Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/HlhGwox0aJb61kfrs7BuaHN-VF8.roa
File: HlhGwox0aJb61kfrs7BuaHN-VF8.roa (raw, json)
Hash identifier: nRY8bcQaWh/p9xvzrHmxNhz/hf9aCkl2wUIjrSIMcQ0=
Subject key identifier: 1E:58:46:C2:8C:74:68:96:FA:D6:47:EB:B3:B0:6E:68:73:7E:54:5F
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018CC870711D21911096ABE83FF397916796
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/HlhGwox0aJb61kfrs7BuaHN-VF8.roa
Signing time: Tue 02 Jan 2024 04:31:01 +0000
ROA not before: Tue 02 Jan 2024 04:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:71:1d:21:91:10:96:ab:e8:3f:f3:97:91:67:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jan 2 04:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e5846c28c746896fad647ebb3b06e68737e545f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:85:1f:87:aa:97:40:5f:9a:97:18:37:c7:
17:c6:8c:7e:c0:86:ea:ec:b2:2c:5b:d7:47:29:0d:
3f:74:5f:c4:5e:47:69:62:17:ab:0a:85:4f:09:1b:
72:5f:40:53:ae:4c:40:fa:83:ba:df:39:39:f6:97:
1b:7e:33:9f:ec:e2:ab:7f:09:c0:f1:74:c7:20:d8:
8b:a5:b5:c6:7c:f5:89:99:a3:48:d5:71:23:65:bb:
0c:98:bf:12:72:9f:21:c7:c2:9e:af:92:6c:40:eb:
a0:2d:14:39:b1:fe:e7:d2:95:96:65:42:af:21:b4:
75:ad:89:6e:a3:ff:8b:99:ac:2a:27:52:d1:e7:21:
f6:89:f3:eb:1a:ff:5b:06:ef:97:91:5d:5c:61:28:
7d:00:6a:ad:56:3d:2f:89:39:2b:a8:3b:fc:e3:93:
b2:37:d4:ca:3a:bb:03:01:c1:14:8f:01:43:af:1a:
aa:04:d2:4e:14:0b:53:54:ae:96:6b:76:6f:3f:0b:
49:9a:ca:a5:b9:6e:74:9c:18:06:3c:23:58:2d:bf:
57:4b:de:9d:cf:28:0c:68:ba:5a:1a:2e:fb:b7:fa:
bf:61:e7:df:8c:2f:29:a9:00:0e:66:41:cb:1a:57:
e6:21:07:f5:ee:2e:4d:f0:0b:cc:6a:c6:4d:3e:46:
c5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:58:46:C2:8C:74:68:96:FA:D6:47:EB:B3:B0:6E:68:73:7E:54:5F
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/HlhGwox0aJb61kfrs7BuaHN-VF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.66.0/23
Signature Algorithm: sha256WithRSAEncryption
45:98:c5:4b:53:63:e7:39:fe:4b:92:7d:33:dd:17:4a:3d:fc:
b7:06:59:cd:25:1c:f8:ff:98:c2:9c:ae:97:e5:a3:d8:89:7d:
3a:7a:f7:34:87:0b:8a:a3:a7:f8:5e:8e:5f:f4:b4:d5:30:ce:
c3:4a:0e:be:6d:d0:b8:9a:40:3f:15:aa:35:46:79:10:da:4c:
ac:8e:b7:40:c5:3f:d0:5f:83:31:d9:2c:9c:fb:13:60:f5:79:
ca:a0:74:c7:7b:18:f6:7d:18:7f:09:61:1c:f8:f2:03:cc:2e:
03:fc:4c:6f:09:98:08:1b:b9:3e:67:58:f2:30:e8:40:d6:56:
05:1a:43:2c:41:e6:d0:f0:34:33:b1:1a:e4:f3:f9:5c:bb:3f:
78:82:83:41:c7:21:8c:07:d6:e8:e9:67:9d:ce:b8:94:34:bd:
b5:93:49:b1:81:33:49:85:cf:b4:0f:c9:94:8e:83:44:b9:2f:
23:d5:b9:00:3c:38:fd:29:9b:2e:d6:b3:05:0a:9c:01:2a:36:
f9:05:97:60:d0:be:46:d5:4e:0a:63:b3:9a:35:3d:1a:06:ff:
15:19:3e:c3:26:44:5c:a9:20:f8:e2:86:f4:c2:5f:f9:fb:5f:
43:56:83:1c:26:01:cd:a1:f4:f1:43:d9:a8:a7:07:ea:7f:2e:
e8:0e:1b:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcHEdIZEQlqvoP/OXkWeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjQwMTAyMDQzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU4NDZjMjhjNzQ2ODk2ZmFkNjQ3ZWJiM2IwNmU2ODczN2U1NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE6FH4eql0BfmpcYN8cXxox+wIbq
7LIsW9dHKQ0/dF/EXkdpYherCoVPCRtyX0BTrkxA+oO63zk59pcbfjOf7OKrfwnA
8XTHINiLpbXGfPWJmaNI1XEjZbsMmL8Scp8hx8Ker5JsQOugLRQ5sf7n0pWWZUKv
IbR1rYluo/+LmawqJ1LR5yH2ifPrGv9bBu+XkV1cYSh9AGqtVj0viTkrqDv845Oy
N9TKOrsDAcEUjwFDrxqqBNJOFAtTVK6Wa3ZvPwtJmsqluW50nBgGPCNYLb9XS96d
zygMaLpaGi77t/q/YeffjC8pqQAOZkHLGlfmIQf17i5N8AvMasZNPkbFzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5YRsKMdGiW+tZH67OwbmhzflRfMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvSGxoR3dveDBhSmI2MWtmcnM3QnVhSE4tVkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZtCMA0G
CSqGSIb3DQEBCwUAA4IBAQBFmMVLU2PnOf5Lkn0z3RdKPfy3BlnNJRz4/5jCnK6X
5aPYiX06evc0hwuKo6f4Xo5f9LTVMM7DSg6+bdC4mkA/Fao1RnkQ2kysjrdAxT/Q
X4Mx2Syc+xNg9XnKoHTHexj2fRh/CWEc+PIDzC4D/ExvCZgIG7k+Z1jyMOhA1lYF
GkMsQebQ8DQzsRrk8/lcuz94goNBxyGMB9bo6WedzriUNL21k0mxgTNJhc+0D8mU
joNEuS8j1bkAPDj9KZsu1rMFCpwBKjb5BZdg0L5G1U4KY7OaNT0aBv8VGT7DJkRc
qSD44ob0wl/5+19DVoMcJgHNofTxQ9mopwfqfy7oDht/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:08 2024 by rpki-client on console-fra.rpki-client.org