Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/HglCnD55qDv-Q0rgVR2_h-nRZkY.roa
File: HglCnD55qDv-Q0rgVR2_h-nRZkY.roa (raw, json)
Hash identifier: Qc4gkZG+SuNlsvP0f5FqX4UkqgAGysqsANOz/SQ42AI=
Subject key identifier: 1E:09:42:9C:3E:79:A8:3B:FE:43:4A:E0:55:1D:BF:87:E9:D1:66:46
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01942747CD2BD2072DB4D997512E25D7B86A
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/HglCnD55qDv-Q0rgVR2_h-nRZkY.roa
Signing time: Thu 02 Jan 2025 13:50:04 +0000
ROA not before: Thu 02 Jan 2025 13:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39486
IP address blocks: 171.22.248.0/22 maxlen: 24
193.42.224.0/22 maxlen: 24
194.116.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:cd:2b:d2:07:2d:b4:d9:97:51:2e:25:d7:b8:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 13:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e09429c3e79a83bfe434ae0551dbf87e9d16646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0e:39:b5:c7:56:b1:3a:22:d4:10:2d:0e:e2:
d4:40:e3:e0:a0:1e:3b:eb:49:07:58:81:77:0a:a1:
f4:eb:ca:1e:0b:71:15:01:ed:66:6b:22:a4:9e:81:
e1:b2:e5:fe:5c:39:1c:bd:b5:71:33:65:13:04:29:
e0:60:b8:fd:5d:2d:93:d9:b4:71:7a:e4:82:7b:48:
64:7b:3e:42:ca:cc:bb:32:39:10:63:6f:73:9e:e2:
93:c2:cf:f3:72:56:4b:17:c1:79:fd:95:bc:3c:14:
6d:62:d6:c5:80:a6:55:d0:1b:3d:55:84:6a:23:9f:
a0:23:e2:69:d3:a6:42:98:28:90:05:f1:35:5f:bc:
84:f6:df:87:bc:62:c9:62:35:a3:40:a4:ef:18:61:
42:d2:23:2b:4b:91:ef:4c:5f:ce:85:00:31:fa:5e:
58:54:70:ab:1b:5e:27:19:4d:ce:e1:e1:30:0d:dc:
f9:17:39:9d:83:dd:a4:09:f0:de:47:a0:53:73:78:
c6:e2:d7:ae:56:d3:2f:22:87:99:7a:d7:0c:c4:74:
aa:2e:a3:43:d4:e0:a0:13:69:12:f8:8f:51:72:13:
f1:04:3a:e0:5b:ab:c0:1f:09:72:cb:32:3e:06:bf:
6f:a5:2f:a8:3e:e4:cd:dd:eb:07:0a:1e:ab:08:16:
f1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:09:42:9C:3E:79:A8:3B:FE:43:4A:E0:55:1D:BF:87:E9:D1:66:46
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/HglCnD55qDv-Q0rgVR2_h-nRZkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.248.0/22
193.42.224.0/22
194.116.248.0/22
Signature Algorithm: sha256WithRSAEncryption
54:c6:f5:ed:6d:c5:61:c4:4e:2b:a7:27:fc:55:64:fc:33:b6:
5d:3c:ec:a7:63:69:4b:8d:13:1f:1b:92:8b:14:38:06:ee:9e:
ca:a6:96:23:2e:b8:c1:83:91:96:1e:45:86:21:16:56:e4:e4:
60:94:45:5a:1e:6c:fb:21:10:a9:4c:1a:27:37:0e:2e:28:1e:
6f:38:23:e1:b9:a8:ca:d6:d7:f2:f6:60:96:4f:4f:2e:a5:a6:
a5:70:80:d6:36:be:9c:8a:55:5a:d0:e8:ae:45:76:22:83:83:
2b:5c:26:eb:25:f7:0b:80:65:99:f0:6b:02:c1:5a:fb:19:96:
a8:3f:fd:ac:bc:75:63:d1:34:8b:2c:87:af:64:e4:d2:36:ad:
28:d1:80:53:a9:65:0b:35:0e:3a:7f:d2:c0:88:fd:b5:25:81:
19:68:3c:dc:81:65:04:bc:8b:c0:aa:63:e3:60:f4:3f:e7:c9:
f8:11:01:59:c8:e2:dc:5e:ae:5e:ee:87:f9:02:96:ec:0b:1a:
0f:a3:f5:21:b4:50:49:b6:03:1f:bf:78:bd:45:b9:bc:d2:f3:
f2:14:38:98:73:8a:7e:02:59:5b:bb:9a:48:e5:1b:fa:1c:87:
10:4b:ee:b9:c5:b6:83:e7:e6:12:67:71:c7:78:bf:a3:8c:3c:
f3:9c:87:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR80r0gcttNmXUS4l17hqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMTAyMTM1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA5NDI5YzNlNzlhODNiZmU0MzRhZTA1NTFkYmY4N2U5ZDE2NjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w45tcdWsToi1BAtDuLUQOPgoB47
60kHWIF3CqH068oeC3EVAe1mayKknoHhsuX+XDkcvbVxM2UTBCngYLj9XS2T2bRx
euSCe0hkez5Cysy7MjkQY29znuKTws/zclZLF8F5/ZW8PBRtYtbFgKZV0Bs9VYRq
I5+gI+Jp06ZCmCiQBfE1X7yE9t+HvGLJYjWjQKTvGGFC0iMrS5HvTF/OhQAx+l5Y
VHCrG14nGU3O4eEwDdz5Fzmdg92kCfDeR6BTc3jG4teuVtMvIoeZetcMxHSqLqND
1OCgE2kS+I9RchPxBDrgW6vAHwlyyzI+Br9vpS+oPuTN3esHCh6rCBbx7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB4JQpw+eag7/kNK4FUdv4fp0WZGMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvSGdsQ25ENTVxRHYtUTByZ1ZSMl9oLW5SWmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCqxb4AwQC
wSrgAwQCwnT4MA0GCSqGSIb3DQEBCwUAA4IBAQBUxvXtbcVhxE4rpyf8VWT8M7Zd
POynY2lLjRMfG5KLFDgG7p7KppYjLrjBg5GWHkWGIRZW5ORglEVaHmz7IRCpTBon
Nw4uKB5vOCPhuajK1tfy9mCWT08upaalcIDWNr6cilVa0OiuRXYig4MrXCbrJfcL
gGWZ8GsCwVr7GZaoP/2svHVj0TSLLIevZOTSNq0o0YBTqWULNQ46f9LAiP21JYEZ
aDzcgWUEvIvAqmPjYPQ/58n4EQFZyOLcXq5e7of5ApbsCxoPo/UhtFBJtgMfv3i9
Rbm80vPyFDiYc4p+Allbu5pI5Rv6HIcQS+65xbaD5+YSZ3HHeL+jjDzznIfB
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:28:14 2025 by rpki-client