Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/HJf34rDfTUPIcPv-xQaRTGMIQAU.roa
File: HJf34rDfTUPIcPv-xQaRTGMIQAU.roa (raw, json)
Hash identifier: xEI3eXaqU5BE25qwCMBQhlmLI6zoK7B8LGcYOpoY7PQ=
Subject key identifier: 1C:97:F7:E2:B0:DF:4D:43:C8:70:FB:FE:C5:06:91:4C:63:08:40:05
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018CC56EC5BA44CA7CB9933A405DF1DA3907
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/HJf34rDfTUPIcPv-xQaRTGMIQAU.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 88.135.96.0/20 maxlen: 24
94.26.110.0/23 maxlen: 24
94.26.64.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c5:ba:44:ca:7c:b9:93:3a:40:5d:f1:da:39:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c97f7e2b0df4d43c870fbfec506914c63084005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:66:b6:71:e2:40:47:68:22:f3:55:4a:97:66:
ed:64:a3:67:78:d8:c9:4e:c1:f4:c9:55:d2:87:a0:
78:f0:eb:10:a8:db:df:85:b5:5a:76:bd:da:32:6e:
c3:65:d6:f2:7d:38:92:96:b6:d7:f7:64:29:a7:72:
8e:cf:b2:e6:1d:b6:d2:bf:82:16:be:16:d5:1e:c8:
5a:ee:ac:6b:08:a6:5f:36:63:43:8e:05:fb:78:71:
8d:67:8f:7b:a6:3e:dc:26:d8:06:4c:4e:ac:ff:c1:
c3:2b:ae:cd:20:04:58:4d:01:c4:8d:cc:e7:6c:0c:
eb:3f:96:87:af:bd:80:6c:71:f2:74:a6:10:2f:a0:
14:a2:f5:ea:ef:ce:e0:1a:8e:3c:09:60:9b:49:b4:
bc:86:08:7c:7e:84:e1:7c:c3:4e:f6:78:9c:65:b4:
9c:8f:7d:e3:7d:5f:6b:50:97:6b:a2:bd:e7:32:ea:
18:9f:bb:7d:92:91:7d:3d:da:a0:a5:eb:ba:51:89:
aa:09:a9:5a:2c:9c:bc:3a:43:7f:fd:9a:a4:7b:75:
b8:fd:a3:29:6c:b2:e4:91:ff:ea:93:68:1d:d9:f7:
30:be:d2:b8:97:dc:6d:1b:88:bd:00:09:80:ea:45:
72:0e:f6:fa:63:14:10:b7:d8:4f:ae:86:30:0f:61:
a2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:97:F7:E2:B0:DF:4D:43:C8:70:FB:FE:C5:06:91:4C:63:08:40:05
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/HJf34rDfTUPIcPv-xQaRTGMIQAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.96.0/20
94.26.64.0/23
94.26.110.0/23
Signature Algorithm: sha256WithRSAEncryption
21:a6:65:36:cb:4d:97:26:ce:cd:85:31:d3:e8:7f:43:ec:1b:
ac:6f:6e:f9:43:38:9f:fb:c9:67:bc:bc:f8:05:7b:b9:93:cb:
21:37:86:52:a6:63:ac:63:8c:cd:0c:a9:c7:ff:fc:bb:2a:cc:
08:56:f7:74:1d:2e:69:7e:59:56:02:fc:0c:b9:65:63:74:21:
ff:7b:55:47:12:ca:48:d4:ca:6c:be:17:63:ef:ae:08:97:4f:
14:a3:54:03:11:aa:bb:e2:ed:0c:f7:b3:06:d5:27:d4:d8:3f:
b5:f0:42:e1:f0:aa:d5:1e:ac:83:5b:a9:27:9a:b4:80:9b:14:
ac:b0:f6:8f:bc:48:ea:4b:78:63:59:df:e7:c7:2f:10:09:c6:
b5:bf:3a:07:8f:09:dc:70:89:ad:88:92:12:87:1b:ea:22:03:
39:b0:38:30:22:46:f5:f6:2c:7b:10:5f:47:2e:1d:71:ec:2f:
16:10:01:52:d9:77:79:da:00:64:a7:46:65:f1:c4:04:dc:ad:
7c:c7:5c:36:4a:30:25:46:b2:24:f2:77:49:62:eb:3c:4c:84:
d1:04:a0:20:6a:4d:89:51:7a:fc:2f:b6:07:c3:cb:19:0f:0b:
95:05:30:64:ed:8b:b0:c8:54:08:50:91:fb:da:b8:f3:a9:c9:
62:89:a1:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbsW6RMp8uZM6QF3x2jkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk3ZjdlMmIwZGY0ZDQzYzg3MGZiZmVjNTA2OTE0YzYzMDg0MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWa2ceJAR2gi81VKl2btZKNneNjJ
TsH0yVXSh6B48OsQqNvfhbVadr3aMm7DZdbyfTiSlrbX92Qpp3KOz7LmHbbSv4IW
vhbVHsha7qxrCKZfNmNDjgX7eHGNZ497pj7cJtgGTE6s/8HDK67NIARYTQHEjczn
bAzrP5aHr72AbHHydKYQL6AUovXq787gGo48CWCbSbS8hgh8foThfMNO9nicZbSc
j33jfV9rUJdror3nMuoYn7t9kpF9Pdqgpeu6UYmqCalaLJy8OkN//Zqke3W4/aMp
bLLkkf/qk2gd2fcwvtK4l9xtG4i9AAmA6kVyDvb6YxQQt9hProYwD2GisQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFByX9+Kw301DyHD7/sUGkUxjCEAFMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvSEpmMzRyRGZUVVBJY1B2LXhRYVJUR01JUUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWIdgAwQB
XhpAAwQBXhpuMA0GCSqGSIb3DQEBCwUAA4IBAQAhpmU2y02XJs7NhTHT6H9D7Bus
b275Qzif+8lnvLz4BXu5k8shN4ZSpmOsY4zNDKnH//y7KswIVvd0HS5pfllWAvwM
uWVjdCH/e1VHEspI1Mpsvhdj764Il08Uo1QDEaq74u0M97MG1SfU2D+18ELh8KrV
HqyDW6knmrSAmxSssPaPvEjqS3hjWd/nxy8QCca1vzoHjwnccImtiJIShxvqIgM5
sDgwIkb19ix7EF9HLh1x7C8WEAFS2Xd52gBkp0Zl8cQE3K18x1w2SjAlRrIk8ndJ
Yus8TITRBKAgak2JUXr8L7YHw8sZDwuVBTBk7YuwyFQIUJH72rjzqcliiaFN
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:58:57 2025 by rpki-client