Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/hkPpOCiLCUFnIIm01WBV2s5hxWg.roa
File: hkPpOCiLCUFnIIm01WBV2s5hxWg.roa (raw, json)
Hash identifier: Ci9i0ncltXtqqzNAxAN30225jK3LXwdAU+x6zZfT/6I=
Subject key identifier: 86:43:E9:38:28:8B:09:41:67:20:89:B4:D5:60:55:DA:CE:61:C5:68
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 0188372B4D24BBFF1242B01C76352AFD8C40
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/hkPpOCiLCUFnIIm01WBV2s5hxWg.roa
Signing time: Sat 20 May 2023 03:19:24 +0000
ROA not before: Sat 20 May 2023 03:19:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41378
IP address blocks: 2.58.64.0/24 maxlen: 24
2.58.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:37:2b:4d:24:bb:ff:12:42:b0:1c:76:35:2a:fd:8c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: May 20 03:19:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8643e938288b0941672089b4d56055dace61c568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:36:62:1e:9a:89:3e:02:b5:e3:2b:0e:0e:ed:
7c:d4:9d:a4:6d:3e:60:c3:54:07:45:d9:54:ee:a8:
52:be:5d:2e:1a:1e:50:2a:fc:53:67:1c:33:e9:75:
d2:9e:d3:f5:bd:8c:d9:35:e6:66:64:cf:ef:8b:47:
12:7a:a9:6b:c3:9f:7a:95:37:b1:0f:67:41:86:77:
97:70:30:a9:c1:e4:95:59:be:89:7d:06:af:2f:15:
2a:c6:c6:ae:40:6c:30:ea:b6:77:37:3b:cd:e2:95:
18:73:45:02:c4:63:ec:3c:cb:27:ff:52:5b:ba:e0:
c5:e2:93:33:c8:38:41:ab:1b:c6:85:39:49:74:62:
60:0f:0a:69:8c:6d:2e:69:c5:07:8c:e6:ed:37:0f:
0d:66:45:92:0f:92:ae:c9:cc:8f:9e:44:9c:df:8c:
b3:e8:81:4b:8a:ac:a1:39:ec:4e:31:08:12:cc:81:
77:e0:da:31:f3:d0:c2:ec:8b:f0:7d:e0:8c:f2:c0:
c9:b9:1d:37:4a:29:75:65:6b:7e:85:4f:0f:7d:7e:
54:96:02:21:ea:c3:43:6a:37:3e:ed:83:c2:54:96:
63:3d:6f:9f:ba:3b:47:ca:28:6f:db:c6:d1:2d:1e:
78:30:67:60:be:d3:ff:cd:cd:c2:bd:2e:3e:8d:51:
bd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:43:E9:38:28:8B:09:41:67:20:89:B4:D5:60:55:DA:CE:61:C5:68
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/hkPpOCiLCUFnIIm01WBV2s5hxWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/23
Signature Algorithm: sha256WithRSAEncryption
81:7d:c2:9c:01:ae:30:00:6e:fe:fc:b0:46:eb:ca:29:c7:60:
3a:4d:ff:17:c1:d4:89:30:57:a0:a1:6f:29:ce:33:10:78:61:
0e:9b:99:2e:f0:6c:b2:84:94:e5:de:61:5c:22:78:86:30:fd:
db:be:62:f4:ac:b0:85:2c:b2:c6:6d:c9:e1:65:ae:dc:60:33:
c4:d8:91:f1:aa:6b:d4:a6:46:fd:94:89:63:9b:7a:b0:7f:e6:
7e:55:75:0d:ff:ec:69:5c:57:a5:45:d9:8d:b0:0e:16:c3:1f:
2f:f0:9e:71:bd:6a:df:40:d3:c1:39:86:65:43:fd:ee:47:bf:
ea:9c:c3:38:b6:fd:e6:52:5a:f8:de:50:a3:26:bb:90:75:61:
b3:96:b4:e4:38:db:d2:b6:8e:ea:57:aa:57:e8:e0:aa:dd:81:
51:96:fd:70:df:75:f7:dc:13:e4:5c:1e:c2:a8:e8:bc:06:5f:
d1:47:87:61:bc:35:59:0e:70:74:90:85:0d:8f:09:13:66:9f:
9a:ec:9a:62:19:db:8d:79:29:89:7d:c6:21:a5:95:46:04:21:
ee:68:c1:76:89:ad:97:05:d0:67:16:bc:c8:ad:f1:82:48:a1:
5d:e9:c4:5d:69:f1:7c:11:98:81:bd:05:aa:9b:74:1a:dc:2b:
fc:6f:14:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYg3K00ku/8SQrAcdjUq/YxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzRjZjNlMmZhODkyYjVmZGQzZjMwZGM4Mjc1ZWUxMDYy
ZTFkMDYwHhcNMjMwNTIwMDMxOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQzZTkzODI4OGIwOTQxNjcyMDg5YjRkNTYwNTVkYWNlNjFjNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTZiHpqJPgK14ysODu181J2kbT5g
w1QHRdlU7qhSvl0uGh5QKvxTZxwz6XXSntP1vYzZNeZmZM/vi0cSeqlrw596lTex
D2dBhneXcDCpweSVWb6JfQavLxUqxsauQGww6rZ3NzvN4pUYc0UCxGPsPMsn/1Jb
uuDF4pMzyDhBqxvGhTlJdGJgDwppjG0uacUHjObtNw8NZkWSD5KuycyPnkSc34yz
6IFLiqyhOexOMQgSzIF34Nox89DC7IvwfeCM8sDJuR03Sil1ZWt+hU8PfX5UlgIh
6sNDajc+7YPCVJZjPW+fujtHyihv28bRLR54MGdgvtP/zc3CvS4+jVG92QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZD6TgoiwlBZyCJtNVgVdrOYcVoMB8GA1UdIwQY
MBaAFER0zz4vqJK1/dPzDcgnXuEGLh0GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDkt
NzU0NWMwNGUxNTc4LzEvaGtQcE9DaUxDVUZuSUltMDFXQlYyczVoeFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDktNzU0NWMwNGUxNTc4
LzEvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjpAMA0G
CSqGSIb3DQEBCwUAA4IBAQCBfcKcAa4wAG7+/LBG68opx2A6Tf8XwdSJMFegoW8p
zjMQeGEOm5ku8GyyhJTl3mFcIniGMP3bvmL0rLCFLLLGbcnhZa7cYDPE2JHxqmvU
pkb9lIljm3qwf+Z+VXUN/+xpXFelRdmNsA4Wwx8v8J5xvWrfQNPBOYZlQ/3uR7/q
nMM4tv3mUlr43lCjJruQdWGzlrTkONvSto7qV6pX6OCq3YFRlv1w33X33BPkXB7C
qOi8Bl/RR4dhvDVZDnB0kIUNjwkTZp+a7JpiGduNeSmJfcYhpZVGBCHuaMF2ia2X
BdBnFrzIrfGCSKFd6cRdafF8EZiBvQWqm3Qa3Cv8bxRO
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:14:55 2025 by rpki-client