Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/21deba-db66-4702-bdbf-09115d592e6f/1/HD9DDpndnHLq_4dbkyZqIFuWEjY.roa
File: HD9DDpndnHLq_4dbkyZqIFuWEjY.roa (raw, json)
Hash identifier: Z4pjuq0HKXG9choj5zS7q6H/YSy/16F5fWIBae/DC00=
Subject key identifier: 1C:3F:43:0E:99:DD:9C:72:EA:FF:87:5B:93:26:6A:20:5B:96:12:36
Certificate issuer: /CN=27ff20440ba698a4dc0439bc179fb33a3ee1cc95
Certificate serial: 01856EEFD8C53A2AD053AB87CFBD7CC1128E
Authority key identifier: 27:FF:20:44:0B:A6:98:A4:DC:04:39:BC:17:9F:B3:3A:3E:E1:CC:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_8gRAummKTcBDm8F5-zOj7hzJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/21deba-db66-4702-bdbf-09115d592e6f/1/HD9DDpndnHLq_4dbkyZqIFuWEjY.roa
Signing time: Sun 01 Jan 2023 20:04:50 +0000
ROA not before: Sun 01 Jan 2023 20:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44738
IP address blocks: 195.28.4.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:d8:c5:3a:2a:d0:53:ab:87:cf:bd:7c:c1:12:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27ff20440ba698a4dc0439bc179fb33a3ee1cc95
Validity
Not Before: Jan 1 20:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c3f430e99dd9c72eaff875b93266a205b961236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:81:67:c0:e5:28:fc:0b:94:1f:99:57:ae:76:
70:1b:d6:39:43:45:ee:07:ff:57:83:c8:9d:d0:3b:
1f:ae:d2:44:47:7f:e1:d0:3f:7e:fa:24:ae:93:29:
30:46:b5:d9:cb:08:05:b5:be:0b:c9:38:28:e5:cc:
76:f6:91:df:ba:68:23:32:ad:f3:64:a0:85:bd:3b:
0d:75:c7:9e:fa:a3:16:2e:d0:fd:53:54:14:a8:da:
c1:77:01:c2:1a:79:e8:43:b4:a1:52:94:80:dd:7d:
7d:c2:7a:71:96:7a:36:93:98:a3:44:1d:f6:5d:44:
51:93:bc:ed:f2:51:7f:3f:17:31:29:ca:80:cf:7e:
cd:76:94:6c:79:74:89:3a:bf:6c:8e:8a:b0:a3:b6:
74:c3:b9:fd:1b:bd:11:d5:4d:67:a6:ae:16:92:1e:
1d:9c:26:30:eb:85:f4:41:7c:6a:59:a5:e5:72:f7:
8a:c2:66:51:0a:76:f0:9a:2b:67:b1:78:74:7a:12:
99:83:86:4d:a7:6b:ed:f6:e4:d2:5e:14:de:38:3b:
7b:ac:5a:76:be:21:55:2c:f8:f0:a4:4c:ae:6e:b5:
ea:99:a4:79:2f:d9:2c:43:e9:ac:8d:8c:96:3d:35:
4e:ee:9e:16:e6:c2:7f:e5:7e:5a:b0:35:13:34:30:
74:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3F:43:0E:99:DD:9C:72:EA:FF:87:5B:93:26:6A:20:5B:96:12:36
X509v3 Authority Key Identifier:
keyid:27:FF:20:44:0B:A6:98:A4:DC:04:39:BC:17:9F:B3:3A:3E:E1:CC:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_8gRAummKTcBDm8F5-zOj7hzJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21deba-db66-4702-bdbf-09115d592e6f/1/HD9DDpndnHLq_4dbkyZqIFuWEjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/21deba-db66-4702-bdbf-09115d592e6f/1/J_8gRAummKTcBDm8F5-zOj7hzJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.4.0/23
