Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/H90JQG1mxRo-4yjWrS_fzL1cCEs.roa
File: H90JQG1mxRo-4yjWrS_fzL1cCEs.roa (raw, json)
Hash identifier: xFQLCwiIiFP0nSvzZcHIBfQ1oEYUzYITPZtTsL7S+O8=
Subject key identifier: 1F:DD:09:40:6D:66:C5:1A:3E:E3:28:D6:AD:2F:DF:CC:BD:5C:08:4B
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01941DA103A3D4A256360F55BF28EC8E7D51
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/H90JQG1mxRo-4yjWrS_fzL1cCEs.roa
Signing time: Tue 31 Dec 2024 16:51:18 +0000
ROA not before: Tue 31 Dec 2024 16:51:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207957
IP address blocks: 185.170.153.0/24 maxlen: 24
185.170.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1d:a1:03:a3:d4:a2:56:36:0f:55:bf:28:ec:8e:7d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Dec 31 16:51:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fdd09406d66c51a3ee328d6ad2fdfccbd5c084b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:02:3f:bc:0e:5e:1d:da:5b:00:2c:f9:d9:8d:
cf:a3:eb:35:7e:10:13:e5:22:06:35:e1:3a:d4:d2:
a0:a3:3f:a7:2a:8b:96:aa:b4:2a:8f:2b:7b:f3:65:
00:d9:c8:41:81:98:0a:9d:d0:ee:9a:b1:0c:45:b8:
f4:a7:7b:3b:c9:d4:8a:ca:5d:fd:8a:60:e7:5a:4a:
0e:39:b1:ec:34:fd:bf:ee:5c:94:73:4c:cd:85:62:
70:f9:f0:bf:1e:89:65:40:5d:79:70:2d:86:c8:36:
c6:7c:3f:8d:b9:86:7a:77:f0:66:c1:ed:2e:85:ac:
bf:56:9f:83:90:ca:37:cf:db:26:44:f4:12:7b:30:
65:02:0d:f4:4c:24:94:3a:72:42:3e:b3:cb:f3:7f:
25:e1:01:8f:23:de:fa:ce:0a:55:4d:11:22:4c:ed:
e0:82:7e:8a:8b:51:6c:5f:e7:0a:b3:71:53:b1:83:
32:6e:f7:d5:6d:9f:d8:8a:59:8a:80:a6:29:70:c9:
b8:67:75:a6:40:c0:50:33:92:75:72:2d:82:78:3f:
86:8a:b4:6a:3c:21:d7:73:6d:17:77:98:ee:5c:f0:
ae:11:e8:b9:95:54:a3:7f:00:ec:92:e0:53:db:49:
aa:b3:40:2f:1e:38:08:89:94:9e:df:87:da:eb:a5:
1b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DD:09:40:6D:66:C5:1A:3E:E3:28:D6:AD:2F:DF:CC:BD:5C:08:4B
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/H90JQG1mxRo-4yjWrS_fzL1cCEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.153.0-185.170.154.255
Signature Algorithm: sha256WithRSAEncryption
b5:c6:ca:13:6d:1e:c7:9d:53:23:7a:ad:b1:05:6e:53:ed:9b:
3c:2d:d6:75:2f:ae:83:a3:59:69:21:05:fc:48:15:ca:13:f5:
3e:06:57:3b:29:36:fc:d1:f1:37:0d:09:4c:73:e3:ae:5f:d4:
98:e9:f7:a6:0a:f2:94:9c:f8:ea:76:da:96:8f:ba:ff:18:a8:
fc:50:6a:8e:28:c4:65:e2:a4:01:40:4c:52:33:57:c0:40:31:
02:d4:ef:a1:35:df:a6:fa:45:a5:0b:00:fc:36:f9:e1:61:85:
3e:0b:3c:5e:a8:50:4a:a1:7f:64:79:10:db:a0:d6:25:6f:9c:
7e:bb:96:d2:24:4a:7e:68:db:13:5e:a6:57:9e:a3:10:33:58:
f4:da:c3:f4:e8:bb:28:64:9a:a0:38:94:b9:5f:26:d7:e1:21:
8b:50:34:e0:56:9e:bf:0f:a9:33:d3:cb:64:28:38:af:85:dd:
da:6e:f1:71:72:73:87:1c:dc:4a:a4:fe:23:09:9e:c8:a4:cf:
b6:03:97:77:1e:55:8b:a1:a1:f8:64:9a:fe:6c:6b:88:2e:06:
ec:04:bd:2f:66:17:f7:05:6d:03:6c:72:9d:09:c9:bd:1e:c2:
4b:fc:ef:77:c1:81:20:32:0f:4f:51:90:81:bc:6f:ec:09:ff:
bb:6d:6a:f7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQdoQOj1KJWNg9Vvyjsjn1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQxMjMxMTY1MTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmRkMDk0MDZkNjZjNTFhM2VlMzI4ZDZhZDJmZGZjY2JkNWMwODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQI/vA5eHdpbACz52Y3Po+s1fhAT
5SIGNeE61NKgoz+nKouWqrQqjyt782UA2chBgZgKndDumrEMRbj0p3s7ydSKyl39
imDnWkoOObHsNP2/7lyUc0zNhWJw+fC/HollQF15cC2GyDbGfD+NuYZ6d/Bmwe0u
hay/Vp+DkMo3z9smRPQSezBlAg30TCSUOnJCPrPL838l4QGPI976zgpVTREiTO3g
gn6Ki1FsX+cKs3FTsYMybvfVbZ/YilmKgKYpcMm4Z3WmQMBQM5J1ci2CeD+GirRq
PCHXc20Xd5juXPCuEei5lVSjfwDskuBT20mqs0AvHjgIiZSe34fa66UbNwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB/dCUBtZsUaPuMo1q0v38y9XAhLMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvSDkwSlFHMW14Um8tNHlqV3JTX2Z6TDFjQ0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5qpkD
BAC5qpowDQYJKoZIhvcNAQELBQADggEBALXGyhNtHsedUyN6rbEFblPtmzwt1nUv
roOjWWkhBfxIFcoT9T4GVzspNvzR8TcNCUxz465f1Jjp96YK8pSc+Op22paPuv8Y
qPxQao4oxGXipAFATFIzV8BAMQLU76E136b6RaULAPw2+eFhhT4LPF6oUEqhf2R5
ENug1iVvnH67ltIkSn5o2xNepleeoxAzWPTaw/TouyhkmqA4lLlfJtfhIYtQNOBW
nr8PqTPTy2QoOK+F3dpu8XFyc4cc3Eqk/iMJnsikz7YDl3ceVYuhofhkmv5sa4gu
BuwEvS9mF/cFbQNscp0Jyb0ewkv873fBgSAyD09RkIG8b+wJ/7ttavc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:50 2025 by rpki-client