Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/Hd-qRqa65JU16SpvsfTF6ICb7aE.roa
File: Hd-qRqa65JU16SpvsfTF6ICb7aE.roa (raw, json)
Hash identifier: bKHtmpuqHxLOPprfCge3Q38lP3RfTJX2E7wsv1jmeuI=
Subject key identifier: 1D:DF:AA:46:A6:BA:E4:95:35:E9:2A:6F:B1:F4:C5:E8:80:9B:ED:A1
Certificate issuer: /CN=df798581e73704ee38c9be15e72370f176c60311
Certificate serial: 0188EBF3B2D058DC127AF40E6BA3A670B684
Authority key identifier: DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/Hd-qRqa65JU16SpvsfTF6ICb7aE.roa
Signing time: Sat 24 Jun 2023 05:49:56 +0000
ROA not before: Sat 24 Jun 2023 05:49:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 185.128.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:eb:f3:b2:d0:58:dc:12:7a:f4:0e:6b:a3:a6:70:b6:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df798581e73704ee38c9be15e72370f176c60311
Validity
Not Before: Jun 24 05:49:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ddfaa46a6bae49535e92a6fb1f4c5e8809beda1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ed:aa:16:ac:11:27:9d:ea:29:a7:ab:73:c1:
2b:b3:12:5f:ee:3e:cc:10:38:0c:58:b4:d9:83:87:
bc:e2:c1:28:1d:1b:e5:fb:dd:9c:e3:89:91:1c:0a:
9b:df:95:13:85:81:e1:8a:70:19:3f:4c:80:3c:a4:
51:b9:f7:4c:45:a4:03:70:80:27:08:0a:43:39:45:
5f:9f:bb:27:41:90:19:19:ba:5c:d0:77:63:0c:f0:
69:1a:29:ac:ef:84:2d:5b:55:29:59:48:45:bc:cd:
cc:9b:48:52:b5:06:14:cf:c9:12:ba:d5:42:b7:7b:
8f:ad:d7:c3:b0:97:6c:0c:0b:81:da:ed:86:4b:96:
61:ee:6a:bb:49:17:4d:5e:47:76:57:98:41:ef:97:
29:07:32:67:b5:21:e0:ba:d8:78:07:8c:63:5c:50:
a8:eb:6f:2e:68:3d:8d:7b:f5:b0:47:2e:c6:f7:ea:
a1:f7:1a:22:bf:b1:bf:36:68:fd:d5:99:6a:8d:7b:
e4:15:51:5a:bb:8c:60:e6:ca:be:fb:25:60:35:5a:
2f:a6:9c:c0:cd:05:5e:12:90:17:88:6f:68:75:9d:
76:dc:82:08:7e:69:44:0b:91:68:52:d1:9e:2a:e7:
10:40:fe:e7:ac:a7:b3:9e:a7:d5:94:70:56:2c:2e:
2b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DF:AA:46:A6:BA:E4:95:35:E9:2A:6F:B1:F4:C5:E8:80:9B:ED:A1
X509v3 Authority Key Identifier:
keyid:DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/Hd-qRqa65JU16SpvsfTF6ICb7aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/33mFgec3BO44yb4V5yNw8XbGAxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.80.0/22
Signature Algorithm: sha256WithRSAEncryption
14:14:6d:ab:84:55:8d:e5:3f:61:70:6d:d6:c5:b5:30:71:cb:
f7:87:5c:36:b6:91:78:4b:25:f1:ad:c9:a8:d2:eb:b2:11:0d:
a7:fa:f0:e6:8a:f1:a2:e3:21:89:99:95:02:6a:7e:da:04:80:
85:8c:56:27:a8:6f:e9:11:ad:2e:25:d4:8e:1c:49:85:60:ba:
43:fb:58:e9:60:2e:c1:a9:9d:17:85:81:e1:17:04:5b:df:fd:
d0:24:1d:cb:58:22:60:e3:3c:01:fc:48:ee:0f:49:80:50:a0:
e5:ee:ec:c2:4f:4f:a9:7f:f4:18:0a:44:44:5e:f5:17:92:03:
e3:4a:cb:4d:de:dc:88:7c:98:d1:05:cf:90:b1:ad:ec:77:20:
76:5e:00:36:a8:89:63:9e:61:96:ef:2d:2d:c7:75:0b:93:68:
60:e1:eb:93:d6:87:97:36:6b:dd:e8:03:be:09:fd:76:bf:01:
52:4f:78:d8:7b:9d:f5:77:4d:5b:70:7d:95:0d:f3:60:01:cd:
49:bd:cb:e2:53:3f:35:bc:dc:f2:db:67:cf:c0:a9:03:51:74:
52:3d:15:3c:c3:1e:47:57:7b:f8:be:eb:4c:c7:f8:d9:a1:f3:
31:33:45:9a:31:b7:bd:3b:cb:f3:c7:c5:97:7b:85:02:96:96:
74:0a:96:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjr87LQWNwSevQOa6OmcLaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzk4NTgxZTczNzA0ZWUzOGM5YmUxNWU3MjM3MGYxNzZj
NjAzMTEwHhcNMjMwNjI0MDU0OTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGRmYWE0NmE2YmFlNDk1MzVlOTJhNmZiMWY0YzVlODgwOWJlZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku2qFqwRJ53qKaerc8ErsxJf7j7M
EDgMWLTZg4e84sEoHRvl+92c44mRHAqb35UThYHhinAZP0yAPKRRufdMRaQDcIAn
CApDOUVfn7snQZAZGbpc0HdjDPBpGims74QtW1UpWUhFvM3Mm0hStQYUz8kSutVC
t3uPrdfDsJdsDAuB2u2GS5Zh7mq7SRdNXkd2V5hB75cpBzJntSHguth4B4xjXFCo
628uaD2Ne/WwRy7G9+qh9xoiv7G/Nmj91ZlqjXvkFVFau4xg5sq++yVgNVovppzA
zQVeEpAXiG9odZ123IIIfmlEC5FoUtGeKucQQP7nrKeznqfVlHBWLC4r4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3fqkamuuSVNekqb7H0xeiAm+2hMB8GA1UdIwQY
MBaAFN95hYHnNwTuOMm+FecjcPF2xgMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMt
YzRhNTJkY2VlMjNkLzEvSGQtcVJxYTY1SlUxNlNwdnNmVEY2SUNiN2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMtYzRhNTJkY2VlMjNk
LzEvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYBQMA0G
CSqGSIb3DQEBCwUAA4IBAQAUFG2rhFWN5T9hcG3WxbUwccv3h1w2tpF4SyXxrcmo
0uuyEQ2n+vDmivGi4yGJmZUCan7aBICFjFYnqG/pEa0uJdSOHEmFYLpD+1jpYC7B
qZ0XhYHhFwRb3/3QJB3LWCJg4zwB/EjuD0mAUKDl7uzCT0+pf/QYCkREXvUXkgPj
SstN3tyIfJjRBc+Qsa3sdyB2XgA2qIljnmGW7y0tx3ULk2hg4euT1oeXNmvd6AO+
Cf12vwFST3jYe531d01bcH2VDfNgAc1JvcviUz81vNzy22fPwKkDUXRSPRU8wx5H
V3v4vutMx/jZofMxM0WaMbe9O8vzx8WXe4UClpZ0CpbZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:53:01 2025 by rpki-client