Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/hGKqUtKbDz2mnEhyEN9N4GcW4OM.roa
File: hGKqUtKbDz2mnEhyEN9N4GcW4OM.roa (raw, json)
Hash identifier: lG8PjnHSxMdA6gcp70qCAr2W7ybUJDxcf7sunrvM1ew=
Subject key identifier: 84:62:AA:52:D2:9B:0F:3D:A6:9C:48:72:10:DF:4D:E0:67:16:E0:E3
Certificate issuer: /CN=85a96f0d3abe6a9c14e792a71156d3c6efcfd4cd
Certificate serial: 01856F9493C2A2677EF4B151C074F5FBC82E
Authority key identifier: 85:A9:6F:0D:3A:BE:6A:9C:14:E7:92:A7:11:56:D3:C6:EF:CF:D4:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/halvDTq-apwU55KnEVbTxu_P1M0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/hGKqUtKbDz2mnEhyEN9N4GcW4OM.roa
Signing time: Sun 01 Jan 2023 23:04:46 +0000
ROA not before: Sun 01 Jan 2023 23:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203061
IP address blocks: 195.225.81.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:93:c2:a2:67:7e:f4:b1:51:c0:74:f5:fb:c8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85a96f0d3abe6a9c14e792a71156d3c6efcfd4cd
Validity
Not Before: Jan 1 23:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8462aa52d29b0f3da69c487210df4de06716e0e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0f:0e:8b:e6:69:ac:00:78:db:e1:ee:8f:fc:
58:78:e7:85:f2:2b:d9:96:0c:b5:7f:8d:ef:b5:c8:
35:b8:20:a0:15:4c:2a:c6:3c:fc:9a:e6:d0:d0:83:
37:c0:6a:ac:f6:60:e8:c5:1f:84:f4:af:9b:be:e7:
74:52:98:2b:0a:cc:de:23:95:02:cd:4a:2a:52:ee:
89:ad:f9:71:37:63:e9:3e:2c:dd:1f:dc:a2:2a:ae:
55:bb:d9:30:8d:8a:e5:23:74:94:2e:40:c4:6d:9c:
99:fd:f9:b5:f4:f0:df:cc:49:78:f6:c8:d7:49:18:
6f:0a:87:6f:6d:01:48:94:0a:81:6c:07:45:73:30:
5f:d9:e1:29:6a:4a:45:fb:c3:4e:58:82:70:0c:9e:
63:dc:dc:43:7b:2c:0c:7d:22:d3:6d:1f:4d:d9:8e:
aa:a2:dd:c7:f2:48:bd:1c:80:9d:95:af:40:26:e8:
57:7c:98:44:0d:5a:0b:98:f8:06:69:9e:6a:2c:37:
f9:9e:c2:29:df:0e:fa:21:53:36:49:06:fc:94:c9:
8d:38:48:53:6b:39:dd:f9:35:6d:b8:b2:95:00:92:
93:9e:39:08:bc:11:53:a4:e9:11:0d:98:d3:f3:cd:
9b:f8:6c:bc:ac:0c:b3:6b:ff:4c:1b:eb:fb:a6:1e:
fd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:62:AA:52:D2:9B:0F:3D:A6:9C:48:72:10:DF:4D:E0:67:16:E0:E3
X509v3 Authority Key Identifier:
keyid:85:A9:6F:0D:3A:BE:6A:9C:14:E7:92:A7:11:56:D3:C6:EF:CF:D4:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/halvDTq-apwU55KnEVbTxu_P1M0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/hGKqUtKbDz2mnEhyEN9N4GcW4OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/1e5d67-f626-4925-98f3-20dc7e0572f4/1/halvDTq-apwU55KnEVbTxu_P1M0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:35:d5:a0:79:ce:d8:6e:94:84:1b:b2:c7:98:fc:93:10:42:
37:10:dd:0a:fa:81:0e:d8:16:a2:8b:1a:eb:35:2e:8b:0c:a5:
33:47:93:d9:73:9c:2e:d0:31:37:cd:a9:4e:49:18:94:c8:0c:
d8:da:d0:66:b5:e9:84:af:9d:bb:c6:ad:9b:62:37:e5:51:47:
25:a2:88:2a:96:d0:28:5f:21:44:9d:5b:3f:5b:43:15:e5:11:
01:60:5b:bd:55:b5:1a:e2:ad:22:8c:53:cb:0b:fe:93:23:71:
f5:73:84:37:62:2a:22:a7:45:fc:72:ca:b9:cd:03:89:c6:c7:
e0:0a:14:90:3c:7f:17:e4:5a:2b:a3:55:1e:93:b7:77:30:43:
97:19:e0:35:59:18:e0:4f:74:40:0b:b2:df:ef:a0:f9:77:94:
15:8e:af:ff:f9:72:3c:1a:3d:f5:ae:7f:9f:92:fd:a5:81:a7:
b3:ff:d2:7f:c7:63:cf:58:0c:a1:b6:a4:a8:30:61:78:f6:46:
e0:9a:8e:be:33:0d:11:04:16:35:04:a4:b1:04:17:43:39:30:
4f:b6:76:5b:16:24:48:75:70:a6:78:b9:ea:74:35:4b:d1:33:
c2:9f:b4:a7:00:2f:d1:f5:c4:67:1b:20:5d:7e:07:d5:f7:2f:
80:e1:ad:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJPComd+9LFRwHT1+8guMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YTk2ZjBkM2FiZTZhOWMxNGU3OTJhNzExNTZkM2M2ZWZj
ZmQ0Y2QwHhcNMjMwMTAxMjMwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDYyYWE1MmQyOWIwZjNkYTY5YzQ4NzIxMGRmNGRlMDY3MTZlMGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA8Oi+ZprAB42+Huj/xYeOeF8ivZ
lgy1f43vtcg1uCCgFUwqxjz8mubQ0IM3wGqs9mDoxR+E9K+bvud0UpgrCszeI5UC
zUoqUu6JrflxN2PpPizdH9yiKq5Vu9kwjYrlI3SULkDEbZyZ/fm19PDfzEl49sjX
SRhvCodvbQFIlAqBbAdFczBf2eEpakpF+8NOWIJwDJ5j3NxDeywMfSLTbR9N2Y6q
ot3H8ki9HICdla9AJuhXfJhEDVoLmPgGaZ5qLDf5nsIp3w76IVM2SQb8lMmNOEhT
aznd+TVtuLKVAJKTnjkIvBFTpOkRDZjT882b+Gy8rAyza/9MG+v7ph79twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRiqlLSmw89ppxIchDfTeBnFuDjMB8GA1UdIwQY
MBaAFIWpbw06vmqcFOeSpxFW08bvz9TNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFsdkRUcS1hcHdVNTVLbkVWYlR4dV9QMU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8xZTVkNjctZjYyNi00OTI1LTk4ZjMt
MjBkYzdlMDU3MmY0LzEvaEdLcVV0S2JEejJtbkVoeUVOOU40R2NXNE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8xZTVkNjctZjYyNi00OTI1LTk4ZjMtMjBkYzdlMDU3MmY0
LzEvaGFsdkRUcS1hcHdVNTVLbkVWYlR4dV9QMU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+FRMA0G
CSqGSIb3DQEBCwUAA4IBAQAeNdWgec7YbpSEG7LHmPyTEEI3EN0K+oEO2Baiixrr
NS6LDKUzR5PZc5wu0DE3zalOSRiUyAzY2tBmtemEr527xq2bYjflUUcloogqltAo
XyFEnVs/W0MV5REBYFu9VbUa4q0ijFPLC/6TI3H1c4Q3Yioip0X8csq5zQOJxsfg
ChSQPH8X5Foro1Uek7d3MEOXGeA1WRjgT3RAC7Lf76D5d5QVjq//+XI8Gj31rn+f
kv2lgaez/9J/x2PPWAyhtqSoMGF49kbgmo6+Mw0RBBY1BKSxBBdDOTBPtnZbFiRI
dXCmeLnqdDVL0TPCn7SnAC/R9cRnGyBdfgfV9y+A4a2R
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:34 2025 by rpki-client