Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/HmMkZMs_L5qVhevMb58XTv8ACos.roa
File: HmMkZMs_L5qVhevMb58XTv8ACos.roa (raw, json)
Hash identifier: p6Cspm4w36V6nse6CJ6sMJJCGrV41tHwZhdpXbj7GQQ=
Subject key identifier: 1E:63:24:64:CB:3F:2F:9A:95:85:EB:CC:6F:9F:17:4E:FF:00:0A:8B
Certificate issuer: /CN=f69a0a5d1e8d54248e87667e9883c902f175e2e7
Certificate serial: 0194214452732F6146C95B3C2846FB4C4C94
Authority key identifier: F6:9A:0A:5D:1E:8D:54:24:8E:87:66:7E:98:83:C9:02:F1:75:E2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9poKXR6NVCSOh2Z-mIPJAvF14uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/HmMkZMs_L5qVhevMb58XTv8ACos.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 141.67.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:52:73:2f:61:46:c9:5b:3c:28:46:fb:4c:4c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69a0a5d1e8d54248e87667e9883c902f175e2e7
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e632464cb3f2f9a9585ebcc6f9f174eff000a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f7:50:61:59:1f:2c:26:90:08:ff:b5:10:ce:
35:c0:43:38:e1:99:41:b5:6a:ea:df:4e:2f:9b:52:
75:31:41:d0:9f:f8:49:2e:4e:5d:6a:97:96:96:11:
16:23:67:79:6b:cb:de:ff:f4:71:be:aa:5f:60:ae:
4d:42:b6:1f:24:35:6c:e9:10:23:45:a1:b4:fe:9c:
9c:9b:1d:c0:a1:4f:4b:65:8b:d3:d6:98:51:a0:43:
15:b8:a5:89:21:85:b6:8e:0d:e6:ba:f2:9a:7e:0b:
24:ba:c1:bb:ad:2a:57:3d:67:a8:b7:88:5d:11:ad:
be:37:d1:a8:6d:8e:b7:4c:71:80:a5:1e:37:17:61:
c5:5d:a4:b2:38:c0:42:d0:61:be:aa:89:d1:00:03:
a5:2f:30:68:98:3d:32:7c:f1:6d:96:23:27:55:75:
55:0a:36:d3:02:05:72:94:80:30:c3:bf:6f:40:ad:
19:6e:e9:60:62:2e:e1:84:4a:f4:f1:f1:6d:bc:6c:
dd:34:e2:74:c4:10:b7:4b:0f:05:b4:f5:5c:43:7d:
f6:69:63:52:3b:56:a1:f4:16:15:ee:af:b7:18:f3:
94:ed:a9:fb:86:76:43:e9:ed:a4:58:4a:c3:4d:60:
a6:de:2c:c7:7c:8d:a4:1f:87:b5:10:a6:b3:0f:0d:
02:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:63:24:64:CB:3F:2F:9A:95:85:EB:CC:6F:9F:17:4E:FF:00:0A:8B
X509v3 Authority Key Identifier:
keyid:F6:9A:0A:5D:1E:8D:54:24:8E:87:66:7E:98:83:C9:02:F1:75:E2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9poKXR6NVCSOh2Z-mIPJAvF14uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/HmMkZMs_L5qVhevMb58XTv8ACos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9440a4-0b42-4a58-900a-e99f22772624/1/9poKXR6NVCSOh2Z-mIPJAvF14uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.67.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:91:15:df:a4:77:77:27:ae:fe:8c:0a:bd:1b:eb:6c:02:76:
4e:5b:b0:fd:23:c3:11:35:6e:03:27:a7:45:bf:81:a6:f6:12:
d7:2d:61:d4:24:fe:11:b5:2c:d3:ba:23:04:b4:92:44:ee:e1:
36:7d:47:37:30:61:81:7b:32:c5:72:86:33:8f:1b:4c:7c:61:
69:12:87:9d:bd:b6:0a:c5:a9:d3:0e:e3:66:98:e7:bf:90:5e:
26:4f:e5:7f:1c:2a:8a:26:54:d5:39:3f:27:36:d8:07:6f:6c:
e5:75:60:43:96:34:0d:d8:8b:16:f2:3b:90:16:94:c5:d4:0b:
4d:2f:8d:c3:44:a8:11:b2:d0:24:5e:0e:20:88:87:83:cf:4c:
b7:be:83:2f:44:ef:f3:37:fe:8d:62:16:a6:e6:5a:b9:a1:4a:
ae:c6:9a:4a:aa:5e:a0:18:61:11:bb:cc:80:0e:51:1c:b5:bc:
f4:eb:96:90:25:32:1b:05:9b:c1:71:01:f5:0b:57:55:99:7b:
58:02:2f:96:7a:22:a1:ef:5e:ff:f7:1a:e7:5e:a8:1d:97:4f:
ae:6c:ad:02:3b:19:d5:e4:53:a0:58:0b:2f:66:55:f1:2d:b0:
2c:eb:a6:aa:fb:43:e1:65:36:73:38:f4:4b:19:ca:01:b5:b0:
f2:88:c6:e0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQhRFJzL2FGyVs8KEb7TEyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWEwYTVkMWU4ZDU0MjQ4ZTg3NjY3ZTk4ODNjOTAyZjE3
NWUyZTcwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTYzMjQ2NGNiM2YyZjlhOTU4NWViY2M2ZjlmMTc0ZWZmMDAwYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvdQYVkfLCaQCP+1EM41wEM44ZlB
tWrq304vm1J1MUHQn/hJLk5dapeWlhEWI2d5a8ve//RxvqpfYK5NQrYfJDVs6RAj
RaG0/pycmx3AoU9LZYvT1phRoEMVuKWJIYW2jg3muvKafgskusG7rSpXPWeot4hd
Ea2+N9GobY63THGApR43F2HFXaSyOMBC0GG+qonRAAOlLzBomD0yfPFtliMnVXVV
CjbTAgVylIAww79vQK0ZbulgYi7hhEr08fFtvGzdNOJ0xBC3Sw8FtPVcQ332aWNS
O1ah9BYV7q+3GPOU7an7hnZD6e2kWErDTWCm3izHfI2kH4e1EKazDw0C/wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFB5jJGTLPy+alYXrzG+fF07/AAqLMB8GA1UdIwQY
MBaAFPaaCl0ejVQkjodmfpiDyQLxdeLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXBvS1hSNk5WQ1NPaDJaLW1JUEpBdkYxNHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS85NDQwYTQtMGI0Mi00YTU4LTkwMGEt
ZTk5ZjIyNzcyNjI0LzEvSG1Na1pNc19MNXFWaGV2TWI1OFhUdjhBQ29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS85NDQwYTQtMGI0Mi00YTU4LTkwMGEtZTk5ZjIyNzcyNjI0
LzEvOXBvS1hSNk5WQ1NPaDJaLW1JUEpBdkYxNHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjUMwDQYJ
KoZIhvcNAQELBQADggEBAFyRFd+kd3cnrv6MCr0b62wCdk5bsP0jwxE1bgMnp0W/
gab2EtctYdQk/hG1LNO6IwS0kkTu4TZ9RzcwYYF7MsVyhjOPG0x8YWkSh529tgrF
qdMO42aY57+QXiZP5X8cKoomVNU5Pyc22AdvbOV1YEOWNA3YixbyO5AWlMXUC00v
jcNEqBGy0CReDiCIh4PPTLe+gy9E7/M3/o1iFqbmWrmhSq7GmkqqXqAYYRG7zIAO
URy1vPTrlpAlMhsFm8FxAfULV1WZe1gCL5Z6IqHvXv/3GudeqB2XT65srQI7GdXk
U6BYCy9mVfEtsCzrpqr7Q+FlNnM49EsZygG1sPKIxuA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:39:07 2025 by rpki-client