Signature Algorithm: sha256WithRSAEncryption
27:0c:ca:14:e4:8b:6f:e9:e9:0c:c0:a0:86:f2:5d:b9:a8:26:
f4:f4:06:de:32:69:2f:65:4a:92:ec:f0:55:06:a8:ca:5c:22:
eb:f6:dc:1e:10:eb:92:3c:e7:8a:d6:5a:f4:cf:7f:55:c1:33:
67:1d:c2:59:a0:10:86:91:94:de:78:86:ea:e5:06:5f:13:28:
ea:70:b1:79:02:77:fc:1c:57:70:a1:ff:42:60:d1:50:35:0b:
59:35:15:ac:73:46:98:38:c3:0f:ce:dc:40:1d:08:6a:c0:43:
3c:39:29:93:ec:ba:d6:cf:2f:9b:8b:c5:db:05:88:be:c4:e9:
bf:04:a7:2e:bb:ee:89:3a:9c:2b:9a:54:4d:15:4c:b8:dc:d5:
07:30:7e:4e:0d:f4:3e:ad:57:b1:73:49:4d:6a:2a:cd:7e:06:
ac:13:93:b2:36:f0:7f:ab:21:73:78:b7:60:f0:6a:ca:6f:3d:
74:a2:5e:fe:f8:18:d1:97:ec:66:bb:f3:77:c3:b8:f2:cd:de:
b8:79:3b:5c:f3:75:f9:73:9e:36:b9:b1:db:ae:6d:c9:5f:b5:
3c:06:73:9c:7f:75:05:bf:48:8d:4b:fd:72:62:97:47:ed:c4:
01:a2:22:6e:92:3c:dc:af:91:72:4d:d0:03:4c:96:59:d5:6b:
6c:e1:db:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu79jFOirQU6uHz718wRKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZmYyMDQ0MGJhNjk4YTRkYzA0MzliYzE3OWZiMzNhM2Vl
MWNjOTUwHhcNMjMwMTAxMjAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzNmNDMwZTk5ZGQ5YzcyZWFmZjg3NWI5MzI2NmEyMDViOTYxMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoFnwOUo/AuUH5lXrnZwG9Y5Q0Xu
B/9Xg8id0DsfrtJER3/h0D9++iSukykwRrXZywgFtb4LyTgo5cx29pHfumgjMq3z
ZKCFvTsNdcee+qMWLtD9U1QUqNrBdwHCGnnoQ7ShUpSA3X19wnpxlno2k5ijRB32
XURRk7zt8lF/PxcxKcqAz37NdpRseXSJOr9sjoqwo7Z0w7n9G70R1U1npq4Wkh4d
nCYw64X0QXxqWaXlcveKwmZRCnbwmitnsXh0ehKZg4ZNp2vt9uTSXhTeODt7rFp2
viFVLPjwpEyubrXqmaR5L9ksQ+msjYyWPTVO7p4W5sJ/5X5asDUTNDB01QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBw/Qw6Z3Zxy6v+HW5MmaiBblhI2MB8GA1UdIwQY
MBaAFCf/IEQLppik3AQ5vBefszo+4cyVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl84Z1JBdW1tS1RjQkRtOEY1LXpPajdoekpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yMWRlYmEtZGI2Ni00NzAyLWJkYmYt
MDkxMTVkNTkyZTZmLzEvSEQ5RERwbmRuSExxXzRkYmt5WnFJRnVXRWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yMWRlYmEtZGI2Ni00NzAyLWJkYmYtMDkxMTVkNTkyZTZm
LzEvSl84Z1JBdW1tS1RjQkRtOEY1LXpPajdoekpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwxwEMA0G
CSqGSIb3DQEBCwUAA4IBAQAnDMoU5Itv6ekMwKCG8l25qCb09AbeMmkvZUqS7PBV
BqjKXCLr9tweEOuSPOeK1lr0z39VwTNnHcJZoBCGkZTeeIbq5QZfEyjqcLF5Anf8
HFdwof9CYNFQNQtZNRWsc0aYOMMPztxAHQhqwEM8OSmT7LrWzy+bi8XbBYi+xOm/
BKcuu+6JOpwrmlRNFUy43NUHMH5ODfQ+rVexc0lNairNfgasE5OyNvB/qyFzeLdg
8GrKbz10ol7++BjRl+xmu/N3w7jyzd64eTtc83X5c542ubHbrm3JX7U8BnOcf3UF
v0iNS/1yYpdH7cQBoiJukjzcr5FyTdADTJZZ1Wts4du6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:05 2025 by rpki-client