Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/HBAja1RFL_eI84rWWxEUKUqN0P4.roa
File: HBAja1RFL_eI84rWWxEUKUqN0P4.roa (raw, json)
Hash identifier: CXGTecE1Ez/ky5iu8iK+Vol3o28lFYZC/5rdNhpvmaI=
Subject key identifier: 1C:10:23:6B:54:45:2F:F7:88:F3:8A:D6:5B:11:14:29:4A:8D:D0:FE
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 018CC3B742073C3DB037B31757C5711D6440
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/HBAja1RFL_eI84rWWxEUKUqN0P4.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.53.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:42:07:3c:3d:b0:37:b3:17:57:c5:71:1d:64:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c10236b54452ff788f38ad65b1114294a8dd0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:2d:b8:32:4c:df:90:c3:76:cb:58:59:90:
a9:79:f8:e3:94:2e:83:4f:63:94:2a:66:57:b4:76:
81:51:89:6a:6c:18:c4:4f:38:70:0d:16:9b:6e:ee:
07:6a:83:a9:c7:a0:1d:1a:76:1f:c8:bb:2f:44:0c:
c9:21:a9:a9:bf:b1:a7:9c:75:9f:c8:4e:24:06:39:
a1:3c:5a:dd:ea:e9:7b:c8:f6:74:b0:96:4e:6c:79:
e7:d4:be:25:bf:15:a0:64:05:7f:f4:d7:ec:9f:40:
f0:90:fe:6d:6a:67:b4:de:82:86:fe:20:46:d7:23:
a9:14:e0:5f:b2:21:9a:0e:72:e0:4c:9f:6a:7e:c3:
af:fd:7e:4d:56:f1:2d:e6:cb:34:49:f5:4b:47:7b:
ec:66:64:f4:15:a5:15:8e:22:d6:5f:3e:f4:30:67:
b5:df:35:3b:25:23:86:a3:a2:47:05:e2:34:c4:29:
5c:35:58:3f:6d:59:ae:a4:b0:9a:0d:44:24:b8:11:
0d:08:f5:42:b6:3d:96:36:db:4f:35:a4:db:9a:78:
a7:ff:bb:29:13:56:43:a6:f1:5e:18:a7:d1:e8:2f:
a5:d5:ec:9d:df:af:cc:62:a8:89:eb:d7:d1:f5:49:
76:dc:78:96:73:f2:d5:82:95:f8:bf:5d:e8:f1:6e:
3c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:10:23:6B:54:45:2F:F7:88:F3:8A:D6:5B:11:14:29:4A:8D:D0:FE
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/HBAja1RFL_eI84rWWxEUKUqN0P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.81.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b4:38:51:24:3a:74:47:cd:7b:58:73:b0:47:ed:56:de:64:
3e:5e:db:64:8e:0b:18:dd:ce:e5:de:87:41:a6:d7:29:e0:d4:
f1:a4:39:e0:95:c6:7e:e4:e4:1d:41:41:0b:4c:f6:66:f6:52:
5c:fa:bf:39:a8:d2:62:d0:ad:eb:a3:13:7b:81:60:b6:55:55:
c4:33:f5:12:d2:ca:51:70:53:91:91:aa:07:d8:4d:c0:27:61:
ce:64:8b:e5:18:29:96:f7:96:3f:85:9c:98:f9:89:d1:b9:48:
ca:e7:ce:ce:33:75:8e:50:20:64:a9:1a:3e:40:61:36:dd:cd:
bd:86:38:db:65:9a:50:75:04:48:5b:65:b7:9c:f6:c5:77:88:
67:6a:bc:eb:de:07:30:cd:50:b5:e2:ed:1f:44:1d:83:71:c1:
5f:5c:ab:01:3d:2a:4b:7d:d9:e1:65:8a:3d:1e:c8:fc:41:33:
b6:07:b4:db:c7:0a:0d:d7:79:27:17:bc:ed:dd:58:2f:ca:6f:
7c:3e:6c:18:d6:75:4c:09:0c:96:24:3b:bf:9f:87:ee:88:78:
3c:86:8e:6b:e9:7e:c6:d1:af:4d:16:d4:9a:7e:5c:d0:81:71:
39:b6:cc:80:84:e2:a2:00:ba:f1:e0:fb:f4:03:24:73:3e:e7:
21:25:22:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDt0IHPD2wN7MXV8VxHWRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzEwMjM2YjU0NDUyZmY3ODhmMzhhZDY1YjExMTQyOTRhOGRkMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptItuDJM35DDdstYWZCpefjjlC6D
T2OUKmZXtHaBUYlqbBjETzhwDRabbu4HaoOpx6AdGnYfyLsvRAzJIampv7GnnHWf
yE4kBjmhPFrd6ul7yPZ0sJZObHnn1L4lvxWgZAV/9Nfsn0DwkP5tame03oKG/iBG
1yOpFOBfsiGaDnLgTJ9qfsOv/X5NVvEt5ss0SfVLR3vsZmT0FaUVjiLWXz70MGe1
3zU7JSOGo6JHBeI0xClcNVg/bVmupLCaDUQkuBENCPVCtj2WNttPNaTbmnin/7sp
E1ZDpvFeGKfR6C+l1eyd36/MYqiJ69fR9Ul23HiWc/LVgpX4v13o8W48vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwQI2tURS/3iPOK1lsRFClKjdD+MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvSEJBamExUkZMX2VJODRyV1d4RVVLVXFOMFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTVRMA0G
CSqGSIb3DQEBCwUAA4IBAQA7tDhRJDp0R817WHOwR+1W3mQ+XttkjgsY3c7l3odB
ptcp4NTxpDnglcZ+5OQdQUELTPZm9lJc+r85qNJi0K3roxN7gWC2VVXEM/US0spR
cFORkaoH2E3AJ2HOZIvlGCmW95Y/hZyY+YnRuUjK587OM3WOUCBkqRo+QGE23c29
hjjbZZpQdQRIW2W3nPbFd4hnarzr3gcwzVC14u0fRB2DccFfXKsBPSpLfdnhZYo9
Hsj8QTO2B7TbxwoN13knF7zt3Vgvym98PmwY1nVMCQyWJDu/n4fuiHg8ho5r6X7G
0a9NFtSaflzQgXE5tsyAhOKiALrx4Pv0AyRzPuchJSIG
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:27 2025 by rpki-client