Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/HHCE3_k42ANiRenbW8_HYWzMUCQ.roa
File: HHCE3_k42ANiRenbW8_HYWzMUCQ.roa (raw, json)
Hash identifier: +PRlcFsqioXeS3bFma85/Up104JVGK2pFTDzqwQatjg=
Subject key identifier: 1C:70:84:DF:F9:38:D8:03:62:45:E9:DB:5B:CF:C7:61:6C:CC:50:24
Certificate issuer: /CN=4a4b513f7e446e0cd6dcfe56829bbc9fe498d3e8
Certificate serial: 01942143E922487080A3FCE58A582838EB57
Authority key identifier: 4A:4B:51:3F:7E:44:6E:0C:D6:DC:FE:56:82:9B:BC:9F:E4:98:D3:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SktRP35EbgzW3P5Wgpu8n-SY0-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/HHCE3_k42ANiRenbW8_HYWzMUCQ.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41696
IP address blocks: 89.221.176.0/20 maxlen: 24
2a02:e28::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e9:22:48:70:80:a3:fc:e5:8a:58:28:38:eb:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4b513f7e446e0cd6dcfe56829bbc9fe498d3e8
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c7084dff938d8036245e9db5bcfc7616ccc5024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:af:7e:35:7f:a2:0e:a9:8a:45:ca:55:7f:
c2:27:b8:6d:c4:09:01:ba:19:2f:71:f9:ce:b5:5b:
af:65:79:44:6d:a0:5c:6d:eb:b3:1f:6c:f4:26:54:
70:fa:d4:8d:19:1a:22:5d:16:7d:31:b7:73:a1:69:
29:1c:c0:c5:b5:74:41:08:15:e2:bf:22:69:de:da:
27:99:d8:ef:67:e6:70:ec:b1:7a:42:7c:ac:43:70:
97:a1:f9:c8:5e:23:31:18:fb:2d:4c:d4:fe:7a:b5:
ea:60:eb:96:35:50:27:70:a5:76:46:c9:5b:69:9e:
88:73:64:8b:93:19:a2:3a:43:ce:22:ae:5d:da:e8:
e8:5a:ce:a3:1c:8b:b7:87:22:57:4d:9f:2c:47:35:
57:03:ac:ec:4b:5b:88:80:36:35:95:c9:74:78:5f:
20:db:a7:11:38:a8:55:f2:5f:6e:f3:ec:9c:d9:87:
72:a4:63:f1:da:99:a8:de:7d:62:8c:f0:07:17:e5:
8d:85:6e:3f:60:47:99:60:11:c2:a9:85:2c:dc:dc:
e1:5c:66:83:c3:7e:69:94:0b:f4:ba:e4:be:57:c7:
df:50:5f:9f:25:9f:5e:d2:c2:77:bf:86:95:0c:fc:
98:7c:7c:4c:62:45:41:dc:d6:ff:82:fb:60:9b:0e:
bc:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:70:84:DF:F9:38:D8:03:62:45:E9:DB:5B:CF:C7:61:6C:CC:50:24
X509v3 Authority Key Identifier:
keyid:4A:4B:51:3F:7E:44:6E:0C:D6:DC:FE:56:82:9B:BC:9F:E4:98:D3:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SktRP35EbgzW3P5Wgpu8n-SY0-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/HHCE3_k42ANiRenbW8_HYWzMUCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/SktRP35EbgzW3P5Wgpu8n-SY0-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.221.176.0/20
IPv6:
2a02:e28::/32
Signature Algorithm: sha256WithRSAEncryption
