Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a9886f-27d9-4750-bc6a-c37599c7a808/1/HuW0mXQqrv7Xc2LZsRJY8LdIjCY.roa
File: HuW0mXQqrv7Xc2LZsRJY8LdIjCY.roa (raw, json)
Hash identifier: oaxHDWBMxcq510dUA7KFflxyaWyRDUu03Md00ECGE6c=
Subject key identifier: 1E:E5:B4:99:74:2A:AE:FE:D7:73:62:D9:B1:12:58:F0:B7:48:8C:26
Certificate issuer: /CN=1a5802d1ccff02cc91c07d81743c717f13f34677
Certificate serial: 01820118F873D0C4C8EE1C4A9E2CDDB31DCC
Authority key identifier: 1A:58:02:D1:CC:FF:02:CC:91:C0:7D:81:74:3C:71:7F:13:F3:46:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GlgC0cz_AsyRwH2BdDxxfxPzRnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a9886f-27d9-4750-bc6a-c37599c7a808/1/HuW0mXQqrv7Xc2LZsRJY8LdIjCY.roa
Signing time: Fri 15 Jul 2022 09:03:09 +0000
ROA not before: Fri 15 Jul 2022 09:03:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49725
IP address blocks: 95.143.144.0/20 maxlen: 21
2a00:1da8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:18:f8:73:d0:c4:c8:ee:1c:4a:9e:2c:dd:b3:1d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5802d1ccff02cc91c07d81743c717f13f34677
Validity
Not Before: Jul 15 09:03:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ee5b499742aaefed77362d9b11258f0b7488c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:db:60:78:c9:5e:af:b6:a6:d2:a5:f2:b8:4e:
88:e6:8c:f8:f9:8e:a3:e6:ad:4d:36:f1:30:e2:20:
d6:97:be:b3:8f:7a:4a:80:15:d1:2a:fd:ab:9a:48:
92:5a:48:ae:5c:85:22:39:0f:d7:76:62:a7:96:57:
5c:a6:a4:3f:87:fe:e9:7e:38:c6:90:ec:52:5c:10:
73:af:18:e1:fb:8f:00:dc:c8:aa:7f:b5:50:61:6a:
51:37:8e:5c:b3:7a:ed:f3:74:90:0f:a2:9d:e7:76:
04:55:79:2e:f1:a2:9e:ed:97:1a:26:7f:a6:4f:d4:
89:c5:a7:39:44:c4:b3:81:b9:ea:28:11:a2:f5:b7:
0f:b6:6c:c6:30:21:0b:9f:80:a8:ea:dc:7d:e2:32:
46:e1:39:49:e7:30:9a:e1:3d:48:f3:fb:26:97:67:
3d:10:46:e6:c1:65:00:6a:42:f0:42:e7:9c:9b:86:
29:e9:ea:ee:23:f8:b2:35:55:0e:a8:71:23:1a:cd:
36:aa:65:28:ce:40:8f:e1:11:33:9e:7e:f2:a5:03:
a9:cc:7b:a2:fd:b4:18:cb:12:c0:32:0c:e3:15:a3:
a7:f2:6f:4a:74:85:fc:47:57:0d:41:39:b2:98:b9:
4c:8e:b8:b2:e5:fb:b6:ce:62:ab:6c:0d:63:a9:c6:
bc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E5:B4:99:74:2A:AE:FE:D7:73:62:D9:B1:12:58:F0:B7:48:8C:26
X509v3 Authority Key Identifier:
keyid:1A:58:02:D1:CC:FF:02:CC:91:C0:7D:81:74:3C:71:7F:13:F3:46:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GlgC0cz_AsyRwH2BdDxxfxPzRnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a9886f-27d9-4750-bc6a-c37599c7a808/1/HuW0mXQqrv7Xc2LZsRJY8LdIjCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a9886f-27d9-4750-bc6a-c37599c7a808/1/GlgC0cz_AsyRwH2BdDxxfxPzRnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.143.144.0/20
