Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/58272f-b8e2-441a-900d-b20716b074ed/1/HbfomEntZnmHsfocSkexlmzxXmc.roa
File: HbfomEntZnmHsfocSkexlmzxXmc.roa (raw, json)
Hash identifier: /1OllJvNrsLDa+euw9p/T3fCYA6A5u/guP8YNK8cCZw=
Subject key identifier: 1D:B7:E8:98:49:ED:66:79:87:B1:FA:1C:4A:47:B1:96:6C:F1:5E:67
Certificate issuer: /CN=693dfb8abd2b70512f88eaec5903ff92cacb5131
Certificate serial: 0187D88C41B404D87D5C17DED5F3FD815CDB
Authority key identifier: 69:3D:FB:8A:BD:2B:70:51:2F:88:EA:EC:59:03:FF:92:CA:CB:51:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aT37ir0rcFEviOrsWQP_ksrLUTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/58272f-b8e2-441a-900d-b20716b074ed/1/HbfomEntZnmHsfocSkexlmzxXmc.roa
Signing time: Mon 01 May 2023 18:21:23 +0000
ROA not before: Mon 01 May 2023 18:21:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208911
IP address blocks: 94.247.136.0/24 maxlen: 24
2a11:8280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:8c:41:b4:04:d8:7d:5c:17:de:d5:f3:fd:81:5c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=693dfb8abd2b70512f88eaec5903ff92cacb5131
Validity
Not Before: May 1 18:21:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1db7e89849ed667987b1fa1c4a47b1966cf15e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9f:f7:48:66:e5:98:99:27:e8:8c:31:cd:d2:
9f:f4:8b:e3:23:e9:0f:f9:c7:2f:f1:bc:1a:d6:09:
47:b8:d4:8c:b5:2e:83:17:35:09:f0:67:36:e1:2d:
3e:a7:02:16:5b:ff:b3:77:7a:6f:9f:22:d9:6e:17:
b2:d7:07:b1:2d:19:b6:40:79:ed:9e:f4:52:d5:a1:
99:f6:13:0a:4a:b9:db:df:18:76:64:44:0d:79:c9:
8b:bc:a8:68:14:e6:52:9e:cc:d5:4c:2b:19:ec:72:
fe:ee:64:eb:a3:11:19:55:e3:c9:8a:10:c9:7e:33:
d8:d6:3b:ea:c1:69:c3:75:28:64:8d:73:f6:08:82:
b8:0c:81:3b:0f:06:db:19:f1:ec:e2:68:72:2b:1b:
13:4a:57:4e:96:c4:24:b2:03:fa:0d:a8:df:9a:6d:
f7:15:cd:c0:d1:4a:b8:04:ef:2c:b4:f3:dc:e2:68:
12:a4:84:9e:04:4f:f9:4b:39:e0:76:5e:50:1f:45:
f8:b5:78:90:2c:c4:f3:cf:95:5e:a7:56:ec:44:74:
69:8e:73:41:c2:92:2a:64:c2:ad:f9:03:64:7c:33:
d4:d1:6f:30:d4:8d:b7:45:9f:38:32:9a:50:a0:10:
44:c4:22:a7:9e:58:52:03:21:d3:bc:fd:79:8a:ca:
b3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B7:E8:98:49:ED:66:79:87:B1:FA:1C:4A:47:B1:96:6C:F1:5E:67
X509v3 Authority Key Identifier:
keyid:69:3D:FB:8A:BD:2B:70:51:2F:88:EA:EC:59:03:FF:92:CA:CB:51:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aT37ir0rcFEviOrsWQP_ksrLUTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/58272f-b8e2-441a-900d-b20716b074ed/1/HbfomEntZnmHsfocSkexlmzxXmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/58272f-b8e2-441a-900d-b20716b074ed/1/aT37ir0rcFEviOrsWQP_ksrLUTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.136.0/24
