Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1HUYI77_-VuU9WJdrN1HSCRIN90.roa
File: 1HUYI77_-VuU9WJdrN1HSCRIN90.roa (raw, json)
Hash identifier: 7Hh2QgpcGU0sfbFhT5GwV1FTSgBGC5oCZNhgazga86k=
Subject key identifier: D4:75:18:23:BE:FF:F9:5B:94:F5:62:5D:AC:DD:47:48:24:48:37:DD
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0193D4CD44E9D0FCB789437C03C16744FD87
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1HUYI77_-VuU9WJdrN1HSCRIN90.roa
Signing time: Tue 17 Dec 2024 13:27:22 +0000
ROA not before: Tue 17 Dec 2024 13:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200019
IP address blocks: 91.199.133.0/24 maxlen: 24
91.229.239.0/24 maxlen: 24
146.19.213.0/24 maxlen: 24
159.253.120.0/24 maxlen: 24
194.110.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:cd:44:e9:d0:fc:b7:89:43:7c:03:c1:67:44:fd:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Dec 17 13:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4751823befff95b94f5625dacdd4748244837dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3d:58:96:c2:0a:2f:88:11:8d:24:47:dd:2c:
a7:dc:d6:b6:f5:24:35:55:0c:54:41:3d:5f:53:20:
9b:1d:30:2f:ba:5d:73:82:c0:21:c1:da:ef:2f:dd:
bb:1e:a6:ec:80:9a:2b:2b:74:19:f5:ba:54:c3:58:
ec:6c:6e:2d:bf:f8:ce:bf:de:d1:83:32:80:19:99:
de:34:3e:1c:80:47:dd:0e:fe:b8:6b:3f:26:8c:f4:
c6:03:b3:57:d2:51:83:44:44:f5:f4:c3:fe:31:d6:
36:89:1c:70:8b:16:bd:46:01:26:a7:58:71:24:2f:
12:f4:57:50:7e:8e:be:5e:b7:a4:88:d8:d1:21:34:
a1:39:b1:da:f9:2d:53:55:8c:76:d0:a3:98:68:1e:
0a:d4:06:12:47:b9:54:e0:89:82:e7:b4:fe:18:ba:
8f:c8:8f:46:0d:44:d3:ea:9a:da:b9:90:1c:37:e9:
e1:2d:63:16:60:95:2b:3d:20:d6:be:49:c3:eb:f9:
b4:63:ae:93:3b:f7:b5:4d:bb:24:ef:7d:43:76:40:
d9:ac:1c:89:a8:ca:81:eb:b1:2d:68:80:b6:09:c5:
dd:dd:a8:d1:e4:24:b9:b8:b1:dc:bd:2e:67:80:c4:
2c:3a:2b:fc:56:25:9b:ff:f0:40:b4:7e:81:d4:c6:
fc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:75:18:23:BE:FF:F9:5B:94:F5:62:5D:AC:DD:47:48:24:48:37:DD
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1HUYI77_-VuU9WJdrN1HSCRIN90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.133.0/24
91.229.239.0/24
146.19.213.0/24
159.253.120.0/24
194.110.247.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ef:2a:35:a4:40:fc:aa:93:c4:55:f1:ca:62:08:b6:21:24:
7e:ff:74:d8:3c:21:7b:20:e0:b5:1d:0b:3c:e2:2d:b5:1d:4f:
35:13:6d:e2:52:40:59:85:a8:b3:1a:cf:bc:28:23:1e:73:89:
8d:19:a9:6a:a3:3f:0b:2c:e6:4c:9b:5e:2b:8f:21:60:7e:2e:
94:52:ea:cf:78:bd:a7:6f:ec:78:9e:ca:8a:3a:a9:93:b3:09:
c3:b7:0d:43:93:ef:bb:6c:b9:8a:9e:64:a8:c5:80:d9:f1:d7:
20:c4:40:43:6d:e8:09:87:3f:13:fa:2f:66:9c:27:98:08:f4:
9c:3e:18:b5:04:46:1b:52:04:a4:4d:3f:01:c5:1f:23:82:98:
e4:f1:12:ca:2b:c6:fe:b8:c4:45:d1:d1:bf:d5:3b:5d:30:36:
84:84:89:47:74:39:41:70:6a:f2:03:c3:cf:8a:0d:21:a8:b6:
35:de:7a:a3:d0:95:6d:e2:b0:dc:1c:70:ad:6b:b5:36:15:59:
40:b2:b0:d5:d6:72:92:33:05:49:22:7e:37:f4:62:67:bd:71:
e0:a1:04:6e:a4:62:4c:f3:25:c5:cc:62:b9:c0:12:1b:be:61:
6a:05:d6:d3:40:81:08:d3:88:61:35:67:9d:9e:c6:22:7d:cd:
e6:36:91:a1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPUzUTp0Py3iUN8A8FnRP2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQxMjE3MTMyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc1MTgyM2JlZmZmOTViOTRmNTYyNWRhY2RkNDc0ODI0NDgzN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtj1YlsIKL4gRjSRH3Syn3Na29SQ1
VQxUQT1fUyCbHTAvul1zgsAhwdrvL927HqbsgJorK3QZ9bpUw1jsbG4tv/jOv97R
gzKAGZneND4cgEfdDv64az8mjPTGA7NX0lGDRET19MP+MdY2iRxwixa9RgEmp1hx
JC8S9FdQfo6+XrekiNjRITShObHa+S1TVYx20KOYaB4K1AYSR7lU4ImC57T+GLqP
yI9GDUTT6prauZAcN+nhLWMWYJUrPSDWvknD6/m0Y66TO/e1Tbsk731DdkDZrByJ
qMqB67EtaIC2CcXd3ajR5CS5uLHcvS5ngMQsOiv8ViWb//BAtH6B1Mb8zQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNR1GCO+//lblPViXazdR0gkSDfdMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvMUhVWUk3N18tVnVVOVdKZHJOMUhTQ1JJTjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8eFAwQA
W+XvAwQAkhPVAwQAn/14AwQAwm73MA0GCSqGSIb3DQEBCwUAA4IBAQBx7yo1pED8
qpPEVfHKYgi2ISR+/3TYPCF7IOC1HQs84i21HU81E23iUkBZhaizGs+8KCMec4mN
Galqoz8LLOZMm14rjyFgfi6UUurPeL2nb+x4nsqKOqmTswnDtw1Dk++7bLmKnmSo
xYDZ8dcgxEBDbegJhz8T+i9mnCeYCPScPhi1BEYbUgSkTT8BxR8jgpjk8RLKK8b+
uMRF0dG/1TtdMDaEhIlHdDlBcGryA8PPig0hqLY13nqj0JVt4rDcHHCta7U2FVlA
srDV1nKSMwVJIn439GJnvXHgoQRupGJM8yXFzGK5wBIbvmFqBdbTQIEI04hhNWed
nsYifc3mNpGh
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:51:33 2025 by rpki-client