Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/493ab8-54c4-42f5-b4af-ddb35b1abad5/1/hNGctvUgxsV9VRFcAR330Ay19l8.roa
File: hNGctvUgxsV9VRFcAR330Ay19l8.roa (raw, json)
Hash identifier: zQTWmn2EIkYMs7iDpMx3kmmkHaS8RfsfTxjAwAVdFG4=
Subject key identifier: 84:D1:9C:B6:F5:20:C6:C5:7D:55:11:5C:01:1D:F7:D0:0C:B5:F6:5F
Certificate issuer: /CN=77c7dd25ca5fb1dc913c2ffb916fa22fb8610b78
Certificate serial: 0194244545D9DA97C724D543A6E64228B604
Authority key identifier: 77:C7:DD:25:CA:5F:B1:DC:91:3C:2F:FB:91:6F:A2:2F:B8:61:0B:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8fdJcpfsdyRPC_7kW-iL7hhC3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/493ab8-54c4-42f5-b4af-ddb35b1abad5/1/hNGctvUgxsV9VRFcAR330Ay19l8.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40339
IP address blocks: 81.16.184.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:45:d9:da:97:c7:24:d5:43:a6:e6:42:28:b6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c7dd25ca5fb1dc913c2ffb916fa22fb8610b78
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84d19cb6f520c6c57d55115c011df7d00cb5f65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:a1:90:9b:05:f2:53:2a:d9:5e:0f:06:e1:a1:
49:3a:f5:a7:61:bb:4f:04:be:21:b5:a5:13:15:45:
d3:ef:28:75:8d:81:0c:6a:3a:0e:22:2f:3f:b7:93:
85:d4:e0:f8:93:a2:f0:1e:2f:e1:31:b6:2d:e7:0f:
f6:4a:82:d2:cb:31:f8:16:c6:a6:5a:02:f7:e7:33:
7e:9b:49:54:93:1b:71:94:29:fa:03:b1:f3:3d:5d:
25:ac:59:13:55:ef:14:de:9e:b0:60:e8:31:7f:ed:
40:1c:10:b5:8e:55:e4:6e:2b:a9:77:c1:ae:c5:fb:
17:71:7b:73:4a:1a:d2:a6:36:5f:6c:af:ac:ac:bc:
b2:4b:ce:60:4e:2a:c5:ad:16:77:49:9e:a6:e4:2c:
ba:d1:00:a3:59:a3:65:c6:89:30:cd:ed:52:b5:3a:
b3:06:8b:4e:fe:d8:65:4e:6d:ff:1d:06:57:4e:9a:
0f:3d:a2:04:0d:de:ad:60:f8:60:da:dc:c8:9b:73:
79:b3:b3:d3:8f:17:41:ec:66:77:b4:ff:f5:c1:c7:
39:80:b9:16:3a:b2:97:80:16:93:ce:85:83:c0:31:
7d:e8:5e:dc:fc:b1:4b:d8:1b:f4:2f:04:3f:76:4b:
74:22:67:20:8c:2e:ca:94:03:a4:17:fd:42:20:ea:
23:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D1:9C:B6:F5:20:C6:C5:7D:55:11:5C:01:1D:F7:D0:0C:B5:F6:5F
X509v3 Authority Key Identifier:
keyid:77:C7:DD:25:CA:5F:B1:DC:91:3C:2F:FB:91:6F:A2:2F:B8:61:0B:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8fdJcpfsdyRPC_7kW-iL7hhC3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/493ab8-54c4-42f5-b4af-ddb35b1abad5/1/hNGctvUgxsV9VRFcAR330Ay19l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/493ab8-54c4-42f5-b4af-ddb35b1abad5/1/d8fdJcpfsdyRPC_7kW-iL7hhC3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.184.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:59:27:ee:ed:8e:01:42:96:7d:8c:8e:26:43:29:a5:fe:04:
