Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HVTIWp_cdTd0fi8dvsT_07RWrqM.roa
File: HVTIWp_cdTd0fi8dvsT_07RWrqM.roa (raw, json)
Hash identifier: mhwnU/Ky3LHqDDEjWdFJccpNzbUgrhhDg50eM/GiZ7E=
Subject key identifier: 1D:54:C8:5A:9F:DC:75:37:74:7E:2F:1D:BE:C4:FF:D3:B4:56:AE:A3
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6C51FAC431764A0BE0B63EDDCCB77
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HVTIWp_cdTd0fi8dvsT_07RWrqM.roa
Signing time: Wed 01 Jan 2025 21:47:45 +0000
ROA not before: Wed 01 Jan 2025 21:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198883
IP address blocks: 89.33.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c5:1f:ac:43:17:64:a0:be:0b:63:ed:dc:cb:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d54c85a9fdc7537747e2f1dbec4ffd3b456aea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e1:3f:17:62:f0:e5:d9:75:38:b2:b4:0b:50:
95:96:1d:3f:11:eb:e5:6e:ad:81:67:23:32:2f:f3:
79:57:9e:c7:90:60:0a:b3:bc:03:b4:5f:07:95:72:
04:56:44:13:6d:e8:a6:07:38:bf:f5:04:77:3c:db:
67:28:03:a9:b3:35:e5:6b:5d:28:52:eb:b0:43:30:
76:18:9c:59:35:54:ff:60:90:97:0c:7a:f9:a2:67:
05:d8:67:df:aa:56:e9:a7:1e:e6:6e:8a:63:d2:f7:
71:fb:74:1c:eb:ab:91:e1:72:4a:e8:42:43:1b:32:
b4:dc:dc:9a:ea:1f:3d:90:43:b6:d6:8d:88:26:7a:
ff:7f:4c:e3:00:79:3d:41:de:1b:ed:2d:15:1c:d9:
b3:81:a7:32:7e:95:05:14:b6:b8:56:71:37:b6:d1:
5f:d9:e1:51:de:e5:d8:4a:f4:52:b1:8f:b1:4b:be:
11:42:36:9b:30:0a:b5:5b:3c:b2:12:98:65:9d:2d:
2b:8c:38:bc:01:c4:30:d8:6b:76:05:ba:06:5d:0c:
a2:6a:de:92:58:fc:20:b5:a8:79:f4:9c:4f:dd:55:
28:80:cd:08:ed:d9:54:61:26:9f:1a:0a:4d:a1:30:
d9:60:8a:e9:f9:af:29:18:3b:e5:ef:5e:ae:c1:86:
03:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:54:C8:5A:9F:DC:75:37:74:7E:2F:1D:BE:C4:FF:D3:B4:56:AE:A3
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HVTIWp_cdTd0fi8dvsT_07RWrqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.194.0/24
Signature Algorithm: sha256WithRSAEncryption
03:29:a5:80:4b:03:f6:de:a7:55:60:e1:0b:7d:fb:0e:82:5c:
8b:83:a3:c2:ab:b0:5c:a2:59:fe:db:16:f0:ec:ed:df:0b:de:
17:23:d3:0e:2b:ef:aa:e3:bc:2c:00:f4:9d:a7:17:08:e4:b0:
0f:d0:27:ef:06:4a:fb:33:65:a2:e1:f3:de:fe:67:be:c2:60:
e9:a4:33:a3:f7:60:49:ef:9b:36:9a:69:e2:74:8e:2b:a7:ff:
e8:e9:ac:99:1b:30:de:5a:77:8c:9d:97:7d:58:88:df:0d:4c:
ba:08:eb:e5:61:6b:ad:4f:19:5a:e1:6b:ec:fc:75:fe:f9:da:
22:a3:4d:0a:f3:99:30:05:92:d1:7d:2d:b7:94:fc:27:9d:65:
cd:bb:09:69:bd:2c:27:66:46:c9:76:02:87:d0:bc:6e:a5:95:
0e:92:18:d1:1a:e2:6e:50:7f:ec:f9:84:a3:07:a4:55:6f:a9:
73:1a:83:40:a9:1d:e6:9d:8e:83:a0:e3:7a:bc:b1:ea:f5:c4:
b4:78:bd:d7:23:da:b1:45:d7:39:d9:73:b3:c1:99:5b:4b:b4:
7c:82:46:81:58:4d:dd:20:cc:87:cf:d9:12:f2:39:82:07:85:
34:02:01:29:11:b1:d2:2a:fa:d3:b1:6e:ed:d1:e1:c7:a6:94:
c4:3d:4c:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sUfrEMXZKC+C2Pt3Mt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDU0Yzg1YTlmZGM3NTM3NzQ3ZTJmMWRiZWM0ZmZkM2I0NTZhZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+E/F2Lw5dl1OLK0C1CVlh0/Eevl
bq2BZyMyL/N5V57HkGAKs7wDtF8HlXIEVkQTbeimBzi/9QR3PNtnKAOpszXla10o
UuuwQzB2GJxZNVT/YJCXDHr5omcF2Gffqlbppx7mbopj0vdx+3Qc66uR4XJK6EJD
GzK03Nya6h89kEO21o2IJnr/f0zjAHk9Qd4b7S0VHNmzgacyfpUFFLa4VnE3ttFf
2eFR3uXYSvRSsY+xS74RQjabMAq1WzyyEphlnS0rjDi8AcQw2Gt2BboGXQyiat6S
WPwgtah59JxP3VUogM0I7dlUYSafGgpNoTDZYIrp+a8pGDvl716uwYYDPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1UyFqf3HU3dH4vHb7E/9O0Vq6jMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSFZUSVdwX2NkVGQwZmk4ZHZzVF8wN1JXcnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSHCMA0G
CSqGSIb3DQEBCwUAA4IBAQADKaWASwP23qdVYOELffsOglyLg6PCq7Bcoln+2xbw
7O3fC94XI9MOK++q47wsAPSdpxcI5LAP0CfvBkr7M2Wi4fPe/me+wmDppDOj92BJ
75s2mmnidI4rp//o6ayZGzDeWneMnZd9WIjfDUy6COvlYWutTxla4Wvs/HX++doi
o00K85kwBZLRfS23lPwnnWXNuwlpvSwnZkbJdgKH0LxupZUOkhjRGuJuUH/s+YSj
B6RVb6lzGoNAqR3mnY6DoON6vLHq9cS0eL3XI9qxRdc52XOzwZlbS7R8gkaBWE3d
IMyHz9kS8jmCB4U0AgEpEbHSKvrTsW7t0eHHppTEPUwZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:07:26 2025 by rpki-client