Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HQpaDXAT633qi5uytHqjXXzDZ18.roa
File: HQpaDXAT633qi5uytHqjXXzDZ18.roa (raw, json)
Hash identifier: N9FhCmndouwmCW4qQzEw+5Z0eMcPA+QvDHISBR0IadI=
Subject key identifier: 1D:0A:5A:0D:70:13:EB:7D:EA:8B:9B:B2:B4:7A:A3:5D:7C:C3:67:5F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018C0FF805F0990469298A55CC8435721FFF
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HQpaDXAT633qi5uytHqjXXzDZ18.roa
Signing time: Mon 27 Nov 2023 08:49:21 +0000
ROA not before: Mon 27 Nov 2023 08:49:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42350
IP address blocks: 93.170.89.0/24 maxlen: 24
95.46.198.0/23 maxlen: 24
146.120.220.0/24 maxlen: 24
146.120.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:f8:05:f0:99:04:69:29:8a:55:cc:84:35:72:1f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Nov 27 08:49:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0a5a0d7013eb7dea8b9bb2b47aa35d7cc3675f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:02:c9:88:50:88:15:a1:b7:30:dd:4e:e4:70:
22:08:48:34:61:d4:3e:b4:73:fe:50:b4:b9:6b:1b:
b6:43:69:51:af:c4:f3:53:96:6a:d6:07:70:e5:9c:
d6:78:70:9d:77:e6:a1:0d:1f:81:23:ee:6e:be:db:
1d:e8:47:6a:3b:39:b9:ab:cc:81:1d:f2:62:d4:cf:
41:6d:47:a5:b5:91:1e:44:84:14:dd:e7:8c:54:2b:
14:88:7e:2a:04:67:a3:68:35:02:71:e4:1f:9a:0b:
af:eb:c1:ce:16:08:2d:fa:59:5b:fa:94:d0:08:b1:
2a:85:99:4e:ca:89:d1:2b:fa:61:09:db:0b:d5:fc:
97:ce:9f:f3:51:ab:d9:00:db:05:6f:0e:bd:d7:b6:
ac:af:e4:a7:76:6e:1a:5e:4c:45:07:e6:8f:e6:ec:
28:d1:d9:4f:96:f9:62:d1:40:d7:b9:ef:4a:10:a1:
10:e1:2a:10:d5:ed:9d:18:dc:20:f5:5a:35:47:ed:
4b:d2:74:c4:c3:d4:a5:29:25:74:ac:0d:b0:cb:b4:
4d:db:ad:a5:a8:b1:5f:ff:ce:eb:f1:d0:96:f6:21:
84:67:d3:8e:65:dc:55:d6:04:a0:0c:12:a0:cf:b0:
0b:3a:3e:1b:1c:d3:eb:17:42:8a:3e:9f:57:db:ce:
80:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0A:5A:0D:70:13:EB:7D:EA:8B:9B:B2:B4:7A:A3:5D:7C:C3:67:5F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HQpaDXAT633qi5uytHqjXXzDZ18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.89.0/24
95.46.198.0/23
146.120.220.0/24
146.120.234.0/23
Signature Algorithm: sha256WithRSAEncryption
86:83:f7:32:e7:7b:a2:d3:50:14:58:1d:77:38:3f:50:67:4d:
9b:71:1f:6b:3c:d9:75:20:a3:cf:19:5b:2b:14:45:77:fa:53:
4d:9a:1e:05:b7:67:35:b1:e7:ed:da:ef:10:0a:54:24:bc:c9:
d4:36:a3:13:b8:ed:a1:6a:df:7d:c0:c6:51:0c:5b:84:79:92:
db:22:2b:3d:29:33:5e:3f:35:e0:ce:fe:93:44:de:c0:95:df:
56:be:e2:7e:70:f8:00:3f:e3:2d:c2:13:08:65:86:06:bb:97:
cb:91:92:80:cd:25:e2:ab:8b:57:f9:8b:2c:25:e4:67:91:94:
30:28:f3:5f:e9:7d:0a:e9:7f:c6:63:54:f5:35:c8:08:8a:8d:
26:e0:de:fd:32:11:6c:e1:97:f6:fd:c6:c6:1d:b1:9e:9d:fb:
0d:9b:b4:fa:64:fd:56:0a:a8:91:5a:3f:53:a4:9d:25:63:2b:
e5:08:bb:27:6b:d2:88:a1:bb:44:01:23:b1:63:cb:48:c3:2a:
fc:80:f0:6d:62:43:ba:36:26:86:3a:e3:b9:aa:3e:ee:cd:62:
28:62:06:b7:85:1c:3e:3a:ee:b4:4c:f6:00:f4:45:59:3a:5f:
df:e0:c6:c4:d8:2c:25:72:2b:d8:88:04:40:7b:2b:a0:70:15:
87:35:ef:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwP+AXwmQRpKYpVzIQ1ch//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMTI3MDg0OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBhNWEwZDcwMTNlYjdkZWE4YjliYjJiNDdhYTM1ZDdjYzM2NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQLJiFCIFaG3MN1O5HAiCEg0YdQ+
tHP+ULS5axu2Q2lRr8TzU5Zq1gdw5ZzWeHCdd+ahDR+BI+5uvtsd6EdqOzm5q8yB
HfJi1M9BbUeltZEeRIQU3eeMVCsUiH4qBGejaDUCceQfmguv68HOFggt+llb+pTQ
CLEqhZlOyonRK/phCdsL1fyXzp/zUavZANsFbw6917asr+Sndm4aXkxFB+aP5uwo
0dlPlvli0UDXue9KEKEQ4SoQ1e2dGNwg9Vo1R+1L0nTEw9SlKSV0rA2wy7RN262l
qLFf/87r8dCW9iGEZ9OOZdxV1gSgDBKgz7ALOj4bHNPrF0KKPp9X286AyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB0KWg1wE+t96oubsrR6o118w2dfMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSFFwYURYQVQ2MzNxaTV1eXRIcWpYWHpEWjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXapZAwQB
Xy7GAwQAknjcAwQBknjqMA0GCSqGSIb3DQEBCwUAA4IBAQCGg/cy53ui01AUWB13
OD9QZ02bcR9rPNl1IKPPGVsrFEV3+lNNmh4Ft2c1seft2u8QClQkvMnUNqMTuO2h
at99wMZRDFuEeZLbIis9KTNePzXgzv6TRN7Ald9WvuJ+cPgAP+MtwhMIZYYGu5fL
kZKAzSXiq4tX+YssJeRnkZQwKPNf6X0K6X/GY1T1NcgIio0m4N79MhFs4Zf2/cbG
HbGenfsNm7T6ZP1WCqiRWj9TpJ0lYyvlCLsna9KIobtEASOxY8tIwyr8gPBtYkO6
NiaGOuO5qj7uzWIoYga3hRw+Ou60TPYA9EVZOl/f4MbE2CwlcivYiARAeyugcBWH
Ne9j
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:43 2025 by rpki-client