Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/HqwelKWal5DFn360YgXHO5stQrM.roa
File: HqwelKWal5DFn360YgXHO5stQrM.roa (raw, json)
Hash identifier: 7P5DhvnsqNIzWgr0OoOpmF6vkHocDxKfZs3QSBP05r4=
Subject key identifier: 1E:AC:1E:94:A5:9A:97:90:C5:9F:7E:B4:62:05:C7:3B:9B:2D:42:B3
Certificate issuer: /CN=e4bdd6b1ebfc95899a58333dc94cf82a19a6b3be
Certificate serial: 01857042AA865F668E6DD516CCC76F370C62
Authority key identifier: E4:BD:D6:B1:EB:FC:95:89:9A:58:33:3D:C9:4C:F8:2A:19:A6:B3:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L3Wsev8lYmaWDM9yUz4Khmms74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/HqwelKWal5DFn360YgXHO5stQrM.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34655
IP address blocks: 80.77.114.0/24 maxlen: 24
188.227.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:aa:86:5f:66:8e:6d:d5:16:cc:c7:6f:37:0c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4bdd6b1ebfc95899a58333dc94cf82a19a6b3be
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eac1e94a59a9790c59f7eb46205c73b9b2d42b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:79:1b:4c:02:06:82:bc:dd:fb:fb:77:af:cf:
62:28:4f:9e:2c:d2:9c:80:2a:e4:94:e2:b5:66:30:
9b:74:27:85:d7:9b:62:68:c7:4b:86:fd:f0:ac:05:
ca:1e:d3:24:1e:90:36:17:a5:a5:4c:e0:da:da:46:
cc:62:90:4c:58:b4:f4:58:43:d7:37:4c:14:c6:0f:
7a:b9:24:91:64:c1:cb:4f:74:be:71:ac:d5:a4:2e:
bd:7f:81:2f:0f:d5:69:54:be:ba:57:3b:ff:1d:ec:
ab:9a:df:be:26:87:06:a6:46:5c:bb:0c:6c:e5:0d:
0c:b5:69:73:e8:3d:ad:67:e4:82:42:2b:10:3d:5a:
66:d8:2a:30:15:5c:10:b7:89:cd:a2:5d:75:8a:2d:
93:41:a2:5e:d7:32:6b:86:22:23:54:1c:f9:92:1d:
b4:2b:74:f4:be:b3:c8:76:e5:a6:67:74:16:2a:9d:
d6:21:72:25:aa:68:99:1c:a6:c5:d5:6d:f8:f1:e0:
b5:09:32:8d:cc:8b:23:6d:de:2a:64:c7:b6:07:0f:
ac:5b:26:cb:e7:b4:9a:7e:e2:9b:e4:72:ea:0e:3f:
ae:4e:19:2f:63:b4:74:8f:57:1a:45:6d:2a:29:8f:
a5:d4:c4:5d:fb:5c:94:88:80:01:c2:6e:99:47:5f:
e6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AC:1E:94:A5:9A:97:90:C5:9F:7E:B4:62:05:C7:3B:9B:2D:42:B3
X509v3 Authority Key Identifier:
keyid:E4:BD:D6:B1:EB:FC:95:89:9A:58:33:3D:C9:4C:F8:2A:19:A6:B3:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L3Wsev8lYmaWDM9yUz4Khmms74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/HqwelKWal5DFn360YgXHO5stQrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/5L3Wsev8lYmaWDM9yUz4Khmms74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.77.114.0/24
188.227.231.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:8a:79:b4:6e:f9:db:92:76:9a:ab:82:25:cc:98:44:e0:7a:
