Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/HMBy97dklkxPQBrLpsbW-ZNRc7U.roa
File: HMBy97dklkxPQBrLpsbW-ZNRc7U.roa (raw, json)
Hash identifier: lqft+CvpsJy14zKD+aRqKJHCgA+Rv0wI4PijqNi8qGo=
Subject key identifier: 1C:C0:72:F7:B7:64:96:4C:4F:40:1A:CB:A6:C6:D6:F9:93:51:73:B5
Certificate issuer: /CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Certificate serial: 019421442B1438D0D2330E9E3A1166EB3359
Authority key identifier: 28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/HMBy97dklkxPQBrLpsbW-ZNRc7U.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206783
IP address blocks: 45.143.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2b:14:38:d0:d2:33:0e:9e:3a:11:66:eb:33:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cc072f7b764964c4f401acba6c6d6f9935173b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:79:fd:b5:d7:31:0e:1e:ac:a2:0e:44:60:ff:
42:6b:e8:e6:ac:a6:46:02:c8:3d:fc:63:13:78:53:
bc:1c:52:91:2a:1d:fb:54:c6:bc:86:81:b9:af:b1:
e7:ef:97:65:dc:0d:ce:de:3f:62:66:01:ea:04:16:
54:1a:90:3c:dd:91:61:6b:0d:f3:ad:55:03:26:40:
35:f8:3a:7b:9f:d3:d2:93:33:b6:09:fa:62:03:a2:
8a:41:d9:d2:6b:17:55:60:f2:9b:7b:85:f5:ee:a0:
28:78:79:79:4e:39:e4:bb:7c:a3:51:73:7f:19:84:
af:b6:f4:31:cf:4c:70:61:75:2d:a6:e1:2c:57:48:
6b:ed:5e:7c:4a:2c:71:a7:a8:58:67:08:63:a6:c2:
35:cb:fd:1c:35:f2:28:18:1b:96:b6:d5:2f:45:97:
5f:a0:68:12:b9:ef:3b:a4:97:7e:68:89:1e:e1:f2:
5e:2c:65:b7:70:c8:8d:46:37:34:48:40:bd:4c:ca:
32:8d:3f:d1:9a:91:7b:4b:68:6d:54:4d:1b:eb:05:
fa:ce:9b:c7:51:f3:78:9f:2c:89:00:d1:37:91:9b:
a6:66:f7:12:fe:1b:b3:50:03:ac:ab:b0:19:fb:ad:
74:b8:94:a6:15:d1:04:4f:cf:6b:58:eb:6f:92:89:
b4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C0:72:F7:B7:64:96:4C:4F:40:1A:CB:A6:C6:D6:F9:93:51:73:B5
X509v3 Authority Key Identifier:
keyid:28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/HMBy97dklkxPQBrLpsbW-ZNRc7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.207.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f8:a9:3c:32:0e:c1:37:4b:46:38:00:70:ff:f5:f8:68:79:
59:4f:1e:cd:87:8f:3a:f4:ec:1f:00:88:51:3f:0c:1d:44:91:
2c:d2:56:9b:a1:af:a1:60:0a:3a:35:24:32:cc:38:af:51:fe:
90:b2:a9:64:1c:0a:2e:bf:ff:6a:85:93:4e:de:05:bf:06:4a:
3a:f3:f9:48:fd:b6:69:df:15:15:c4:d2:46:74:ae:f6:9f:6d:
d5:8e:78:31:f9:82:41:70:37:d5:15:44:1e:5a:ad:8b:22:cf:
8b:0d:aa:0a:87:80:de:e4:e8:30:0e:b0:df:89:58:87:d3:ef:
78:1f:c0:34:83:52:44:84:8b:7e:9e:bd:c2:ac:fe:a4:18:09:
3c:c7:cb:53:7e:81:10:25:8b:fb:ea:83:29:09:79:fd:14:fd:
8b:6d:95:99:f8:81:aa:2a:67:6f:42:70:3d:43:23:ea:c2:23:
2a:2e:05:ac:48:71:ec:91:24:ce:ed:bf:da:6a:36:bb:a5:f8:
25:49:47:ff:db:c4:16:22:ef:d8:85:fa:c4:f6:5e:fc:5d:91:
19:78:cf:2a:f2:cb:ca:9a:59:c7:14:49:9e:c1:00:1e:a8:a6:
8f:ff:ce:2c:2e:50:6d:f2:24:b2:30:ef:7a:61:e5:da:83:73:
9f:ce:a9:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCsUONDSMw6eOhFm6zNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTBkYTc2NWE5OTlmNzE5ODc1YzUxZWVjZjRjN2Q2MTQ4
YTFiZDkwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2MwNzJmN2I3NjQ5NjRjNGY0MDFhY2JhNmM2ZDZmOTkzNTE3M2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3n9tdcxDh6sog5EYP9Ca+jmrKZG
Asg9/GMTeFO8HFKRKh37VMa8hoG5r7Hn75dl3A3O3j9iZgHqBBZUGpA83ZFhaw3z
rVUDJkA1+Dp7n9PSkzO2CfpiA6KKQdnSaxdVYPKbe4X17qAoeHl5Tjnku3yjUXN/
GYSvtvQxz0xwYXUtpuEsV0hr7V58Sixxp6hYZwhjpsI1y/0cNfIoGBuWttUvRZdf
oGgSue87pJd+aIke4fJeLGW3cMiNRjc0SEC9TMoyjT/RmpF7S2htVE0b6wX6zpvH
UfN4nyyJANE3kZumZvcS/huzUAOsq7AZ+610uJSmFdEET89rWOtvkom0EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzAcve3ZJZMT0Aay6bG1vmTUXO1MB8GA1UdIwQY
MBaAFCiQ2nZamZ9xmHXFHuz0x9YUihvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEt
MjhmYzcwNjNkOTUyLzEvSE1CeTk3ZGtsa3hQUUJyTHBzYlctWk5SYzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEtMjhmYzcwNjNkOTUy
LzEvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY/PMA0G
CSqGSIb3DQEBCwUAA4IBAQB9+Kk8Mg7BN0tGOABw//X4aHlZTx7Nh4869OwfAIhR
PwwdRJEs0laboa+hYAo6NSQyzDivUf6QsqlkHAouv/9qhZNO3gW/Bko68/lI/bZp
3xUVxNJGdK72n23Vjngx+YJBcDfVFUQeWq2LIs+LDaoKh4De5OgwDrDfiViH0+94
H8A0g1JEhIt+nr3CrP6kGAk8x8tTfoEQJYv76oMpCXn9FP2LbZWZ+IGqKmdvQnA9
QyPqwiMqLgWsSHHskSTO7b/aaja7pfglSUf/28QWIu/YhfrE9l78XZEZeM8q8svK
mlnHFEmewQAeqKaP/84sLlBt8iSyMO96YeXag3Ofzqlv
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:14:42 2025 by rpki-client