Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/HD1uPet-iIu7hW_120IFu9su76s.roa
File: HD1uPet-iIu7hW_120IFu9su76s.roa (raw, json)
Hash identifier: vFNL8ghAlqPTrA8jGEs+I7hRSyNODsDNbh5CwQDUvI8=
Subject key identifier: 1C:3D:6E:3D:EB:7E:88:8B:BB:85:6F:F5:DB:42:05:BB:DB:2E:EF:AB
Certificate issuer: /CN=14dc11ed1a9d9ed56bf19da7f217830a8099c429
Certificate serial: 019427B568AA593D075ADF1974A8A812ABA4
Authority key identifier: 14:DC:11:ED:1A:9D:9E:D5:6B:F1:9D:A7:F2:17:83:0A:80:99:C4:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNwR7RqdntVr8Z2n8heDCoCZxCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/HD1uPet-iIu7hW_120IFu9su76s.roa
Signing time: Thu 02 Jan 2025 15:49:47 +0000
ROA not before: Thu 02 Jan 2025 15:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213202
IP address blocks: 91.196.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:68:aa:59:3d:07:5a:df:19:74:a8:a8:12:ab:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14dc11ed1a9d9ed56bf19da7f217830a8099c429
Validity
Not Before: Jan 2 15:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c3d6e3deb7e888bbb856ff5db4205bbdb2eefab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2f:f5:38:e3:79:08:31:d4:13:f8:f3:56:12:
0c:94:8e:25:d3:7e:a2:f0:79:ed:9d:89:b4:3f:e5:
94:e6:5c:82:02:b1:d7:e0:76:ab:17:59:57:e0:23:
7e:56:d7:c4:10:06:be:98:91:86:cb:90:e9:c5:e2:
81:46:2a:e1:ee:d1:08:5c:93:d6:b1:c7:be:1d:73:
99:ff:23:d3:37:84:43:ce:4a:c3:93:9e:7e:1b:80:
15:fd:c8:86:2c:e6:cc:3f:88:f9:28:c2:41:54:83:
32:48:43:1e:50:77:ef:fc:bc:f3:ef:da:19:73:91:
e2:d3:88:77:83:25:14:28:07:51:bc:1a:ee:55:bb:
03:b9:6d:53:cb:fe:a7:12:f3:1a:68:db:7d:6a:d7:
7d:e8:3b:0a:0e:6e:19:17:88:b2:72:a8:46:3f:b2:
6d:52:4c:bc:50:fd:38:ea:e8:09:42:aa:ff:49:a0:
41:d6:b1:ef:21:f3:3b:5d:dd:1f:2e:af:1e:05:a3:
0e:a2:ed:5f:29:bc:fa:c2:eb:7c:bb:6c:fe:ef:a2:
7e:36:ad:97:8a:9d:89:88:cd:60:de:da:8d:d1:00:
c6:94:a0:79:1c:2b:4e:c3:13:7c:f5:15:e8:e6:d5:
a2:35:7c:a9:6f:da:98:9b:14:8a:52:7b:4b:3a:e3:
d2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3D:6E:3D:EB:7E:88:8B:BB:85:6F:F5:DB:42:05:BB:DB:2E:EF:AB
X509v3 Authority Key Identifier:
keyid:14:DC:11:ED:1A:9D:9E:D5:6B:F1:9D:A7:F2:17:83:0A:80:99:C4:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNwR7RqdntVr8Z2n8heDCoCZxCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/HD1uPet-iIu7hW_120IFu9su76s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ef7bd3-24b2-4284-97fe-c71db718970e/1/FNwR7RqdntVr8Z2n8heDCoCZxCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.191.0/24
