Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/HqEtipzQowxTqcDrA6YD2PAM22k.roa
File: HqEtipzQowxTqcDrA6YD2PAM22k.roa (raw, json)
Hash identifier: +TySDtYTZSAF4An5pdiKoQwn0LwGdYxQZAyZ18GrAFU=
Subject key identifier: 1E:A1:2D:8A:9C:D0:A3:0C:53:A9:C0:EB:03:A6:03:D8:F0:0C:DB:69
Certificate issuer: /CN=3026806a6b8dac68c2a32b65849229524fc33da7
Certificate serial: 019425FDC65C83BC0B8B8E2A31587F5C8685
Authority key identifier: 30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/HqEtipzQowxTqcDrA6YD2PAM22k.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.201.149.128/26 maxlen: 26
2001:7f8:52::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c6:5c:83:bc:0b:8b:8e:2a:31:58:7f:5c:86:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3026806a6b8dac68c2a32b65849229524fc33da7
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ea12d8a9cd0a30c53a9c0eb03a603d8f00cdb69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f7:4e:46:69:4c:92:2d:14:2e:a7:42:9a:79:
6f:43:8d:55:08:fe:c9:aa:43:b5:60:1d:b4:41:1d:
fd:dc:53:46:32:23:51:ff:ef:90:e9:38:c0:c8:36:
5a:20:e6:92:32:4a:34:9e:44:b5:6c:1d:f7:2b:ec:
d1:80:23:41:9c:f6:af:5c:8c:23:6d:2a:ab:70:4e:
15:51:7b:23:40:e3:13:cc:5a:96:b6:a8:2c:fd:a8:
71:d1:5f:0c:ae:f3:af:8c:05:06:f9:ad:e2:0b:f2:
f7:b6:1d:55:99:3d:2f:c9:f1:99:df:b8:b8:46:fd:
cb:b6:3a:ea:ea:8f:82:74:f5:fd:c4:43:b5:af:eb:
93:ac:24:80:fc:46:6b:08:0f:79:f3:b9:63:7e:bc:
08:9b:3d:a9:0d:d3:ae:a0:67:c4:b9:a3:08:e6:65:
25:a9:3d:b0:9a:b4:10:75:27:4f:0e:43:02:6a:33:
d9:40:77:bb:b0:9c:09:1d:7b:54:44:5e:e0:3a:e5:
6e:a8:d9:a0:42:1f:9b:a8:29:35:b9:4c:15:87:be:
a6:5f:2a:ae:e7:56:b7:ad:9c:ec:1a:da:99:d6:e1:
eb:24:0d:77:de:94:e1:89:fc:96:6e:82:dd:e8:07:
91:9b:8d:22:6d:eb:eb:16:14:e4:06:6c:51:c3:a9:
ca:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A1:2D:8A:9C:D0:A3:0C:53:A9:C0:EB:03:A6:03:D8:F0:0C:DB:69
X509v3 Authority Key Identifier:
keyid:30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/HqEtipzQowxTqcDrA6YD2PAM22k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.149.128/26
IPv6:
2001:7f8:52::/48
Signature Algorithm: sha256WithRSAEncryption
39:1b:bc:a6:1d:b5:5c:cd:38:ab:3b:ae:5c:c9:3b:0d:b3:36:
81:40:d3:60:7b:fa:0e:87:33:a4:bc:fd:15:be:f4:b7:38:ba:
ca:35:14:fa:86:81:68:b0:22:38:80:93:c3:fb:4f:ee:8d:0c:
24:ff:f3:2e:1f:a6:bc:31:0b:fd:13:2b:b7:eb:86:fe:52:c8:
e4:37:8c:e1:46:1e:57:61:61:16:c3:ce:27:05:d3:47:b1:85:
3e:6d:b1:be:38:4d:7e:18:d7:89:da:a4:2b:82:e4:b2:58:16:
72:41:85:7e:cf:25:71:d6:e0:a9:40:2a:c8:c6:9f:45:b3:8e:
44:5a:f3:8f:17:9a:15:9c:1f:40:db:9b:aa:4d:52:50:9a:3e:
64:10:e4:02:b3:0f:78:b4:87:7f:91:1b:5d:91:59:aa:c7:5d:
96:1d:e4:eb:53:6a:c3:c6:d0:03:9b:95:24:1f:cd:25:fc:ce:
87:d2:75:a0:63:5f:81:a5:de:67:4c:f5:5c:f3:c7:d2:d0:ef:
49:18:66:5f:4c:cc:b4:e6:df:4a:de:47:fd:95:a2:25:24:1b:
77:ce:bd:a8:c2:17:ee:e3:d4:38:05:41:0a:f3:0c:a9:a2:8f:
25:61:14:73:19:20:4d:58:a2:10:ca:16:4b:55:d9:b1:ba:67:
50:d4:d5:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/cZcg7wLi44qMVh/XIaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjY4MDZhNmI4ZGFjNjhjMmEzMmI2NTg0OTIyOTUyNGZj
MzNkYTcwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWExMmQ4YTljZDBhMzBjNTNhOWMwZWIwM2E2MDNkOGYwMGNkYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfdORmlMki0ULqdCmnlvQ41VCP7J
qkO1YB20QR393FNGMiNR/++Q6TjAyDZaIOaSMko0nkS1bB33K+zRgCNBnPavXIwj
bSqrcE4VUXsjQOMTzFqWtqgs/ahx0V8MrvOvjAUG+a3iC/L3th1VmT0vyfGZ37i4
Rv3Ltjrq6o+CdPX9xEO1r+uTrCSA/EZrCA9587ljfrwImz2pDdOuoGfEuaMI5mUl
qT2wmrQQdSdPDkMCajPZQHe7sJwJHXtURF7gOuVuqNmgQh+bqCk1uUwVh76mXyqu
51a3rZzsGtqZ1uHrJA133pThifyWboLd6AeRm40ibevrFhTkBmxRw6nKUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB6hLYqc0KMMU6nA6wOmA9jwDNtpMB8GA1UdIwQY
MBaAFDAmgGprjaxowqMrZYSSKVJPwz2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUt
MDhlMmIxMDE3OTI3LzEvSHFFdGlwelFvd3hUcWNEckE2WUQyUEFNMjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUtMDhlMmIxMDE3OTI3
LzEvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDANBAIAATAHAwUGwcmVgDAP
BAIAAjAJAwcAIAEH+ABSMA0GCSqGSIb3DQEBCwUAA4IBAQA5G7ymHbVczTirO65c
yTsNszaBQNNge/oOhzOkvP0VvvS3OLrKNRT6hoFosCI4gJPD+0/ujQwk//MuH6a8
MQv9Eyu364b+UsjkN4zhRh5XYWEWw84nBdNHsYU+bbG+OE1+GNeJ2qQrguSyWBZy
QYV+zyVx1uCpQCrIxp9Fs45EWvOPF5oVnB9A25uqTVJQmj5kEOQCsw94tId/kRtd
kVmqx12WHeTrU2rDxtADm5UkH80l/M6H0nWgY1+Bpd5nTPVc88fS0O9JGGZfTMy0
5t9K3kf9laIlJBt3zr2owhfu49Q4BUEK8wypoo8lYRRzGSBNWKIQyhZLVdmxumdQ
1NUb
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:25:20 2025 by rpki-client