Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/pa_HGgeZ_Mh9uX3y_eruPJpADdI.roa
File: pa_HGgeZ_Mh9uX3y_eruPJpADdI.roa (raw, json)
Hash identifier: RYpa3ih8D8YlXcbKzboArCFjCYkYil8ig8l/cZAxAlU=
Subject key identifier: A5:AF:C7:1A:07:99:FC:C8:7D:B9:7D:F2:FD:EA:EE:3C:9A:40:0D:D2
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194222002BF189477C232F6B44E0C2B3A29
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/pa_HGgeZ_Mh9uX3y_eruPJpADdI.roa
Signing time: Wed 01 Jan 2025 13:48:30 +0000
ROA not before: Wed 01 Jan 2025 13:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201186
IP address blocks: 185.113.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:02:bf:18:94:77:c2:32:f6:b4:4e:0c:2b:3a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5afc71a0799fcc87db97df2fdeaee3c9a400dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:0e:68:a5:ae:e3:04:46:8d:ce:5d:dd:a2:
be:7f:66:b6:ca:4a:65:ac:08:27:7c:fd:17:52:cd:
cf:6e:9c:58:e1:e4:83:43:a4:64:de:50:28:e0:84:
6a:45:3d:8a:be:88:ec:f1:cd:f7:47:3a:00:7c:10:
6d:9f:ae:ea:36:13:20:9b:66:e1:41:51:fb:55:5d:
12:fa:22:9d:d5:7f:f0:1b:6b:bd:26:f3:fd:c5:71:
18:f1:4b:c3:cb:86:40:2d:92:41:f3:d0:5a:71:91:
40:76:43:5b:40:12:6c:b2:1d:12:bb:d4:d7:bc:04:
6a:fe:dc:dd:e3:8f:01:0c:9c:b4:02:47:65:56:5d:
ff:96:5a:c0:14:f9:83:ee:18:13:1f:11:e9:3e:71:
b0:a1:bf:d4:40:b9:8b:3f:be:ae:91:d9:df:70:5d:
51:a9:54:98:0e:3d:57:a7:4a:b1:be:24:d4:a8:56:
ea:89:8b:ba:b5:6e:cb:be:9f:68:2f:bd:21:30:6a:
33:aa:86:80:fd:17:a9:f5:3d:fe:24:03:65:0f:33:
c8:c1:b6:49:a5:ef:6a:96:9b:dc:cf:4d:84:13:2e:
32:37:29:b7:8d:b1:2c:1f:df:de:9e:4d:d2:7c:a1:
a3:9f:fd:af:cd:5d:61:d8:19:c4:1f:6c:72:90:8a:
24:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AF:C7:1A:07:99:FC:C8:7D:B9:7D:F2:FD:EA:EE:3C:9A:40:0D:D2
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/pa_HGgeZ_Mh9uX3y_eruPJpADdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.138.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a9:1a:5b:e4:13:6f:07:ed:e1:a2:81:d2:bf:ad:ce:de:eb:
d7:60:c4:5f:25:a0:a7:12:41:d0:fa:cf:76:b7:a0:62:55:0c:
d5:79:31:55:51:a5:95:d9:af:a1:ec:54:a1:e7:50:3a:3e:c8:
b4:14:4c:1d:b1:e7:3f:13:5d:9e:7a:ef:f7:8a:ed:be:2c:df:
56:b3:6e:0a:f8:6c:50:a9:79:e1:53:d5:c6:cc:52:be:81:7e:
b6:92:8b:0d:80:15:b5:90:46:83:8d:76:3a:72:03:6f:7f:7c:
5c:b6:53:34:de:5f:f5:78:d0:81:68:71:3b:3d:9f:00:31:19:
a2:02:ff:80:b8:0e:b7:99:a9:1f:ff:c4:d5:d1:40:f6:77:55:
4f:dd:5d:f1:35:d0:ff:e6:bb:8d:55:5c:08:fc:1b:61:13:91:
29:c5:d9:01:22:68:49:45:3c:9a:a8:cd:cd:bb:4f:07:9e:99:
9a:74:9f:62:b8:f9:ec:b9:a5:89:f3:a3:4e:9b:c6:5d:2b:2f:
f6:63:3a:a2:7e:f5:e3:11:7b:1f:bd:d8:35:6b:f6:86:6e:ca:
97:9e:f6:a8:4c:06:89:cd:e2:2d:8a:58:8c:8a:ac:00:4b:17:
18:78:e1:69:d6:0a:77:48:e4:09:9c:9a:a6:91:cd:49:1d:54:
2e:51:1b:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIAK/GJR3wjL2tE4MKzopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWFmYzcxYTA3OTlmY2M4N2RiOTdkZjJmZGVhZWUzYzlhNDAwZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6QOaKWu4wRGjc5d3aK+f2a2ykpl
rAgnfP0XUs3PbpxY4eSDQ6Rk3lAo4IRqRT2Kvojs8c33RzoAfBBtn67qNhMgm2bh
QVH7VV0S+iKd1X/wG2u9JvP9xXEY8UvDy4ZALZJB89BacZFAdkNbQBJssh0Su9TX
vARq/tzd448BDJy0AkdlVl3/llrAFPmD7hgTHxHpPnGwob/UQLmLP76ukdnfcF1R
qVSYDj1Xp0qxviTUqFbqiYu6tW7Lvp9oL70hMGozqoaA/Rep9T3+JANlDzPIwbZJ
pe9qlpvcz02EEy4yNym3jbEsH9/enk3SfKGjn/2vzV1h2BnEH2xykIokTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWvxxoHmfzIfbl98v3q7jyaQA3SMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvcGFfSEdnZVpfTWg5dVgzeV9lcnVQSnBBRGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXGKMA0G
CSqGSIb3DQEBCwUAA4IBAQA8qRpb5BNvB+3hooHSv63O3uvXYMRfJaCnEkHQ+s92
t6BiVQzVeTFVUaWV2a+h7FSh51A6Psi0FEwdsec/E12eeu/3iu2+LN9Ws24K+GxQ
qXnhU9XGzFK+gX62kosNgBW1kEaDjXY6cgNvf3xctlM03l/1eNCBaHE7PZ8AMRmi
Av+AuA63makf/8TV0UD2d1VP3V3xNdD/5ruNVVwI/BthE5EpxdkBImhJRTyaqM3N
u08HnpmadJ9iuPnsuaWJ86NOm8ZdKy/2YzqifvXjEXsfvdg1a/aGbsqXnvaoTAaJ
zeItiliMiqwASxcYeOFp1gp3SOQJnJqmkc1JHVQuURtB
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:54:25 2025 by rpki-client