Signature Algorithm: sha256WithRSAEncryption
11:c4:1b:b0:02:0e:02:d1:f3:e4:54:74:43:90:6f:b8:67:35:
a0:b2:ab:3f:11:36:1b:ff:2b:4a:a7:a4:7b:6d:f8:2d:da:0d:
80:bb:bd:14:e4:63:54:6e:4a:2e:8e:51:e1:1b:f4:c5:21:91:
95:5f:f4:1f:9d:e9:85:5f:6d:bd:00:14:64:02:8d:d9:72:53:
08:92:69:ea:fa:aa:d6:53:07:0c:c0:b7:d7:84:b0:14:d5:b6:
cf:ae:6f:08:79:9f:4b:7f:6b:20:61:01:f8:a0:48:1a:1c:c4:
7c:3c:a1:e7:65:95:54:94:18:04:56:d8:76:5b:3d:86:ab:9d:
7e:ef:6b:04:3c:aa:39:0f:82:65:14:5b:c0:76:b1:6a:ad:cd:
09:90:41:8d:05:33:90:a9:8e:36:fa:bf:f4:d8:25:5e:32:02:
e7:cd:bd:0d:77:43:d7:7f:a5:c6:1e:ee:c3:59:b8:7d:ea:ad:
43:fc:54:e2:7d:76:42:5d:e2:c9:9e:b4:79:d8:24:b6:b1:f7:
e1:68:01:1f:d3:de:b9:a6:58:77:a0:f0:38:45:aa:40:f2:de:
97:7a:70:bd:0e:a9:b3:d7:12:8d:44:c6:90:0d:7f:55:fd:8e:
9d:2f:17:b4:c3:49:c4:6c:f8:b0:c8:eb:d8:cd:89:b6:dc:1d:
5e:e7:d7:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntWiqWT0HWt8ZdKioEqukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZGMxMWVkMWE5ZDllZDU2YmYxOWRhN2YyMTc4MzBhODA5
OWM0MjkwHhcNMjUwMTAyMTU0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzNkNmUzZGViN2U4ODhiYmI4NTZmZjVkYjQyMDViYmRiMmVlZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1i/1OON5CDHUE/jzVhIMlI4l036i
8HntnYm0P+WU5lyCArHX4HarF1lX4CN+VtfEEAa+mJGGy5DpxeKBRirh7tEIXJPW
sce+HXOZ/yPTN4RDzkrDk55+G4AV/ciGLObMP4j5KMJBVIMySEMeUHfv/Lzz79oZ
c5Hi04h3gyUUKAdRvBruVbsDuW1Ty/6nEvMaaNt9atd96DsKDm4ZF4iycqhGP7Jt
Uky8UP046ugJQqr/SaBB1rHvIfM7Xd0fLq8eBaMOou1fKbz6wut8u2z+76J+Nq2X
ip2JiM1g3tqN0QDGlKB5HCtOwxN89RXo5tWiNXypb9qYmxSKUntLOuPSpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBw9bj3rfoiLu4Vv9dtCBbvbLu+rMB8GA1UdIwQY
MBaAFBTcEe0anZ7Va/Gdp/IXgwqAmcQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk53UjdScWRudFZyOFoybjhoZURDb0NaeENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lZjdiZDMtMjRiMi00Mjg0LTk3ZmUt
YzcxZGI3MTg5NzBlLzEvSEQxdVBldC1pSXU3aFdfMTIwSUZ1OXN1NzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9lZjdiZDMtMjRiMi00Mjg0LTk3ZmUtYzcxZGI3MTg5NzBl
LzEvRk53UjdScWRudFZyOFoybjhoZURDb0NaeENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8S/MA0G
CSqGSIb3DQEBCwUAA4IBAQARxBuwAg4C0fPkVHRDkG+4ZzWgsqs/ETYb/ytKp6R7
bfgt2g2Au70U5GNUbkoujlHhG/TFIZGVX/QfnemFX229ABRkAo3ZclMIkmnq+qrW
UwcMwLfXhLAU1bbPrm8IeZ9Lf2sgYQH4oEgaHMR8PKHnZZVUlBgEVth2Wz2Gq51+
72sEPKo5D4JlFFvAdrFqrc0JkEGNBTOQqY42+r/02CVeMgLnzb0Nd0PXf6XGHu7D
Wbh96q1D/FTifXZCXeLJnrR52CS2sffhaAEf0965plh3oPA4RapA8t6XenC9Dqmz
1xKNRMaQDX9V/Y6dLxe0w0nEbPiwyOvYzYm23B1e59dX
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:50:53 2025 by rpki-client