Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/hwP8XUEx3IHy8BsMbdNyzr82k50.roa
File: hwP8XUEx3IHy8BsMbdNyzr82k50.roa (raw, json)
Hash identifier: qgtHylc81NqgBsHn2/Ou4AR3nTfkmPvTmJITXwx2YuU=
Subject key identifier: 87:03:FC:5D:41:31:DC:81:F2:F0:1B:0C:6D:D3:72:CE:BF:36:93:9D
Certificate issuer: /CN=6a016dad273047b18886691485dedd97171c4d68
Certificate serial: 0187E798EEFCBE7D5735839C121565CC961C
Authority key identifier: 6A:01:6D:AD:27:30:47:B1:88:86:69:14:85:DE:DD:97:17:1C:4D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/hwP8XUEx3IHy8BsMbdNyzr82k50.roa
Signing time: Thu 04 May 2023 16:29:32 +0000
ROA not before: Thu 04 May 2023 16:29:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 194.1.165.0/24 maxlen: 24
194.1.164.0/24 maxlen: 24
194.1.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:98:ee:fc:be:7d:57:35:83:9c:12:15:65:cc:96:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a016dad273047b18886691485dedd97171c4d68
Validity
Not Before: May 4 16:29:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8703fc5d4131dc81f2f01b0c6dd372cebf36939d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:da:5b:db:ec:df:ad:8d:88:20:ed:ea:93:6a:
92:f2:aa:38:1e:72:b3:56:3e:96:cf:21:7d:4f:9a:
92:7d:29:8c:89:b8:46:6d:93:79:62:ef:bc:7d:e6:
6d:fc:cd:ca:eb:bf:26:30:9b:c7:f8:3e:80:00:13:
08:6e:54:71:34:4e:cb:53:8f:4e:33:3d:0f:4e:33:
78:90:7c:72:8b:4e:cd:88:ba:ea:d6:f3:34:42:d5:
0f:09:4a:bc:4e:ef:d5:f6:e6:09:e6:77:97:1f:c1:
16:a1:77:de:0b:80:f1:81:f1:5f:46:31:f0:b2:7e:
3b:5f:3f:68:42:3c:88:6c:1e:51:7e:01:fd:01:aa:
f1:78:5c:31:d3:b6:e2:82:fc:8e:d8:a8:ad:51:60:
e5:ed:07:30:b5:84:13:f0:03:2d:50:5c:07:db:7c:
a0:ba:8d:b8:ff:f7:ea:dc:40:dc:d4:9a:26:eb:cf:
0d:53:ae:56:42:02:54:85:38:d0:a5:20:8d:f1:70:
eb:5d:dd:ea:bc:04:9d:8d:e9:89:94:f8:0d:1e:8b:
e9:f4:e5:04:2b:cf:87:ed:f2:bc:11:ac:96:c4:e4:
33:0d:9c:bf:de:71:35:33:4b:a8:7b:ea:2e:b7:c2:
b0:88:02:52:27:92:4e:6d:26:70:80:4c:da:d6:ba:
ba:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:03:FC:5D:41:31:DC:81:F2:F0:1B:0C:6D:D3:72:CE:BF:36:93:9D
X509v3 Authority Key Identifier:
keyid:6A:01:6D:AD:27:30:47:B1:88:86:69:14:85:DE:DD:97:17:1C:4D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/hwP8XUEx3IHy8BsMbdNyzr82k50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/agFtrScwR7GIhmkUhd7dlxccTWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.164.0-194.1.166.255
Signature Algorithm: sha256WithRSAEncryption
51:7c:ea:08:58:a7:90:e0:72:5e:a5:8d:ea:29:bc:06:53:be:
