Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/HaXkt_iXcDLSzXUQzQHcOheKnmQ.roa
File: HaXkt_iXcDLSzXUQzQHcOheKnmQ.roa (raw, json)
Hash identifier: 7Mab3cZpcwKSJ+gVjA92+tciQTZGiNiriF1pEIsy5LY=
Subject key identifier: 1D:A5:E4:B7:F8:97:70:32:D2:CD:75:10:CD:01:DC:3A:17:8A:9E:64
Certificate issuer: /CN=0297a58998f0974347081c17f25eedd65fad9661
Certificate serial: 018CC64A8641AAED589D3A10E6E6A3A3082D
Authority key identifier: 02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/HaXkt_iXcDLSzXUQzQHcOheKnmQ.roa
Signing time: Mon 01 Jan 2024 18:30:21 +0000
ROA not before: Mon 01 Jan 2024 18:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198588
IP address blocks: 164.138.2.0/24 maxlen: 24
164.138.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:86:41:aa:ed:58:9d:3a:10:e6:e6:a3:a3:08:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0297a58998f0974347081c17f25eedd65fad9661
Validity
Not Before: Jan 1 18:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1da5e4b7f8977032d2cd7510cd01dc3a178a9e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6a:9d:34:96:92:50:bf:ae:61:c5:18:cf:13:
82:b5:17:98:78:6b:fd:78:09:33:19:8d:03:a9:cf:
1b:bd:6b:8c:8b:c3:df:48:6d:d4:dd:23:c9:74:f7:
1f:41:0b:52:0c:df:e2:f9:29:d7:20:5d:42:ba:c3:
3a:4b:d8:52:ec:04:2b:d6:37:ee:cf:e1:f5:6f:3f:
88:0b:b2:ae:09:40:96:65:50:2c:88:04:ee:fb:4a:
1b:8b:a5:05:7e:69:64:44:fa:10:87:49:aa:37:f1:
8f:90:2d:07:c8:c0:c5:8d:89:0b:c0:f0:4a:6f:22:
78:f2:5e:3e:41:67:57:d5:44:a3:4f:35:f2:2e:3d:
4f:94:e6:27:64:76:63:8f:cd:5c:1d:16:5d:52:8a:
3b:27:49:20:45:f0:4d:33:96:d3:c2:77:8a:e7:d5:
a0:cc:da:89:c1:6a:56:85:fa:68:ef:e5:2f:7b:c1:
14:9a:5e:d5:00:d2:7e:f2:02:b9:d6:c3:ee:6b:d0:
2a:ef:d2:1e:07:79:a3:95:8f:f0:be:29:ed:80:e6:
ff:f9:c4:06:bb:50:ce:91:5c:f7:b4:6d:18:cd:e5:
ce:79:1e:97:04:c4:72:93:79:69:52:01:94:28:45:
3f:39:af:38:e4:79:41:18:b2:9f:7a:f6:26:b4:17:
03:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A5:E4:B7:F8:97:70:32:D2:CD:75:10:CD:01:DC:3A:17:8A:9E:64
X509v3 Authority Key Identifier:
keyid:02:97:A5:89:98:F0:97:43:47:08:1C:17:F2:5E:ED:D6:5F:AD:96:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApeliZjwl0NHCBwX8l7t1l-tlmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/HaXkt_iXcDLSzXUQzQHcOheKnmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1293db-c752-4d03-857d-579531e5a00f/1/ApeliZjwl0NHCBwX8l7t1l-tlmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.0.0/24
