Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/HhFmsUX4n0bTLp54fXsbD6r22vs.roa
File: HhFmsUX4n0bTLp54fXsbD6r22vs.roa (raw, json)
Hash identifier: D3iIhid2GpJT+opqYChMRyeyqU5GVCUcNTC6l2/4JH4=
Subject key identifier: 1E:11:66:B1:45:F8:9F:46:D3:2E:9E:78:7D:7B:1B:0F:AA:F6:DA:FB
Certificate issuer: /CN=951c8b406e8299a7294dd7224570fc32b629dc6b
Certificate serial: 018CC5006AD83E368A3DE53C7F2856C1F21E
Authority key identifier: 95:1C:8B:40:6E:82:99:A7:29:4D:D7:22:45:70:FC:32:B6:29:DC:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRyLQG6CmacpTdciRXD8MrYp3Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/HhFmsUX4n0bTLp54fXsbD6r22vs.roa
Signing time: Mon 01 Jan 2024 12:29:48 +0000
ROA not before: Mon 01 Jan 2024 12:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 193.56.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:6a:d8:3e:36:8a:3d:e5:3c:7f:28:56:c1:f2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951c8b406e8299a7294dd7224570fc32b629dc6b
Validity
Not Before: Jan 1 12:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e1166b145f89f46d32e9e787d7b1b0faaf6dafb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e8:1a:c5:c2:ac:c4:43:00:12:f7:e2:fe:27:
fa:4b:4a:93:c8:5c:96:56:3b:87:ee:e3:4c:50:9b:
2e:57:ce:c4:bd:8f:4f:ab:f9:46:dc:ff:64:76:7d:
d5:1d:29:ab:b3:7a:a2:81:b2:a3:1f:48:a1:34:1e:
af:17:6d:d1:ed:dd:04:28:97:1a:45:40:f1:51:c4:
8b:3f:24:85:86:21:13:f3:ff:2c:56:7a:7d:0d:42:
2a:90:58:e0:0a:62:92:36:b8:d1:d9:81:30:87:b4:
ec:0e:53:e5:54:63:cb:b2:80:36:11:86:91:a1:45:
e0:73:ff:48:67:b4:88:8a:7b:fc:9f:75:bb:1f:a3:
89:70:c3:c9:61:dd:ad:2e:44:08:2a:09:3b:78:d4:
3f:ab:d9:ca:a5:cc:bd:ac:a0:6d:4e:e5:04:02:0f:
eb:f7:92:3a:19:c4:e0:c1:e0:c1:05:41:b7:d7:26:
1e:e4:21:65:c4:16:e9:ce:17:9b:0c:53:43:5e:57:
d3:aa:a7:6a:22:b6:47:c8:04:ec:1b:a3:81:b6:9e:
92:5a:26:42:85:4f:e9:ab:6d:06:49:62:43:27:ec:
f4:ca:ab:ce:fb:a4:60:b7:1c:b5:91:97:f5:c3:dc:
e0:2e:90:79:b3:40:67:5d:eb:2f:6c:f3:f7:f9:9d:
8f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:11:66:B1:45:F8:9F:46:D3:2E:9E:78:7D:7B:1B:0F:AA:F6:DA:FB
X509v3 Authority Key Identifier:
keyid:95:1C:8B:40:6E:82:99:A7:29:4D:D7:22:45:70:FC:32:B6:29:DC:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRyLQG6CmacpTdciRXD8MrYp3Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/HhFmsUX4n0bTLp54fXsbD6r22vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d226bb-7210-4c92-9312-33b36224d6d7/1/lRyLQG6CmacpTdciRXD8MrYp3Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.112.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:b3:72:42:04:90:cc:94:22:1f:39:1e:6b:24:99:19:c5:87:
13:19:a4:67:d9:53:90:56:f1:a1:73:89:36:e0:7b:ae:83:f6:
9a:45:02:67:29:a0:05:5c:76:f6:99:02:18:4a:2e:c2:7b:10:
c9:a0:5a:fc:81:ca:59:6a:07:bc:81:13:18:35:40:1e:21:4c:
d0:f5:a5:14:62:a7:5f:62:7f:29:97:8c:d7:e0:7f:81:c5:62:
a2:a1:9f:8e:7e:37:1d:d1:e7:0b:cf:29:03:3b:32:0d:b8:9b:
19:0a:e6:18:ae:40:e9:88:c6:0f:d1:34:19:dc:67:14:5c:93:
67:fc:75:61:31:42:db:eb:fd:9e:f1:cf:17:b1:28:cb:41:57:
f2:53:55:b2:b8:70:a0:9c:cf:8d:5e:cc:15:4e:d2:e0:e8:8e:
01:15:b0:6e:d7:ef:ad:f6:f9:90:86:bc:b2:39:d8:0f:ff:c9:
8e:5c:81:4c:a2:94:02:13:67:af:7f:e6:62:6a:80:db:2a:25:
d0:8d:47:3b:f3:2f:eb:e0:bb:ea:79:0b:b6:b5:0d:ca:c9:9a:
92:8c:a6:26:be:b5:2b:1f:2a:8b:cc:cc:d7:7d:37:4b:fc:ef:
83:0b:b4:62:a5:6d:40:65:5a:f4:c3:1e:06:01:cf:40:5f:e9:
2d:d2:bb:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAGrYPjaKPeU8fyhWwfIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWM4YjQwNmU4Mjk5YTcyOTRkZDcyMjQ1NzBmYzMyYjYy
OWRjNmIwHhcNMjQwMTAxMTIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTExNjZiMTQ1Zjg5ZjQ2ZDMyZTllNzg3ZDdiMWIwZmFhZjZkYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuegaxcKsxEMAEvfi/if6S0qTyFyW
VjuH7uNMUJsuV87EvY9Pq/lG3P9kdn3VHSmrs3qigbKjH0ihNB6vF23R7d0EKJca
RUDxUcSLPySFhiET8/8sVnp9DUIqkFjgCmKSNrjR2YEwh7TsDlPlVGPLsoA2EYaR
oUXgc/9IZ7SIinv8n3W7H6OJcMPJYd2tLkQIKgk7eNQ/q9nKpcy9rKBtTuUEAg/r
95I6GcTgweDBBUG31yYe5CFlxBbpzhebDFNDXlfTqqdqIrZHyATsG6OBtp6SWiZC
hU/pq20GSWJDJ+z0yqvO+6Rgtxy1kZf1w9zgLpB5s0BnXesvbPP3+Z2P/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4RZrFF+J9G0y6eeH17Gw+q9tr7MB8GA1UdIwQY
MBaAFJUci0BugpmnKU3XIkVw/DK2KdxrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJ5TFFHNkNtYWNwVGRjaVJYRDhNcllwM0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kMjI2YmItNzIxMC00YzkyLTkzMTIt
MzNiMzYyMjRkNmQ3LzEvSGhGbXNVWDRuMGJUTHA1NGZYc2JENnIyMnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kMjI2YmItNzIxMC00YzkyLTkzMTItMzNiMzYyMjRkNmQ3
LzEvbFJ5TFFHNkNtYWNwVGRjaVJYRDhNcllwM0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwThwMA0G
CSqGSIb3DQEBCwUAA4IBAQDVs3JCBJDMlCIfOR5rJJkZxYcTGaRn2VOQVvGhc4k2
4Huug/aaRQJnKaAFXHb2mQIYSi7CexDJoFr8gcpZage8gRMYNUAeIUzQ9aUUYqdf
Yn8pl4zX4H+BxWKioZ+Ofjcd0ecLzykDOzINuJsZCuYYrkDpiMYP0TQZ3GcUXJNn
/HVhMULb6/2e8c8XsSjLQVfyU1WyuHCgnM+NXswVTtLg6I4BFbBu1++t9vmQhryy
OdgP/8mOXIFMopQCE2evf+ZiaoDbKiXQjUc78y/r4LvqeQu2tQ3KyZqSjKYmvrUr
HyqLzMzXfTdL/O+DC7RipW1AZVr0wx4GAc9AX+kt0rsh
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:52:33 2025 by rpki-client