Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/HRVQQ7xQINVa-RZxLr3d-tdM0uE.roa
File: HRVQQ7xQINVa-RZxLr3d-tdM0uE.roa (raw, json)
Hash identifier: 8jqCWrgQJz6b+jGwlcmJij8PAXKPPIvELOpyJE8x+0o=
Subject key identifier: 1D:15:50:43:BC:50:20:D5:5A:F9:16:71:2E:BD:DD:FA:D7:4C:D2:E1
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 01857130A37DF8BCE8E8D84D0BC0D43F0FB4
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/HRVQQ7xQINVa-RZxLr3d-tdM0uE.roa
Signing time: Mon 02 Jan 2023 06:34:50 +0000
ROA not before: Mon 02 Jan 2023 06:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204353
IP address blocks: 104.160.4.0/24 maxlen: 24
5.157.19.0/24 maxlen: 24
104.160.10.0/24 maxlen: 24
5.157.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:a3:7d:f8:bc:e8:e8:d8:4d:0b:c0:d4:3f:0f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 2 06:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d155043bc5020d55af916712ebdddfad74cd2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a7:37:83:62:e4:78:0a:61:1e:fe:33:de:74:
69:25:52:4f:c9:e3:b2:34:ed:2c:5a:6b:3a:29:dc:
b8:0d:fc:71:da:08:1f:36:14:ae:27:41:10:23:d9:
81:ee:bb:56:56:7a:84:5a:34:62:58:bd:2b:48:c4:
44:8a:31:a4:26:a9:82:f9:0f:c5:87:bf:64:a3:ac:
99:73:03:b2:91:fe:4c:da:cb:4a:ff:d9:5a:73:2c:
13:d1:0c:b2:bc:da:41:e9:48:83:b3:aa:b0:78:ea:
4c:39:f2:00:7e:ac:d8:5f:49:a9:1e:a6:65:0a:2e:
87:72:5f:f0:b5:0e:9b:11:40:c0:d0:6a:00:41:d5:
a0:df:e6:95:bb:64:6e:e6:a0:a3:45:b4:52:e1:10:
d2:9c:0b:b5:fa:47:56:79:c4:3e:5a:04:81:8a:8a:
16:44:9f:31:3d:47:fc:4d:dc:3d:d9:57:97:cc:50:
06:1b:35:ec:91:76:05:15:ce:05:51:c3:66:67:29:
86:60:bb:c9:84:b2:ba:25:a7:f6:e6:49:7b:36:e1:
82:ea:67:e9:d6:e1:0d:ab:0d:b4:87:54:35:4f:ae:
a6:8e:d9:f0:96:f0:3f:83:fe:b6:84:82:dc:76:7a:
64:b0:00:2a:93:8e:91:21:a3:6d:e7:47:ce:d0:57:
e7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:15:50:43:BC:50:20:D5:5A:F9:16:71:2E:BD:DD:FA:D7:4C:D2:E1
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/HRVQQ7xQINVa-RZxLr3d-tdM0uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.19.0/24
5.157.26.0/24
104.160.4.0/24
104.160.10.0/24
Signature Algorithm: sha256WithRSAEncryption
26:6c:24:67:be:b2:6f:e4:8d:86:2d:1f:55:aa:a2:17:1f:61:
99:8a:10:df:cd:49:b3:08:89:69:da:e7:bb:72:2b:85:f8:70:
a6:52:4b:f8:3f:ad:07:18:e1:b9:37:9b:d7:aa:db:dd:4b:60:
91:9a:07:25:16:29:6a:14:32:49:6d:01:db:06:af:1f:e7:93:
c7:b1:ed:9e:39:75:d5:e9:6d:24:ec:78:ab:c4:52:30:88:b2:
05:50:4a:f2:ed:62:32:f7:ca:4b:81:69:99:91:f6:46:74:84:
af:07:16:a5:09:8c:5a:0e:84:c7:43:c8:ec:be:94:53:5a:5b:
a4:f1:1f:77:64:b6:bb:e5:87:f0:0d:c5:a2:12:94:1f:ce:4d:
e0:f7:41:d0:49:56:24:d8:3e:29:2c:c5:96:31:76:60:e1:6b:
63:91:72:66:ee:bd:de:c2:42:2e:76:ce:d6:55:d5:7a:08:83:
62:a2:d1:c5:0f:5a:96:1e:1c:b2:78:3c:83:e5:fa:09:52:16:
2e:3b:ae:d5:ed:dd:c3:0e:43:d8:6d:b3:72:b0:18:a1:44:9b:
d0:41:70:6a:9d:07:98:48:34:59:58:a4:1f:dd:6e:ec:d7:9e:
35:61:27:d4:26:72:84:b9:9d:f0:30:8c:88:51:70:2e:e2:ce:
82:36:20:82
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxMKN9+Lzo6NhNC8DUPw+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwMTAyMDYzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDE1NTA0M2JjNTAyMGQ1NWFmOTE2NzEyZWJkZGRmYWQ3NGNkMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6c3g2LkeAphHv4z3nRpJVJPyeOy
NO0sWms6Kdy4Dfxx2ggfNhSuJ0EQI9mB7rtWVnqEWjRiWL0rSMREijGkJqmC+Q/F
h79ko6yZcwOykf5M2stK/9lacywT0QyyvNpB6UiDs6qweOpMOfIAfqzYX0mpHqZl
Ci6Hcl/wtQ6bEUDA0GoAQdWg3+aVu2Ru5qCjRbRS4RDSnAu1+kdWecQ+WgSBiooW
RJ8xPUf8Tdw92VeXzFAGGzXskXYFFc4FUcNmZymGYLvJhLK6Jaf25kl7NuGC6mfp
1uENqw20h1Q1T66mjtnwlvA/g/62hILcdnpksAAqk46RIaNt50fO0Ffn/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB0VUEO8UCDVWvkWcS693frXTNLhMB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEvSFJWUVE3eFFJTlZhLVJaeExyM2QtdGRNMHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZ0TAwQA
BZ0aAwQAaKAEAwQAaKAKMA0GCSqGSIb3DQEBCwUAA4IBAQAmbCRnvrJv5I2GLR9V
qqIXH2GZihDfzUmzCIlp2ue7ciuF+HCmUkv4P60HGOG5N5vXqtvdS2CRmgclFilq
FDJJbQHbBq8f55PHse2eOXXV6W0k7HirxFIwiLIFUEry7WIy98pLgWmZkfZGdISv
BxalCYxaDoTHQ8jsvpRTWluk8R93ZLa75YfwDcWiEpQfzk3g90HQSVYk2D4pLMWW
MXZg4WtjkXJm7r3ewkIuds7WVdV6CINiotHFD1qWHhyyeDyD5foJUhYuO67V7d3D
DkPYbbNysBihRJvQQXBqnQeYSDRZWKQf3W7s1541YSfUJnKEuZ3wMIyIUXAu4s6C
NiCC
-----END CERTIFICATE-----
Generated at Thu May 8 23:30:01 2025 by rpki-client