3e:6a:fa:85:ba:a1:6f:52:99:b4:84:7a:96:df:3c:63:fd:d1:
52:8b:84:08:18:84:56:b7:53:fb:41:62:0e:22:44:cb:6c:68:
cf:e7:72:2f:60:80:77:a3:79:7c:b0:49:3d:b5:09:b2:85:de:
c4:5f:81:63:15:63:06:a5:c7:ab:a9:44:52:47:5f:40:1b:f8:
52:08:07:82:66:30:0e:26:31:c5:1d:e7:d1:8a:e5:48:90:e7:
e5:48:91:6b:69:f3:58:fd:f0:b7:12:4f:1b:8e:8e:5f:27:5a:
2a:c4:53:b9:12:be:47:b0:51:d9:a9:b6:14:db:06:a5:cf:6f:
06:93:8a:c7:82:8e:86:07:98:f5:71:52:b5:86:0b:24:48:f9:
e8:bb:68:80:9e:b6:a9:41:ec:31:c0:21:c7:c3:59:ee:03:65:
30:29:0a:0b:24:fa:28:4c:c2:d1:dd:6e:22:a7:aa:9c:b8:82:
9f:0f:86:92:42:6e:fb:da:2c:bf:b5:13:a8:8a:8d:cf:85:61:
3c:7a:ed:e6:93:ec:97:0b:c1:8b:f5:de:98:d9:13:0a:bf:19:
01:25:00:28:f5:02:70:91:c0:7d:32:89:e5:06:d7:5d:f7:48:
6d:95:01:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwQqqGX2aObdUWzMdvNwxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmRkNmIxZWJmYzk1ODk5YTU4MzMzZGM5NGNmODJhMTlh
NmIzYmUwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFjMWU5NGE1OWE5NzkwYzU5ZjdlYjQ2MjA1YzczYjliMmQ0MmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnkbTAIGgrzd+/t3r89iKE+eLNKc
gCrklOK1ZjCbdCeF15tiaMdLhv3wrAXKHtMkHpA2F6WlTODa2kbMYpBMWLT0WEPX
N0wUxg96uSSRZMHLT3S+cazVpC69f4EvD9VpVL66Vzv/Heyrmt++JocGpkZcuwxs
5Q0MtWlz6D2tZ+SCQisQPVpm2CowFVwQt4nNol11ii2TQaJe1zJrhiIjVBz5kh20
K3T0vrPIduWmZ3QWKp3WIXIlqmiZHKbF1W348eC1CTKNzIsjbd4qZMe2Bw+sWybL
57SafuKb5HLqDj+uThkvY7R0j1caRW0qKY+l1MRd+1yUiIABwm6ZR1/mAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB6sHpSlmpeQxZ9+tGIFxzubLUKzMB8GA1UdIwQY
MBaAFOS91rHr/JWJmlgzPclM+CoZprO+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUwzV3NldjhsWW1hV0RNOXlVejRLaG1tczc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yYThmODgtYjA1ZC00MjkxLTkzZDQt
MDdmN2Q1MTk1YzJjLzEvSHF3ZWxLV2FsNURGbjM2MFlnWEhPNXN0UXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yYThmODgtYjA1ZC00MjkxLTkzZDQtMDdmN2Q1MTk1YzJj
LzEvNUwzV3NldjhsWW1hV0RNOXlVejRLaG1tczc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUE1yAwQA
vOPnMA0GCSqGSIb3DQEBCwUAA4IBAQDEinm0bvnbknaaq4IlzJhE4Ho+avqFuqFv
Upm0hHqW3zxj/dFSi4QIGIRWt1P7QWIOIkTLbGjP53IvYIB3o3l8sEk9tQmyhd7E
X4FjFWMGpcerqURSR19AG/hSCAeCZjAOJjHFHefRiuVIkOflSJFrafNY/fC3Ek8b
jo5fJ1oqxFO5Er5HsFHZqbYU2walz28Gk4rHgo6GB5j1cVK1hgskSPnou2iAnrap
QewxwCHHw1nuA2UwKQoLJPooTMLR3W4ip6qcuIKfD4aSQm772iy/tROoio3PhWE8
eu3mk+yXC8GL9d6Y2RMKvxkBJQAo9QJwkcB9MonlBtdd90htlQEk
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:36:23 2025 by rpki-client