Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8ad2e0-e3f0-4abe-bcb6-2f5c74c69ae1/1/HHYTxAvbn4nuCD1NEky4HWGAtGc.roa
File: HHYTxAvbn4nuCD1NEky4HWGAtGc.roa (raw, json)
Hash identifier: t9aKBjKzundXNxaOe/jFb9HR2pns+s0n9RcDSD2onl4=
Subject key identifier: 1C:76:13:C4:0B:DB:9F:89:EE:08:3D:4D:12:4C:B8:1D:61:80:B4:67
Certificate issuer: /CN=abd87bbef5943546b2a83d31ec2b99ad883d51d7
Certificate serial: 01941FFA6EF1D845218F1FEBDF3B39430319
Authority key identifier: AB:D8:7B:BE:F5:94:35:46:B2:A8:3D:31:EC:2B:99:AD:88:3D:51:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9h7vvWUNUayqD0x7CuZrYg9Udc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/8ad2e0-e3f0-4abe-bcb6-2f5c74c69ae1/1/HHYTxAvbn4nuCD1NEky4HWGAtGc.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215837
IP address blocks: 104.167.18.0/24 maxlen: 24
2a13:5682:400::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6e:f1:d8:45:21:8f:1f:eb:df:3b:39:43:03:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abd87bbef5943546b2a83d31ec2b99ad883d51d7
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c7613c40bdb9f89ee083d4d124cb81d6180b467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:40:9d:31:44:89:0b:5d:49:08:54:99:de:f7:
33:30:87:08:8f:9e:7b:64:17:33:92:3b:c1:16:91:
57:5d:82:b4:b9:7f:f9:ec:aa:ce:ff:66:d0:d9:10:
37:cb:ae:af:27:6f:dc:26:f2:dc:30:87:96:3a:e8:
c6:01:cd:ef:5a:ef:1d:54:2a:77:0a:a3:13:41:91:
6d:8a:6f:e2:a1:30:50:fa:e0:5d:6e:b5:7a:f4:a4:
8f:10:45:67:83:14:f9:50:cd:6f:0c:65:9a:0f:33:
7e:b5:ac:57:14:9d:fa:63:22:55:ce:0b:51:4c:69:
61:2f:06:34:1f:7a:d6:b5:f5:bf:46:29:31:0b:ea:
38:8a:ff:90:e7:8c:85:8d:cf:60:cc:37:67:3f:7c:
cd:e7:54:44:da:0c:dd:6b:d1:8b:23:66:b6:da:a4:
c7:d9:50:31:3c:64:71:2a:31:39:ce:3d:4f:cc:a4:
f4:d6:fa:2a:5b:41:48:7f:52:36:ba:ad:93:35:37:
88:0b:4f:2d:b5:7d:e8:f3:97:4e:35:06:c3:c3:72:
8d:7c:5f:c3:f4:72:14:dd:98:20:90:6c:ab:9c:cc:
57:8d:78:ba:fe:c4:6e:33:46:59:73:f9:25:02:b6:
3d:d2:89:1f:d4:5d:e1:d6:13:6b:10:d0:16:91:b7:
cc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:76:13:C4:0B:DB:9F:89:EE:08:3D:4D:12:4C:B8:1D:61:80:B4:67
X509v3 Authority Key Identifier:
keyid:AB:D8:7B:BE:F5:94:35:46:B2:A8:3D:31:EC:2B:99:AD:88:3D:51:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9h7vvWUNUayqD0x7CuZrYg9Udc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8ad2e0-e3f0-4abe-bcb6-2f5c74c69ae1/1/HHYTxAvbn4nuCD1NEky4HWGAtGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8ad2e0-e3f0-4abe-bcb6-2f5c74c69ae1/1/q9h7vvWUNUayqD0x7CuZrYg9Udc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.167.18.0/24
IPv6:
2a13:5682:400::/44
Signature Algorithm: sha256WithRSAEncryption
54:b4:2c:57:da:01:04:8e:75:ac:45:1b:0f:1c:6c:bf:92:9a:
a9:a1:6b:37:8c:e5:04:0d:50:2f:c0:74:b9:18:27:2a:bb:83:
f4:e0:c2:57:fe:5f:63:ad:77:d0:7f:bb:9b:18:22:72:c1:b2:
a7:a5:03:0b:a8:50:68:ac:fe:82:f5:a9:4e:da:1d:9b:2a:38:
ec:c7:0d:3e:8d:11:b6:3b:81:ee:fc:26:c7:77:f5:0a:bf:06:
8b:e3:de:6b:92:14:7b:a9:3a:90:e0:4a:be:62:b4:5b:b5:cd:
88:8f:60:56:42:c6:22:f3:1e:4c:60:a8:94:4c:a0:70:4d:dd:
b4:b5:de:16:b7:1f:83:4d:cf:1c:b5:a6:42:2e:2a:46:59:a0:
ac:66:30:7b:43:06:32:27:20:af:d4:3d:fa:2b:e9:e3:f2:71:
59:2e:eb:8a:d5:46:93:ef:86:38:82:ee:20:25:77:26:df:7e:
c2:47:e5:94:49:c7:64:22:44:ff:a5:08:0e:a2:cd:3a:42:7b:
4d:e3:eb:97:6d:ed:7d:f2:a1:1a:e4:4d:23:ef:63:37:9d:78:
61:e9:aa:f4:68:5d:af:04:8b:b0:a4:35:5b:8e:e7:00:7b:4d:
0f:8c:c0:82:6f:d7:8a:cd:92:6e:5f:32:97:4d:48:c2:ff:8f:
64:83:fa:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+m7x2EUhjx/r3zs5QwMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZDg3YmJlZjU5NDM1NDZiMmE4M2QzMWVjMmI5OWFkODgz
ZDUxZDcwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzc2MTNjNDBiZGI5Zjg5ZWUwODNkNGQxMjRjYjgxZDYxODBiNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqECdMUSJC11JCFSZ3vczMIcIj557
ZBczkjvBFpFXXYK0uX/57KrO/2bQ2RA3y66vJ2/cJvLcMIeWOujGAc3vWu8dVCp3
CqMTQZFtim/ioTBQ+uBdbrV69KSPEEVngxT5UM1vDGWaDzN+taxXFJ36YyJVzgtR
TGlhLwY0H3rWtfW/RikxC+o4iv+Q54yFjc9gzDdnP3zN51RE2gzda9GLI2a22qTH
2VAxPGRxKjE5zj1PzKT01voqW0FIf1I2uq2TNTeIC08ttX3o85dONQbDw3KNfF/D
9HIU3ZggkGyrnMxXjXi6/sRuM0ZZc/klArY90okf1F3h1hNrENAWkbfMZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBx2E8QL25+J7gg9TRJMuB1hgLRnMB8GA1UdIwQY
MBaAFKvYe771lDVGsqg9Mewrma2IPVHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTloN3Z2V1VOVWF5cUQweDdDdVpyWWc5VWRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84YWQyZTAtZTNmMC00YWJlLWJjYjYt
MmY1Yzc0YzY5YWUxLzEvSEhZVHhBdmJuNG51Q0QxTkVreTRIV0dBdEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84YWQyZTAtZTNmMC00YWJlLWJjYjYtMmY1Yzc0YzY5YWUx
LzEvcTloN3Z2V1VOVWF5cUQweDdDdVpyWWc5VWRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAaKcSMA8E
AgACMAkDBwQqE1aCBAAwDQYJKoZIhvcNAQELBQADggEBAFS0LFfaAQSOdaxFGw8c
bL+SmqmhazeM5QQNUC/AdLkYJyq7g/Tgwlf+X2Otd9B/u5sYInLBsqelAwuoUGis
/oL1qU7aHZsqOOzHDT6NEbY7ge78Jsd39Qq/Bovj3muSFHupOpDgSr5itFu1zYiP
YFZCxiLzHkxgqJRMoHBN3bS13ha3H4NNzxy1pkIuKkZZoKxmMHtDBjInIK/UPfor
6ePycVku64rVRpPvhjiC7iAldybffsJH5ZRJx2QiRP+lCA6izTpCe03j65dt7X3y
oRrkTSPvYzedeGHpqvRoXa8Ei7CkNVuO5wB7TQ+MwIJv14rNkm5fMpdNSML/j2SD
+iE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:09:41 2025 by rpki-client