Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/HAFTWYZhRl2JhSvJ17kRi_EORRw.roa
File: HAFTWYZhRl2JhSvJ17kRi_EORRw.roa (raw, json)
Hash identifier: 19em40Igf72cORttMpVzO/f9hKOd+3zplkZkJTc0zOw=
Subject key identifier: 1C:01:53:59:86:61:46:5D:89:85:2B:C9:D7:B9:11:8B:F1:0E:45:1C
Certificate issuer: /CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Certificate serial: 01944516F0E5EF15149093F986CA8695D70A
Authority key identifier: 57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/HAFTWYZhRl2JhSvJ17kRi_EORRw.roa
Signing time: Wed 08 Jan 2025 08:45:18 +0000
ROA not before: Wed 08 Jan 2025 08:45:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49902
IP address blocks: 5.57.96.0/19 maxlen: 20
5.57.110.0/24 maxlen: 24
109.122.128.0/18 maxlen: 19
185.147.224.0/22 maxlen: 22
213.55.0.0/18 maxlen: 19
2a00:a080::/32 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:16:f0:e5:ef:15:14:90:93:f9:86:ca:86:95:d7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Validity
Not Before: Jan 8 08:45:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c0153598661465d89852bc9d7b9118bf10e451c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:26:72:32:ad:16:09:ec:11:95:c9:70:34:7f:
f3:8f:c2:d2:97:d8:c7:47:4b:6f:76:01:3c:08:31:
18:a2:ff:4f:1e:52:0c:bc:ea:43:ac:c5:35:6a:de:
58:6c:cb:4b:52:cc:af:90:3f:19:92:be:c6:86:2d:
0e:76:ce:c1:0c:54:d5:98:a6:3c:a4:d5:aa:fd:5a:
5d:c8:d6:96:d1:e3:3d:ed:c4:5d:90:c8:05:c4:5e:
5f:1c:9f:77:b2:e6:30:b5:50:c4:6b:14:8e:1b:3c:
88:35:c5:31:5f:11:5f:88:7c:a1:ea:31:81:2a:eb:
40:30:71:89:86:88:6f:d0:25:29:b7:aa:b4:fb:9c:
ac:25:c9:d3:c2:c8:68:81:cf:8c:ca:0c:fe:31:05:
49:cc:53:80:70:51:f6:6a:56:2b:39:69:19:90:9e:
95:c9:92:54:0d:d4:cc:27:d5:a8:8c:0a:d0:dd:67:
fb:b5:fa:49:65:f0:16:b9:a5:ff:c8:ea:91:ad:c1:
50:01:dc:6a:94:bf:ff:bc:de:ad:b4:21:13:24:80:
49:d0:c7:89:57:17:9c:7b:cd:76:61:e6:bc:bb:7a:
a8:44:8a:8a:bb:59:89:61:31:1f:b0:ad:17:28:d1:
be:9c:a4:55:9e:0e:93:4b:b6:cf:04:53:74:1e:0a:
91:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:01:53:59:86:61:46:5D:89:85:2B:C9:D7:B9:11:8B:F1:0E:45:1C
X509v3 Authority Key Identifier:
keyid:57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/HAFTWYZhRl2JhSvJ17kRi_EORRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.96.0/19
109.122.128.0/18
185.147.224.0/22
213.55.0.0/18
IPv6:
2a00:a080::/32
Signature Algorithm: sha256WithRSAEncryption
