Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a17fb5-3a11-4d9e-9cd0-9f2041706f8f/1/HMrcNcc0YLFn7qtcB3T2gXkDw7Q.roa
File: HMrcNcc0YLFn7qtcB3T2gXkDw7Q.roa (raw, json)
Hash identifier: Jg8aPD2KgLQYLvBloThoOJ3Wb99E3hnF2a64wjS7ctQ=
Subject key identifier: 1C:CA:DC:35:C7:34:60:B1:67:EE:AB:5C:07:74:F6:81:79:03:C3:B4
Certificate issuer: /CN=1b38ca3eb2ba7ff2412f5e7f8def3eb51560d1ad
Certificate serial: 018570427F2837CB52DE6AB95371BDF79F04
Authority key identifier: 1B:38:CA:3E:B2:BA:7F:F2:41:2F:5E:7F:8D:EF:3E:B5:15:60:D1:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzjKPrK6f_JBL15_je8-tRVg0a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a17fb5-3a11-4d9e-9cd0-9f2041706f8f/1/HMrcNcc0YLFn7qtcB3T2gXkDw7Q.roa
Signing time: Mon 02 Jan 2023 02:14:44 +0000
ROA not before: Mon 02 Jan 2023 02:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199191
IP address blocks: 176.124.249.0/24 maxlen: 24
2001:67c:10bc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:7f:28:37:cb:52:de:6a:b9:53:71:bd:f7:9f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b38ca3eb2ba7ff2412f5e7f8def3eb51560d1ad
Validity
Not Before: Jan 2 02:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ccadc35c73460b167eeab5c0774f6817903c3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:37:13:1b:9b:5b:23:5a:42:a1:3e:fe:8d:7c:
aa:37:2c:ee:3a:11:1b:34:ed:3f:e4:5e:35:ab:92:
e4:d7:dc:15:6e:b4:31:af:41:20:f6:34:72:f8:b7:
e4:7a:ba:99:07:dc:31:5c:c7:c4:7d:e8:ba:29:a7:
09:46:c9:37:3c:8f:1c:a9:76:c1:a2:f9:08:4b:6d:
68:73:c2:f9:e0:95:31:52:15:60:42:b8:02:b2:15:
8b:f2:2c:aa:0d:eb:b1:36:5d:79:7f:2c:e2:c2:79:
a5:22:61:26:69:e7:3b:b8:5c:ae:73:26:be:92:5a:
41:b0:f5:f2:f7:a7:51:23:7b:ce:d5:ec:31:fa:3c:
8b:54:31:38:19:6a:16:f9:0b:42:76:a5:9d:20:fa:
4c:4d:01:bd:04:48:1d:19:58:1e:e4:07:45:aa:a2:
c9:7b:76:22:a0:c2:be:de:d0:c7:e5:a0:bf:57:4a:
f5:77:62:67:fc:cd:9f:de:f2:27:cb:75:e8:79:db:
95:d2:08:27:ae:8c:5d:f1:4f:70:74:c4:f2:1e:6c:
39:f5:13:fd:b5:7a:8a:b2:1c:fc:f5:c7:6a:1e:a7:
dd:4b:8a:3b:f1:9f:39:7c:77:21:06:9e:74:94:9b:
50:61:ad:e2:17:96:d8:3d:40:38:38:ed:fb:c3:eb:
7d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CA:DC:35:C7:34:60:B1:67:EE:AB:5C:07:74:F6:81:79:03:C3:B4
X509v3 Authority Key Identifier:
keyid:1B:38:CA:3E:B2:BA:7F:F2:41:2F:5E:7F:8D:EF:3E:B5:15:60:D1:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzjKPrK6f_JBL15_je8-tRVg0a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a17fb5-3a11-4d9e-9cd0-9f2041706f8f/1/HMrcNcc0YLFn7qtcB3T2gXkDw7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a17fb5-3a11-4d9e-9cd0-9f2041706f8f/1/GzjKPrK6f_JBL15_je8-tRVg0a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.249.0/24
