Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HJifVw97a3n8s8VkYVZmiMosUf4.roa
File: HJifVw97a3n8s8VkYVZmiMosUf4.roa (raw, json)
Hash identifier: 3Z3uKB/n7J4n6bx18YauprN4Tm8IH7x76UxmbvrnCXg=
Subject key identifier: 1C:98:9F:57:0F:7B:6B:79:FC:B3:C5:64:61:56:66:88:CA:2C:51:FE
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D1B89CBFB3C988378548B9788288DD41E
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HJifVw97a3n8s8VkYVZmiMosUf4.roa
Signing time: Thu 18 Jan 2024 07:47:11 +0000
ROA not before: Thu 18 Jan 2024 07:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12679
IP address blocks: 37.49.151.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
109.203.160.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:89:cb:fb:3c:98:83:78:54:8b:97:88:28:8d:d4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 18 07:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c989f570f7b6b79fcb3c56461566688ca2c51fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:84:90:76:ea:2d:43:4e:e2:60:dc:17:06:d7:
ff:53:48:b3:0e:35:1b:e2:2b:d9:0f:de:1e:04:6f:
54:22:b8:74:af:72:2f:cb:9f:b5:db:30:9d:1c:1c:
83:6a:24:b5:b0:74:b3:9e:69:e5:de:85:8a:54:14:
cf:78:f5:7e:1c:81:22:26:3d:d4:52:65:42:9a:88:
60:d7:5f:a7:fd:b1:a8:a2:d5:cb:d1:1d:d1:83:bd:
11:aa:a0:c0:d2:31:35:37:7f:58:8d:b2:5a:dc:38:
78:d6:6c:05:78:6a:50:09:a7:d8:8e:7b:67:6b:56:
d9:ce:cd:6f:ae:3c:39:6b:4b:c1:51:96:6b:d6:fd:
ee:4e:7e:9c:77:93:99:b9:50:eb:9c:45:27:01:4a:
ba:84:7f:55:5f:d6:94:4c:f1:3d:2f:17:c3:f6:1a:
52:d7:10:5a:66:2e:a4:2b:b4:59:4f:3c:98:a0:c7:
cd:12:ea:32:19:05:d5:a5:c0:64:d7:a4:7e:d0:b4:
e9:d2:ca:fa:5d:23:0d:9c:1c:06:f2:21:5e:d3:c7:
7c:a1:61:81:44:90:90:44:70:7b:be:c4:cc:7e:92:
21:05:78:fa:75:d1:70:25:b0:9f:5f:f4:9d:8c:19:
84:22:24:4b:4a:69:30:7f:ae:6c:b1:1f:0b:0b:67:
50:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:98:9F:57:0F:7B:6B:79:FC:B3:C5:64:61:56:66:88:CA:2C:51:FE
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HJifVw97a3n8s8VkYVZmiMosUf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.151.0/24
94.74.173.0/24
109.203.160.0/22
Signature Algorithm: sha256WithRSAEncryption
10:f1:e0:98:dc:93:91:a9:01:7c:0e:35:1a:28:6c:5f:ac:25:
89:32:aa:25:e9:10:c5:06:d7:c9:19:0b:3f:28:21:d2:6a:74:
58:e8:8f:c6:5f:0a:ca:eb:62:ec:b4:ff:cc:f1:c9:74:5f:e2:
b4:1a:5d:eb:1e:29:24:78:c1:78:9b:ef:26:53:30:82:5d:5c:
c1:63:2b:e3:f7:65:41:78:40:f9:06:dd:6e:b7:ba:54:c2:f1:
d0:6d:36:aa:5f:ae:a5:2f:95:bb:e2:b1:a5:b3:05:83:18:02:
5d:8d:25:73:70:1a:b4:f4:c9:a3:b4:dd:d0:1f:cb:7c:c4:65:
40:56:40:96:1b:ee:65:47:d3:08:87:b2:77:12:78:da:09:a4:
aa:b2:0e:d1:6d:75:1d:7a:13:f1:ad:5c:a9:fd:06:6a:6d:b8:
49:8d:6f:b2:a2:eb:29:51:55:27:e6:16:f9:a9:70:05:e5:36:
f2:e9:9b:54:6f:ac:e0:ed:58:64:78:38:a9:56:fd:7c:62:2b:
73:62:91:10:3e:f7:7b:1e:86:7d:ea:38:f1:4b:7a:4e:a3:c7:
46:1c:c0:4e:21:02:df:eb:03:7b:14:31:05:ba:fc:22:a7:ee:
a0:81:ad:ec:6d:3a:aa:41:93:f2:39:4b:7f:dd:7b:87:64:45:
c6:9a:7e:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0bicv7PJiDeFSLl4gojdQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTE4MDc0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk4OWY1NzBmN2I2Yjc5ZmNiM2M1NjQ2MTU2NjY4OGNhMmM1MWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44SQduotQ07iYNwXBtf/U0izDjUb
4ivZD94eBG9UIrh0r3Ivy5+12zCdHByDaiS1sHSznmnl3oWKVBTPePV+HIEiJj3U
UmVCmohg11+n/bGootXL0R3Rg70RqqDA0jE1N39YjbJa3Dh41mwFeGpQCafYjntn
a1bZzs1vrjw5a0vBUZZr1v3uTn6cd5OZuVDrnEUnAUq6hH9VX9aUTPE9LxfD9hpS
1xBaZi6kK7RZTzyYoMfNEuoyGQXVpcBk16R+0LTp0sr6XSMNnBwG8iFe08d8oWGB
RJCQRHB7vsTMfpIhBXj6ddFwJbCfX/SdjBmEIiRLSmkwf65ssR8LC2dQHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFByYn1cPe2t5/LPFZGFWZojKLFH+MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSEppZlZ3OTdhM244czhWa1lWWm1pTW9zVWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJTGXAwQA
XkqtAwQCbcugMA0GCSqGSIb3DQEBCwUAA4IBAQAQ8eCY3JORqQF8DjUaKGxfrCWJ
Mqol6RDFBtfJGQs/KCHSanRY6I/GXwrK62LstP/M8cl0X+K0Gl3rHikkeMF4m+8m
UzCCXVzBYyvj92VBeED5Bt1ut7pUwvHQbTaqX66lL5W74rGlswWDGAJdjSVzcBq0
9MmjtN3QH8t8xGVAVkCWG+5lR9MIh7J3EnjaCaSqsg7RbXUdehPxrVyp/QZqbbhJ
jW+youspUVUn5hb5qXAF5Tby6ZtUb6zg7VhkeDipVv18YitzYpEQPvd7HoZ96jjx
S3pOo8dGHMBOIQLf6wN7FDEFuvwip+6gga3sbTqqQZPyOUt/3XuHZEXGmn7C
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:08 2025 by rpki-client