IPv6:
2a00:1da8::/32
Signature Algorithm: sha256WithRSAEncryption
75:4f:b1:55:d7:dd:9b:a6:b2:5c:bb:c6:1d:7c:34:27:b5:93:
f4:7e:34:12:ef:a4:f5:bb:2c:a0:1c:7a:5f:54:b5:e0:31:fc:
5a:7a:8f:75:21:11:02:85:c5:7e:ed:7c:ce:75:58:0b:f9:dc:
e1:87:a2:0e:04:cd:82:36:d3:bc:42:80:a4:52:05:2b:84:ae:
3c:bd:fd:4b:d8:b1:ba:03:2d:1d:63:87:f1:fe:ac:83:5d:c8:
43:95:1a:65:1f:ff:74:e4:8f:cf:23:06:33:86:dd:9f:9f:2b:
65:5c:6d:28:d8:0c:d7:91:3f:58:4f:ea:2a:ce:70:46:a5:af:
25:97:da:5a:b0:e1:b1:d7:10:93:dd:57:ad:38:b3:a7:2c:81:
a8:11:b0:c7:db:9e:9b:6e:dd:10:86:6c:70:9d:c0:76:ba:f8:
20:67:37:1c:f0:d9:1e:28:c1:5e:fd:a0:e4:a5:b5:40:9e:7f:
c4:39:fc:c2:4f:f6:84:3d:69:6f:a9:81:57:f5:00:6e:af:48:
c1:32:a4:b5:15:a1:74:3e:48:1d:0c:12:df:d8:98:0b:48:76:
33:e1:95:32:36:91:b1:07:50:58:69:22:65:63:da:5a:66:97:
89:c5:33:37:05:1e:4a:21:0b:bb:f6:8a:34:ad:92:22:d6:06:
0a:c3:32:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIBGPhz0MTI7hxKnizdsx3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNTgwMmQxY2NmZjAyY2M5MWMwN2Q4MTc0M2M3MTdmMTNm
MzQ2NzcwHhcNMjIwNzE1MDkwMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWU1YjQ5OTc0MmFhZWZlZDc3MzYyZDliMTEyNThmMGI3NDg4YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNtgeMler7am0qXyuE6I5oz4+Y6j
5q1NNvEw4iDWl76zj3pKgBXRKv2rmkiSWkiuXIUiOQ/XdmKnlldcpqQ/h/7pfjjG
kOxSXBBzrxjh+48A3Miqf7VQYWpRN45cs3rt83SQD6Kd53YEVXku8aKe7ZcaJn+m
T9SJxac5RMSzgbnqKBGi9bcPtmzGMCELn4Co6tx94jJG4TlJ5zCa4T1I8/sml2c9
EEbmwWUAakLwQuecm4Yp6eruI/iyNVUOqHEjGs02qmUozkCP4REznn7ypQOpzHui
/bQYyxLAMgzjFaOn8m9KdIX8R1cNQTmymLlMjriy5fu2zmKrbA1jqca8UQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB7ltJl0Kq7+13Ni2bESWPC3SIwmMB8GA1UdIwQY
MBaAFBpYAtHM/wLMkcB9gXQ8cX8T80Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2xnQzBjel9Bc3lSd0gyQmREeHhmeFB6Um5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hOTg4NmYtMjdkOS00NzUwLWJjNmEt
YzM3NTk5YzdhODA4LzEvSHVXMG1YUXFydjdYYzJMWnNSSlk4TGRJakNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hOTg4NmYtMjdkOS00NzUwLWJjNmEtYzM3NTk5YzdhODA4
LzEvR2xnQzBjel9Bc3lSd0gyQmREeHhmeFB6Um5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEX4+QMA0E
AgACMAcDBQAqAB2oMA0GCSqGSIb3DQEBCwUAA4IBAQB1T7FV192bprJcu8YdfDQn
tZP0fjQS76T1uyygHHpfVLXgMfxaeo91IREChcV+7XzOdVgL+dzhh6IOBM2CNtO8
QoCkUgUrhK48vf1L2LG6Ay0dY4fx/qyDXchDlRplH/905I/PIwYzht2fnytlXG0o
2AzXkT9YT+oqznBGpa8ll9pasOGx1xCT3VetOLOnLIGoEbDH256bbt0QhmxwncB2
uvggZzcc8NkeKMFe/aDkpbVAnn/EOfzCT/aEPWlvqYFX9QBur0jBMqS1FaF0Pkgd
DBLf2JgLSHYz4ZUyNpGxB1BYaSJlY9paZpeJxTM3BR5KIQu79oo0rZIi1gYKwzIf
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:29:38 2025 by rpki-client