Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/hHJHjw71kMqAy3nNekCDF8-fv6E.roa
File: hHJHjw71kMqAy3nNekCDF8-fv6E.roa (raw, json)
Hash identifier: fFUGKJTKX7mKwkHmDQYrtXQn9GbWgqgB8AHbXkjZidU=
Subject key identifier: 84:72:47:8F:0E:F5:90:CA:80:CB:79:CD:7A:40:83:17:CF:9F:BF:A1
Certificate issuer: /CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Certificate serial: 019424B2ADC73F3BF4251415CD450C5D982F
Authority key identifier: 0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/hHJHjw71kMqAy3nNekCDF8-fv6E.roa
Signing time: Thu 02 Jan 2025 01:47:57 +0000
ROA not before: Thu 02 Jan 2025 01:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60241
IP address blocks: 45.87.208.0/22 maxlen: 22
2a06:bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ad:c7:3f:3b:f4:25:14:15:cd:45:0c:5d:98:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Validity
Not Before: Jan 2 01:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8472478f0ef590ca80cb79cd7a408317cf9fbfa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b0:41:c8:fa:a7:e7:1f:27:dd:84:c3:13:bf:
2a:1b:3e:64:60:f4:d7:29:0c:4d:cd:70:38:99:3b:
3a:87:d1:36:7a:ad:64:1d:bf:06:7b:fd:46:e2:dd:
08:b1:b4:90:3a:e1:2c:8d:af:40:1f:98:f2:b7:93:
32:f9:5b:fc:7f:88:a0:16:cc:96:79:2d:72:6e:1d:
f1:e9:96:4e:9e:ad:a0:42:f2:e5:29:83:52:57:29:
6f:d1:84:02:0f:2c:0d:7c:1e:a2:59:fa:34:39:e7:
f1:d3:58:a5:22:8e:94:5f:b0:ff:bb:df:61:86:23:
ff:86:cb:8f:26:3e:26:3a:91:c0:bb:66:e9:32:f0:
74:39:31:75:51:9c:2b:db:6e:9f:b2:b1:35:fa:36:
36:76:67:64:b8:3c:0b:52:08:52:71:30:20:49:73:
a9:91:06:af:ba:15:34:09:fb:e0:dc:27:1f:7f:c5:
c8:43:27:ca:bc:0c:79:29:b8:5e:4d:a1:ac:a1:f1:
68:96:8a:67:f2:33:92:58:7c:c4:89:d8:67:7b:22:
66:6d:64:1c:01:7c:e2:6b:d9:5d:d1:cc:d0:6e:4c:
24:89:94:27:7b:0e:8f:fe:7b:f4:ed:2b:77:88:53:
5b:b0:b9:35:bc:1a:33:b5:14:5a:4e:36:1e:13:6e:
ba:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:72:47:8F:0E:F5:90:CA:80:CB:79:CD:7A:40:83:17:CF:9F:BF:A1
X509v3 Authority Key Identifier:
keyid:0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/hHJHjw71kMqAy3nNekCDF8-fv6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/DEd6vwon7eiG-8QkE9eonCJrEfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.208.0/22
IPv6:
2a06:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
77:b2:11:e0:bd:56:49:f6:ed:5b:2b:99:6b:47:53:1f:9f:1c:
43:02:9b:33:44:1a:24:ca:03:5e:6d:1b:8e:63:fd:28:00:f9:
ac:67:92:96:56:8a:7b:68:3a:fb:78:bb:b1:00:5c:8a:b6:50:
a9:a7:f7:8c:75:01:81:cc:3d:25:35:3b:78:da:38:46:31:77:
a5:ff:ae:73:8d:e5:c0:8a:37:b5:b9:75:af:1b:73:21:ec:e4:
9c:91:43:2d:d0:f7:7b:d4:c7:ad:b1:c2:fa:65:9f:0b:93:5e:
5e:fa:df:4f:c5:3c:53:40:38:a2:a9:a4:90:42:81:88:73:b8:
9b:f1:3c:e0:89:8c:66:b4:62:a3:f9:dd:c0:d0:2b:e0:de:b0:
ca:9a:c0:2e:b0:3b:3c:e7:41:33:ae:d3:af:91:ef:4f:cb:2e:
7e:bf:68:5f:88:e6:7d:29:4d:f0:48:71:4e:7d:a0:82:d7:54:
83:a8:5c:af:cf:a5:08:9d:7e:71:5a:cc:2c:b8:82:47:d2:83:
2a:cb:9a:be:4b:ff:d7:25:24:40:cb:e6:dd:69:73:85:c1:24:
18:45:ad:dc:c3:b7:2d:41:d1:ce:c2:51:79:69:ef:42:7f:7a:
75:c0:e2:04:b6:19:e3:8f:ec:6f:05:ff:ac:16:58:24:2c:e8:
9e:7d:91:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksq3HPzv0JRQVzUUMXZgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDc3YWJmMGEyN2VkZTg4NmZiYzQyNDEzZDdhODljMjI2
YjExZmEwHhcNMjUwMTAyMDE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDcyNDc4ZjBlZjU5MGNhODBjYjc5Y2Q3YTQwODMxN2NmOWZiZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LBByPqn5x8n3YTDE78qGz5kYPTX
KQxNzXA4mTs6h9E2eq1kHb8Ge/1G4t0IsbSQOuEsja9AH5jyt5My+Vv8f4igFsyW
eS1ybh3x6ZZOnq2gQvLlKYNSVylv0YQCDywNfB6iWfo0Oefx01ilIo6UX7D/u99h
hiP/hsuPJj4mOpHAu2bpMvB0OTF1UZwr226fsrE1+jY2dmdkuDwLUghScTAgSXOp
kQavuhU0Cfvg3Ccff8XIQyfKvAx5KbheTaGsofFolopn8jOSWHzEidhneyJmbWQc
AXzia9ld0czQbkwkiZQnew6P/nv07St3iFNbsLk1vBoztRRaTjYeE266IwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIRyR48O9ZDKgMt5zXpAgxfPn7+hMB8GA1UdIwQY
MBaAFAxHer8KJ+3ohvvEJBPXqJwiaxH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTct
MThmNGY2NmE1MGEwLzEvaEhKSGp3NzFrTXFBeTNuTmVrQ0RGOC1mdjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTctMThmNGY2NmE1MGEw
LzEvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVfQMA0E
AgACMAcDBQMqBgvAMA0GCSqGSIb3DQEBCwUAA4IBAQB3shHgvVZJ9u1bK5lrR1Mf
nxxDApszRBokygNebRuOY/0oAPmsZ5KWVop7aDr7eLuxAFyKtlCpp/eMdQGBzD0l
NTt42jhGMXel/65zjeXAije1uXWvG3Mh7OSckUMt0Pd71MetscL6ZZ8Lk15e+t9P
xTxTQDiiqaSQQoGIc7ib8TzgiYxmtGKj+d3A0Cvg3rDKmsAusDs850EzrtOvke9P
yy5+v2hfiOZ9KU3wSHFOfaCC11SDqFyvz6UInX5xWswsuIJH0oMqy5q+S//XJSRA
y+bdaXOFwSQYRa3cw7ctQdHOwlF5ae9Cf3p1wOIEthnjj+xvBf+sFlgkLOiefZFB
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:30:02 2025 by rpki-client