Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/hmKd6LubvseWFnch4vVN9v-GR6U.roa
File: hmKd6LubvseWFnch4vVN9v-GR6U.roa (raw, json)
Hash identifier: eqD+J0wg0iQNL4Cg+PT3/sHzu0dI9aBjTjQ//aaCFJQ=
Subject key identifier: 86:62:9D:E8:BB:9B:BE:C7:96:16:77:21:E2:F5:4D:F6:FF:86:47:A5
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 019422FAEE070A33CEA284E9ECC2C33AFD37
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/hmKd6LubvseWFnch4vVN9v-GR6U.roa
Signing time: Wed 01 Jan 2025 17:47:37 +0000
ROA not before: Wed 01 Jan 2025 17:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41826
IP address blocks: 193.34.164.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:ee:07:0a:33:ce:a2:84:e9:ec:c2:c3:3a:fd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 17:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86629de8bb9bbec796167721e2f54df6ff8647a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2e:76:51:99:c4:5a:0d:29:07:50:bd:00:2e:
9a:bb:71:07:ec:62:e4:7b:c1:de:38:57:e8:65:2c:
8d:fa:c7:d5:33:49:f3:68:64:14:97:61:24:10:57:
2d:02:48:51:5b:dc:e5:d1:a3:8c:f8:99:a3:15:3b:
5d:26:b9:2d:64:1b:4f:ba:74:39:38:a5:1b:d1:c1:
d3:d3:5f:7a:4c:23:9f:03:91:2c:1b:be:a6:41:e4:
88:29:3a:aa:aa:96:41:1e:11:5d:20:01:a9:de:64:
d3:a4:c2:40:7a:75:52:08:28:23:4b:83:3a:8c:c3:
08:be:86:33:a2:ce:00:ac:27:d8:55:80:29:46:1e:
64:3d:c7:24:51:e3:63:fc:e1:b9:0e:cb:5a:b8:b4:
2a:e0:07:32:c2:98:0d:f8:23:4d:b3:41:49:40:f5:
fb:90:7a:3b:7b:16:a1:a0:0b:f8:15:e3:20:66:84:
2d:e5:5b:76:ea:53:18:92:c0:bb:ae:71:20:40:74:
02:49:49:f2:59:2e:38:97:04:f0:99:59:5d:c6:81:
4e:a7:9b:29:f6:5f:cf:21:af:b2:91:e6:16:65:db:
90:f2:d1:97:bb:f6:eb:1c:f5:4c:c0:71:ca:bb:0f:
b4:31:9f:7b:c8:66:64:2b:cb:6f:aa:50:b1:d9:3b:
f8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:62:9D:E8:BB:9B:BE:C7:96:16:77:21:E2:F5:4D:F6:FF:86:47:A5
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/hmKd6LubvseWFnch4vVN9v-GR6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.164.0/23
Signature Algorithm: sha256WithRSAEncryption
89:35:1f:9b:8c:1a:8f:ee:0a:dc:9e:27:ea:31:4a:34:8d:7c:
17:f9:d3:06:51:ae:33:e1:ee:33:ad:a3:7c:f8:78:bf:c9:82:
84:29:dc:0e:81:17:93:c1:a1:07:84:46:71:2d:0b:c9:2a:3e:
0c:b1:0f:8f:5c:ec:52:d9:bd:5f:5a:80:f9:84:d0:0a:a1:79:
dc:28:1f:1d:61:8e:27:5b:b9:ec:ac:56:3d:12:d1:6d:2f:3c:
51:a3:40:60:df:c0:d0:d8:4d:ee:9a:67:62:ed:54:66:bb:ef:
99:8d:8f:68:ad:50:cc:3f:a4:6f:0f:c5:8c:c3:77:1f:e3:a5:
fe:5f:ac:2c:bb:54:3d:60:1d:fd:7b:e5:d8:f6:87:96:6b:bb:
72:65:a8:66:0c:c9:48:2f:9a:f9:39:14:a5:0b:57:aa:3c:06:
eb:0a:88:b0:ca:b4:d5:56:81:22:10:3b:8a:a5:16:77:e8:66:
44:c0:b9:5f:b0:2a:bf:10:2e:b9:98:ad:d4:87:34:09:c1:63:
21:dd:65:05:0e:f5:91:02:3d:22:ef:42:99:ee:2d:99:cf:92:
41:fe:7c:f7:93:44:03:f1:8f:df:1a:17:b9:7d:7a:d2:d2:28:
64:cc:c4:90:c7:9c:40:2c:ad:bf:c9:96:a9:02:d1:38:0e:f0:
4d:5e:5b:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+u4HCjPOooTp7MLDOv03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjUwMTAxMTc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYyOWRlOGJiOWJiZWM3OTYxNjc3MjFlMmY1NGRmNmZmODY0N2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC52UZnEWg0pB1C9AC6au3EH7GLk
e8HeOFfoZSyN+sfVM0nzaGQUl2EkEFctAkhRW9zl0aOM+JmjFTtdJrktZBtPunQ5
OKUb0cHT0196TCOfA5EsG76mQeSIKTqqqpZBHhFdIAGp3mTTpMJAenVSCCgjS4M6
jMMIvoYzos4ArCfYVYApRh5kPcckUeNj/OG5DstauLQq4AcywpgN+CNNs0FJQPX7
kHo7exahoAv4FeMgZoQt5Vt26lMYksC7rnEgQHQCSUnyWS44lwTwmVldxoFOp5sp
9l/PIa+ykeYWZduQ8tGXu/brHPVMwHHKuw+0MZ97yGZkK8tvqlCx2Tv4gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZinei7m77HlhZ3IeL1Tfb/hkelMB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvaG1LZDZMdWJ2c2VXRm5jaDR2Vk45di1HUjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSKkMA0G
CSqGSIb3DQEBCwUAA4IBAQCJNR+bjBqP7grcnifqMUo0jXwX+dMGUa4z4e4zraN8
+Hi/yYKEKdwOgReTwaEHhEZxLQvJKj4MsQ+PXOxS2b1fWoD5hNAKoXncKB8dYY4n
W7nsrFY9EtFtLzxRo0Bg38DQ2E3ummdi7VRmu++ZjY9orVDMP6RvD8WMw3cf46X+
X6wsu1Q9YB39e+XY9oeWa7tyZahmDMlIL5r5ORSlC1eqPAbrCoiwyrTVVoEiEDuK
pRZ36GZEwLlfsCq/EC65mK3UhzQJwWMh3WUFDvWRAj0i70KZ7i2Zz5JB/nz3k0QD
8Y/fGhe5fXrS0ihkzMSQx5xALK2/yZapAtE4DvBNXls7
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:51:13 2025 by rpki-client