08:bf:85:e1:9b:d2:b1:66:26:59:e6:c6:1c:f9:11:a2:84:67:
71:0e:57:7d:4d:cc:5d:7b:7b:4c:a8:5a:37:b9:1c:a1:5b:6a:
cf:74:d9:25:e5:97:39:c8:05:aa:ef:32:18:62:66:fc:f5:83:
04:d4:1e:2a:c9:10:f1:97:5c:ce:46:9f:e0:a1:5d:2d:e3:28:
68:a6:72:5c:7f:fb:ea:85:1d:0c:fe:19:66:cd:e5:40:d4:e9:
1b:e1:b6:71:3b:b5:2e:e6:f6:df:12:be:db:4c:e0:24:2b:88:
dd:2e:5b:d6:cc:09:4e:36:44:38:52:d0:ca:95:43:5a:bd:29:
f6:d3:67:ed:ea:e8:98:4d:36:c0:39:09:31:d9:86:04:28:70:
be:60:ef:dc:ca:a4:e2:04:01:0d:7a:d8:c1:66:6f:9d:36:83:
be:5c:c6:b7:14:d5:45:00:1c:47:d9:b8:17:a8:f0:24:69:1a:
22:25:6d:af:be:a8:27:f4:16:f9:4e:c6:6a:a1:2e:d5:cb:de:
bf:22:74:e8:51:4a:b3:31:b0:73:b0:8b:fc:e1:7f:e8:80:aa:
f2:56:7e:81:69:b6:91:37:e3:ce:55:43:13:2a:d0:38:64:cd:
b9:ae:c2:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRUXZ2pfHJNVDpuZCKLYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzdkZDI1Y2E1ZmIxZGM5MTNjMmZmYjkxNmZhMjJmYjg2
MTBiNzgwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQxOWNiNmY1MjBjNmM1N2Q1NTExNWMwMTFkZjdkMDBjYjVmNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+aGQmwXyUyrZXg8G4aFJOvWnYbtP
BL4htaUTFUXT7yh1jYEMajoOIi8/t5OF1OD4k6LwHi/hMbYt5w/2SoLSyzH4Fsam
WgL35zN+m0lUkxtxlCn6A7HzPV0lrFkTVe8U3p6wYOgxf+1AHBC1jlXkbiupd8Gu
xfsXcXtzShrSpjZfbK+srLyyS85gTirFrRZ3SZ6m5Cy60QCjWaNlxokwze1StTqz
BotO/thlTm3/HQZXTpoPPaIEDd6tYPhg2tzIm3N5s7PTjxdB7GZ3tP/1wcc5gLkW
OrKXgBaTzoWDwDF96F7c/LFL2Bv0LwQ/dkt0ImcgjC7KlAOkF/1CIOojSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITRnLb1IMbFfVURXAEd99AMtfZfMB8GA1UdIwQY
MBaAFHfH3SXKX7HckTwv+5Fvoi+4YQt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhmZEpjcGZzZHlSUENfN2tXLWlMN2hoQzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80OTNhYjgtNTRjNC00MmY1LWI0YWYt
ZGRiMzViMWFiYWQ1LzEvaE5HY3R2VWd4c1Y5VlJGY0FSMzMwQXkxOWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80OTNhYjgtNTRjNC00MmY1LWI0YWYtZGRiMzViMWFiYWQ1
LzEvZDhmZEpjcGZzZHlSUENfN2tXLWlMN2hoQzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDURC4MA0G
CSqGSIb3DQEBCwUAA4IBAQCOWSfu7Y4BQpZ9jI4mQyml/gQIv4Xhm9KxZiZZ5sYc
+RGihGdxDld9Tcxde3tMqFo3uRyhW2rPdNkl5Zc5yAWq7zIYYmb89YME1B4qyRDx
l1zORp/goV0t4yhopnJcf/vqhR0M/hlmzeVA1Okb4bZxO7Uu5vbfEr7bTOAkK4jd
LlvWzAlONkQ4UtDKlUNavSn202ft6uiYTTbAOQkx2YYEKHC+YO/cyqTiBAENetjB
Zm+dNoO+XMa3FNVFABxH2bgXqPAkaRoiJW2vvqgn9Bb5TsZqoS7Vy96/InToUUqz
MbBzsIv84X/ogKryVn6BabaRN+POVUMTKtA4ZM25rsI9
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:52:28 2025 by rpki-client