Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/mHKZZdX4P1dK57yB0hCJdDCS-A8.roa
File: mHKZZdX4P1dK57yB0hCJdDCS-A8.roa (raw, json)
Hash identifier: sgKlWaet9A3w8v934Vjaqn1vJ0nwSp4V/6BEjtLuqMM=
Subject key identifier: 98:72:99:65:D5:F8:3F:57:4A:E7:BC:81:D2:10:89:74:30:92:F8:0F
Certificate issuer: /CN=c032495b89dce81b0c7f886ddfc3604bde06d8a6
Certificate serial: 0194236913406D7DFDC9A2B5B3E2533023C8
Authority key identifier: C0:32:49:5B:89:DC:E8:1B:0C:7F:88:6D:DF:C3:60:4B:DE:06:D8:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wDJJW4nc6BsMf4ht38NgS94G2KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/mHKZZdX4P1dK57yB0hCJdDCS-A8.roa
Signing time: Wed 01 Jan 2025 19:47:56 +0000
ROA not before: Wed 01 Jan 2025 19:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41785
IP address blocks: 193.161.140.0/24 maxlen: 24
2a0c:9f40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:13:40:6d:7d:fd:c9:a2:b5:b3:e2:53:30:23:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c032495b89dce81b0c7f886ddfc3604bde06d8a6
Validity
Not Before: Jan 1 19:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98729965d5f83f574ae7bc81d21089743092f80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:0a:56:34:f5:d7:90:41:76:45:ac:c1:3b:
ca:20:8b:cb:6f:bc:78:f3:ae:79:cb:59:9e:8f:6b:
6a:d1:d7:46:e9:c5:3b:2b:ee:c0:d4:be:36:9d:59:
d7:a2:8d:05:c1:00:90:fc:d4:66:a5:b0:e5:6d:16:
ba:8a:a4:26:88:0c:ab:b4:3f:99:82:2c:d4:ea:ba:
71:fd:c6:da:8c:39:50:56:27:07:94:91:1c:41:fc:
1d:b7:a3:54:e8:d1:00:e4:3d:21:b9:cb:46:14:b8:
79:aa:b0:26:43:99:6e:d8:20:f6:81:51:eb:c4:4f:
ff:ba:2a:37:87:f4:ed:79:22:28:08:21:eb:2c:10:
ac:9e:b2:f1:07:79:bd:35:b8:75:69:03:58:4a:f6:
5a:7c:7a:9e:39:32:a1:96:af:8b:63:ba:3b:e1:01:
e7:49:f5:25:1e:5f:87:f9:87:f0:f2:3d:dd:c8:e1:
34:b2:ef:f3:66:1e:4c:c0:17:23:7d:08:5a:b5:7d:
28:92:1a:ea:d1:83:4f:6e:b6:8a:a2:f4:ca:1e:2b:
e3:1d:ec:85:e7:95:4d:72:0a:14:37:34:8d:98:c4:
ae:e1:7e:b4:e4:16:0f:67:9e:16:00:33:43:32:dd:
de:a9:cf:11:e3:ea:75:3b:18:c4:d9:07:da:28:99:
bb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:72:99:65:D5:F8:3F:57:4A:E7:BC:81:D2:10:89:74:30:92:F8:0F
X509v3 Authority Key Identifier:
keyid:C0:32:49:5B:89:DC:E8:1B:0C:7F:88:6D:DF:C3:60:4B:DE:06:D8:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wDJJW4nc6BsMf4ht38NgS94G2KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/mHKZZdX4P1dK57yB0hCJdDCS-A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/wDJJW4nc6BsMf4ht38NgS94G2KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.140.0/24
IPv6:
2a0c:9f40::/32
