Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/H2lVKMz_X46KFKjX_6x9tvmH1uE.roa
File: H2lVKMz_X46KFKjX_6x9tvmH1uE.roa (raw, json)
Hash identifier: RB7IG/Ldoyl84GgxDa9yMrGgoraAfien6HZCweyoCaw=
Subject key identifier: 1F:69:55:28:CC:FF:5F:8E:8A:14:A8:D7:FF:AC:7D:B6:F9:87:D6:E1
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0194221F7D49C277687B68E1D6A91C234FD4
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/H2lVKMz_X46KFKjX_6x9tvmH1uE.roa
Signing time: Wed 01 Jan 2025 13:47:56 +0000
ROA not before: Wed 01 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206382
IP address blocks: 45.88.172.0/23 maxlen: 23
45.88.174.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7d:49:c2:77:68:7b:68:e1:d6:a9:1c:23:4f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f695528ccff5f8e8a14a8d7ffac7db6f987d6e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dc:dd:c6:01:b8:62:16:b5:28:b1:0c:63:e3:
fa:7d:b4:a1:23:28:76:f1:84:ae:0f:0d:26:fc:20:
c9:0a:ce:f6:bc:6c:02:39:19:f7:f5:e5:3b:a8:89:
63:94:08:77:69:ff:4e:08:df:cb:a4:75:fd:0b:23:
d1:62:a8:34:73:a8:44:62:22:49:82:e5:bb:bc:72:
2f:fe:1e:e4:62:9b:e1:86:d3:a6:1f:9a:83:83:13:
a7:db:33:df:d7:84:f2:a7:af:60:f2:e9:02:f6:36:
4c:3c:cd:3c:6e:8c:a3:5e:38:31:85:79:6f:04:76:
82:f0:29:e5:fc:20:b4:a6:ce:ed:54:1b:c0:c4:13:
a8:c9:00:41:b1:30:64:f7:86:c3:ab:ed:e3:8a:3b:
57:3d:dd:2d:3e:2b:9e:8f:6b:26:06:4e:4e:75:52:
3d:06:3c:3c:d3:42:37:47:59:09:19:4c:32:1b:c2:
86:4b:44:ba:9a:3b:eb:73:6b:8b:de:b6:91:49:0a:
ac:ed:68:9e:57:7f:21:5e:8a:f7:b1:e4:6d:9f:69:
0a:b0:f2:ec:00:86:23:9c:30:c3:33:f3:b0:b7:b6:
f2:ea:c6:e1:89:81:8e:91:aa:55:18:74:d6:df:cb:
ef:51:07:a5:13:dd:fd:5f:f4:d0:41:d4:cc:d5:f3:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:69:55:28:CC:FF:5F:8E:8A:14:A8:D7:FF:AC:7D:B6:F9:87:D6:E1
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/H2lVKMz_X46KFKjX_6x9tvmH1uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.172.0/22
Signature Algorithm: sha256WithRSAEncryption
31:e1:ec:8b:d5:06:af:9f:48:71:29:18:5a:37:4e:c8:5b:ef:
b7:7b:e6:b3:df:82:ef:bc:bc:d7:fa:bf:a0:30:23:ab:73:7e:
06:94:a0:6b:73:f7:ff:1d:ed:93:d8:3e:2a:af:77:c5:5c:6f:
30:6b:7e:ff:a1:dd:6b:35:c8:2a:cf:11:1f:6a:a6:d2:ce:5a:
79:df:22:a2:8e:71:84:ad:88:2b:a6:39:6c:60:e1:53:95:3b:
1c:a7:f3:df:76:94:79:a0:75:72:a2:b1:4a:76:92:a8:b2:dd:
2e:05:0e:3c:a3:04:23:c4:64:c9:cf:18:19:d6:48:65:1f:a8:
70:8c:7c:62:88:ad:68:06:80:ef:92:c6:0f:27:4c:be:17:ed:
2c:24:e8:06:f8:a3:e9:d3:28:81:3d:2e:9f:de:0d:d3:e0:b6:
59:f4:43:b0:db:aa:bf:2a:30:12:15:15:0c:eb:78:9b:36:d1:
95:36:da:47:54:da:f4:d3:90:33:26:05:69:7b:e6:e5:d3:cc:
8a:bd:4d:e7:10:2f:3f:41:0d:94:b7:3e:46:f2:25:53:d5:5f:
59:78:1c:13:f4:56:31:4c:1f:3b:f3:e8:5d:62:15:58:70:da:
46:74:05:2e:eb:06:e7:ef:20:60:7d:eb:11:18:1e:80:0a:f8:
bb:46:ab:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH31Jwndoe2jh1qkcI0/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjUwMTAxMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY5NTUyOGNjZmY1ZjhlOGExNGE4ZDdmZmFjN2RiNmY5ODdkNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdzdxgG4Yha1KLEMY+P6fbShIyh2
8YSuDw0m/CDJCs72vGwCORn39eU7qIljlAh3af9OCN/LpHX9CyPRYqg0c6hEYiJJ
guW7vHIv/h7kYpvhhtOmH5qDgxOn2zPf14Typ69g8ukC9jZMPM08boyjXjgxhXlv
BHaC8Cnl/CC0ps7tVBvAxBOoyQBBsTBk94bDq+3jijtXPd0tPiuej2smBk5OdVI9
Bjw800I3R1kJGUwyG8KGS0S6mjvrc2uL3raRSQqs7WieV38hXor3seRtn2kKsPLs
AIYjnDDDM/Owt7by6sbhiYGOkapVGHTW38vvUQelE939X/TQQdTM1fO9JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9pVSjM/1+OihSo1/+sfbb5h9bhMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvSDJsVktNel9YNDZLRktqWF82eDl0dm1IMXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVisMA0G
CSqGSIb3DQEBCwUAA4IBAQAx4eyL1Qavn0hxKRhaN07IW++3e+az34LvvLzX+r+g
MCOrc34GlKBrc/f/He2T2D4qr3fFXG8wa37/od1rNcgqzxEfaqbSzlp53yKijnGE
rYgrpjlsYOFTlTscp/PfdpR5oHVyorFKdpKost0uBQ48owQjxGTJzxgZ1khlH6hw
jHxiiK1oBoDvksYPJ0y+F+0sJOgG+KPp0yiBPS6f3g3T4LZZ9EOw26q/KjASFRUM
63ibNtGVNtpHVNr005AzJgVpe+bl08yKvU3nEC8/QQ2Utz5G8iVT1V9ZeBwT9FYx
TB878+hdYhVYcNpGdAUu6wbn7yBgfesRGB6ACvi7Rqtr
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:39:20 2025 by rpki-client