0a:3a:98:f4:f7:81:3e:15:41:a3:99:05:82:87:c0:67:1e:3c:
0d:76:ab:b1:ad:5b:7d:d0:30:d8:06:3e:20:48:0d:a9:e8:da:
a4:ce:5d:05:9e:73:d2:61:38:ae:21:66:eb:bb:d6:99:df:3c:
a4:76:bf:83:51:dd:34:bb:f4:7c:35:cd:f8:a1:fd:06:56:be:
79:b7:7e:22:5d:03:ae:aa:d0:8f:bf:c7:6d:92:ba:c7:0d:a9:
cc:b8:20:7e:6e:50:c1:67:37:cd:ca:34:da:28:6e:19:6d:f0:
71:ef:19:51:4e:f6:00:bd:0b:99:95:6c:89:0a:05:05:11:f9:
8b:45:e9:ec:78:94:1a:94:9b:51:c9:32:95:d7:28:30:5c:16:
c5:9f:b8:bd:43:d8:22:a9:2f:35:7f:73:6b:c5:3b:02:3e:e4:
52:a1:52:aa:df:8e:34:36:c1:67:24:ad:8a:12:87:32:53:49:
5f:9b:38:3a:b6:a6:16:6d:fe:31:a8:4f:51:6b:cf:7d:4e:46:
89:a7:29:96:e7:40:b0:08:2c:a7:ab:5f:bf:c8:21:07:97:09:
2e:e0:14:90:85:7f:a0:f9:8b:64:fe:3b:9c:9c:f5:6f:44:b4:
03:8d:3d:7d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYfnmO78vn1XNYOcEhVlzJYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMDE2ZGFkMjczMDQ3YjE4ODg2NjkxNDg1ZGVkZDk3MTcx
YzRkNjgwHhcNMjMwNTA0MTYyOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzAzZmM1ZDQxMzFkYzgxZjJmMDFiMGM2ZGQzNzJjZWJmMzY5MzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldpb2+zfrY2IIO3qk2qS8qo4HnKz
Vj6WzyF9T5qSfSmMibhGbZN5Yu+8feZt/M3K678mMJvH+D6AABMIblRxNE7LU49O
Mz0PTjN4kHxyi07NiLrq1vM0QtUPCUq8Tu/V9uYJ5neXH8EWoXfeC4DxgfFfRjHw
sn47Xz9oQjyIbB5RfgH9AarxeFwx07bigvyO2KitUWDl7QcwtYQT8AMtUFwH23yg
uo24//fq3EDc1Jom688NU65WQgJUhTjQpSCN8XDrXd3qvASdjemJlPgNHovp9OUE
K8+H7fK8EayWxOQzDZy/3nE1M0uoe+out8KwiAJSJ5JObSZwgEza1rq66wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIcD/F1BMdyB8vAbDG3Tcs6/NpOdMB8GA1UdIwQY
MBaAFGoBba0nMEexiIZpFIXe3ZcXHE1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWdGdHJTY3dSN0dJaG1rVWhkN2RseGNjVFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NWM5YWQtYzRhNy00NjUyLWFhZDMt
Yzk1MjgwNDkzMmMyLzEvaHdQOFhVRXgzSUh5OEJzTWJkTnl6cjgyazUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NWM5YWQtYzRhNy00NjUyLWFhZDMtYzk1MjgwNDkzMmMy
LzEvYWdGdHJTY3dSN0dJaG1rVWhkN2RseGNjVFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCAaQD
BADCAaYwDQYJKoZIhvcNAQELBQADggEBAFF86ghYp5Dgcl6ljeopvAZTvgo6mPT3
gT4VQaOZBYKHwGcePA12q7GtW33QMNgGPiBIDano2qTOXQWec9JhOK4hZuu71pnf
PKR2v4NR3TS79Hw1zfih/QZWvnm3fiJdA66q0I+/x22SuscNqcy4IH5uUMFnN83K
NNoobhlt8HHvGVFO9gC9C5mVbIkKBQUR+YtF6ex4lBqUm1HJMpXXKDBcFsWfuL1D
2CKpLzV/c2vFOwI+5FKhUqrfjjQ2wWckrYoShzJTSV+bODq2phZt/jGoT1Frz31O
RomnKZbnQLAILKerX7/IIQeXCS7gFJCFf6D5i2T+O5yc9W9EtAONPX0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:52 2025 by rpki-client