Signature Algorithm: sha256WithRSAEncryption
82:44:96:6f:f1:b6:8a:2d:01:cf:37:16:c9:47:90:25:38:16:
08:cd:7b:14:28:0a:9b:b0:74:39:81:12:dc:8c:c6:3e:86:74:
ab:41:1c:86:1a:46:37:85:3e:10:35:32:45:90:6c:0d:0f:3c:
24:a3:0e:2c:2f:db:24:a6:75:47:4f:e8:82:e5:94:ac:d3:34:
24:5c:b7:f9:d5:d4:da:02:9c:ab:95:60:7e:29:9a:d7:ef:88:
79:9b:6e:c4:a0:4c:7e:c1:ec:a9:46:47:ab:cd:28:a0:90:34:
fe:c1:48:af:71:6e:90:7e:d6:25:95:55:6a:f5:d2:23:49:22:
2f:83:09:c3:97:60:b2:f0:75:63:bd:37:d4:a4:58:91:8c:f0:
71:8e:ef:3e:26:e2:1a:25:38:33:9a:2a:92:d4:1b:3e:56:10:
0d:95:54:98:32:9d:bb:fe:ac:fe:85:59:a5:18:05:7c:1e:49:
8e:33:fd:60:ea:9f:83:b8:c2:d8:06:13:27:ee:c6:e4:bc:15:
e0:8e:f1:a9:09:ef:0a:a4:c6:fa:e7:60:e7:64:22:51:47:5b:
57:73:a0:e2:a9:99:91:1d:6e:63:c5:59:01:e9:ec:9d:02:d2:
c3:b4:6f:a6:d2:5a:d0:2c:9f:e5:88:9f:37:77:0e:6a:9f:69:
d5:54:f6:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaRNAbX39yaK1s+JTMCPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMzI0OTViODlkY2U4MWIwYzdmODg2ZGRmYzM2MDRiZGUw
NmQ4YTYwHhcNMjUwMTAxMTk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODcyOTk2NWQ1ZjgzZjU3NGFlN2JjODFkMjEwODk3NDMwOTJmODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIMKVjT115BBdkWswTvKIIvLb7x4
8655y1mej2tq0ddG6cU7K+7A1L42nVnXoo0FwQCQ/NRmpbDlbRa6iqQmiAyrtD+Z
gizU6rpx/cbajDlQVicHlJEcQfwdt6NU6NEA5D0huctGFLh5qrAmQ5lu2CD2gVHr
xE//uio3h/TteSIoCCHrLBCsnrLxB3m9Nbh1aQNYSvZafHqeOTKhlq+LY7o74QHn
SfUlHl+H+Yfw8j3dyOE0su/zZh5MwBcjfQhatX0okhrq0YNPbraKovTKHivjHeyF
55VNcgoUNzSNmMSu4X605BYPZ54WADNDMt3eqc8R4+p1OxjE2QfaKJm7PwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJhymWXV+D9XSue8gdIQiXQwkvgPMB8GA1UdIwQY
MBaAFMAySVuJ3OgbDH+Ibd/DYEveBtimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0RKSlc0bmM2QnNNZjRodDM4TmdTOTRHMktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xMmRkMmMtNGQwYy00MjBhLTk4YTUt
MDJlNjQyMmM0MTgxLzEvbUhLWlpkWDRQMWRLNTd5QjBoQ0pkRENTLUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8xMmRkMmMtNGQwYy00MjBhLTk4YTUtMDJlNjQyMmM0MTgx
LzEvd0RKSlc0bmM2QnNNZjRodDM4TmdTOTRHMktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaGMMA0E
AgACMAcDBQAqDJ9AMA0GCSqGSIb3DQEBCwUAA4IBAQCCRJZv8baKLQHPNxbJR5Al
OBYIzXsUKAqbsHQ5gRLcjMY+hnSrQRyGGkY3hT4QNTJFkGwNDzwkow4sL9skpnVH
T+iC5ZSs0zQkXLf51dTaApyrlWB+KZrX74h5m27EoEx+weypRkerzSigkDT+wUiv
cW6QftYllVVq9dIjSSIvgwnDl2Cy8HVjvTfUpFiRjPBxju8+JuIaJTgzmiqS1Bs+
VhANlVSYMp27/qz+hVmlGAV8HkmOM/1g6p+DuMLYBhMn7sbkvBXgjvGpCe8KpMb6
52DnZCJRR1tXc6DiqZmRHW5jxVkB6eydAtLDtG+m0lrQLJ/liJ83dw5qn2nVVPbP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:43 2025 by rpki-client on console.sobornost.net