Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/HKIsaST3H1JztpD7Dfexy76GH3Y.roa
File: HKIsaST3H1JztpD7Dfexy76GH3Y.roa (raw, json)
Hash identifier: pdvj0ChlYMTRE/evlJ7SOS00VUpLH/7cPVDEyb7MvJU=
Subject key identifier: 1C:A2:2C:69:24:F7:1F:52:73:B6:90:FB:0D:F7:B1:CB:BE:86:1F:76
Certificate issuer: /CN=dd4bdcd28c8735098199aec093ca897c077d7c90
Certificate serial: 01856FCB96F2A93CFDA7BCE6F805C3DFD546
Authority key identifier: DD:4B:DC:D2:8C:87:35:09:81:99:AE:C0:93:CA:89:7C:07:7D:7C:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Uvc0oyHNQmBma7Ak8qJfAd9fJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/HKIsaST3H1JztpD7Dfexy76GH3Y.roa
Signing time: Mon 02 Jan 2023 00:04:51 +0000
ROA not before: Mon 02 Jan 2023 00:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206858
IP address blocks: 193.228.143.0/24 maxlen: 24
2a10:11c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:96:f2:a9:3c:fd:a7:bc:e6:f8:05:c3:df:d5:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4bdcd28c8735098199aec093ca897c077d7c90
Validity
Not Before: Jan 2 00:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca22c6924f71f5273b690fb0df7b1cbbe861f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:59:c1:e4:e7:0c:5b:28:41:ea:73:9c:58:11:
3c:51:92:58:31:fd:e0:00:6a:75:91:08:41:29:37:
a0:86:72:d1:8e:c8:96:57:35:46:81:3d:43:fa:4d:
54:25:be:3e:ec:d8:6c:6d:be:25:1f:ee:dc:61:1f:
96:0e:44:e5:7c:ca:31:06:fc:95:7b:b9:68:ff:b0:
9d:65:a3:2b:aa:6c:3a:41:45:c7:4f:85:30:0d:c4:
69:99:c6:74:33:48:f7:dc:43:f4:1f:99:05:02:08:
c6:d5:b1:21:d4:c0:a0:e2:36:84:52:0f:15:8f:88:
f3:43:95:fd:56:65:c4:c5:d7:96:ab:e3:9b:09:5c:
60:f0:6b:ba:a6:de:99:bf:75:8a:0d:3a:7e:00:3f:
ed:34:7d:fb:2e:1f:83:8b:26:33:09:1e:f2:2e:54:
52:72:a6:46:a2:52:53:b2:16:89:0e:f6:90:26:8a:
cf:4d:59:42:ec:76:e5:4b:c1:6a:16:ad:b9:ab:74:
5a:11:ad:d8:8e:52:e2:ac:ae:b4:22:2a:57:7a:c4:
b9:81:16:2a:ad:66:09:10:b7:1a:f1:df:90:10:69:
1d:87:65:33:51:74:4c:8d:19:36:61:d3:97:d2:ac:
13:7d:e1:53:24:aa:dd:84:0c:3f:a2:98:6d:f9:9e:
c2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A2:2C:69:24:F7:1F:52:73:B6:90:FB:0D:F7:B1:CB:BE:86:1F:76
X509v3 Authority Key Identifier:
keyid:DD:4B:DC:D2:8C:87:35:09:81:99:AE:C0:93:CA:89:7C:07:7D:7C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Uvc0oyHNQmBma7Ak8qJfAd9fJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/HKIsaST3H1JztpD7Dfexy76GH3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/b1701f-d755-4d02-93e6-0acfff6189bd/1/3Uvc0oyHNQmBma7Ak8qJfAd9fJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.143.0/24
IPv6:
2a10:11c0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:0f:37:e8:e5:ff:9c:48:e6:e1:15:e1:00:1f:f9:b3:b0:21:
09:a7:88:11:01:fd:68:a1:e1:3f:b0:0f:1f:af:56:b2:e9:c7:
45:47:59:4f:ef:15:f9:79:63:68:09:a9:a5:0e:44:b1:4b:b7:
05:b0:a8:72:13:f2:91:34:c4:a6:58:fe:1a:a5:c8:41:18:5c:
bf:23:41:cb:2c:00:36:d6:76:80:f8:51:3e:ae:dd:cc:6b:c5:
e5:cf:49:35:9b:81:3c:c9:13:cf:d5:6a:bb:fd:ca:3b:26:31:
d8:a2:aa:32:ec:0a:fb:18:1a:72:f3:f1:d9:ba:89:24:21:d7:
7d:0e:75:16:e1:6f:1e:79:94:c3:18:48:08:c5:28:c0:f2:85:
d7:22:4a:97:2f:4c:0e:a1:ff:52:92:35:48:1d:ad:6d:60:74:
8d:24:2a:2b:5d:0d:73:42:06:aa:1c:84:2e:15:e6:e1:b7:1f:
e3:84:50:6d:24:3e:3f:73:6a:48:2b:58:ad:c4:76:17:39:96:
ad:f6:76:12:ff:b5:17:dc:63:f9:6e:69:40:75:b6:ab:64:b5:
bf:78:42:86:93:42:fd:0c:05:42:6e:ca:15:1e:9f:9c:a0:d0:
a1:66:b5:29:b0:46:77:a6:ac:32:6a:e2:29:7e:ee:0b:71:11:
bd:21:48:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy5byqTz9p7zm+AXD39VGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNGJkY2QyOGM4NzM1MDk4MTk5YWVjMDkzY2E4OTdjMDc3
ZDdjOTAwHhcNMjMwMTAyMDAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2EyMmM2OTI0ZjcxZjUyNzNiNjkwZmIwZGY3YjFjYmJlODYxZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFnB5OcMWyhB6nOcWBE8UZJYMf3g
AGp1kQhBKTeghnLRjsiWVzVGgT1D+k1UJb4+7Nhsbb4lH+7cYR+WDkTlfMoxBvyV
e7lo/7CdZaMrqmw6QUXHT4UwDcRpmcZ0M0j33EP0H5kFAgjG1bEh1MCg4jaEUg8V
j4jzQ5X9VmXExdeWq+ObCVxg8Gu6pt6Zv3WKDTp+AD/tNH37Lh+DiyYzCR7yLlRS
cqZGolJTshaJDvaQJorPTVlC7HblS8FqFq25q3RaEa3YjlLirK60IipXesS5gRYq
rWYJELca8d+QEGkdh2UzUXRMjRk2YdOX0qwTfeFTJKrdhAw/opht+Z7CBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFByiLGkk9x9Sc7aQ+w33scu+hh92MB8GA1UdIwQY
MBaAFN1L3NKMhzUJgZmuwJPKiXwHfXyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1V2YzBveUhOUW1CbWE3QWs4cUpmQWQ5ZkpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9iMTcwMWYtZDc1NS00ZDAyLTkzZTYt
MGFjZmZmNjE4OWJkLzEvSEtJc2FTVDNIMUp6dHBEN0RmZXh5NzZHSDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9iMTcwMWYtZDc1NS00ZDAyLTkzZTYtMGFjZmZmNjE4OWJk
LzEvM1V2YzBveUhOUW1CbWE3QWs4cUpmQWQ5ZkpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAweSPMA0E
AgACMAcDBQAqEBHAMA0GCSqGSIb3DQEBCwUAA4IBAQCcDzfo5f+cSObhFeEAH/mz
sCEJp4gRAf1ooeE/sA8fr1ay6cdFR1lP7xX5eWNoCamlDkSxS7cFsKhyE/KRNMSm
WP4apchBGFy/I0HLLAA21naA+FE+rt3Ma8Xlz0k1m4E8yRPP1Wq7/co7JjHYoqoy
7Ar7GBpy8/HZuokkIdd9DnUW4W8eeZTDGEgIxSjA8oXXIkqXL0wOof9SkjVIHa1t
YHSNJCorXQ1zQgaqHIQuFebhtx/jhFBtJD4/c2pIK1itxHYXOZat9nYS/7UX3GP5
bmlAdbarZLW/eEKGk0L9DAVCbsoVHp+coNChZrUpsEZ3pqwyauIpfu4LcRG9IUjl
-----END CERTIFICATE-----
Generated at Wed May 14 14:28:04 2025 by rpki-client