21:78:e3:9d:c6:76:5f:ab:17:5c:e6:8e:ba:df:12:a3:5d:cd:
cd:0b:74:f2:b0:b7:ac:ec:63:a9:17:52:a0:f9:57:fb:a8:b9:
b9:e9:58:8a:b0:00:c6:d9:b8:cf:84:ba:73:3e:e3:c9:e0:08:
1f:6b:c7:4c:3e:16:38:25:46:0c:76:83:71:e9:00:69:c7:9e:
82:af:16:63:67:35:9c:d6:49:61:e7:bb:df:0a:ff:53:48:e5:
f0:96:c5:00:00:d2:8f:c0:19:9f:55:cf:7b:f0:30:4a:1b:c8:
8d:43:84:f5:25:88:6d:6a:77:e6:bf:17:2d:ed:63:b1:82:6c:
e7:d8:92:25:27:4d:ea:62:ab:24:29:8d:9d:a6:4c:42:fe:cb:
7c:7e:7b:91:88:0c:0d:a0:49:5c:aa:35:cf:52:18:3a:ce:d7:
8e:89:fd:cd:0d:6f:e2:0a:fa:d0:8a:4c:87:3b:99:49:60:c1:
10:55:66:f4:7e:56:bd:b6:f1:49:36:16:44:2d:bd:07:0c:78:
fb:ef:ec:c7:0d:83:86:4a:36:b9:c7:ee:0e:78:04:4e:39:8a:
b1:e1:ed:e0:35:46:e5:85:7a:8f:5c:7f:21:27:ae:16:c7:54:
68:ae:ec:90:04:f1:db:60:90:13:9a:38:09:0f:4e:ae:57:a4:
7d:6c:d8:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ+kiSHCAo/zlilgoOOtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGI1MTNmN2U0NDZlMGNkNmRjZmU1NjgyOWJiYzlmZTQ5
OGQzZTgwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzcwODRkZmY5MzhkODAzNjI0NWU5ZGI1YmNmYzc2MTZjY2M1MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZivfjV/og6pikXKVX/CJ7htxAkB
uhkvcfnOtVuvZXlEbaBcbeuzH2z0JlRw+tSNGRoiXRZ9MbdzoWkpHMDFtXRBCBXi
vyJp3tonmdjvZ+Zw7LF6QnysQ3CXofnIXiMxGPstTNT+erXqYOuWNVAncKV2Rslb
aZ6Ic2SLkxmiOkPOIq5d2ujoWs6jHIu3hyJXTZ8sRzVXA6zsS1uIgDY1lcl0eF8g
26cROKhV8l9u8+yc2YdypGPx2pmo3n1ijPAHF+WNhW4/YEeZYBHCqYUs3NzhXGaD
w35plAv0uuS+V8ffUF+fJZ9e0sJ3v4aVDPyYfHxMYkVB3Nb/gvtgmw68NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBxwhN/5ONgDYkXp21vPx2FszFAkMB8GA1UdIwQY
MBaAFEpLUT9+RG4M1tz+VoKbvJ/kmNPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2t0UlAzNUViZ3pXM1A1V2dwdThuLVNZMC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mYTU1MTktMGUzNS00NGNmLTlkNGYt
MmFlYTc1YzJkZjc4LzEvSEhDRTNfazQyQU5pUmVuYlc4X0hZV3pNVUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mYTU1MTktMGUzNS00NGNmLTlkNGYtMmFlYTc1YzJkZjc4
LzEvU2t0UlAzNUViZ3pXM1A1V2dwdThuLVNZMC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEWd2wMA0E
AgACMAcDBQAqAg4oMA0GCSqGSIb3DQEBCwUAA4IBAQAheOOdxnZfqxdc5o663xKj
Xc3NC3TysLes7GOpF1Kg+Vf7qLm56ViKsADG2bjPhLpzPuPJ4Agfa8dMPhY4JUYM
doNx6QBpx56CrxZjZzWc1klh57vfCv9TSOXwlsUAANKPwBmfVc978DBKG8iNQ4T1
JYhtanfmvxct7WOxgmzn2JIlJ03qYqskKY2dpkxC/st8fnuRiAwNoElcqjXPUhg6
zteOif3NDW/iCvrQikyHO5lJYMEQVWb0fla9tvFJNhZELb0HDHj77+zHDYOGSja5
x+4OeAROOYqx4e3gNUblhXqPXH8hJ64Wx1RoruyQBPHbYJATmjgJD06uV6R9bNjQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:46 2025 by rpki-client