Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/HGBJjgjbxKOwS-tzE8qO9Sb0DTk.roa
File: HGBJjgjbxKOwS-tzE8qO9Sb0DTk.roa (raw, json)
Hash identifier: IycrXxPRq8sHYUqWekjaODjaqQ8VZx13yD5H8Pnu6n8=
Subject key identifier: 1C:60:49:8E:08:DB:C4:A3:B0:4B:EB:73:13:CA:8E:F5:26:F4:0D:39
Certificate issuer: /CN=561c7ccc52376787374092eafac2623e0571a81e
Certificate serial: 019425FCB9928DC86FFEAC863A2DCA12F190
Authority key identifier: 56:1C:7C:CC:52:37:67:87:37:40:92:EA:FA:C2:62:3E:05:71:A8:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/HGBJjgjbxKOwS-tzE8qO9Sb0DTk.roa
Signing time: Thu 02 Jan 2025 07:48:26 +0000
ROA not before: Thu 02 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211332
IP address blocks: 91.233.183.0/24 maxlen: 24
2a09:f140::/29 maxlen: 29
2a0d:c140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b9:92:8d:c8:6f:fe:ac:86:3a:2d:ca:12:f1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=561c7ccc52376787374092eafac2623e0571a81e
Validity
Not Before: Jan 2 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c60498e08dbc4a3b04beb7313ca8ef526f40d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:30:ae:65:17:0e:93:c9:77:be:08:8d:2e:6c:
8c:30:1d:4e:3b:6d:b7:cf:29:f8:74:67:bc:2a:6c:
60:5a:cf:cf:84:b2:a4:f8:69:f1:b1:7e:65:70:13:
8b:ee:70:d7:f8:4a:86:ae:06:bd:94:5d:26:b5:84:
34:0b:c9:5e:da:05:0c:26:60:12:07:50:ea:b1:f1:
ba:52:62:77:7e:31:91:53:9a:68:11:2c:7c:0a:0e:
23:2c:18:a8:12:b1:84:40:0b:5e:60:7a:70:f4:e3:
b8:bd:8b:4f:ea:e4:2b:3f:31:bf:20:30:b9:99:27:
e3:d5:7c:82:60:ce:f4:4e:4a:6b:5f:25:b9:5c:f1:
e6:c6:7d:f7:3b:8c:5d:24:13:86:c5:c7:07:14:26:
1a:85:e4:83:09:74:2d:29:59:39:7c:80:89:7a:a9:
16:a4:5c:2b:64:0e:73:25:3f:3a:40:09:06:33:44:
7c:37:f9:db:aa:09:6a:c5:01:c0:7c:f5:ba:3b:5d:
25:cb:c3:69:28:cd:54:db:a9:af:11:ec:6e:5e:6e:
2a:d3:48:14:61:d1:7e:1d:e4:62:e9:68:f6:be:82:
72:4c:ef:ae:6c:e3:f2:a4:9d:85:28:a5:ff:89:49:
a4:d1:ea:bf:29:c9:e3:34:ea:84:84:f4:50:80:68:
81:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:60:49:8E:08:DB:C4:A3:B0:4B:EB:73:13:CA:8E:F5:26:F4:0D:39
X509v3 Authority Key Identifier:
keyid:56:1C:7C:CC:52:37:67:87:37:40:92:EA:FA:C2:62:3E:05:71:A8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/HGBJjgjbxKOwS-tzE8qO9Sb0DTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/dca257-d163-4ed9-94ad-c170091283eb/1/Vhx8zFI3Z4c3QJLq-sJiPgVxqB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.183.0/24
IPv6:
2a09:f140::/29
2a0d:c140::/29
Signature Algorithm: sha256WithRSAEncryption
