Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/65f954-3f88-4357-9642-9a16d9c0caf7/1/h0xiomEz7xtLYsv88aOYGmA0lnI.roa
File: h0xiomEz7xtLYsv88aOYGmA0lnI.roa (raw, json)
Hash identifier: BAw5E4Ocz44eNDbC47J9c+7M/I/mZ/R9N04y5bk6RWw=
Subject key identifier: 87:4C:62:A2:61:33:EF:1B:4B:62:CB:FC:F1:A3:98:1A:60:34:96:72
Certificate issuer: /CN=c510ad4689896fb850ce790fdfe344d4c027a5ae
Certificate serial: 019422FBE81071553CA0E837775B39D431D5
Authority key identifier: C5:10:AD:46:89:89:6F:B8:50:CE:79:0F:DF:E3:44:D4:C0:27:A5:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRCtRomJb7hQznkP3-NE1MAnpa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/65f954-3f88-4357-9642-9a16d9c0caf7/1/h0xiomEz7xtLYsv88aOYGmA0lnI.roa
Signing time: Wed 01 Jan 2025 17:48:41 +0000
ROA not before: Wed 01 Jan 2025 17:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208557
IP address blocks: 45.129.72.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e8:10:71:55:3c:a0:e8:37:77:5b:39:d4:31:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c510ad4689896fb850ce790fdfe344d4c027a5ae
Validity
Not Before: Jan 1 17:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=874c62a26133ef1b4b62cbfcf1a3981a60349672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:26:7a:9a:86:e2:28:04:21:25:3e:50:c4:c2:
2d:b8:9e:49:b0:3a:dd:e1:48:f5:26:65:75:8d:71:
26:c0:91:d6:56:72:bc:a6:b6:52:43:a2:23:2a:53:
4d:02:8e:7d:2c:cb:f5:fd:10:07:26:8d:2f:ce:5c:
69:b7:c9:e1:86:9d:b1:45:42:49:69:f5:93:38:41:
da:e4:f4:5f:2e:55:63:d8:e9:e7:9e:ff:80:33:0e:
34:c9:b9:30:53:be:52:a6:d3:5f:d3:f1:1f:a5:56:
db:a5:dd:53:3a:21:d7:55:cc:d8:c5:3c:d9:eb:f5:
68:4d:b4:4b:ed:f9:33:66:b8:1e:e9:4c:ad:e1:5e:
2f:ea:af:94:b9:55:97:10:e0:39:b6:e9:92:fb:1c:
bb:3c:c1:ea:95:39:b8:91:14:5f:3c:c6:bb:41:e9:
b3:c2:7d:d3:6a:72:ac:87:ac:31:cc:52:c9:5f:78:
4e:b8:78:80:8c:80:87:f8:c0:2e:fb:2b:be:94:dd:
0c:2f:d9:bd:13:93:74:92:3b:7d:17:70:56:05:e9:
16:3c:fd:b6:90:de:e1:02:58:1a:33:8c:54:35:91:
61:1e:19:3f:ab:a7:ab:65:c4:b9:97:82:7b:cf:bf:
13:00:74:13:04:c6:19:d3:d7:13:9c:58:f6:f0:54:
42:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4C:62:A2:61:33:EF:1B:4B:62:CB:FC:F1:A3:98:1A:60:34:96:72
X509v3 Authority Key Identifier:
keyid:C5:10:AD:46:89:89:6F:B8:50:CE:79:0F:DF:E3:44:D4:C0:27:A5:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRCtRomJb7hQznkP3-NE1MAnpa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/65f954-3f88-4357-9642-9a16d9c0caf7/1/h0xiomEz7xtLYsv88aOYGmA0lnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/65f954-3f88-4357-9642-9a16d9c0caf7/1/xRCtRomJb7hQznkP3-NE1MAnpa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.72.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:a0:81:51:78:5a:14:6d:ef:f6:f0:bb:a0:c5:da:2e:6d:21:
cb:69:c8:12:e3:29:b8:c9:1e:74:c4:09:42:b0:65:3c:ed:b9:
d2:56:d2:af:35:87:3d:49:29:07:f8:c0:5c:c4:12:4e:3a:a4:
ab:f1:0d:04:40:83:9c:a0:88:96:62:f9:5b:5f:a8:2f:92:91:
46:a4:af:bf:46:2c:d3:b9:f0:f5:0c:cf:e1:b0:37:cf:06:f2:
85:5c:5a:16:62:5b:a1:cf:a9:eb:af:c1:4b:12:b1:8f:58:e2:
3b:7e:53:ac:ff:c3:78:cb:2d:15:7d:10:6d:03:fb:a4:40:42:
75:64:18:ef:46:85:7d:35:da:80:30:ad:93:5e:bd:d8:36:02:
c2:93:5e:41:be:d4:c1:ab:6d:f5:90:6b:cd:a0:7c:5d:53:c5:
38:c9:99:20:a4:eb:0e:c7:d3:11:c9:c3:aa:19:cc:3b:8d:43:
6e:13:65:1e:84:b5:14:3a:20:89:9e:eb:a8:84:53:78:81:d5:
83:9f:5e:45:7c:8b:26:ea:e2:cc:c8:b9:68:75:6d:27:90:d3:
54:61:21:dd:3f:49:12:6c:fa:da:c5:cd:d3:94:4a:4a:ae:ff:
53:e1:70:a7:63:d9:b4:1f:f2:1e:fd:a3:d8:03:8c:47:4c:b1:
37:d3:8c:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi++gQcVU8oOg3d1s51DHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTBhZDQ2ODk4OTZmYjg1MGNlNzkwZmRmZTM0NGQ0YzAy
N2E1YWUwHhcNMjUwMTAxMTc0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzRjNjJhMjYxMzNlZjFiNGI2MmNiZmNmMWEzOTgxYTYwMzQ5NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiZ6mobiKAQhJT5QxMItuJ5JsDrd
4Uj1JmV1jXEmwJHWVnK8prZSQ6IjKlNNAo59LMv1/RAHJo0vzlxpt8nhhp2xRUJJ
afWTOEHa5PRfLlVj2Onnnv+AMw40ybkwU75SptNf0/EfpVbbpd1TOiHXVczYxTzZ
6/VoTbRL7fkzZrge6Uyt4V4v6q+UuVWXEOA5tumS+xy7PMHqlTm4kRRfPMa7Qemz
wn3TanKsh6wxzFLJX3hOuHiAjICH+MAu+yu+lN0ML9m9E5N0kjt9F3BWBekWPP22
kN7hAlgaM4xUNZFhHhk/q6erZcS5l4J7z78TAHQTBMYZ09cTnFj28FRC2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdMYqJhM+8bS2LL/PGjmBpgNJZyMB8GA1UdIwQY
MBaAFMUQrUaJiW+4UM55D9/jRNTAJ6WuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJDdFJvbUpiN2hRem5rUDMtTkUxTUFucGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NWY5NTQtM2Y4OC00MzU3LTk2NDIt
OWExNmQ5YzBjYWY3LzEvaDB4aW9tRXo3eHRMWXN2ODhhT1lHbUEwbG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NWY5NTQtM2Y4OC00MzU3LTk2NDItOWExNmQ5YzBjYWY3
LzEveFJDdFJvbUpiN2hRem5rUDMtTkUxTUFucGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYFIMA0G
CSqGSIb3DQEBCwUAA4IBAQCeoIFReFoUbe/28LugxdoubSHLacgS4ym4yR50xAlC
sGU87bnSVtKvNYc9SSkH+MBcxBJOOqSr8Q0EQIOcoIiWYvlbX6gvkpFGpK+/RizT
ufD1DM/hsDfPBvKFXFoWYluhz6nrr8FLErGPWOI7flOs/8N4yy0VfRBtA/ukQEJ1
ZBjvRoV9NdqAMK2TXr3YNgLCk15BvtTBq231kGvNoHxdU8U4yZkgpOsOx9MRycOq
Gcw7jUNuE2UehLUUOiCJnuuohFN4gdWDn15FfIsm6uLMyLlodW0nkNNUYSHdP0kS
bPraxc3TlEpKrv9T4XCnY9m0H/Ie/aPYA4xHTLE304wR
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:58:47 2025 by rpki-client