Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/HLKAHtcRataoRtvIn90OcnQUQrI.roa
File: HLKAHtcRataoRtvIn90OcnQUQrI.roa (raw, json)
Hash identifier: GRFCu9AJIETPh+igG5bWNuaqY+XxhAWNuYRXdMdyKQg=
Subject key identifier: 1C:B2:80:1E:D7:11:6A:D6:A8:46:DB:C8:9F:DD:0E:72:74:14:42:B2
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 01938858060F83EC6AE3D8494B1C6087EE9E
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/HLKAHtcRataoRtvIn90OcnQUQrI.roa
Signing time: Mon 02 Dec 2024 17:08:10 +0000
ROA not before: Mon 02 Dec 2024 17:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 91.193.254.0/24 maxlen: 24
91.193.255.0/24 maxlen: 24
93.89.208.0/24 maxlen: 24
93.89.209.0/24 maxlen: 24
93.89.210.0/24 maxlen: 24
93.89.212.0/24 maxlen: 24
93.89.213.0/24 maxlen: 24
93.89.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:88:58:06:0f:83:ec:6a:e3:d8:49:4b:1c:60:87:ee:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Dec 2 17:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cb2801ed7116ad6a846dbc89fdd0e72741442b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:27:3c:59:7b:e6:36:ea:3d:96:d4:eb:33:82:
b8:98:f1:d4:90:11:e9:d7:20:9e:57:7e:a5:65:34:
b9:13:51:74:be:70:e5:ad:e3:8a:5d:70:e4:4c:1c:
3f:76:05:50:b1:74:74:f9:20:97:4d:12:49:2a:12:
e7:ab:4f:fd:e5:44:0d:e7:f4:1e:b9:b0:98:80:12:
d0:53:2f:be:dc:69:ca:7b:6b:ec:d5:a1:76:c2:6d:
79:45:dd:f8:a9:68:23:70:2a:29:c2:85:84:72:40:
83:5f:c3:09:72:f2:e1:c9:bc:54:42:0b:a4:3e:65:
10:c0:68:03:71:bc:4f:39:10:ce:aa:2c:8d:e6:a3:
e2:75:a5:d1:9f:9c:20:d6:94:67:c6:ed:f1:3f:64:
69:f6:1f:02:c9:6b:98:c5:01:fb:73:ea:cf:8e:b8:
b1:93:08:78:65:8c:0b:cd:bd:41:a4:15:fe:d9:03:
e3:c1:f9:8a:ef:68:1c:06:a5:c2:ec:75:79:8b:81:
49:9a:cb:31:96:9f:23:6e:64:c0:62:8b:5c:b3:5f:
64:f4:f7:10:43:81:f6:99:80:71:82:ae:1d:78:c6:
d3:b4:ae:3d:77:6d:35:37:cb:d4:22:70:d2:67:43:
26:32:f5:da:8b:ee:9b:a5:09:01:ef:5e:9d:8a:e4:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B2:80:1E:D7:11:6A:D6:A8:46:DB:C8:9F:DD:0E:72:74:14:42:B2
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/HLKAHtcRataoRtvIn90OcnQUQrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.254.0/23
93.89.208.0-93.89.210.255
93.89.212.0-93.89.214.255
Signature Algorithm: sha256WithRSAEncryption
c6:b0:19:7f:96:d1:10:67:29:8e:e0:60:fe:bb:fe:b0:97:50:
ca:fb:10:f6:d6:d5:bf:d9:f4:02:75:58:0d:b7:dc:1f:ca:d0:
4e:49:fa:fc:7e:1c:b6:f2:56:3f:93:bb:6d:d1:35:42:c0:4c:
6b:7a:82:f4:71:9b:4f:4a:fa:c6:aa:c7:54:b8:64:8c:2f:f8:
fd:f6:00:29:00:d1:4c:60:9c:08:21:8b:cf:99:cb:d9:c3:1a:
ee:cd:96:58:50:15:57:58:9f:cc:9b:ae:d8:ec:2f:28:11:db:
08:9d:78:dd:cd:ab:36:db:d3:e5:83:13:e5:2e:e8:1b:e2:f8:
06:a7:88:88:50:93:32:54:be:ac:8f:d8:2f:86:8f:c8:ec:4b:
28:fa:b2:b9:ab:ba:cd:e8:4f:ea:5e:9b:98:3a:5d:61:76:31:
cd:2d:20:9c:49:6a:54:55:73:c3:46:fd:65:86:64:95:c9:1c:
57:2b:8a:19:33:6f:c6:e1:37:c1:8c:96:00:27:f0:47:df:bb:
b2:e9:05:9c:d0:78:ae:de:2d:9c:7f:de:c3:14:07:48:11:67:
e1:50:b8:0e:bb:7c:2d:d3:38:57:b5:e3:1d:b3:c4:fb:65:87:
97:74:74:72:39:e6:a8:9a:33:6b:00:78:cc:00:ee:15:40:b4:
da:0b:8a:c6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZOIWAYPg+xq49hJSxxgh+6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjQxMjAyMTcwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IyODAxZWQ3MTE2YWQ2YTg0NmRiYzg5ZmRkMGU3Mjc0MTQ0MmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cc8WXvmNuo9ltTrM4K4mPHUkBHp
1yCeV36lZTS5E1F0vnDlreOKXXDkTBw/dgVQsXR0+SCXTRJJKhLnq0/95UQN5/Qe
ubCYgBLQUy++3GnKe2vs1aF2wm15Rd34qWgjcCopwoWEckCDX8MJcvLhybxUQguk
PmUQwGgDcbxPORDOqiyN5qPidaXRn5wg1pRnxu3xP2Rp9h8CyWuYxQH7c+rPjrix
kwh4ZYwLzb1BpBX+2QPjwfmK72gcBqXC7HV5i4FJmssxlp8jbmTAYotcs19k9PcQ
Q4H2mYBxgq4deMbTtK49d201N8vUInDSZ0MmMvXai+6bpQkB716diuTGbQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFByygB7XEWrWqEbbyJ/dDnJ0FEKyMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvSExLQUh0Y1JhdGFvUnR2SW45ME9jblFVUXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBW8H+MAwD
BARdWdADBABdWdIwDAMEAl1Z1AMEAF1Z1jANBgkqhkiG9w0BAQsFAAOCAQEAxrAZ
f5bREGcpjuBg/rv+sJdQyvsQ9tbVv9n0AnVYDbfcH8rQTkn6/H4ctvJWP5O7bdE1
QsBMa3qC9HGbT0r6xqrHVLhkjC/4/fYAKQDRTGCcCCGLz5nL2cMa7s2WWFAVV1if
zJuu2OwvKBHbCJ143c2rNtvT5YMT5S7oG+L4BqeIiFCTMlS+rI/YL4aPyOxLKPqy
uau6zehP6l6bmDpdYXYxzS0gnElqVFVzw0b9ZYZklckcVyuKGTNvxuE3wYyWACfw
R9+7sukFnNB4rt4tnH/ewxQHSBFn4VC4Drt8LdM4V7XjHbPE+2WHl3R0cjnmqJoz
awB4zADuFUC02guKxg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:35:08 2025 by rpki-client