Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/H0yf0Oo2kc1vuXQI2C2XHgJR1UA.roa
File: H0yf0Oo2kc1vuXQI2C2XHgJR1UA.roa (raw, json)
Hash identifier: +TduWsFWrzOECmrsJ1U+XZI1HDNWMV9mx9iurejnLIs=
Subject key identifier: 1F:4C:9F:D0:EA:36:91:CD:6F:B9:74:08:D8:2D:97:1E:02:51:D5:40
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 01942748249FA215E7AEE06C303876F4677C
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/H0yf0Oo2kc1vuXQI2C2XHgJR1UA.roa
Signing time: Thu 02 Jan 2025 13:50:26 +0000
ROA not before: Thu 02 Jan 2025 13:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57497
IP address blocks: 45.89.236.0/22 maxlen: 24
103.130.146.0/24 maxlen: 24
212.18.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:24:9f:a2:15:e7:ae:e0:6c:30:38:76:f4:67:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Jan 2 13:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f4c9fd0ea3691cd6fb97408d82d971e0251d540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:c8:18:f4:ec:64:8e:97:a4:f1:fb:1a:f4:
23:53:7a:a7:77:df:2c:f5:bc:fb:e7:09:86:f8:49:
d7:25:63:dc:cc:f0:fc:1f:d1:82:57:7b:74:87:47:
c9:16:50:0c:09:28:bf:ae:d8:3f:b0:70:4a:5f:fc:
83:89:dd:9c:ff:2f:cc:8b:0a:95:40:80:de:78:bd:
a1:86:7c:d0:da:54:0a:a8:2c:f7:73:ac:1d:f8:0c:
b4:e6:11:0d:69:7c:73:dd:2c:9f:46:b6:37:c4:ea:
62:4d:52:a7:d5:17:21:61:12:51:d7:74:e7:f1:f7:
c9:c3:f4:dc:1d:59:d5:bb:10:25:ff:96:69:03:bf:
d3:17:72:f9:7e:7b:9b:16:32:21:70:d1:aa:7b:3d:
5a:3e:62:8e:30:44:0f:1f:31:af:ab:09:15:76:8a:
98:3d:3e:dc:a3:3b:f3:a8:f4:2a:e3:41:36:77:49:
da:07:52:80:80:4b:7a:fd:1a:b0:86:09:88:4b:50:
82:7b:c3:bd:d4:f7:75:cc:95:c6:5d:3d:2c:8a:91:
ac:cc:63:01:8b:33:4b:27:43:2d:30:ae:e4:1e:d7:
d6:fa:25:4e:2b:54:7f:5d:d0:61:ea:46:fb:69:da:
ee:82:cd:1b:ec:07:85:60:3f:1f:86:5f:32:29:a0:
55:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4C:9F:D0:EA:36:91:CD:6F:B9:74:08:D8:2D:97:1E:02:51:D5:40
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/H0yf0Oo2kc1vuXQI2C2XHgJR1UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
103.130.146.0/24
212.18.108.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:84:0d:91:d8:e9:e9:1c:7d:c8:4a:75:b7:4d:e8:fe:45:33:
17:b3:80:6b:3e:6c:2b:df:94:37:a8:82:2e:42:be:9b:49:28:
d7:af:20:64:8e:d6:dc:bf:d6:f7:25:5c:03:22:66:be:f1:2f:
92:21:2d:88:f0:df:5c:92:76:9c:f0:0b:2f:8a:66:fd:22:b3:
95:23:ab:8d:66:cf:c6:93:97:5d:ab:2d:a3:ed:fb:5d:d0:eb:
58:29:d8:8d:cc:86:ea:40:bd:a5:5f:c4:22:b1:0a:53:eb:eb:
e3:4a:14:7a:cf:22:16:47:67:e3:16:9f:2e:d2:7a:c5:3d:22:
b8:5e:37:4f:72:c9:9e:27:a4:48:66:09:91:eb:22:d9:fc:1a:
d4:a3:4d:eb:c4:95:48:a0:a6:dd:e7:c6:a2:4c:25:f3:bc:20:
65:1f:0a:cb:5e:eb:4a:67:67:3f:a5:fd:9c:e4:30:8d:fd:74:
20:92:c1:c7:1f:72:ca:21:0d:57:69:0b:b0:67:41:57:25:3b:
8a:c8:fd:5c:c7:e2:a4:cc:c5:6b:cc:1d:a3:45:21:c7:c1:7f:
d3:69:7c:80:c5:d0:ff:8b:fc:d6:fc:42:08:40:b3:da:12:9e:
f7:b2:03:5b:86:c0:ec:4b:25:a9:c0:ef:4c:b0:84:7c:a3:33:
9a:cc:93:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSCSfohXnruBsMDh29Gd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjUwMTAyMTM1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjRjOWZkMGVhMzY5MWNkNmZiOTc0MDhkODJkOTcxZTAyNTFkNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobbIGPTsZI6XpPH7GvQjU3qnd98s
9bz75wmG+EnXJWPczPD8H9GCV3t0h0fJFlAMCSi/rtg/sHBKX/yDid2c/y/MiwqV
QIDeeL2hhnzQ2lQKqCz3c6wd+Ay05hENaXxz3SyfRrY3xOpiTVKn1RchYRJR13Tn
8ffJw/TcHVnVuxAl/5ZpA7/TF3L5fnubFjIhcNGqez1aPmKOMEQPHzGvqwkVdoqY
PT7cozvzqPQq40E2d0naB1KAgEt6/RqwhgmIS1CCe8O91Pd1zJXGXT0sipGszGMB
izNLJ0MtMK7kHtfW+iVOK1R/XdBh6kb7adrugs0b7AeFYD8fhl8yKaBVqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB9Mn9DqNpHNb7l0CNgtlx4CUdVAMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvSDB5ZjBPbzJrYzF2dVhRSTJDMlhIZ0pSMVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVnsAwQA
Z4KSAwQA1BJsMA0GCSqGSIb3DQEBCwUAA4IBAQBuhA2R2OnpHH3ISnW3Tej+RTMX
s4BrPmwr35Q3qIIuQr6bSSjXryBkjtbcv9b3JVwDIma+8S+SIS2I8N9cknac8Asv
imb9IrOVI6uNZs/Gk5ddqy2j7ftd0OtYKdiNzIbqQL2lX8QisQpT6+vjShR6zyIW
R2fjFp8u0nrFPSK4XjdPcsmeJ6RIZgmR6yLZ/BrUo03rxJVIoKbd58aiTCXzvCBl
HwrLXutKZ2c/pf2c5DCN/XQgksHHH3LKIQ1XaQuwZ0FXJTuKyP1cx+KkzMVrzB2j
RSHHwX/TaXyAxdD/i/zW/EIIQLPaEp73sgNbhsDsSyWpwO9MsIR8ozOazJO5
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:43:14 2025 by rpki-client