IPv6:
2001:67c:10bc::/48
Signature Algorithm: sha256WithRSAEncryption
2f:14:e0:dc:af:64:1b:ed:97:b0:4f:d5:91:b2:bc:7d:43:0c:
f8:e8:28:a3:a1:72:5e:ac:97:df:7c:4a:78:8e:48:99:9d:a7:
01:97:53:ae:a6:fa:02:2b:bb:f1:11:e6:f6:df:1c:88:de:e1:
5e:66:67:d8:da:cc:26:16:1d:0a:24:59:71:27:d6:f0:ec:40:
08:f4:35:e7:9b:61:03:d6:7b:82:26:18:71:d8:35:0e:04:77:
7c:10:0d:2d:89:9b:0c:46:18:09:65:b1:45:2e:b9:03:67:f8:
b8:e0:10:a2:73:e2:05:b3:f1:e3:5b:2f:e7:ac:6f:40:a3:c4:
e7:5e:5a:ff:40:fd:de:de:0d:8c:33:2e:32:2d:74:09:c8:f1:
e7:5a:20:2b:f2:79:40:71:1f:3b:c6:64:22:df:fc:02:98:15:
3a:a9:3d:5e:4d:85:ef:3c:1f:d4:2f:87:32:74:69:5d:6f:e3:
49:ea:50:0f:ca:15:28:53:aa:d4:aa:2a:99:72:3b:5c:ab:00:
e1:e2:01:55:de:2c:4a:cc:59:a0:52:58:35:99:61:b5:6e:0b:
c3:5b:36:70:39:74:97:c0:f2:fc:b0:39:32:83:19:bb:25:a2:
cf:b7:57:7b:95:2d:63:2e:d2:bc:3a:9b:1c:7f:7a:f6:3a:a8:
8a:bd:85:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwQn8oN8tS3mq5U3G9958EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzhjYTNlYjJiYTdmZjI0MTJmNWU3ZjhkZWYzZWI1MTU2
MGQxYWQwHhcNMjMwMTAyMDIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2NhZGMzNWM3MzQ2MGIxNjdlZWFiNWMwNzc0ZjY4MTc5MDNjM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTcTG5tbI1pCoT7+jXyqNyzuOhEb
NO0/5F41q5Lk19wVbrQxr0Eg9jRy+LfkerqZB9wxXMfEfei6KacJRsk3PI8cqXbB
ovkIS21oc8L54JUxUhVgQrgCshWL8iyqDeuxNl15fyziwnmlImEmaec7uFyucya+
klpBsPXy96dRI3vO1ewx+jyLVDE4GWoW+QtCdqWdIPpMTQG9BEgdGVge5AdFqqLJ
e3YioMK+3tDH5aC/V0r1d2Jn/M2f3vIny3XoeduV0ggnroxd8U9wdMTyHmw59RP9
tXqKshz89cdqHqfdS4o78Z85fHchBp50lJtQYa3iF5bYPUA4OO37w+t91wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBzK3DXHNGCxZ+6rXAd09oF5A8O0MB8GA1UdIwQY
MBaAFBs4yj6yun/yQS9ef43vPrUVYNGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3pqS1BySzZmX0pCTDE1X2plOC10UlZnMGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hMTdmYjUtM2ExMS00ZDllLTljZDAt
OWYyMDQxNzA2ZjhmLzEvSE1yY05jYzBZTEZuN3F0Y0IzVDJnWGtEdzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hMTdmYjUtM2ExMS00ZDllLTljZDAtOWYyMDQxNzA2Zjhm
LzEvR3pqS1BySzZmX0pCTDE1X2plOC10UlZnMGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHz5MA8E
AgACMAkDBwAgAQZ8ELwwDQYJKoZIhvcNAQELBQADggEBAC8U4NyvZBvtl7BP1ZGy
vH1DDPjoKKOhcl6sl998SniOSJmdpwGXU66m+gIru/ER5vbfHIje4V5mZ9jazCYW
HQokWXEn1vDsQAj0NeebYQPWe4ImGHHYNQ4Ed3wQDS2JmwxGGAllsUUuuQNn+Ljg
EKJz4gWz8eNbL+esb0CjxOdeWv9A/d7eDYwzLjItdAnI8edaICvyeUBxHzvGZCLf
/AKYFTqpPV5Nhe88H9QvhzJ0aV1v40nqUA/KFShTqtSqKplyO1yrAOHiAVXeLErM
WaBSWDWZYbVuC8NbNnA5dJfA8vywOTKDGbslos+3V3uVLWMu0rw6mxx/evY6qIq9
hXE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:07:42 2025 by rpki-client