Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/55ebd7-5fb8-4011-bce6-bd1102bb8c1b/1/HhR8blB8h7E52uTZgbwUD9FPT84.roa
File: HhR8blB8h7E52uTZgbwUD9FPT84.roa (raw, json)
Hash identifier: pqVhte1QOEmjmOCNE3AhuV6F+cu7uFL8/CS5XqD5ksM=
Subject key identifier: 1E:14:7C:6E:50:7C:87:B1:39:DA:E4:D9:81:BC:14:0F:D1:4F:4F:CE
Certificate issuer: /CN=23404052b8ca972bbb2ff6a813ca41e8a9559eca
Certificate serial: 01856F8B8DB29181C412E469C1AEE0FABB9C
Authority key identifier: 23:40:40:52:B8:CA:97:2B:BB:2F:F6:A8:13:CA:41:E8:A9:55:9E:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0BAUrjKlyu7L_aoE8pB6KlVnso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/55ebd7-5fb8-4011-bce6-bd1102bb8c1b/1/HhR8blB8h7E52uTZgbwUD9FPT84.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44865
IP address blocks: 194.116.242.0/23 maxlen: 23
2001:67c:2b50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8d:b2:91:81:c4:12:e4:69:c1:ae:e0:fa:bb:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23404052b8ca972bbb2ff6a813ca41e8a9559eca
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e147c6e507c87b139dae4d981bc140fd14f4fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e5:d5:8c:bb:c5:c3:90:84:ab:72:31:41:94:
e9:ac:97:b9:54:fc:65:5d:68:2b:1b:75:e6:10:73:
0c:51:eb:ef:33:e3:cb:34:4a:45:3d:e3:a8:61:5e:
90:e2:da:e0:2b:81:14:5b:be:e2:09:92:48:a2:bf:
2c:f5:77:de:8e:d2:43:3a:ea:9a:d6:12:8d:88:5b:
8d:98:7a:0a:4d:29:7b:75:af:0b:15:3d:5f:c9:0e:
fe:75:e7:f9:24:ca:f3:d0:6a:c0:bc:cb:9a:86:fa:
48:57:7b:a5:f8:91:f6:ed:94:2b:4d:0c:27:7a:a2:
a5:31:63:90:7a:e9:c5:bb:9f:8e:4e:a6:c5:04:9c:
c8:64:e2:34:ac:9f:4c:11:0d:bc:0e:3b:c8:89:ad:
a0:cd:f9:7c:a9:57:e7:e6:1f:fb:a7:58:85:8f:ec:
ce:db:f8:e7:80:eb:51:30:33:65:7d:87:db:b7:17:
b1:2e:19:fe:54:05:81:19:5b:2b:a0:0a:b8:d0:c0:
07:7c:50:af:5f:2e:06:4d:df:16:0b:be:ae:dd:b9:
64:ff:df:c3:9e:ec:ea:02:cd:5d:81:9e:b8:4b:5f:
d7:7c:53:de:2f:64:bb:cf:85:a1:4b:85:03:4e:ad:
f6:b2:af:26:67:d3:cc:9c:49:de:70:83:a3:4a:ba:
9e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:14:7C:6E:50:7C:87:B1:39:DA:E4:D9:81:BC:14:0F:D1:4F:4F:CE
X509v3 Authority Key Identifier:
keyid:23:40:40:52:B8:CA:97:2B:BB:2F:F6:A8:13:CA:41:E8:A9:55:9E:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0BAUrjKlyu7L_aoE8pB6KlVnso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55ebd7-5fb8-4011-bce6-bd1102bb8c1b/1/HhR8blB8h7E52uTZgbwUD9FPT84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/55ebd7-5fb8-4011-bce6-bd1102bb8c1b/1/I0BAUrjKlyu7L_aoE8pB6KlVnso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.242.0/23
IPv6:
2001:67c:2b50::/48
Signature Algorithm: sha256WithRSAEncryption
18:92:b2:17:b2:7b:27:bf:cd:71:f4:72:80:e8:5c:36:34:5b:
c2:d9:6b:47:f0:27:1a:19:49:19:bf:cf:87:68:0b:94:77:74:
13:9d:ee:a9:8f:07:b3:18:40:91:c4:92:0a:2e:0d:a9:17:5a:
11:09:2e:47:56:40:d0:67:ab:e4:b3:15:ee:ae:91:f0:70:ae:
2c:8e:10:7e:25:fa:46:cf:a3:6b:c4:de:01:5f:a2:cb:11:07:
ab:a4:85:64:d4:79:d7:04:1d:54:62:6c:b9:87:d9:79:35:53:
48:e3:e7:1f:0f:be:02:3c:41:95:f5:f2:dd:00:41:2f:0e:b3:
83:90:2a:63:35:04:d5:d9:4f:ec:14:25:0a:7a:65:fa:56:f5:
74:35:2f:0d:a3:1b:ce:c9:b0:3c:da:88:f5:03:16:0d:f5:98:
80:fa:6d:6b:fa:3d:5e:d5:fb:9e:bb:15:85:b7:97:65:94:4b:
e7:f6:7d:31:66:38:df:83:0e:ea:00:f8:e8:68:6a:5c:10:83:
37:a0:32:0f:ab:43:a3:0f:ee:7b:44:dd:d7:82:5b:52:53:43:
d9:96:fa:59:92:02:43:a6:7f:e1:e3:46:9e:5a:f2:59:69:e5:
64:80:66:90:a7:9b:a1:35:4e:cd:f9:7e:9f:20:d5:81:12:e2:
d3:90:e2:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvi42ykYHEEuRpwa7g+rucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDA0MDUyYjhjYTk3MmJiYjJmZjZhODEzY2E0MWU4YTk1
NTllY2EwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE0N2M2ZTUwN2M4N2IxMzlkYWU0ZDk4MWJjMTQwZmQxNGY0ZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uXVjLvFw5CEq3IxQZTprJe5VPxl
XWgrG3XmEHMMUevvM+PLNEpFPeOoYV6Q4trgK4EUW77iCZJIor8s9XfejtJDOuqa
1hKNiFuNmHoKTSl7da8LFT1fyQ7+def5JMrz0GrAvMuahvpIV3ul+JH27ZQrTQwn
eqKlMWOQeunFu5+OTqbFBJzIZOI0rJ9MEQ28DjvIia2gzfl8qVfn5h/7p1iFj+zO
2/jngOtRMDNlfYfbtxexLhn+VAWBGVsroAq40MAHfFCvXy4GTd8WC76u3blk/9/D
nuzqAs1dgZ64S1/XfFPeL2S7z4WhS4UDTq32sq8mZ9PMnEnecIOjSrqe2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB4UfG5QfIexOdrk2YG8FA/RT0/OMB8GA1UdIwQY
MBaAFCNAQFK4ypcruy/2qBPKQeipVZ7KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBCQVVyaktseXU3TF9hb0U4cEI2S2xWbnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NWViZDctNWZiOC00MDExLWJjZTYt
YmQxMTAyYmI4YzFiLzEvSGhSOGJsQjhoN0U1MnVUWmdid1VEOUZQVDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81NWViZDctNWZiOC00MDExLWJjZTYtYmQxMTAyYmI4YzFi
LzEvSTBCQVVyaktseXU3TF9hb0U4cEI2S2xWbnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwnTyMA8E
AgACMAkDBwAgAQZ8K1AwDQYJKoZIhvcNAQELBQADggEBABiSsheyeye/zXH0coDo
XDY0W8LZa0fwJxoZSRm/z4doC5R3dBOd7qmPB7MYQJHEkgouDakXWhEJLkdWQNBn
q+SzFe6ukfBwriyOEH4l+kbPo2vE3gFfossRB6ukhWTUedcEHVRibLmH2Xk1U0jj
5x8PvgI8QZX18t0AQS8Os4OQKmM1BNXZT+wUJQp6ZfpW9XQ1Lw2jG87JsDzaiPUD
Fg31mID6bWv6PV7V+567FYW3l2WUS+f2fTFmON+DDuoA+OhoalwQgzegMg+rQ6MP
7ntE3deCW1JTQ9mW+lmSAkOmf+HjRp5a8llp5WSAZpCnm6E1Ts35fp8g1YES4tOQ
4tU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:55 2025 by rpki-client