Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/hhqBOkctv_fS-eF-8QBTs3qzJlQ.roa
File: hhqBOkctv_fS-eF-8QBTs3qzJlQ.roa (raw, json)
Hash identifier: RzpA8Sw51y+mHgzU/5uQGzMUkN99RIR3FvpvF80qPK8=
Subject key identifier: 86:1A:81:3A:47:2D:BF:F7:D2:F9:E1:7E:F1:00:53:B3:7A:B3:26:54
Certificate issuer: /CN=d223093ce150874016d793f439f43d2e6440c3f2
Certificate serial: 0189928B41E8AB2112A14AD0F85025BBE58B
Authority key identifier: D2:23:09:3C:E1:50:87:40:16:D7:93:F4:39:F4:3D:2E:64:40:C3:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0iMJPOFQh0AW15P0OfQ9LmRAw_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/hhqBOkctv_fS-eF-8QBTs3qzJlQ.roa
Signing time: Wed 26 Jul 2023 14:12:27 +0000
ROA not before: Wed 26 Jul 2023 14:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 212.123.46.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:8b:41:e8:ab:21:12:a1:4a:d0:f8:50:25:bb:e5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d223093ce150874016d793f439f43d2e6440c3f2
Validity
Not Before: Jul 26 14:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=861a813a472dbff7d2f9e17ef10053b37ab32654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:03:21:7a:d9:e5:73:ea:1e:ef:dd:54:37:bf:
15:09:71:a6:80:7e:81:4a:f8:d9:08:ef:3b:50:d4:
64:a7:f4:4e:51:82:47:ec:4d:5e:6b:d3:6c:78:97:
06:81:3a:00:d4:1d:0f:70:3d:72:3d:98:b3:55:77:
73:76:31:05:e6:4b:be:a7:fc:bb:cb:04:a0:3e:35:
ba:11:6d:ea:d6:e5:39:5f:a4:54:19:69:9e:23:34:
7f:7c:b7:25:87:6d:a2:84:7f:79:15:39:85:16:44:
31:5b:4d:36:3e:cd:76:1c:66:e9:23:aa:71:30:d0:
5e:49:b5:06:83:cf:0b:71:eb:ae:b7:ec:55:1e:55:
cc:72:64:1c:00:03:a8:92:17:55:34:82:61:d9:84:
4a:ca:c1:ee:a0:35:2e:3b:bc:1f:59:82:e0:0e:e3:
4e:bf:bc:49:73:68:41:c2:f8:72:cd:36:28:02:1f:
f5:20:01:8d:78:a5:6e:c8:c1:e1:f5:4d:01:c4:94:
49:18:85:11:c9:4c:39:fe:ab:57:cb:27:6c:a4:cd:
fa:c2:62:fd:b3:82:43:55:d0:f6:83:16:05:51:eb:
d7:23:ef:ed:5b:65:4f:07:ce:32:3a:cc:d4:50:d3:
7d:80:9c:9a:da:56:1e:11:30:ec:93:f0:b0:80:11:
13:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1A:81:3A:47:2D:BF:F7:D2:F9:E1:7E:F1:00:53:B3:7A:B3:26:54
X509v3 Authority Key Identifier:
keyid:D2:23:09:3C:E1:50:87:40:16:D7:93:F4:39:F4:3D:2E:64:40:C3:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0iMJPOFQh0AW15P0OfQ9LmRAw_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/hhqBOkctv_fS-eF-8QBTs3qzJlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f9a3dd-5a61-4724-a5a3-5b0b05093e0c/1/0iMJPOFQh0AW15P0OfQ9LmRAw_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.123.46.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:ab:58:28:a1:2b:35:d6:b6:be:67:19:96:d7:a2:a8:a0:60:
7b:6f:f1:c1:4e:13:1c:eb:7a:80:ed:65:b1:92:d5:bc:c7:5b:
8f:7b:1e:d7:31:f6:c4:78:4f:dd:cf:65:4d:e1:95:63:c9:9f:
ef:ab:f3:ff:b3:27:fe:25:1c:29:4e:70:f2:a8:1b:a4:35:bb:
1e:96:df:7c:8b:10:20:91:26:80:41:40:40:6d:a2:ba:b3:0a:
08:0e:b9:94:55:9a:c1:53:f6:4c:93:ce:ca:3d:90:2e:e1:56:
1a:f7:29:a9:d4:11:ee:5e:65:a3:2a:8b:ee:e5:d0:da:90:32:
b9:1b:3d:28:bc:8e:7a:e0:3a:ab:b6:13:2c:f6:49:83:0e:e2:
00:c3:4b:1b:29:00:43:9b:8f:85:8c:9e:44:a3:23:cb:f7:8b:
3c:a8:4d:b9:4e:e8:92:1b:3a:d6:ea:35:31:6b:14:7a:00:da:
5b:39:b2:2e:4a:da:76:7c:75:61:01:14:01:40:8f:77:4f:2d:
49:d3:29:7d:0a:9d:67:b2:28:64:61:29:8c:0f:e2:a1:e9:b4:
ef:bb:7f:f4:44:af:86:56:7a:7c:e4:18:b5:fc:34:6f:c5:7d:
24:ff:09:c3:0d:13:9d:f5:27:e1:aa:95:a9:b5:b6:b5:27:25:
64:9c:e4:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmSi0HoqyESoUrQ+FAlu+WLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMjMwOTNjZTE1MDg3NDAxNmQ3OTNmNDM5ZjQzZDJlNjQ0
MGMzZjIwHhcNMjMwNzI2MTQxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFhODEzYTQ3MmRiZmY3ZDJmOWUxN2VmMTAwNTNiMzdhYjMyNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwMhetnlc+oe791UN78VCXGmgH6B
SvjZCO87UNRkp/ROUYJH7E1ea9NseJcGgToA1B0PcD1yPZizVXdzdjEF5ku+p/y7
ywSgPjW6EW3q1uU5X6RUGWmeIzR/fLclh22ihH95FTmFFkQxW002Ps12HGbpI6px
MNBeSbUGg88Lceuut+xVHlXMcmQcAAOokhdVNIJh2YRKysHuoDUuO7wfWYLgDuNO
v7xJc2hBwvhyzTYoAh/1IAGNeKVuyMHh9U0BxJRJGIURyUw5/qtXyydspM36wmL9
s4JDVdD2gxYFUevXI+/tW2VPB84yOszUUNN9gJya2lYeETDsk/CwgBETCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYagTpHLb/30vnhfvEAU7N6syZUMB8GA1UdIwQY
MBaAFNIjCTzhUIdAFteT9Dn0PS5kQMPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGlNSlBPRlFoMEFXMTVQME9mUTlMbVJBd19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mOWEzZGQtNWE2MS00NzI0LWE1YTMt
NWIwYjA1MDkzZTBjLzEvaGhxQk9rY3R2X2ZTLWVGLThRQlRzM3F6SmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mOWEzZGQtNWE2MS00NzI0LWE1YTMtNWIwYjA1MDkzZTBj
LzEvMGlNSlBPRlFoMEFXMTVQME9mUTlMbVJBd19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HsuMA0G
CSqGSIb3DQEBCwUAA4IBAQCdq1gooSs11ra+ZxmW16KooGB7b/HBThMc63qA7WWx
ktW8x1uPex7XMfbEeE/dz2VN4ZVjyZ/vq/P/syf+JRwpTnDyqBukNbselt98ixAg
kSaAQUBAbaK6swoIDrmUVZrBU/ZMk87KPZAu4VYa9ymp1BHuXmWjKovu5dDakDK5
Gz0ovI564DqrthMs9kmDDuIAw0sbKQBDm4+FjJ5EoyPL94s8qE25TuiSGzrW6jUx
axR6ANpbObIuStp2fHVhARQBQI93Ty1J0yl9Cp1nsihkYSmMD+Kh6bTvu3/0RK+G
Vnp85Bi1/DRvxX0k/wnDDROd9SfhqpWptba1JyVknOQu
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:35 2025 by rpki-client