86:8b:81:49:25:9d:3d:5d:dd:9d:6c:77:b6:c6:f8:3e:34:c0:
a6:b1:a4:e4:e0:07:5e:a2:9f:32:c8:83:44:ee:9c:76:be:f7:
3a:28:3c:d8:70:5d:dd:2d:c5:c9:00:eb:a9:c1:67:fe:9a:18:
92:3f:fc:47:97:c0:74:c6:db:01:ee:ab:70:f4:f4:43:4a:4c:
df:dc:50:6a:29:10:e1:95:e7:d3:e1:3b:98:9d:e0:d5:9f:3d:
5d:99:2b:fa:d2:4b:c1:45:38:4a:7b:f3:43:d5:33:a8:26:08:
53:c3:0f:03:51:fe:c4:c4:8b:71:21:22:9b:d3:7e:bd:c0:39:
06:18:d2:28:54:e9:be:74:20:44:65:d8:19:d6:6e:4b:24:d0:
e9:c8:17:14:de:42:a0:d4:65:b6:ef:b6:9c:d9:c5:e7:16:b5:
91:40:e4:19:35:c7:a2:50:37:2f:22:fa:99:fc:f9:ef:a3:31:
cf:30:da:57:16:bd:92:d7:4b:f9:e7:5f:ef:97:4a:c5:ea:82:
54:fd:15:f1:26:78:af:70:88:8b:77:fc:e6:8b:ec:6d:fb:b6:
5c:db:d6:9c:ec:9d:03:a2:69:db:ea:e4:2c:ee:01:6c:68:80:
14:9f:4f:bb:55:56:c4:53:3a:30:d5:ef:cf:0f:12:28:7e:b0:
2a:54:13:74
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQl/LmSjchv/qyGOi3KEvGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MWM3Y2NjNTIzNzY3ODczNzQwOTJlYWZhYzI2MjNlMDU3
MWE4MWUwHhcNMjUwMTAyMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzYwNDk4ZTA4ZGJjNGEzYjA0YmViNzMxM2NhOGVmNTI2ZjQwZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTCuZRcOk8l3vgiNLmyMMB1OO223
zyn4dGe8KmxgWs/PhLKk+GnxsX5lcBOL7nDX+EqGrga9lF0mtYQ0C8le2gUMJmAS
B1DqsfG6UmJ3fjGRU5poESx8Cg4jLBioErGEQAteYHpw9OO4vYtP6uQrPzG/IDC5
mSfj1XyCYM70TkprXyW5XPHmxn33O4xdJBOGxccHFCYaheSDCXQtKVk5fICJeqkW
pFwrZA5zJT86QAkGM0R8N/nbqglqxQHAfPW6O10ly8NpKM1U26mvEexuXm4q00gU
YdF+HeRi6Wj2voJyTO+ubOPypJ2FKKX/iUmk0eq/KcnjNOqEhPRQgGiBUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBxgSY4I28SjsEvrcxPKjvUm9A05MB8GA1UdIwQY
MBaAFFYcfMxSN2eHN0CS6vrCYj4FcageMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmh4OHpGSTNaNGMzUUpMcS1zSmlQZ1Z4cUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kY2EyNTctZDE2My00ZWQ5LTk0YWQt
YzE3MDA5MTI4M2ViLzEvSEdCSmpnamJ4S093Uy10ekU4cU85U2IwRFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kY2EyNTctZDE2My00ZWQ5LTk0YWQtYzE3MDA5MTI4M2Vi
LzEvVmh4OHpGSTNaNGMzUUpMcS1zSmlQZ1Z4cUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAW+m3MBQE
AgACMA4DBQMqCfFAAwUDKg3BQDANBgkqhkiG9w0BAQsFAAOCAQEAhouBSSWdPV3d
nWx3tsb4PjTAprGk5OAHXqKfMsiDRO6cdr73Oig82HBd3S3FyQDrqcFn/poYkj/8
R5fAdMbbAe6rcPT0Q0pM39xQaikQ4ZXn0+E7mJ3g1Z89XZkr+tJLwUU4SnvzQ9Uz
qCYIU8MPA1H+xMSLcSEim9N+vcA5BhjSKFTpvnQgRGXYGdZuSyTQ6cgXFN5CoNRl
tu+2nNnF5xa1kUDkGTXHolA3LyL6mfz576MxzzDaVxa9ktdL+edf75dKxeqCVP0V
8SZ4r3CIi3f85ovsbfu2XNvWnOydA6Jp2+rkLO4BbGiAFJ9Pu1VWxFM6MNXvzw8S
KH6wKlQTdA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:34:48 2025 by rpki-client