164.138.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:76:85:fe:03:fa:b6:65:a6:cc:06:7c:a8:3c:81:df:8b:87:
3f:11:ac:11:5e:99:73:d9:92:bd:2e:3e:91:de:2a:2d:7c:6b:
a3:78:5f:7b:c8:25:ad:67:e4:3f:3c:b8:a4:27:a0:5a:fd:69:
76:33:8c:84:62:f4:3f:10:10:05:ab:f2:7e:b5:7c:26:90:aa:
3b:86:cb:2f:ed:04:33:db:10:f9:4c:25:0b:86:fb:e9:f4:03:
7d:cc:02:8c:4f:3d:64:0e:de:a1:b6:86:fd:95:68:b5:d1:68:
fc:e4:0c:b9:d1:96:57:c0:21:26:2c:9a:3c:87:0c:f7:b3:c3:
ac:82:3c:b1:88:ea:ee:57:0f:e3:70:a5:e6:e4:9e:45:da:be:
02:e6:c5:75:bf:c6:95:94:32:72:f1:e5:96:e9:61:24:38:05:
8e:80:45:66:32:75:7b:49:50:35:de:5a:0b:6c:17:50:4c:f3:
e9:66:cf:52:51:ca:d0:1e:79:93:67:71:fe:4d:83:0d:d9:9f:
b9:b8:fc:58:64:d6:93:c4:2b:d8:9f:5b:c7:bf:6c:19:19:8e:
99:60:c9:b7:fe:19:b9:32:0a:b6:89:c3:dc:95:48:8a:15:38:
af:87:2e:a4:97:d6:16:4a:8f:0b:7c:73:54:fa:32:29:3e:53:
37:76:ab:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSoZBqu1YnToQ5uajowgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTdhNTg5OThmMDk3NDM0NzA4MWMxN2YyNWVlZGQ2NWZh
ZDk2NjEwHhcNMjQwMTAxMTgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE1ZTRiN2Y4OTc3MDMyZDJjZDc1MTBjZDAxZGMzYTE3OGE5ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2qdNJaSUL+uYcUYzxOCtReYeGv9
eAkzGY0Dqc8bvWuMi8PfSG3U3SPJdPcfQQtSDN/i+SnXIF1CusM6S9hS7AQr1jfu
z+H1bz+IC7KuCUCWZVAsiATu+0obi6UFfmlkRPoQh0mqN/GPkC0HyMDFjYkLwPBK
byJ48l4+QWdX1USjTzXyLj1PlOYnZHZjj81cHRZdUoo7J0kgRfBNM5bTwneK59Wg
zNqJwWpWhfpo7+Uve8EUml7VANJ+8gK51sPua9Aq79IeB3mjlY/wvintgOb/+cQG
u1DOkVz3tG0YzeXOeR6XBMRyk3lpUgGUKEU/Oa845HlBGLKfevYmtBcD5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB2l5Lf4l3Ay0s11EM0B3DoXip5kMB8GA1UdIwQY
MBaAFAKXpYmY8JdDRwgcF/Je7dZfrZZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2Qt
NTc5NTMxZTVhMDBmLzEvSGFYa3RfaVhjRExTelhVUXpRSGNPaGVLbm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xMjkzZGItYzc1Mi00ZDAzLTg1N2QtNTc5NTMxZTVhMDBm
LzEvQXBlbGlaandsME5IQ0J3WDhsN3QxbC10bG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQApIoAAwQA
pIoCMA0GCSqGSIb3DQEBCwUAA4IBAQBsdoX+A/q2ZabMBnyoPIHfi4c/EawRXplz
2ZK9Lj6R3iotfGujeF97yCWtZ+Q/PLikJ6Ba/Wl2M4yEYvQ/EBAFq/J+tXwmkKo7
hssv7QQz2xD5TCULhvvp9AN9zAKMTz1kDt6htob9lWi10Wj85Ay50ZZXwCEmLJo8
hwz3s8OsgjyxiOruVw/jcKXm5J5F2r4C5sV1v8aVlDJy8eWW6WEkOAWOgEVmMnV7
SVA13loLbBdQTPPpZs9SUcrQHnmTZ3H+TYMN2Z+5uPxYZNaTxCvYn1vHv2wZGY6Z
YMm3/hm5Mgq2icPclUiKFTivhy6kl9YWSo8LfHNU+jIpPlM3dqt1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:48 2025 by rpki-client