Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/228251-7442-471f-b528-ea3470fce41f/1/hTNEwg5XvOAZlahMXAbIsSZuB6k.roa
File: hTNEwg5XvOAZlahMXAbIsSZuB6k.roa (raw, json)
Hash identifier: Z/8ctsgkw6SsckMg1iEBNu9acNYj8Q85H/xScN53O20=
Subject key identifier: 85:33:44:C2:0E:57:BC:E0:19:95:A8:4C:5C:06:C8:B1:26:6E:07:A9
Certificate issuer: /CN=6fe56baee0518e95c1adf1237dadfbe4314c6aea
Certificate serial: 0182CA5D1B3E4CA2C51545920EA3B7FF5348
Authority key identifier: 6F:E5:6B:AE:E0:51:8E:95:C1:AD:F1:23:7D:AD:FB:E4:31:4C:6A:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-VrruBRjpXBrfEjfa375DFMauo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/228251-7442-471f-b528-ea3470fce41f/1/hTNEwg5XvOAZlahMXAbIsSZuB6k.roa
Signing time: Tue 23 Aug 2022 11:01:15 +0000
ROA not before: Tue 23 Aug 2022 11:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213370
IP address blocks: 171.22.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:5d:1b:3e:4c:a2:c5:15:45:92:0e:a3:b7:ff:53:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe56baee0518e95c1adf1237dadfbe4314c6aea
Validity
Not Before: Aug 23 11:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=853344c20e57bce01995a84c5c06c8b1266e07a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f3:e9:59:3e:fd:6b:de:9d:60:1d:4a:29:87:
0f:33:b0:2c:d8:e1:0d:b6:8e:59:d3:49:4a:ed:11:
91:9f:c6:df:c0:8d:a5:5f:19:ba:c6:84:23:3c:5a:
98:fa:34:1b:71:3a:55:3f:5f:33:4d:3c:38:1b:44:
2f:37:a7:90:3c:62:1e:a8:df:63:00:4e:15:05:7e:
96:51:7b:a8:67:7f:b7:71:38:3c:59:2b:49:4d:a5:
b9:a4:23:8a:3c:d7:ed:84:e5:95:67:da:32:21:02:
ea:1c:0f:90:87:21:a2:ad:db:c8:ae:e1:13:ca:f5:
c5:1b:33:94:44:1d:eb:5d:41:6c:f7:13:a7:36:6b:
73:7d:79:ed:c1:8f:ed:2d:79:40:dc:0a:3a:db:b0:
f2:2d:02:00:3e:72:11:54:4d:61:50:c7:8d:64:4d:
18:dc:0b:a4:67:bd:9d:cf:79:12:e8:5f:d0:63:0a:
1b:39:5a:e4:8e:39:7e:03:c4:fd:36:bc:1e:bb:de:
da:1d:74:b0:a8:79:d3:0a:de:d6:50:19:ec:54:0e:
f8:a0:f8:2a:99:86:03:95:ea:27:20:0f:44:a8:52:
dc:68:ab:56:6d:82:0e:9e:eb:04:4b:6b:ea:a0:34:
26:8f:3e:99:d0:ab:37:e6:5e:97:c3:63:fb:7c:4e:
d3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:33:44:C2:0E:57:BC:E0:19:95:A8:4C:5C:06:C8:B1:26:6E:07:A9
X509v3 Authority Key Identifier:
keyid:6F:E5:6B:AE:E0:51:8E:95:C1:AD:F1:23:7D:AD:FB:E4:31:4C:6A:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-VrruBRjpXBrfEjfa375DFMauo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/228251-7442-471f-b528-ea3470fce41f/1/hTNEwg5XvOAZlahMXAbIsSZuB6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/228251-7442-471f-b528-ea3470fce41f/1/b-VrruBRjpXBrfEjfa375DFMauo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.16.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c3:a7:83:01:df:99:9d:2c:03:81:33:8a:75:90:b8:0b:3d:
