Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/hrAYR0420UBtvUw-GSTKs3FQjCk.roa
File: hrAYR0420UBtvUw-GSTKs3FQjCk.roa (raw, json)
Hash identifier: EUwZ4vaZd8b1hNex2hrQ4tIUkpR7m+MzQOOzSNGo02A=
Subject key identifier: 86:B0:18:47:4E:36:D1:40:6D:BD:4C:3E:19:24:CA:B3:71:50:8C:29
Certificate issuer: /CN=d2a4452602c9df977c9d5dd8dc13b6661df40136
Certificate serial: 01942827CA09B100BBEB9548C2F673118F7F
Authority key identifier: D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/hrAYR0420UBtvUw-GSTKs3FQjCk.roa
Signing time: Thu 02 Jan 2025 17:54:43 +0000
ROA not before: Thu 02 Jan 2025 17:54:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21448
IP address blocks: 193.110.88.0/24 maxlen: 24
194.28.136.0/22 maxlen: 24
195.69.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:ca:09:b1:00:bb:eb:95:48:c2:f6:73:11:8f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2a4452602c9df977c9d5dd8dc13b6661df40136
Validity
Not Before: Jan 2 17:54:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86b018474e36d1406dbd4c3e1924cab371508c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f5:cd:65:9b:b9:cc:c2:b1:d3:66:b4:ac:72:
6f:bd:08:ac:9d:ec:af:b3:b1:c6:5e:01:f2:2a:df:
31:98:fa:d8:54:77:6d:c3:40:46:bf:b4:fd:d9:97:
b3:a8:72:f9:77:c3:71:b7:b7:0b:1b:8a:30:a8:2a:
f1:49:ab:9a:cd:33:cb:6c:24:04:e2:60:4c:99:56:
86:7b:c3:ca:d1:12:ea:46:71:68:c3:7b:c2:55:fd:
f3:1c:6c:94:2a:7e:88:c2:44:21:0a:33:33:45:3e:
52:37:48:b9:81:47:95:57:b7:ae:92:5a:51:12:8b:
a8:88:58:39:21:22:c2:60:3c:ad:48:98:a6:5a:ed:
6f:86:58:65:c7:57:e4:a8:e3:dd:2d:89:30:64:26:
91:c5:1f:be:ff:96:ec:6c:00:fc:71:2c:57:cf:74:
42:8c:5c:77:51:b1:47:a1:a6:a3:04:7b:7d:fa:10:
e1:61:e5:99:23:61:99:92:2d:a9:fe:4a:f6:8c:51:
bd:19:41:97:d8:7d:1d:6e:4b:1a:4b:f4:22:28:fc:
14:1a:8f:97:70:98:34:5d:c0:de:e2:5a:66:8c:a2:
2b:c9:06:12:48:b7:f1:c3:51:3d:43:0c:89:d5:e6:
17:0f:b9:83:16:7d:3a:6c:54:e4:d7:50:60:97:42:
62:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B0:18:47:4E:36:D1:40:6D:BD:4C:3E:19:24:CA:B3:71:50:8C:29
X509v3 Authority Key Identifier:
keyid:D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/hrAYR0420UBtvUw-GSTKs3FQjCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.88.0/24
194.28.136.0/22
195.69.92.0/22
Signature Algorithm: sha256WithRSAEncryption
05:fc:56:84:5b:73:db:35:4a:35:b6:94:0b:66:9a:56:41:76:
f7:e7:91:65:4c:9f:d7:e8:e0:78:8d:1e:03:5c:f4:a8:00:02:
1f:5a:3a:f9:15:bc:74:83:c1:18:2c:1b:ae:67:52:74:7b:91:
8f:e5:2f:55:66:74:cc:ac:9a:b0:b8:c6:7f:e0:1a:8c:db:bb:
78:0a:4d:d5:41:a9:ed:cf:ee:a3:a5:a7:10:64:da:d4:6d:e3:
9c:3f:d7:21:e5:9a:9a:6a:3c:09:34:d2:ed:d0:66:49:ba:fa:
25:4e:78:40:db:ab:ca:d0:3c:e9:3e:7e:e5:96:a7:19:d8:22:
3b:3a:f5:0a:92:69:3d:14:3a:f6:a0:b1:3b:f3:75:7a:49:08:
43:b4:f5:12:37:e6:62:3c:d2:78:58:77:01:2e:64:48:af:20:
bb:3c:dc:26:ee:fe:0b:dc:da:3d:eb:64:98:a1:ee:1a:d8:cd:
df:dc:90:82:1a:56:48:94:86:f3:7a:95:8b:5a:54:97:4d:41:
93:49:af:e3:d0:17:f9:dd:af:6d:57:38:cc:e7:11:80:bc:94:
d7:83:e7:d8:6a:e5:91:5a:10:2b:86:be:ab:9b:c8:5d:14:b1:
3f:70:7a:4e:2d:76:2f:20:29:d0:df:41:5a:21:49:dc:5e:6f:
93:d0:28:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJ8oJsQC765VIwvZzEY9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTQ0NTI2MDJjOWRmOTc3YzlkNWRkOGRjMTNiNjY2MWRm
NDAxMzYwHhcNMjUwMTAyMTc1NDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmIwMTg0NzRlMzZkMTQwNmRiZDRjM2UxOTI0Y2FiMzcxNTA4YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPXNZZu5zMKx02a0rHJvvQisneyv
s7HGXgHyKt8xmPrYVHdtw0BGv7T92ZezqHL5d8Nxt7cLG4owqCrxSauazTPLbCQE
4mBMmVaGe8PK0RLqRnFow3vCVf3zHGyUKn6IwkQhCjMzRT5SN0i5gUeVV7euklpR
EouoiFg5ISLCYDytSJimWu1vhlhlx1fkqOPdLYkwZCaRxR++/5bsbAD8cSxXz3RC
jFx3UbFHoaajBHt9+hDhYeWZI2GZki2p/kr2jFG9GUGX2H0dbksaS/QiKPwUGo+X
cJg0XcDe4lpmjKIryQYSSLfxw1E9QwyJ1eYXD7mDFn06bFTk11Bgl0JiRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIawGEdONtFAbb1MPhkkyrNxUIwpMB8GA1UdIwQY
MBaAFNKkRSYCyd+XfJ1d2NwTtmYd9AE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQt
ZmU3NGVmN2FhYzk1LzEvaHJBWVIwNDIwVUJ0dlV3LUdTVEtzM0ZRakNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQtZmU3NGVmN2FhYzk1
LzEvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwW5YAwQC
whyIAwQCw0VcMA0GCSqGSIb3DQEBCwUAA4IBAQAF/FaEW3PbNUo1tpQLZppWQXb3
55FlTJ/X6OB4jR4DXPSoAAIfWjr5Fbx0g8EYLBuuZ1J0e5GP5S9VZnTMrJqwuMZ/
4BqM27t4Ck3VQantz+6jpacQZNrUbeOcP9ch5ZqaajwJNNLt0GZJuvolTnhA26vK
0DzpPn7llqcZ2CI7OvUKkmk9FDr2oLE783V6SQhDtPUSN+ZiPNJ4WHcBLmRIryC7
PNwm7v4L3No962SYoe4a2M3f3JCCGlZIlIbzepWLWlSXTUGTSa/j0Bf53a9tVzjM
5xGAvJTXg+fYauWRWhArhr6rm8hdFLE/cHpOLXYvICnQ30FaIUncXm+T0Cg3
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:04 2025 by rpki-client