Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/HLzZYAURdW7ECuJc4fBvkEOMPUU.roa
File: HLzZYAURdW7ECuJc4fBvkEOMPUU.roa (raw, json)
Hash identifier: HLSzvw8EJ6C84Lk+YNRBmj8BE3yMR8wKB5nstwpxKJ8=
Subject key identifier: 1C:BC:D9:60:05:11:75:6E:C4:0A:E2:5C:E1:F0:6F:90:43:8C:3D:45
Certificate issuer: /CN=23dcd6f17126d4e951d92bc5f4c06ba9450fc8d4
Certificate serial: 019420686411B413FF54EE7C701C4DC8ADC2
Authority key identifier: 23:DC:D6:F1:71:26:D4:E9:51:D9:2B:C5:F4:C0:6B:A9:45:0F:C8:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/HLzZYAURdW7ECuJc4fBvkEOMPUU.roa
Signing time: Wed 01 Jan 2025 05:48:19 +0000
ROA not before: Wed 01 Jan 2025 05:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202966
IP address blocks: 45.137.228.0/22 maxlen: 22
2a0e:ac40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:64:11:b4:13:ff:54:ee:7c:70:1c:4d:c8:ad:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23dcd6f17126d4e951d92bc5f4c06ba9450fc8d4
Validity
Not Before: Jan 1 05:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cbcd9600511756ec40ae25ce1f06f90438c3d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:94:05:38:89:bf:8a:34:e4:92:08:38:81:
35:70:d6:fb:ed:4e:5e:b4:05:fc:f8:d6:10:16:da:
15:5e:09:26:7a:32:ad:e4:00:e5:cf:d6:15:ad:61:
2b:ba:bf:4c:f8:e5:a1:c6:00:3a:95:98:80:5c:67:
93:6f:37:08:1a:32:f3:6d:dd:e5:a1:37:53:53:fd:
3c:45:80:eb:57:67:8c:ab:2b:48:e2:85:b9:9b:5f:
51:2a:50:c0:2c:5a:1b:27:91:86:2a:4a:b7:65:a7:
c9:d6:90:71:92:77:29:9d:7a:26:f3:fe:fc:74:a4:
dd:7c:ab:31:9a:1c:9d:c8:0d:ec:23:8b:fb:90:bf:
10:5d:6f:91:fa:26:f7:d5:82:fb:12:59:12:de:8c:
8b:9f:1b:bc:00:5c:d1:76:19:ed:cd:5b:6b:b3:d9:
c1:a0:20:1e:c8:06:90:98:c7:c6:9d:6c:80:35:da:
86:6c:9a:63:8f:45:a5:25:81:e9:80:17:4c:53:fc:
64:57:0c:9c:ca:d9:0a:73:68:e9:24:a0:4e:bd:17:
44:78:f6:08:e8:e3:f5:d1:dc:b6:b8:95:34:dc:f7:
f2:3a:f1:f3:21:ad:80:61:43:38:c4:b3:8a:18:bf:
22:f3:aa:aa:7f:bb:9b:fe:05:e2:a8:43:fb:52:db:
40:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BC:D9:60:05:11:75:6E:C4:0A:E2:5C:E1:F0:6F:90:43:8C:3D:45
X509v3 Authority Key Identifier:
keyid:23:DC:D6:F1:71:26:D4:E9:51:D9:2B:C5:F4:C0:6B:A9:45:0F:C8:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/HLzZYAURdW7ECuJc4fBvkEOMPUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.228.0/22
IPv6:
2a0e:ac40::/29
Signature Algorithm: sha256WithRSAEncryption
52:e5:fc:56:26:46:bb:22:b2:f4:65:58:fa:32:a0:c1:9e:e4:
51:ac:be:9c:c5:30:bc:af:11:10:e0:1e:e9:24:16:fd:30:54:
de:1b:32:25:bd:45:ed:f7:04:85:09:c9:6e:39:54:b2:a7:0d:
55:12:cd:35:05:c7:30:a6:93:c4:95:b5:35:39:35:9e:66:92:
66:35:1d:82:9c:bc:c4:02:b8:6d:f1:bf:65:e9:87:33:f4:00:
b3:70:2b:5b:b5:56:a5:c4:54:8d:5d:56:eb:3b:76:c4:72:53:
89:72:4c:18:c1:60:3f:18:a4:63:7f:f1:42:bd:0d:df:a5:08:
75:64:9a:7a:13:89:a2:49:ba:51:65:b8:44:24:4c:b6:10:92:
60:2a:11:52:f8:64:d1:49:c2:76:62:a2:08:c7:ce:1b:a5:1f:
04:9b:78:31:4a:77:86:fc:73:43:ff:64:6f:86:ca:dc:d1:4e:
f9:12:1f:b0:30:27:c4:c8:63:d9:b3:3e:f6:af:ee:1a:7d:24:
6d:68:00:8d:3b:76:4c:4b:a5:4b:f1:b2:87:d4:53:b3:5c:fb:
17:a6:e7:dc:cb:ca:ab:31:a4:d3:c1:f2:20:15:d5:f6:79:11:
3b:e4:85:3b:05:e1:aa:33:29:2a:cc:5b:43:29:5b:a1:56:b6:
60:04:1f:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaGQRtBP/VO58cBxNyK3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZGNkNmYxNzEyNmQ0ZTk1MWQ5MmJjNWY0YzA2YmE5NDUw
ZmM4ZDQwHhcNMjUwMTAxMDU0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JjZDk2MDA1MTE3NTZlYzQwYWUyNWNlMWYwNmY5MDQzOGMzZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm+UBTiJv4o05JIIOIE1cNb77U5e
tAX8+NYQFtoVXgkmejKt5ADlz9YVrWErur9M+OWhxgA6lZiAXGeTbzcIGjLzbd3l
oTdTU/08RYDrV2eMqytI4oW5m19RKlDALFobJ5GGKkq3ZafJ1pBxkncpnXom8/78
dKTdfKsxmhydyA3sI4v7kL8QXW+R+ib31YL7ElkS3oyLnxu8AFzRdhntzVtrs9nB
oCAeyAaQmMfGnWyANdqGbJpjj0WlJYHpgBdMU/xkVwycytkKc2jpJKBOvRdEePYI
6OP10dy2uJU03PfyOvHzIa2AYUM4xLOKGL8i86qqf7ub/gXiqEP7UttAowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBy82WAFEXVuxAriXOHwb5BDjD1FMB8GA1UdIwQY
MBaAFCPc1vFxJtTpUdkrxfTAa6lFD8jUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTl6VzhYRW0xT2xSMlN2RjlNQnJxVVVQeU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9mZGEwNTktMzQzNi00MTU4LWExZTQt
NDlkYTA1OTc4YWQwLzEvSEx6WllBVVJkVzdFQ3VKYzRmQnZrRU9NUFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9mZGEwNTktMzQzNi00MTU4LWExZTQtNDlkYTA1OTc4YWQw
LzEvSTl6VzhYRW0xT2xSMlN2RjlNQnJxVVVQeU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYnkMA0E
AgACMAcDBQMqDqxAMA0GCSqGSIb3DQEBCwUAA4IBAQBS5fxWJka7IrL0ZVj6MqDB
nuRRrL6cxTC8rxEQ4B7pJBb9MFTeGzIlvUXt9wSFCcluOVSypw1VEs01BccwppPE
lbU1OTWeZpJmNR2CnLzEArht8b9l6Ycz9ACzcCtbtValxFSNXVbrO3bEclOJckwY
wWA/GKRjf/FCvQ3fpQh1ZJp6E4miSbpRZbhEJEy2EJJgKhFS+GTRScJ2YqIIx84b
pR8Em3gxSneG/HND/2Rvhsrc0U75Eh+wMCfEyGPZsz72r+4afSRtaACNO3ZMS6VL
8bKH1FOzXPsXpufcy8qrMaTTwfIgFdX2eRE75IU7BeGqMykqzFtDKVuhVrZgBB/M
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:03:54 2025 by rpki-client