Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/27145a-3e6f-4b92-b95b-12a29761e094/1/hwIYyALOwoBN5zxSDcMvXKZuEhU.roa
File: hwIYyALOwoBN5zxSDcMvXKZuEhU.roa (raw, json)
Hash identifier: UgZLdR3szHuIjLGcrVjUdsIwYk5m69uSb6Pgyz7tXrM=
Subject key identifier: 87:02:18:C8:02:CE:C2:80:4D:E7:3C:52:0D:C3:2F:5C:A6:6E:12:15
Certificate issuer: /CN=2628cc7f06ea09a247f6be9e9e574c4f37b4e9b6
Certificate serial: 019420D5B5413855CFDD76908937512AA06B
Authority key identifier: 26:28:CC:7F:06:EA:09:A2:47:F6:BE:9E:9E:57:4C:4F:37:B4:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JijMfwbqCaJH9r6enldMTze06bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/27145a-3e6f-4b92-b95b-12a29761e094/1/hwIYyALOwoBN5zxSDcMvXKZuEhU.roa
Signing time: Wed 01 Jan 2025 07:47:43 +0000
ROA not before: Wed 01 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56595
IP address blocks: 45.149.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b5:41:38:55:cf:dd:76:90:89:37:51:2a:a0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2628cc7f06ea09a247f6be9e9e574c4f37b4e9b6
Validity
Not Before: Jan 1 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=870218c802cec2804de73c520dc32f5ca66e1215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c3:bf:9d:82:22:0a:e7:0b:f7:b5:ee:74:28:
4d:7d:7a:6c:1a:9a:d7:ca:f6:61:d8:d8:a1:84:b1:
1c:49:19:e9:cd:fd:04:61:57:f1:a7:63:a6:76:ae:
80:90:80:ef:7e:48:2b:b8:e1:1e:23:d1:48:76:25:
8e:92:d8:1c:c9:7a:70:3a:00:76:29:b2:7d:a7:21:
b1:44:41:a4:3b:40:9c:91:e3:9d:bc:81:61:be:02:
90:94:12:eb:dd:92:a5:c1:6d:1e:db:6c:af:ef:4c:
07:ed:0f:f9:9e:82:d6:3d:40:0e:72:cb:6b:47:6f:
08:68:cb:1f:bf:21:a2:95:fd:de:0c:2b:ea:4b:09:
58:b7:b0:1a:35:d4:f2:6b:ff:75:24:2b:8f:fd:e5:
4e:74:97:f8:d9:96:ba:02:e1:53:9d:fa:d7:b0:10:
56:65:77:43:00:df:1c:4b:7c:b8:35:87:39:ea:ef:
62:2f:93:2d:1d:4a:08:fa:80:8f:c3:ad:66:56:e9:
bc:98:1d:02:98:62:74:e9:57:c8:41:74:30:cd:60:
aa:67:a9:56:a8:d0:6d:b0:37:0f:0f:78:5c:60:a0:
32:7e:a4:10:1e:e6:5b:85:c2:f3:b2:22:8a:f9:6e:
66:78:64:b3:10:c5:23:01:54:77:57:b3:84:fa:09:
13:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:02:18:C8:02:CE:C2:80:4D:E7:3C:52:0D:C3:2F:5C:A6:6E:12:15
X509v3 Authority Key Identifier:
keyid:26:28:CC:7F:06:EA:09:A2:47:F6:BE:9E:9E:57:4C:4F:37:B4:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JijMfwbqCaJH9r6enldMTze06bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/27145a-3e6f-4b92-b95b-12a29761e094/1/hwIYyALOwoBN5zxSDcMvXKZuEhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/27145a-3e6f-4b92-b95b-12a29761e094/1/JijMfwbqCaJH9r6enldMTze06bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.252.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:58:6a:7f:3b:9f:c0:b9:c1:c7:3c:1f:0d:cc:45:f7:ed:ba:
a7:60:f6:2a:2c:4e:2c:1c:2a:5e:dc:51:11:2a:2f:b1:ae:f8:
16:1a:6e:9d:38:99:fb:a1:76:0a:c7:c5:05:d5:0b:4f:f4:4e:
ca:4b:9a:e4:b1:4d:28:7b:13:31:2a:cd:f2:86:31:e9:3a:10:
78:de:7f:a5:39:46:3b:20:05:1f:21:10:c0:2f:5e:0f:3c:2d:
eb:75:d0:22:f4:bb:ae:83:39:de:8d:33:ea:04:e1:f1:83:fd:
64:6b:e6:b4:a0:1b:36:80:b8:9f:1e:10:ed:f0:98:cd:45:6a:
5e:37:3e:ee:78:80:c5:cc:20:f5:52:59:c5:78:c0:bc:77:03:
1e:7d:67:38:70:92:81:6c:79:69:45:5f:de:1d:44:a7:ef:33:
72:a4:dd:64:f0:82:9b:3f:61:dc:ab:16:1b:a8:2b:03:c5:39:
fa:fd:2f:16:12:42:83:7c:07:98:36:5f:52:2d:87:a0:50:f9:
6a:a5:94:3f:71:94:84:14:0d:0e:b0:17:b6:34:2c:15:08:5a:
cc:18:d2:bd:05:d7:70:49:4f:62:fc:2f:f8:f1:63:13:b2:cb:
00:6e:58:27:b9:3a:f3:3b:1e:80:eb:2d:3d:ef:4f:c0:1d:97:
26:ef:c4:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1bVBOFXP3XaQiTdRKqBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MjhjYzdmMDZlYTA5YTI0N2Y2YmU5ZTllNTc0YzRmMzdi
NGU5YjYwHhcNMjUwMTAxMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzAyMThjODAyY2VjMjgwNGRlNzNjNTIwZGMzMmY1Y2E2NmUxMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8O/nYIiCucL97XudChNfXpsGprX
yvZh2NihhLEcSRnpzf0EYVfxp2Omdq6AkIDvfkgruOEeI9FIdiWOktgcyXpwOgB2
KbJ9pyGxREGkO0CckeOdvIFhvgKQlBLr3ZKlwW0e22yv70wH7Q/5noLWPUAOcstr
R28IaMsfvyGilf3eDCvqSwlYt7AaNdTya/91JCuP/eVOdJf42Za6AuFTnfrXsBBW
ZXdDAN8cS3y4NYc56u9iL5MtHUoI+oCPw61mVum8mB0CmGJ06VfIQXQwzWCqZ6lW
qNBtsDcPD3hcYKAyfqQQHuZbhcLzsiKK+W5meGSzEMUjAVR3V7OE+gkTiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcCGMgCzsKATec8Ug3DL1ymbhIVMB8GA1UdIwQY
MBaAFCYozH8G6gmiR/a+np5XTE83tOm2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmlqTWZ3YnFDYUpIOXI2ZW5sZE1UemUwNmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yNzE0NWEtM2U2Zi00YjkyLWI5NWIt
MTJhMjk3NjFlMDk0LzEvaHdJWXlBTE93b0JONXp4U0RjTXZYS1p1RWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8yNzE0NWEtM2U2Zi00YjkyLWI5NWItMTJhMjk3NjFlMDk0
LzEvSmlqTWZ3YnFDYUpIOXI2ZW5sZE1UemUwNmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZX8MA0G
CSqGSIb3DQEBCwUAA4IBAQDJWGp/O5/AucHHPB8NzEX37bqnYPYqLE4sHCpe3FER
Ki+xrvgWGm6dOJn7oXYKx8UF1QtP9E7KS5rksU0oexMxKs3yhjHpOhB43n+lOUY7
IAUfIRDAL14PPC3rddAi9LuugznejTPqBOHxg/1ka+a0oBs2gLifHhDt8JjNRWpe
Nz7ueIDFzCD1UlnFeMC8dwMefWc4cJKBbHlpRV/eHUSn7zNypN1k8IKbP2HcqxYb
qCsDxTn6/S8WEkKDfAeYNl9SLYegUPlqpZQ/cZSEFA0OsBe2NCwVCFrMGNK9Bddw
SU9i/C/48WMTsssAblgnuTrzOx6A6y0970/AHZcm78SE
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:20:50 2025 by rpki-client