N2Q0ZjAwMzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu40Vt3TrmbMp8kj6TX/81meZF1iZ
IrzGkWXSdHEvPnThUX9+6W2L+Rl3ayKa91Rio4C/sYFdCC5C487mqs2zReOQLfFp
dGXK3nheLWFs6ufR3Vk9cIPwDPjyopLx0qMJOhqo16loYed3TtRNlNOUiSXbJzA0
FncVVRX9gTiHPYXwZJkZQrExYW3n//nfHTZEWNfm8tj1n0P21QU09KQi5LPvRaUc
etZJetifeiazE4fnDFKdUblCUJA/HilOexJXN2hrOH/rRKMXhHoHFRULZErZeAUI
sWPN/wWi6bqFOZID65Dc3bUAnsDY2MMLHQl53BbD4n85hlosCiH2KxJ/0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUEdJpsnwnD9JNFclUXkHfU8ANmMB8GA1UdIwQY
MBaAFBxyVmrWKJNcbsddDt3TF8ewp2aTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhKV2F0WW9rMXh1eDEwTzNkTVh4N0NuWnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84ZWQ3YzktMGI0NS00ZDIxLWEyMDMt
ZmM3NTIxYTI1YmJhLzEvaFFSMG1teWZDY1AwazBWeVZSZVFkOVR3QTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84ZWQ3YzktMGI0NS00ZDIxLWEyMDMtZmM3NTIxYTI1YmJh
LzEvSEhKV2F0WW9rMXh1eDEwTzNkTVh4N0NuWnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZkgMA0G
CSqGSIb3DQEBCwUAA4IBAQChIql+oh5vq0HqBq+tqOnI/euNFTKtQQp69mZ3GgmF
mcUUzMIJbdxniS2Js7fyMm9j8pmkFznQvHzrnFd2yk5AHTn3we0CydDN9Fj0GHTQ
PciHVUxQt3esGxqw9CmjBo+jIF/OCn1P5F04uS4dEoL2E3aWM5tsVx5e/7/SPkvd
OtrFZFHG6JNsvBHIEC7f/8iy9zmeoJ7YoElkF0Yt2Zn2DU+LdaZxjBz2w8QsuvuT
rJgov64g0Ab9F2ppKpX9JZqNDZVzZa09MgzPjUDBc+4gzY06mSQS5eUnNdlnG+Kj
gvNdzmeimIsulck9F/bfjAB+kBk6sPpM4lsJiCd2elmf
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:58:11 2025 by rpki-client