Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/HlRrYVzs80ZJA5_JZ3csPGXIkEY.roa
File: HlRrYVzs80ZJA5_JZ3csPGXIkEY.roa (raw, json)
Hash identifier: 2WA22A/U8/r4tDX+UDoYIX+va554GCdeOFSCw5V25j8=
Subject key identifier: 1E:54:6B:61:5C:EC:F3:46:49:03:9F:C9:67:77:2C:3C:65:C8:90:46
Certificate issuer: /CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Certificate serial: 019425FD2A6B7457CF634577288EFF71E866
Authority key identifier: AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/HlRrYVzs80ZJA5_JZ3csPGXIkEY.roa
Signing time: Thu 02 Jan 2025 07:48:55 +0000
ROA not before: Thu 02 Jan 2025 07:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12329
IP address blocks: 93.157.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:2a:6b:74:57:cf:63:45:77:28:8e:ff:71:e8:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Validity
Not Before: Jan 2 07:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e546b615cecf34649039fc967772c3c65c89046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8d:b2:ee:39:74:87:c4:80:7f:80:43:83:d8:
13:d4:da:c7:9b:f8:8c:ec:d1:d4:9f:2d:45:21:dc:
2c:40:21:72:af:67:75:57:00:5b:e9:15:6c:ba:7d:
b3:1d:32:41:72:32:d6:d1:42:5c:f4:68:31:66:8f:
22:d7:25:f5:b8:21:4a:bb:10:f9:6e:80:8a:d3:6f:
ec:b0:ba:03:22:42:78:2c:c3:ad:31:c3:c6:e5:34:
d8:06:3e:da:b0:54:34:5f:dc:14:ec:36:eb:86:7c:
0c:6c:e5:e2:b8:7e:7f:6f:66:2a:94:47:39:7a:fc:
8d:47:33:06:9c:52:4e:93:d4:8b:0c:0f:54:9a:32:
6c:12:ff:8b:b0:a9:a7:cc:c8:4e:4c:56:9b:2e:f2:
01:30:ce:3b:55:a0:f3:73:68:b7:e3:f2:6e:d4:89:
fc:28:b2:fd:4a:cf:b4:cf:48:06:80:e9:5f:ef:d6:
53:f8:8b:66:84:d7:16:1e:6a:99:6a:6e:4e:19:47:
d9:03:15:e2:e0:22:de:11:42:60:6e:99:b2:5b:9b:
f4:e8:31:11:79:d0:81:46:1d:e4:58:c5:f5:e2:cb:
67:00:ef:15:cb:a1:7e:e9:36:92:64:cf:cb:88:7d:
f2:04:53:fa:ad:1e:42:4d:57:19:f4:55:a2:7d:b9:
b8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:54:6B:61:5C:EC:F3:46:49:03:9F:C9:67:77:2C:3C:65:C8:90:46
X509v3 Authority Key Identifier:
keyid:AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/HlRrYVzs80ZJA5_JZ3csPGXIkEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.143.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ea:25:bf:51:d8:5c:41:d4:93:54:d1:99:54:cd:8e:89:40:
08:c5:22:f6:4d:8b:ea:3e:71:aa:df:3f:93:2c:7b:dc:ba:67:
dd:49:ae:26:72:4f:32:e2:21:2f:c2:3b:64:bb:d3:cc:17:f7:
98:10:d7:67:d5:63:72:e3:06:4e:f6:20:98:ce:f0:53:a7:1f:
6d:77:f5:bc:1c:09:a7:9c:16:61:6d:ff:ba:a3:3a:d7:98:d2:
ce:85:36:fb:48:b3:01:f4:fd:18:7f:b0:1b:93:e8:70:d2:f9:
c2:91:80:8d:fd:ac:37:f6:94:80:d6:b1:3b:18:10:fb:f0:e3:
2d:9d:1e:1f:dd:f1:27:20:9b:56:04:ef:68:b4:3d:6e:d2:3c:
6c:5b:ba:ea:a6:61:ea:50:99:44:92:ff:75:c9:f9:ad:8e:8c:
73:bc:06:7a:b6:17:e7:f0:e5:f2:b6:ec:c0:3b:97:33:31:64:
06:fd:2a:c0:10:a3:f3:7b:77:2e:4d:f0:13:2c:18:a5:8e:d1:
5e:a3:b0:8d:e3:40:42:7e:95:47:5c:d7:a0:cb:1f:c6:0c:6e:
87:9b:9a:02:24:a2:de:3a:92:f5:6a:54:f9:38:07:63:f5:2d:
2a:08:66:48:bb:df:8e:66:c4:f2:92:18:0a:be:81:27:45:6f:
7d:38:a1:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/SprdFfPY0V3KI7/cehmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOWIyY2VmZTM4OWExYWU0OTc1NmVkYzJiMzI5M2U1ODgz
MGNiODIwHhcNMjUwMTAyMDc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU0NmI2MTVjZWNmMzQ2NDkwMzlmYzk2Nzc3MmMzYzY1Yzg5MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp42y7jl0h8SAf4BDg9gT1NrHm/iM
7NHUny1FIdwsQCFyr2d1VwBb6RVsun2zHTJBcjLW0UJc9GgxZo8i1yX1uCFKuxD5
boCK02/ssLoDIkJ4LMOtMcPG5TTYBj7asFQ0X9wU7DbrhnwMbOXiuH5/b2YqlEc5
evyNRzMGnFJOk9SLDA9UmjJsEv+LsKmnzMhOTFabLvIBMM47VaDzc2i34/Ju1In8
KLL9Ss+0z0gGgOlf79ZT+ItmhNcWHmqZam5OGUfZAxXi4CLeEUJgbpmyW5v06DER
edCBRh3kWMX14stnAO8Vy6F+6TaSZM/LiH3yBFP6rR5CTVcZ9FWifbm4RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5Ua2Fc7PNGSQOfyWd3LDxlyJBGMB8GA1UdIwQY
MBaAFK+bLO/jiaGuSXVu3Csyk+WIMMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEt
NDY5NjE5ZDRlY2RiLzEvSGxScllWenM4MFpKQTVfSlozY3NQR1hJa0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEtNDY5NjE5ZDRlY2Ri
LzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXZ2PMA0G
CSqGSIb3DQEBCwUAA4IBAQBN6iW/UdhcQdSTVNGZVM2OiUAIxSL2TYvqPnGq3z+T
LHvcumfdSa4mck8y4iEvwjtku9PMF/eYENdn1WNy4wZO9iCYzvBTpx9td/W8HAmn
nBZhbf+6ozrXmNLOhTb7SLMB9P0Yf7Abk+hw0vnCkYCN/aw39pSA1rE7GBD78OMt
nR4f3fEnIJtWBO9otD1u0jxsW7rqpmHqUJlEkv91yfmtjoxzvAZ6thfn8OXytuzA
O5czMWQG/SrAEKPze3cuTfATLBiljtFeo7CN40BCfpVHXNegyx/GDG6Hm5oCJKLe
OpL1alT5OAdj9S0qCGZIu9+OZsTykhgKvoEnRW99OKHb
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:09 2025 by rpki-client