59:82:09:5a:18:0c:e9:1f:0b:bd:79:49:ec:4b:e9:ba:a6:53:
4e:dd:ca:63:ff:3b:3e:e9:ef:b1:f2:6c:b6:d2:45:84:de:f6:
8b:52:72:e5:03:f4:ea:76:ba:07:81:dc:15:d2:9d:3e:a5:de:
af:18:b2:0c:d4:7a:fe:a3:c0:05:17:99:23:f1:fc:12:ba:0a:
9f:04:87:6b:fc:ef:48:45:56:31:26:24:9a:60:ca:10:db:f9:
a1:d1:3d:fb:8d:bf:0e:76:4c:66:2d:bd:42:cd:56:3d:da:63:
35:c1:8c:f2:d4:21:08:6a:b0:4e:ba:7c:c3:24:b3:e8:2b:9c:
1c:25:95:b7:89:18:fe:da:5e:73:8d:ee:62:8d:5b:c0:59:51:
63:b2:b9:6f:3b:a6:d0:02:a2:a3:3b:c3:dc:48:61:2e:17:b6:
f9:8d:f4:82:b6:cd:d7:87:a0:c3:32:6e:54:9f:1a:29:32:3e:
74:57:19:63:3d:04:93:19:70:8d:24:b3:68:73:4f:42:59:27:
12:e7:bd:9d:df:c3:e4:26:f1:b4:01:76:47:2e:67:9e:66:d2:
3f:b2:55:65:86:2b:38:5d:50:f9:56:07:7f:66:87:be:57:e2:
89:a2:8f:5c:27:32:52:32:8b:0e:14:64:a0:0d:bb:5a:4c:d4:
f0:bf:d3:5a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZRFFvDl7xUUkJP5hsqGldcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjgwZTYwYjVhZGY0NWFlYmE1YzBjOGFiY2NjNjM5OTdh
MGYxZGIwHhcNMjUwMTA4MDg0NTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAxNTM1OTg2NjE0NjVkODk4NTJiYzlkN2I5MTE4YmYxMGU0NTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyZyMq0WCewRlclwNH/zj8LSl9jH
R0tvdgE8CDEYov9PHlIMvOpDrMU1at5YbMtLUsyvkD8Zkr7Ghi0Ods7BDFTVmKY8
pNWq/VpdyNaW0eM97cRdkMgFxF5fHJ93suYwtVDEaxSOGzyINcUxXxFfiHyh6jGB
KutAMHGJhohv0CUpt6q0+5ysJcnTwshogc+Mygz+MQVJzFOAcFH2alYrOWkZkJ6V
yZJUDdTMJ9WojArQ3Wf7tfpJZfAWuaX/yOqRrcFQAdxqlL//vN6ttCETJIBJ0MeJ
Vxece812Yea8u3qoRIqKu1mJYTEfsK0XKNG+nKRVng6TS7bPBFN0HgqRwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBwBU1mGYUZdiYUryde5EYvxDkUcMB8GA1UdIwQY
MBaAFFe4DmC1rfRa66XAyKvMxjmXoPHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMt
ZTZlOGFhZTM0ODI2LzEvSEFGVFdZWmhSbDJKaFN2SjE3a1JpX0VPUlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMtZTZlOGFhZTM0ODI2
LzEvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFBTlgAwQG
bXqAAwQCuZPgAwQG1TcAMA0EAgACMAcDBQAqAKCAMA0GCSqGSIb3DQEBCwUAA4IB
AQBZgglaGAzpHwu9eUnsS+m6plNO3cpj/zs+6e+x8my20kWE3vaLUnLlA/TqdroH
gdwV0p0+pd6vGLIM1Hr+o8AFF5kj8fwSugqfBIdr/O9IRVYxJiSaYMoQ2/mh0T37
jb8OdkxmLb1CzVY92mM1wYzy1CEIarBOunzDJLPoK5wcJZW3iRj+2l5zje5ijVvA
WVFjsrlvO6bQAqKjO8PcSGEuF7b5jfSCts3Xh6DDMm5UnxopMj50VxljPQSTGXCN
JLNoc09CWScS572d38PkJvG0AXZHLmeeZtI/slVlhis4XVD5Vgd/Zoe+V+KJoo9c
JzJSMosOFGSgDbtaTNTwv9Na
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:27:15 2025 by rpki-client