Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/HK20-4xA8hXC3VUWTBAr-y0NF0k.roa
File: HK20-4xA8hXC3VUWTBAr-y0NF0k.roa (raw, json)
Hash identifier: tOa/5dnYfrENcgkdAf/ulPnezPgqB/HRljD/FB3y1H8=
Subject key identifier: 1C:AD:B4:FB:8C:40:F2:15:C2:DD:55:16:4C:10:2B:FB:2D:0D:17:49
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 0194228DF41909A78D61E780DE2B9C118E7B
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/HK20-4xA8hXC3VUWTBAr-y0NF0k.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203761
IP address blocks: 134.97.128.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f4:19:09:a7:8d:61:e7:80:de:2b:9c:11:8e:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cadb4fb8c40f215c2dd55164c102bfb2d0d1749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:53:ac:45:42:da:f3:05:a0:8e:5e:29:57:ff:
26:79:d4:90:3e:7a:4d:4e:3c:6e:cc:09:73:19:5a:
f5:c2:52:1b:1d:e6:eb:7a:97:cc:83:39:8c:02:e0:
4c:f8:83:3e:5c:93:dd:12:63:22:13:c8:c2:23:cf:
e0:4d:1d:08:9e:9e:cf:f8:a6:99:8c:d5:aa:be:1e:
0b:8a:38:29:9f:a9:c3:5f:2b:7a:e5:2a:0a:8d:09:
cf:38:75:02:b0:6b:31:8d:3b:63:fa:3f:22:74:83:
0e:c2:3d:06:15:76:37:a0:3a:d7:0a:11:b5:62:6a:
38:2a:eb:c8:85:fc:6b:6d:d2:ec:ce:d0:5f:6a:e6:
fd:2c:82:df:95:a3:9a:d3:04:c0:9b:ab:9a:5f:e7:
82:77:1c:82:66:c6:52:19:6d:0b:50:e6:fb:53:24:
3a:72:5e:89:d7:f6:24:b7:67:e8:9d:f5:c9:0d:5d:
d2:e1:8b:02:93:e5:b6:61:25:99:65:cb:53:48:c3:
33:77:be:8f:3f:3f:4b:e6:bd:b4:e6:75:50:d0:05:
33:2b:07:1f:8b:2e:31:2a:12:33:74:a1:4f:87:20:
09:1e:4f:4b:77:2c:a3:4e:27:1e:80:56:25:f0:dd:
f4:6d:e2:8e:f5:4c:d8:12:89:a0:23:e1:d4:23:c0:
b6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AD:B4:FB:8C:40:F2:15:C2:DD:55:16:4C:10:2B:FB:2D:0D:17:49
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/HK20-4xA8hXC3VUWTBAr-y0NF0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.97.128.0/17
Signature Algorithm: sha256WithRSAEncryption
25:fd:e9:c6:c4:1e:9e:27:6c:b8:96:25:a5:0b:4c:c3:a6:d2:
8f:e5:95:e7:c3:6f:c2:bf:52:f1:28:f2:c9:41:f3:f1:31:f4:
0b:90:e2:3a:cd:9b:18:90:e0:1c:b8:58:98:a8:4d:6a:4a:d6:
6c:d1:56:0d:d0:e3:91:d5:76:4e:af:ae:25:c9:04:08:83:4f:
42:15:82:00:3a:31:28:15:d5:d1:e2:98:9e:1b:fa:b7:1c:71:
04:1c:ca:cb:a4:7e:a2:d5:f6:90:b9:0b:45:c3:fb:e1:bd:65:
6c:fb:45:62:85:63:d3:3d:cb:6b:40:9c:92:e5:b0:f6:ed:b9:
00:31:27:48:ca:c5:d6:1f:63:b2:4f:7f:13:44:7e:79:38:7f:
b6:37:4a:fc:ce:26:02:12:f3:53:d8:98:4e:78:6b:5d:0b:80:
c4:66:71:f7:35:37:56:5e:45:a4:4a:7e:84:5e:6d:a3:6f:91:
cc:8d:49:be:7f:d3:af:ae:18:c8:0d:37:ef:e3:70:b0:24:c2:
e8:56:8f:69:8d:0c:48:25:8e:d9:cd:c8:12:ca:76:7a:ca:ab:
e8:13:54:01:28:90:e1:f3:7c:81:c7:1e:f4:13:19:0a:90:e4:
b7:1d:8c:5e:00:b0:96:ec:76:61:f2:d7:6e:5b:b1:1c:94:98:
d1:ec:ce:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfQZCaeNYeeA3iucEY57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FkYjRmYjhjNDBmMjE1YzJkZDU1MTY0YzEwMmJmYjJkMGQxNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVOsRULa8wWgjl4pV/8medSQPnpN
TjxuzAlzGVr1wlIbHebrepfMgzmMAuBM+IM+XJPdEmMiE8jCI8/gTR0Inp7P+KaZ
jNWqvh4Lijgpn6nDXyt65SoKjQnPOHUCsGsxjTtj+j8idIMOwj0GFXY3oDrXChG1
Ymo4KuvIhfxrbdLsztBfaub9LILflaOa0wTAm6uaX+eCdxyCZsZSGW0LUOb7UyQ6
cl6J1/Ykt2fonfXJDV3S4YsCk+W2YSWZZctTSMMzd76PPz9L5r205nVQ0AUzKwcf
iy4xKhIzdKFPhyAJHk9LdyyjTicegFYl8N30beKO9UzYEomgI+HUI8C2AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByttPuMQPIVwt1VFkwQK/stDRdJMB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEvSEsyMC00eEE4aFhDM1ZVV1RCQXIteTBORjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHhmGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAl/enGxB6eJ2y4liWlC0zDptKP5ZXnw2/Cv1LxKPLJ
QfPxMfQLkOI6zZsYkOAcuFiYqE1qStZs0VYN0OOR1XZOr64lyQQIg09CFYIAOjEo
FdXR4pieG/q3HHEEHMrLpH6i1faQuQtFw/vhvWVs+0VihWPTPctrQJyS5bD27bkA
MSdIysXWH2OyT38TRH55OH+2N0r8ziYCEvNT2JhOeGtdC4DEZnH3NTdWXkWkSn6E
Xm2jb5HMjUm+f9OvrhjIDTfv43CwJMLoVo9pjQxIJY7ZzcgSynZ6yqvoE1QBKJDh
83yBxx70ExkKkOS3HYxeALCW7HZh8tduW7EclJjR7M5U
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:32 2025 by rpki-client on console.sobornost.net