Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/HxipHT46tv6qA61seP-3FDc3m84.roa
File: HxipHT46tv6qA61seP-3FDc3m84.roa (raw, json)
Hash identifier: dvYRTvtnN6xoSKyBzydQ1i2HWHdep/QnlIOV+ZIODek=
Subject key identifier: 1F:18:A9:1D:3E:3A:B6:FE:AA:03:AD:6C:78:FF:B7:14:37:37:9B:CE
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0194221F8B50FE6A1DE63CB0454517F076F2
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/HxipHT46tv6qA61seP-3FDc3m84.roa
Signing time: Wed 01 Jan 2025 13:48:00 +0000
ROA not before: Wed 01 Jan 2025 13:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43723
IP address blocks: 82.119.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8b:50:fe:6a:1d:e6:3c:b0:45:45:17:f0:76:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 13:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f18a91d3e3ab6feaa03ad6c78ffb71437379bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:d5:88:1f:65:9f:ed:26:6a:cc:11:e2:cc:
a5:35:21:21:93:33:09:ee:4c:96:61:84:5f:0a:71:
44:00:dc:bb:b9:91:0e:68:1d:31:24:39:e0:e9:19:
5a:66:a4:23:46:2d:46:f0:5a:02:2c:3b:1f:d4:5a:
8f:ea:70:30:3b:f6:a2:47:83:37:58:0c:8f:40:f9:
ef:e7:e7:fc:ca:23:c4:a4:5b:c2:dd:ad:01:ea:76:
1a:9c:ff:f8:93:89:1e:5c:eb:ad:04:c3:88:08:ab:
e8:f8:49:92:31:37:18:ae:ae:84:e9:0e:be:ee:fe:
ef:6f:e8:ee:32:a4:59:9a:a4:96:f0:d1:bb:19:c3:
0f:79:d6:72:8e:07:a5:2f:c3:25:f1:1d:5e:4d:96:
e8:1d:44:d2:ff:ab:93:a8:51:46:f9:b9:bc:b0:41:
b1:2b:89:80:49:1a:41:60:cf:07:c7:8e:27:63:ea:
39:4d:65:06:53:46:74:22:7f:32:32:21:91:f3:1c:
c1:c5:17:08:ee:f5:e2:85:23:b6:47:82:73:2c:e1:
37:92:02:8b:a2:40:39:ea:70:af:40:66:4e:1f:5c:
10:06:09:82:36:64:f4:ee:b9:90:2b:fd:46:0d:c2:
fb:7c:7b:26:ca:7c:b6:b9:1e:35:e1:51:e4:b0:cd:
c3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:18:A9:1D:3E:3A:B6:FE:AA:03:AD:6C:78:FF:B7:14:37:37:9B:CE
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/HxipHT46tv6qA61seP-3FDc3m84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.77.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:30:5f:04:22:03:b1:6a:81:eb:dc:e3:68:fb:68:2d:91:48:
f5:68:3a:ea:0d:a9:39:28:c2:2b:1c:38:ee:53:40:99:04:94:
75:80:bf:1b:c2:86:6b:1f:1f:25:b5:fd:38:66:94:0e:ed:4b:
f1:b7:6f:88:ea:92:c6:55:c0:6a:61:65:92:db:02:60:62:bd:
e0:ba:bd:6a:00:9b:7e:fe:d0:c6:33:d9:72:91:29:70:8e:75:
7c:ec:d9:89:f9:0c:e1:c6:06:b1:3c:1f:91:8b:b2:c9:ac:cf:
bd:67:6f:f1:7c:32:ac:78:1d:f2:de:ec:68:41:c3:e2:de:bf:
38:0c:d1:0b:29:f0:63:80:eb:12:dd:94:fc:d9:77:5c:bf:03:
00:93:57:43:2d:2d:72:6b:44:d3:d7:b0:5c:cd:31:a7:c7:e7:
f4:e1:5a:0d:c0:19:75:7f:15:07:2a:c8:a7:14:b7:5b:bd:53:
e5:d3:81:e7:09:5c:dc:5b:aa:b5:76:37:7b:3d:9a:6c:e1:8c:
cb:ae:99:42:2a:e1:8a:29:9b:2a:3d:25:40:1e:fe:9a:6e:4e:
72:59:c1:f3:62:6c:49:b0:bb:db:00:73:f8:f0:b5:67:5e:0a:
af:e3:3d:aa:f7:eb:21:43:cc:46:62:f9:64:81:d1:d1:15:24:
a6:3b:14:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4tQ/mod5jywRUUX8HbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE4YTkxZDNlM2FiNmZlYWEwM2FkNmM3OGZmYjcxNDM3Mzc5YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKfViB9ln+0maswR4sylNSEhkzMJ
7kyWYYRfCnFEANy7uZEOaB0xJDng6RlaZqQjRi1G8FoCLDsf1FqP6nAwO/aiR4M3
WAyPQPnv5+f8yiPEpFvC3a0B6nYanP/4k4keXOutBMOICKvo+EmSMTcYrq6E6Q6+
7v7vb+juMqRZmqSW8NG7GcMPedZyjgelL8Ml8R1eTZboHUTS/6uTqFFG+bm8sEGx
K4mASRpBYM8Hx44nY+o5TWUGU0Z0In8yMiGR8xzBxRcI7vXihSO2R4JzLOE3kgKL
okA56nCvQGZOH1wQBgmCNmT07rmQK/1GDcL7fHsmyny2uR414VHksM3DvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8YqR0+Orb+qgOtbHj/txQ3N5vOMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvSHhpcEhUNDZ0djZxQTYxc2VQLTNGRGMzbTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUndNMA0G
CSqGSIb3DQEBCwUAA4IBAQCyMF8EIgOxaoHr3ONo+2gtkUj1aDrqDak5KMIrHDju
U0CZBJR1gL8bwoZrHx8ltf04ZpQO7Uvxt2+I6pLGVcBqYWWS2wJgYr3gur1qAJt+
/tDGM9lykSlwjnV87NmJ+QzhxgaxPB+Ri7LJrM+9Z2/xfDKseB3y3uxoQcPi3r84
DNELKfBjgOsS3ZT82XdcvwMAk1dDLS1ya0TT17BczTGnx+f04VoNwBl1fxUHKsin
FLdbvVPl04HnCVzcW6q1djd7PZps4YzLrplCKuGKKZsqPSVAHv6abk5yWcHzYmxJ
sLvbAHP48LVnXgqv4z2q9+shQ8xGYvlkgdHRFSSmOxRZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:41:00 2025 by rpki-client