Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/h6WkXFQCalKSUE8qQsL0s6At9NA.roa
File: h6WkXFQCalKSUE8qQsL0s6At9NA.roa (raw, json)
Hash identifier: xC7sZws2p6+JMX2/NZkkNUsOt0/rPDjC11vfXSnqVOc=
Subject key identifier: 87:A5:A4:5C:54:02:6A:52:92:50:4F:2A:42:C2:F4:B3:A0:2D:F4:D0
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 019422FB64E1B4A51FD86C67FB08A18B9905
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/h6WkXFQCalKSUE8qQsL0s6At9NA.roa
Signing time: Wed 01 Jan 2025 17:48:08 +0000
ROA not before: Wed 01 Jan 2025 17:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197328
IP address blocks: 45.14.82.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:64:e1:b4:a5:1f:d8:6c:67:fb:08:a1:8b:99:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jan 1 17:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87a5a45c54026a5292504f2a42c2f4b3a02df4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:78:8c:dd:31:e8:11:72:d4:6a:5e:65:00:e9:
1f:57:d6:58:5a:d5:bd:4a:4a:6a:77:1d:3c:3e:6c:
d5:51:a3:e4:c3:5f:21:bf:fc:10:c9:9e:99:f2:40:
d4:40:12:6d:4f:f0:4b:a5:45:03:87:f9:b8:11:ad:
ee:34:f2:e9:b1:02:5d:9e:ff:12:89:48:53:cc:79:
44:b6:3f:d6:f5:d7:30:82:3d:ed:e9:43:10:dd:4e:
b9:31:8a:6d:a1:50:15:c6:cb:1b:72:e3:c3:9c:cd:
94:4d:0c:06:ae:95:b3:dd:c2:ce:c0:34:96:ed:0f:
58:84:d2:33:3e:92:96:6b:cd:e9:68:26:e2:52:4f:
f8:a3:dc:1c:a3:7d:64:23:0b:ef:48:7d:8e:09:96:
d0:79:ad:17:3e:b4:55:6e:9d:4e:a8:40:f0:ab:af:
ee:18:4c:d0:86:e7:c2:10:26:1f:16:da:b5:67:b3:
5c:ee:19:60:a8:da:b8:ea:53:f0:4f:c8:4f:a8:5a:
a9:f1:0a:aa:9d:0a:ba:1b:af:0d:b2:68:29:9c:4e:
be:8a:fd:47:bf:de:8f:b6:89:d4:14:ca:bb:63:b0:
8c:e3:db:81:2f:10:5d:18:f2:9b:c9:7f:2d:f9:68:
8d:4a:81:3b:d0:cd:80:66:e6:75:5a:bd:3b:1f:8f:
86:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A5:A4:5C:54:02:6A:52:92:50:4F:2A:42:C2:F4:B3:A0:2D:F4:D0
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/h6WkXFQCalKSUE8qQsL0s6At9NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.82.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:37:0d:a9:15:81:ad:59:16:e6:3e:9b:d4:20:82:db:a3:96:
39:f9:39:c3:e0:88:c0:f5:43:79:7c:16:98:35:a2:8c:36:cc:
f8:47:fa:ad:ee:4f:f4:59:99:34:4f:fa:10:f1:de:33:64:09:
69:21:f1:13:97:48:be:bc:d3:70:9b:23:ee:48:af:10:ae:fa:
cb:70:b5:5d:ec:4a:c1:c1:57:18:17:84:ec:a6:91:24:06:33:
1c:e7:00:63:ae:c2:f8:11:3a:24:2d:c3:92:c8:92:48:a3:da:
6f:23:ad:4f:82:63:ef:d4:8f:b8:4f:31:20:c8:ee:e8:36:f6:
0b:6a:43:d2:8a:03:80:5b:be:2b:58:de:8c:ab:c6:6f:c9:1c:
96:7f:d5:5b:b8:87:c6:4b:57:0c:b8:13:18:4e:8a:cd:bd:d1:
a7:9e:f8:dc:b2:f0:e6:02:66:22:9c:c7:19:b9:53:1b:97:1e:
b3:d0:74:0e:61:0f:22:20:05:c5:38:44:3c:4b:e4:74:bd:cd:
86:2e:5d:f6:4f:4f:65:4f:46:67:54:82:3b:e9:c5:b3:80:59:
62:a5:d5:ad:be:6c:8d:6d:51:48:64:bb:4d:9d:b4:84:06:78:
6a:10:6f:64:04:3a:40:17:45:47:71:33:37:4a:d7:60:f8:5b:
e8:66:43:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2ThtKUf2Gxn+wihi5kFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjUwMTAxMTc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2E1YTQ1YzU0MDI2YTUyOTI1MDRmMmE0MmMyZjRiM2EwMmRmNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArniM3THoEXLUal5lAOkfV9ZYWtW9
Skpqdx08PmzVUaPkw18hv/wQyZ6Z8kDUQBJtT/BLpUUDh/m4Ea3uNPLpsQJdnv8S
iUhTzHlEtj/W9dcwgj3t6UMQ3U65MYptoVAVxssbcuPDnM2UTQwGrpWz3cLOwDSW
7Q9YhNIzPpKWa83paCbiUk/4o9wco31kIwvvSH2OCZbQea0XPrRVbp1OqEDwq6/u
GEzQhufCECYfFtq1Z7Nc7hlgqNq46lPwT8hPqFqp8QqqnQq6G68NsmgpnE6+iv1H
v96PtonUFMq7Y7CM49uBLxBdGPKbyX8t+WiNSoE70M2AZuZ1Wr07H4+GPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIelpFxUAmpSklBPKkLC9LOgLfTQMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaDZXa1hGUUNhbEtTVUU4cVFzTDBzNkF0OU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQ5SMA0G
CSqGSIb3DQEBCwUAA4IBAQAdNw2pFYGtWRbmPpvUIILbo5Y5+TnD4IjA9UN5fBaY
NaKMNsz4R/qt7k/0WZk0T/oQ8d4zZAlpIfETl0i+vNNwmyPuSK8QrvrLcLVd7ErB
wVcYF4TsppEkBjMc5wBjrsL4ETokLcOSyJJIo9pvI61PgmPv1I+4TzEgyO7oNvYL
akPSigOAW74rWN6Mq8ZvyRyWf9VbuIfGS1cMuBMYTorNvdGnnvjcsvDmAmYinMcZ
uVMblx6z0HQOYQ8iIAXFOEQ8S+R0vc2GLl32T09lT0ZnVII76cWzgFlipdWtvmyN
bVFIZLtNnbSEBnhqEG9kBDpAF0VHcTM3Stdg+FvoZkNy
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:19:30 2025 by rpki-client