Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hMQVeb7hWDShodvf3lB-l9p3caA.roa
File: hMQVeb7hWDShodvf3lB-l9p3caA.roa (raw, json)
Hash identifier: 3Z67ReNYzvSCwDHhdJb2SNEreE0fGrrZWiECYPzKBgA=
Subject key identifier: 84:C4:15:79:BE:E1:58:34:A1:A1:DB:DF:DE:50:7E:97:DA:77:71:A0
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194400ECC542F85F34785DB5F28F9C2B2BE
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hMQVeb7hWDShodvf3lB-l9p3caA.roa
Signing time: Tue 07 Jan 2025 09:18:19 +0000
ROA not before: Tue 07 Jan 2025 09:18:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208453
IP address blocks: 193.181.23.0/24 maxlen: 24
193.181.29.0/24 maxlen: 24
193.181.243.0/24 maxlen: 24
193.181.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:0e:cc:54:2f:85:f3:47:85:db:5f:28:f9:c2:b2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 7 09:18:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84c41579bee15834a1a1dbdfde507e97da7771a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:34:79:78:e1:60:91:4d:fb:ff:8e:d2:e2:7e:
eb:1d:8a:79:85:8c:bd:7e:c1:91:5e:69:e5:c6:c1:
ea:06:3b:39:bf:4c:ef:26:61:da:c1:48:da:13:c5:
a7:cd:d4:2f:31:b1:49:17:79:22:5f:5d:60:14:d2:
77:c5:ae:99:13:64:22:93:9d:cd:7d:e3:af:eb:ec:
46:a5:54:57:b5:af:6c:d1:f4:04:a2:f4:5c:fe:57:
1c:e9:dc:c4:22:f9:bd:6c:ea:8b:9b:b5:4f:d1:ff:
b6:e1:3d:48:0a:4c:e2:11:71:18:b7:c4:0b:ae:97:
52:dc:b6:75:92:56:4c:26:d4:ef:ad:30:c8:e8:7f:
8c:4c:a0:d9:97:46:1d:91:25:2e:58:43:b0:a4:aa:
cb:e5:16:e9:52:ab:e2:16:67:bf:0d:1b:74:c4:51:
a2:0b:f1:c0:2d:ad:08:26:ac:38:a0:eb:c5:01:b5:
31:66:4f:09:39:9f:9e:9f:b7:11:aa:98:cd:f0:1b:
1a:8e:51:af:07:9d:88:58:cc:d2:da:db:f6:59:8d:
0a:a6:53:df:53:83:14:10:3f:dd:50:0a:8c:e9:db:
6c:52:67:58:b8:e1:38:91:a5:44:28:63:ff:e2:b4:
42:f0:1f:c1:2d:98:9a:67:38:6e:57:2e:aa:41:db:
7f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C4:15:79:BE:E1:58:34:A1:A1:DB:DF:DE:50:7E:97:DA:77:71:A0
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/hMQVeb7hWDShodvf3lB-l9p3caA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.181.23.0/24
193.181.29.0/24
193.181.243.0-193.181.244.255
Signature Algorithm: sha256WithRSAEncryption
5d:7c:30:a4:84:98:52:d7:9c:e7:1f:b1:1b:82:bc:e3:d4:1e:
0b:b9:63:8a:df:0e:65:da:1d:03:04:41:ce:e8:13:de:4e:4e:
56:97:66:5c:5e:9b:e6:df:10:5b:74:de:5d:68:c5:e6:e0:b6:
32:ed:8c:71:12:65:35:f9:b6:1f:21:51:d3:7d:3a:ad:69:73:
1c:b5:ec:37:9c:bb:c1:c0:e6:12:af:55:a5:df:3f:01:17:c8:
d8:21:e2:7b:91:4f:2a:68:33:bd:80:0f:ad:fa:e8:cf:e2:3f:
b2:35:79:b1:11:7c:1f:66:14:27:53:ea:16:9f:1f:cc:7b:69:
33:b9:f1:45:c8:f9:a8:5b:25:fe:b0:5e:62:ea:2e:ea:ee:d1:
67:29:29:e9:b2:24:42:0c:76:42:a8:ba:80:9f:b5:8f:81:9e:
66:db:38:67:39:9f:60:24:5d:f1:fb:42:5d:85:84:e2:05:bb:
b3:c4:d3:7e:46:79:89:19:55:3f:8b:83:ae:08:a5:11:e0:ab:
50:bd:b7:2d:9b:85:dd:14:f7:f8:20:44:66:59:30:3f:5f:05:
39:ac:d6:b3:07:3f:f4:1f:91:e1:db:e8:91:89:dd:49:be:db:
3a:5f:4f:3b:0f:90:30:f9:89:cb:fb:09:3c:73:2a:47:14:7c:
32:b7:2a:4a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZRADsxUL4XzR4XbXyj5wrK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTA3MDkxODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGM0MTU3OWJlZTE1ODM0YTFhMWRiZGZkZTUwN2U5N2RhNzc3MWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTR5eOFgkU37/47S4n7rHYp5hYy9
fsGRXmnlxsHqBjs5v0zvJmHawUjaE8WnzdQvMbFJF3kiX11gFNJ3xa6ZE2Qik53N
feOv6+xGpVRXta9s0fQEovRc/lcc6dzEIvm9bOqLm7VP0f+24T1ICkziEXEYt8QL
rpdS3LZ1klZMJtTvrTDI6H+MTKDZl0YdkSUuWEOwpKrL5RbpUqviFme/DRt0xFGi
C/HALa0IJqw4oOvFAbUxZk8JOZ+en7cRqpjN8BsajlGvB52IWMzS2tv2WY0KplPf
U4MUED/dUAqM6dtsUmdYuOE4kaVEKGP/4rRC8B/BLZiaZzhuVy6qQdt//wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFITEFXm+4Vg0oaHb395Qfpfad3GgMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvaE1RVmViN2hXRFNob2R2ZjNsQi1sOXAzY2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwbUXAwQA
wbUdMAwDBADBtfMDBADBtfQwDQYJKoZIhvcNAQELBQADggEBAF18MKSEmFLXnOcf
sRuCvOPUHgu5Y4rfDmXaHQMEQc7oE95OTlaXZlxem+bfEFt03l1oxebgtjLtjHES
ZTX5th8hUdN9Oq1pcxy17Decu8HA5hKvVaXfPwEXyNgh4nuRTypoM72AD6366M/i
P7I1ebERfB9mFCdT6hafH8x7aTO58UXI+ahbJf6wXmLqLuru0WcpKemyJEIMdkKo
uoCftY+BnmbbOGc5n2AkXfH7Ql2FhOIFu7PE035GeYkZVT+Lg64IpRHgq1C9ty2b
hd0U9/ggRGZZMD9fBTms1rMHP/QfkeHb6JGJ3Um+2zpfTzsPkDD5icv7CTxzKkcU
fDK3Kko=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:19:02 2025 by rpki-client