IPv6:
2a11:8280::/29
Signature Algorithm: sha256WithRSAEncryption
4f:91:be:6c:4e:ab:d7:1f:c8:31:99:b5:58:ac:0c:e6:f5:fd:
d5:de:cf:20:35:f9:bb:df:91:47:9f:05:e0:48:66:04:2b:64:
1f:cb:43:29:a0:b5:3c:fd:0a:5f:d8:49:41:0c:61:2e:30:7b:
7b:4b:a5:0a:c6:03:9d:3b:a4:bd:dc:28:2d:a2:a0:18:f3:4b:
d4:e1:71:47:eb:08:65:bb:ef:4c:7a:42:b1:93:44:a5:44:5c:
e7:0b:3b:8c:04:a8:5a:a3:da:b9:e8:24:a8:5b:7d:44:a9:71:
0f:be:31:b2:92:51:4a:04:54:8a:7f:85:83:79:30:74:64:36:
08:56:ff:23:ff:a0:f3:4f:9b:0d:6b:ec:38:6a:dc:3b:6d:22:
4e:83:9a:2b:9d:3c:f7:79:66:7d:ee:83:76:a4:7e:f3:9e:2d:
a5:29:ca:4e:47:a2:e3:93:47:c3:0e:e5:7a:d3:a5:84:7e:2f:
c8:d6:ad:bd:75:0f:1a:16:71:66:4a:b8:83:85:a5:2f:d4:8d:
5e:82:45:c4:2a:2d:4f:9e:27:9e:3d:c5:7c:a8:55:8e:a1:09:
fb:f3:2f:df:50:89:cf:07:e4:0e:c1:2a:b9:46:68:1c:a3:b4:
5e:18:72:a2:82:a2:f3:3d:66:31:8c:96:31:2a:ca:3d:a6:9d:
b6:fe:ec:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfYjEG0BNh9XBfe1fP9gVzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5M2RmYjhhYmQyYjcwNTEyZjg4ZWFlYzU5MDNmZjkyY2Fj
YjUxMzEwHhcNMjMwNTAxMTgyMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI3ZTg5ODQ5ZWQ2Njc5ODdiMWZhMWM0YTQ3YjE5NjZjZjE1ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp/3SGblmJkn6IwxzdKf9IvjI+kP
+ccv8bwa1glHuNSMtS6DFzUJ8Gc24S0+pwIWW/+zd3pvnyLZbhey1wexLRm2QHnt
nvRS1aGZ9hMKSrnb3xh2ZEQNecmLvKhoFOZSnszVTCsZ7HL+7mTroxEZVePJihDJ
fjPY1jvqwWnDdShkjXP2CIK4DIE7DwbbGfHs4mhyKxsTSldOlsQksgP6Dajfmm33
Fc3A0Uq4BO8stPPc4mgSpISeBE/5Szngdl5QH0X4tXiQLMTzz5Vep1bsRHRpjnNB
wpIqZMKt+QNkfDPU0W8w1I23RZ84MppQoBBExCKnnlhSAyHTvP15isqzjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB236JhJ7WZ5h7H6HEpHsZZs8V5nMB8GA1UdIwQY
MBaAFGk9+4q9K3BRL4jq7FkD/5LKy1ExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVQzN2lyMHJjRkV2aU9yc1dRUF9rc3JMVVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ODI3MmYtYjhlMi00NDFhLTkwMGQt
YjIwNzE2YjA3NGVkLzEvSGJmb21FbnRabm1Ic2ZvY1NrZXhsbXp4WG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ODI3MmYtYjhlMi00NDFhLTkwMGQtYjIwNzE2YjA3NGVk
LzEvYVQzN2lyMHJjRkV2aU9yc1dRUF9rc3JMVVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXveIMA0E
AgACMAcDBQMqEYKAMA0GCSqGSIb3DQEBCwUAA4IBAQBPkb5sTqvXH8gxmbVYrAzm
9f3V3s8gNfm735FHnwXgSGYEK2Qfy0MpoLU8/Qpf2ElBDGEuMHt7S6UKxgOdO6S9
3CgtoqAY80vU4XFH6whlu+9MekKxk0SlRFznCzuMBKhao9q56CSoW31EqXEPvjGy
klFKBFSKf4WDeTB0ZDYIVv8j/6DzT5sNa+w4atw7bSJOg5ornTz3eWZ97oN2pH7z
ni2lKcpOR6Ljk0fDDuV606WEfi/I1q29dQ8aFnFmSriDhaUv1I1egkXEKi1Pniee
PcV8qFWOoQn78y/fUInPB+QOwSq5Rmgco7ReGHKigqLzPWYxjJYxKso9pp22/uw0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:11 2025 by rpki-client