Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/HSnWcSNOZ4OY_CttGpyQfNSZAZs.roa
File: HSnWcSNOZ4OY_CttGpyQfNSZAZs.roa (raw, json)
Hash identifier: CcLUNhxOoVn4MfFa9d/eD1RrOw7AjPt46Gfl/NCHsbA=
Subject key identifier: 1D:29:D6:71:23:4E:67:83:98:FC:2B:6D:1A:9C:90:7C:D4:99:01:9B
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 019424B3AC64FD64C3B87474A6442EC5E401
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/HSnWcSNOZ4OY_CttGpyQfNSZAZs.roa
Signing time: Thu 02 Jan 2025 01:49:02 +0000
ROA not before: Thu 02 Jan 2025 01:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 195.191.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ac:64:fd:64:c3:b8:74:74:a6:44:2e:c5:e4:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 2 01:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d29d671234e678398fc2b6d1a9c907cd499019b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7d:e8:b5:12:6f:1e:c0:97:ff:36:7b:1f:b1:
ed:50:93:54:66:8d:a1:b1:6a:2d:cb:4a:90:ff:73:
52:e7:0f:74:ad:e2:0e:c1:14:ab:a4:9c:b2:c2:19:
04:1f:9f:12:24:6e:1a:20:21:87:a0:80:71:77:1e:
53:9e:9a:48:db:90:3f:52:0f:33:f3:b6:44:15:e8:
31:cb:0e:5e:a9:b7:dc:f4:fa:bc:d8:6a:60:41:a5:
c4:68:40:5d:92:44:fc:b6:66:df:a0:a4:08:f2:63:
cc:f4:ce:a6:5f:75:41:30:08:6f:44:ba:db:99:da:
c4:d2:71:e8:9e:fc:64:f8:36:d9:1f:22:fa:78:b7:
5f:1f:fb:fc:9c:21:59:e4:e0:56:ec:59:37:10:79:
56:6f:28:1e:a2:e5:fe:3f:85:b2:55:32:1a:0b:ef:
90:fe:d4:87:4a:44:17:31:8c:2f:44:72:19:c2:ad:
54:b2:ac:f3:6d:6b:ca:d0:ae:16:0b:30:b9:fe:e0:
78:cc:63:d2:10:30:40:06:ee:4b:7c:1a:bf:2a:61:
1b:51:6a:32:bb:62:16:39:22:21:a9:bb:1d:27:df:
fb:97:4b:49:51:5e:11:0d:9c:e0:09:bb:23:be:a5:
2f:2f:4b:20:fc:74:bb:7d:f8:d6:52:9f:03:a7:5f:
fc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:29:D6:71:23:4E:67:83:98:FC:2B:6D:1A:9C:90:7C:D4:99:01:9B
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/HSnWcSNOZ4OY_CttGpyQfNSZAZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.145.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:24:84:44:0e:1c:65:01:6c:59:2a:44:e5:ce:65:2c:0c:8c:
2d:76:3a:aa:56:cf:cc:75:55:63:d8:5a:34:04:d9:74:87:83:
52:f5:53:9f:2d:c6:01:21:5e:e3:c5:95:85:8a:39:15:b0:49:
02:cc:e9:17:ce:50:4b:fb:ee:94:33:c7:f6:ff:35:39:61:5a:
49:1c:2c:4e:72:00:10:1d:76:72:fe:67:a3:c3:6c:c7:91:99:
a3:44:99:8e:2e:95:8b:da:4f:6e:8c:90:98:8b:2e:2c:b2:ab:
d0:e8:e5:35:91:02:88:d5:00:dc:b8:54:76:b3:89:23:d2:9b:
2e:38:bc:13:0f:43:44:fd:3b:a3:84:7d:ff:af:03:77:a8:54:
e6:e2:93:a6:03:44:49:f8:c3:f5:ab:4c:c0:d6:0f:a2:fe:38:
35:72:78:18:f0:59:e2:59:4d:80:c3:92:3b:54:7f:02:9b:62:
87:b9:aa:e3:98:9e:f4:ce:f6:8b:22:fa:ca:8b:d0:af:6c:ff:
35:10:e0:ef:6c:cd:3a:1a:e5:88:3a:6c:05:ad:97:e0:3a:57:
2e:32:94:52:df:ca:d1:07:67:05:9e:bd:0b:eb:02:75:8f:bf:
d8:a0:09:e3:be:77:54:fe:cc:a0:87:a0:21:1a:74:d7:f7:f5:
aa:29:41:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks6xk/WTDuHR0pkQuxeQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjUwMTAyMDE0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI5ZDY3MTIzNGU2NzgzOThmYzJiNmQxYTljOTA3Y2Q0OTkwMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X3otRJvHsCX/zZ7H7HtUJNUZo2h
sWoty0qQ/3NS5w90reIOwRSrpJyywhkEH58SJG4aICGHoIBxdx5TnppI25A/Ug8z
87ZEFegxyw5eqbfc9Pq82GpgQaXEaEBdkkT8tmbfoKQI8mPM9M6mX3VBMAhvRLrb
mdrE0nHonvxk+DbZHyL6eLdfH/v8nCFZ5OBW7Fk3EHlWbygeouX+P4WyVTIaC++Q
/tSHSkQXMYwvRHIZwq1UsqzzbWvK0K4WCzC5/uB4zGPSEDBABu5LfBq/KmEbUWoy
u2IWOSIhqbsdJ9/7l0tJUV4RDZzgCbsjvqUvL0sg/HS7ffjWUp8Dp1/8SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0p1nEjTmeDmPwrbRqckHzUmQGbMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvSFNuV2NTTk9aNE9ZX0N0dEdweVFmTlNaQVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7+RMA0G
CSqGSIb3DQEBCwUAA4IBAQBKJIREDhxlAWxZKkTlzmUsDIwtdjqqVs/MdVVj2Fo0
BNl0h4NS9VOfLcYBIV7jxZWFijkVsEkCzOkXzlBL++6UM8f2/zU5YVpJHCxOcgAQ
HXZy/mejw2zHkZmjRJmOLpWL2k9ujJCYiy4ssqvQ6OU1kQKI1QDcuFR2s4kj0psu
OLwTD0NE/TujhH3/rwN3qFTm4pOmA0RJ+MP1q0zA1g+i/jg1cngY8FniWU2Aw5I7
VH8Cm2KHuarjmJ70zvaLIvrKi9CvbP81EODvbM06GuWIOmwFrZfgOlcuMpRS38rR
B2cFnr0L6wJ1j7/YoAnjvndU/sygh6AhGnTX9/WqKUHX
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:50:22 2025 by rpki-client