67:41:1f:eb:2a:a5:05:ed:0c:49:bd:b3:59:84:d4:fa:5a:3e:
a7:2a:23:15:0f:94:21:56:60:ee:d2:c2:5a:72:f0:36:0f:ba:
19:ec:bf:9d:e1:e5:2f:b1:fe:e2:e1:58:e6:45:3a:15:da:a2:
a3:29:c7:5b:22:43:b1:ba:df:f8:f1:70:3c:95:88:36:24:fc:
db:ed:e0:d9:f0:54:3b:c3:90:75:11:29:fa:5a:e3:31:47:30:
44:af:34:25:3e:73:42:c7:fc:18:c0:f6:01:a0:3c:c0:d1:cf:
b9:be:a6:60:e1:6a:03:b0:0b:8e:3c:7b:2b:a8:f8:04:ad:cf:
e9:92:64:3f:13:b5:5a:0f:0c:16:a8:77:95:91:36:2f:57:61:
62:30:17:ab:4c:87:b7:ce:53:22:c1:29:30:ba:97:a4:6c:63:
05:75:cc:04:28:c5:07:cb:69:86:e2:34:ca:a0:04:b0:f4:2a:
83:66:47:d8:36:dc:57:4e:3b:ac:c4:e6:a1:ed:34:78:d0:7e:
86:4d:1e:3a:da:aa:66:76:f6:24:d6:79:b5:ac:58:04:c9:2e:
ed:3b:69:58:6d:71:02:9a:17:d1:77:29:2f:ae:09:05:11:d9:
fa:75:44:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLKXRs+TKLFFUWSDqO3/1NIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTU2YmFlZTA1MThlOTVjMWFkZjEyMzdkYWRmYmU0MzE0
YzZhZWEwHhcNMjIwODIzMTEwMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTMzNDRjMjBlNTdiY2UwMTk5NWE4NGM1YzA2YzhiMTI2NmUwN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvPpWT79a96dYB1KKYcPM7As2OEN
to5Z00lK7RGRn8bfwI2lXxm6xoQjPFqY+jQbcTpVP18zTTw4G0QvN6eQPGIeqN9j
AE4VBX6WUXuoZ3+3cTg8WStJTaW5pCOKPNfthOWVZ9oyIQLqHA+QhyGirdvIruET
yvXFGzOURB3rXUFs9xOnNmtzfXntwY/tLXlA3Ao627DyLQIAPnIRVE1hUMeNZE0Y
3AukZ72dz3kS6F/QYwobOVrkjjl+A8T9Nrweu97aHXSwqHnTCt7WUBnsVA74oPgq
mYYDleonIA9EqFLcaKtWbYIOnusES2vqoDQmjz6Z0Ks35l6Xw2P7fE7TLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUzRMIOV7zgGZWoTFwGyLEmbgepMB8GA1UdIwQY
MBaAFG/la67gUY6Vwa3xI32t++QxTGrqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1WcnJ1QlJqcFhCcmZFamZhMzc1REZNYXVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yMjgyNTEtNzQ0Mi00NzFmLWI1Mjgt
ZWEzNDcwZmNlNDFmLzEvaFRORXdnNVh2T0FabGFoTVhBYklzU1p1QjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yMjgyNTEtNzQ0Mi00NzFmLWI1MjgtZWEzNDcwZmNlNDFm
LzEvYi1WcnJ1QlJqcFhCcmZFamZhMzc1REZNYXVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxYQMA0G
CSqGSIb3DQEBCwUAA4IBAQAFw6eDAd+ZnSwDgTOKdZC4Cz1nQR/rKqUF7QxJvbNZ
hNT6Wj6nKiMVD5QhVmDu0sJacvA2D7oZ7L+d4eUvsf7i4VjmRToV2qKjKcdbIkOx
ut/48XA8lYg2JPzb7eDZ8FQ7w5B1ESn6WuMxRzBErzQlPnNCx/wYwPYBoDzA0c+5
vqZg4WoDsAuOPHsrqPgErc/pkmQ/E7VaDwwWqHeVkTYvV2FiMBerTIe3zlMiwSkw
upekbGMFdcwEKMUHy2mG4jTKoASw9CqDZkfYNtxXTjusxOah7TR40H6GTR462qpm
dvYk1nm1rFgEyS7tO2lYbXECmhfRdykvrgkFEdn6dUTX
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:51:20 2025 by rpki-client