Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/iHyzfOE-F2Qe_zeXBRNz2wTpF0A.roa
File: iHyzfOE-F2Qe_zeXBRNz2wTpF0A.roa (raw, json)
Hash identifier: WINrfX68y8T5JteXj3nUWYqwFftswOiGNXpVSRX/5Aw=
Subject key identifier: 88:7C:B3:7C:E1:3E:17:64:1E:FF:37:97:05:13:73:DB:04:E9:17:40
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01930D422F40613C500D532169A308D64E7C
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/iHyzfOE-F2Qe_zeXBRNz2wTpF0A.roa
Signing time: Fri 08 Nov 2024 19:31:01 +0000
ROA not before: Fri 08 Nov 2024 19:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213946
IP address blocks: 45.156.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0d:42:2f:40:61:3c:50:0d:53:21:69:a3:08:d6:4e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Nov 8 19:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=887cb37ce13e17641eff3797051373db04e91740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:cc:fc:d5:9a:8f:40:31:8b:97:45:d1:30:f7:
8c:92:3f:43:db:56:11:b1:c8:d4:37:26:b6:9b:02:
7f:7e:33:9c:f8:fa:38:67:9b:32:24:8c:c5:85:a7:
5e:d3:82:70:14:e9:b5:60:eb:ec:91:c6:fd:b0:7a:
6f:b1:80:07:c8:a4:4e:6e:5e:71:6c:7d:11:c6:a8:
c1:2b:70:ff:ba:58:72:6f:c7:24:b1:1e:18:ef:f1:
0c:31:e8:75:9b:06:1c:87:83:f8:0c:6b:3c:15:a0:
64:13:dd:8e:f2:91:71:d8:7f:cf:06:a1:7e:9b:10:
4e:74:51:34:48:e2:50:6c:22:9c:fd:8e:1f:e9:3a:
aa:49:6d:f1:83:48:24:06:bc:a5:6d:47:cb:d2:5d:
16:e3:e1:8f:e9:52:3f:3a:c4:6f:3f:ed:2d:25:c2:
0b:9f:6a:16:63:91:11:1e:dd:f8:e7:5a:56:1c:1f:
05:d9:2f:21:3b:c9:b2:b9:99:2f:6e:c5:fd:e7:b9:
7d:b5:45:5d:22:fd:f6:89:d7:76:f7:41:da:42:77:
6f:df:35:b8:53:2b:60:de:a7:e0:f6:38:d7:24:66:
5a:55:29:cb:4a:c9:bb:d8:9a:2b:7c:bc:d4:c1:9f:
dc:9d:dc:25:50:da:12:bd:6f:17:32:26:b6:28:02:
db:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7C:B3:7C:E1:3E:17:64:1E:FF:37:97:05:13:73:DB:04:E9:17:40
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/iHyzfOE-F2Qe_zeXBRNz2wTpF0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.143.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:29:5f:2c:f2:e1:a4:59:0f:a3:b4:62:e7:bf:30:7e:29:3a:
85:6a:d2:d3:59:6c:37:2f:e4:9e:e8:f0:ca:42:90:ee:83:b0:
24:0e:d7:76:18:c1:2a:d1:ed:cb:08:ec:fc:5b:e3:11:59:9c:
42:c1:fe:ac:61:98:d2:51:c1:f6:ac:fc:59:3c:bd:ed:40:18:
a4:df:38:c7:01:05:fc:79:2d:02:dd:c8:bc:e5:77:07:aa:df:
27:40:e0:85:6a:a7:6a:ff:53:6d:56:72:31:ba:6b:ef:4b:59:
ab:c8:90:4f:21:fa:87:36:00:5f:cf:3c:74:a1:f6:33:d9:96:
be:4e:9b:31:7e:50:52:d3:59:90:ff:09:6d:fe:21:24:c3:dc:
31:48:5a:a2:c5:00:e2:0a:19:af:d4:92:2a:12:7c:69:c2:2d:
28:15:03:a6:70:d1:bc:a1:a3:2e:74:8b:81:fb:e3:b3:93:c6:
cc:39:bd:36:88:97:42:1d:0e:32:34:0b:3e:09:e7:78:2b:bb:
9d:db:34:55:80:f8:5b:1d:19:e8:9c:ed:0c:dc:3b:7c:33:b6:
06:3a:c0:02:bd:28:f7:46:ab:18:eb:0a:84:47:f9:04:c4:b6:
9b:91:fb:70:0b:25:25:5e:a3:45:1a:97:8b:e6:68:c0:ab:8f:
39:de:25:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMNQi9AYTxQDVMhaaMI1k58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjQxMTA4MTkzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdjYjM3Y2UxM2UxNzY0MWVmZjM3OTcwNTEzNzNkYjA0ZTkxNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Mz81ZqPQDGLl0XRMPeMkj9D21YR
scjUNya2mwJ/fjOc+Po4Z5syJIzFhade04JwFOm1YOvskcb9sHpvsYAHyKRObl5x
bH0RxqjBK3D/ulhyb8cksR4Y7/EMMeh1mwYch4P4DGs8FaBkE92O8pFx2H/PBqF+
mxBOdFE0SOJQbCKc/Y4f6TqqSW3xg0gkBrylbUfL0l0W4+GP6VI/OsRvP+0tJcIL
n2oWY5ERHt3451pWHB8F2S8hO8myuZkvbsX957l9tUVdIv32idd290HaQndv3zW4
Uytg3qfg9jjXJGZaVSnLSsm72JorfLzUwZ/cndwlUNoSvW8XMia2KALbNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIh8s3zhPhdkHv83lwUTc9sE6RdAMB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvaUh5emZPRS1GMlFlX3plWEJSTnoyd1RwRjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyPMA0G
CSqGSIb3DQEBCwUAA4IBAQCqKV8s8uGkWQ+jtGLnvzB+KTqFatLTWWw3L+Se6PDK
QpDug7AkDtd2GMEq0e3LCOz8W+MRWZxCwf6sYZjSUcH2rPxZPL3tQBik3zjHAQX8
eS0C3ci85XcHqt8nQOCFaqdq/1NtVnIxumvvS1mryJBPIfqHNgBfzzx0ofYz2Za+
TpsxflBS01mQ/wlt/iEkw9wxSFqixQDiChmv1JIqEnxpwi0oFQOmcNG8oaMudIuB
++Ozk8bMOb02iJdCHQ4yNAs+Ced4K7ud2zRVgPhbHRnonO0M3Dt8M7YGOsACvSj3
RqsY6wqER/kExLabkftwCyUlXqNFGpeL5mjAq4853iVL
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:51:39 2025 by rpki-client