Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/HCBFWHPbguHhYNXyj3CYrDXYNWo.roa
File: HCBFWHPbguHhYNXyj3CYrDXYNWo.roa (raw, json)
Hash identifier: YWHjbWrm4zcEsBNnp7QDqMn1mBuhsTvb3ueYJ3IoUgs=
Subject key identifier: 1C:20:45:58:73:DB:82:E1:E1:60:D5:F2:8F:70:98:AC:35:D8:35:6A
Certificate issuer: /CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Certificate serial: 019427483AEE098E7CD4EA5F837C52D1C779
Authority key identifier: CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/HCBFWHPbguHhYNXyj3CYrDXYNWo.roa
Signing time: Thu 02 Jan 2025 13:50:32 +0000
ROA not before: Thu 02 Jan 2025 13:50:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13639
IP address blocks: 156.114.20.0/24 maxlen: 24
156.114.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3a:ee:09:8e:7c:d4:ea:5f:83:7c:52:d1:c7:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Validity
Not Before: Jan 2 13:50:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c20455873db82e1e160d5f28f7098ac35d8356a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:13:08:6a:6c:44:95:1f:69:e6:9a:e7:8a:e6:
86:cb:1c:f8:50:08:e9:d7:ab:1a:5b:f3:58:c5:ea:
45:ac:05:0a:33:14:39:21:19:5b:2f:db:5d:99:67:
44:cb:87:98:0f:2e:80:75:81:b6:08:d7:bf:cc:9e:
47:10:a9:e2:a6:76:2c:c4:9e:b7:ca:0a:1a:1c:26:
d9:e9:93:25:06:e4:6e:41:84:7d:01:55:ca:03:97:
da:35:55:0d:61:a8:91:7c:38:eb:83:54:8a:8e:a6:
75:91:36:4f:ca:6b:a8:80:0e:47:a6:69:d4:da:76:
60:be:97:1b:22:bf:a6:55:19:98:41:02:db:4f:02:
b3:cb:7c:20:c3:1f:22:65:45:45:ea:ab:24:5a:21:
1e:ca:d2:75:45:e9:e9:10:3b:ba:07:a5:30:88:7f:
41:70:0e:f8:5a:69:bd:57:6f:ef:ce:38:cd:28:80:
a0:60:c4:0f:cb:16:6a:80:51:75:86:07:f7:3e:a6:
6e:60:2f:6e:7c:08:e7:a8:f1:88:7b:e4:9a:56:35:
24:69:f4:22:d7:76:9a:b2:ce:b7:16:50:97:6c:e4:
25:f7:ad:10:44:55:ca:85:e6:d1:11:ba:f0:44:9a:
11:8b:84:b5:ba:7c:8a:37:80:48:c6:1d:07:3b:df:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:20:45:58:73:DB:82:E1:E1:60:D5:F2:8F:70:98:AC:35:D8:35:6A
X509v3 Authority Key Identifier:
keyid:CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/HCBFWHPbguHhYNXyj3CYrDXYNWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.114.20.0/23
Signature Algorithm: sha256WithRSAEncryption
86:ea:7c:79:79:c2:3a:e1:99:0d:f4:c9:35:61:e9:9c:07:b6:
05:75:53:b6:11:c7:93:1e:44:59:87:e4:5f:b0:18:f9:45:52:
c8:20:4b:58:85:28:78:e1:97:09:06:41:32:ce:ab:07:f8:be:
29:b9:40:ba:15:71:75:20:dd:de:04:8b:14:e9:cb:31:8c:ed:
a3:07:08:db:93:79:22:a3:a2:f5:79:ad:0f:47:8d:18:29:20:
64:26:34:19:db:a7:01:81:ee:22:50:8b:3e:76:73:0e:7e:b3:
52:69:c9:b2:5d:1a:04:84:ab:f6:69:3c:f6:60:bd:73:e0:3f:
f2:87:b4:79:71:ce:1c:21:fc:d4:cc:04:5f:e5:09:19:c6:d2:
6d:fa:05:49:e0:36:bc:4b:fb:23:5d:da:db:1c:46:bf:27:ba:
ff:16:45:b3:bf:b3:62:62:9e:15:36:8c:81:b2:31:eb:e1:0c:
af:19:a9:0e:92:55:b7:89:3d:1d:ac:17:2a:ee:c2:31:c8:6a:
ca:f5:65:22:73:12:8f:6a:90:fd:a9:eb:a9:96:8b:c6:69:80:
0e:9f:2b:0a:56:99:ef:51:85:fe:0a:df:9b:26:52:ba:99:c4:
fe:d9:bc:3b:be:93:16:cc:0c:4e:1c:2d:f5:1b:f5:7f:23:bc:
34:ea:4a:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSDruCY581Opfg3xS0cd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWNlNDFjYmMyYzMwNjI2ZWYyYTI4ZDE4MzlmMmQ2YzQ3
NTdmM2YwHhcNMjUwMTAyMTM1MDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzIwNDU1ODczZGI4MmUxZTE2MGQ1ZjI4ZjcwOThhYzM1ZDgzNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBMIamxElR9p5prniuaGyxz4UAjp
16saW/NYxepFrAUKMxQ5IRlbL9tdmWdEy4eYDy6AdYG2CNe/zJ5HEKnipnYsxJ63
ygoaHCbZ6ZMlBuRuQYR9AVXKA5faNVUNYaiRfDjrg1SKjqZ1kTZPymuogA5HpmnU
2nZgvpcbIr+mVRmYQQLbTwKzy3wgwx8iZUVF6qskWiEeytJ1RenpEDu6B6UwiH9B
cA74Wmm9V2/vzjjNKICgYMQPyxZqgFF1hgf3PqZuYC9ufAjnqPGIe+SaVjUkafQi
13aass63FlCXbOQl960QRFXKhebREbrwRJoRi4S1unyKN4BIxh0HO98t3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwgRVhz24Lh4WDV8o9wmKw12DVqMB8GA1UdIwQY
MBaAFMrs5By8LDBibvKijRg58tbEdX8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWIt
ZDg1MWU0MGQ1N2JmLzEvSENCRldIUGJndUhoWU5YeWozQ1lyRFhZTldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWItZDg1MWU0MGQ1N2Jm
LzEveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnHIUMA0G
CSqGSIb3DQEBCwUAA4IBAQCG6nx5ecI64ZkN9Mk1YemcB7YFdVO2EceTHkRZh+Rf
sBj5RVLIIEtYhSh44ZcJBkEyzqsH+L4puUC6FXF1IN3eBIsU6csxjO2jBwjbk3ki
o6L1ea0PR40YKSBkJjQZ26cBge4iUIs+dnMOfrNSacmyXRoEhKv2aTz2YL1z4D/y
h7R5cc4cIfzUzARf5QkZxtJt+gVJ4Da8S/sjXdrbHEa/J7r/FkWzv7NiYp4VNoyB
sjHr4QyvGakOklW3iT0drBcq7sIxyGrK9WUicxKPapD9qeuplovGaYAOnysKVpnv
UYX+Ct+bJlK6mcT+2bw7vpMWzAxOHC31G/V/I7w06kq6
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:31 2025 by rpki-client on console.sobornost.net