Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/HtZQ9IhFleDKqzR1bRiM63nxSGQ.roa
File: HtZQ9IhFleDKqzR1bRiM63nxSGQ.roa (raw, json)
Hash identifier: lqYr1mh+Wc4qo/HHw+6TkhageNYpII8Xexx/Nr4T7xE=
Subject key identifier: 1E:D6:50:F4:88:45:95:E0:CA:AB:34:75:6D:18:8C:EB:79:F1:48:64
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 01941FFA76827C7A8E37DFB721254EE1E0E5
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/HtZQ9IhFleDKqzR1bRiM63nxSGQ.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214024
IP address blocks: 45.87.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:76:82:7c:7a:8e:37:df:b7:21:25:4e:e1:e0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ed650f4884595e0caab34756d188ceb79f14864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:f2:0c:d6:8e:f8:27:b6:a8:45:9f:78:8d:
82:56:d0:e6:24:6e:da:01:6d:c5:05:40:0e:98:c3:
4a:13:4e:b2:fb:d9:04:b6:a7:3b:6d:69:1d:6d:f9:
f9:67:29:9f:70:8e:75:2d:35:b9:1d:d7:07:f6:56:
d2:3a:51:6b:ac:0c:fa:d3:5a:6d:9b:7b:39:ae:ef:
e2:bc:e2:a9:43:c4:ee:7c:58:df:9f:f4:59:68:dd:
e8:d2:dc:50:40:ff:b9:8f:8d:81:2c:8d:f0:6e:81:
62:14:4b:55:36:c2:1e:83:c8:93:96:89:26:93:11:
7b:89:fa:96:98:fc:5d:d6:b0:eb:ed:63:c0:35:be:
2f:d9:a6:a3:88:32:40:50:60:33:dd:e6:40:f8:a0:
9d:fe:a2:2b:68:b4:ec:e5:7f:55:fa:ca:64:7b:27:
4e:c3:c0:43:ca:ba:58:98:d0:e4:3c:b4:e1:58:41:
ee:fb:d4:a4:f6:23:ee:f6:00:c0:99:13:cb:2d:e0:
5e:89:84:e0:15:8e:f4:84:63:e6:d5:78:2c:88:06:
97:0d:34:43:3a:df:ac:2a:26:e8:70:60:ae:85:1e:
d4:8c:91:cf:6b:72:12:95:3b:80:1e:a2:68:c4:fb:
80:d2:78:75:62:f7:bc:68:e0:da:0b:f4:83:de:82:
37:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D6:50:F4:88:45:95:E0:CA:AB:34:75:6D:18:8C:EB:79:F1:48:64
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/HtZQ9IhFleDKqzR1bRiM63nxSGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.101.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:3e:dd:e2:c9:6a:87:f7:ff:59:21:ed:98:24:8a:89:65:aa:
3e:95:d6:40:f9:f2:1e:7e:11:f5:16:ec:b2:b6:47:7b:9f:75:
f3:82:7b:3f:10:1c:eb:d7:29:b7:d6:a3:b9:79:90:c2:c9:62:
70:89:a6:ea:d7:76:9a:e5:e1:6c:46:49:56:a0:85:ec:07:d5:
00:63:96:04:05:0e:5f:75:4f:6a:8d:37:e9:f3:a8:af:f7:e6:
91:ce:6d:72:0b:92:d2:04:68:f5:4e:60:fe:06:98:49:61:7a:
54:e4:4a:ef:f3:bd:4d:d3:d4:3d:f0:19:59:b7:64:9c:43:d1:
1d:b2:68:36:b5:0b:28:81:4c:7f:81:aa:16:e2:ff:a9:b7:ca:
d4:a2:cd:cc:1e:9f:ce:73:7b:f2:9c:4d:cd:50:ac:ae:04:df:
19:6a:14:63:b9:b9:a2:6d:85:c1:f6:a7:38:81:be:59:7a:ef:
3e:d5:6e:9b:33:42:67:02:35:8f:7a:1d:fb:11:86:92:d1:fb:
13:9b:7e:1e:cb:83:6d:28:6e:5f:ce:da:1c:08:5a:6d:f2:72:
3c:05:16:57:1b:7d:2f:0a:56:8b:9e:47:71:47:89:cb:af:62:
8e:97:39:b6:d4:6c:22:23:9d:f4:77:21:b9:b6:7d:dc:a4:d5:
9d:85:e1:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+naCfHqON9+3ISVO4eDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ2NTBmNDg4NDU5NWUwY2FhYjM0NzU2ZDE4OGNlYjc5ZjE0ODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopjyDNaO+Ce2qEWfeI2CVtDmJG7a
AW3FBUAOmMNKE06y+9kEtqc7bWkdbfn5ZymfcI51LTW5HdcH9lbSOlFrrAz601pt
m3s5ru/ivOKpQ8TufFjfn/RZaN3o0txQQP+5j42BLI3wboFiFEtVNsIeg8iTlokm
kxF7ifqWmPxd1rDr7WPANb4v2aajiDJAUGAz3eZA+KCd/qIraLTs5X9V+spkeydO
w8BDyrpYmNDkPLThWEHu+9Sk9iPu9gDAmRPLLeBeiYTgFY70hGPm1XgsiAaXDTRD
Ot+sKibocGCuhR7UjJHPa3ISlTuAHqJoxPuA0nh1Yve8aODaC/SD3oI3swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7WUPSIRZXgyqs0dW0YjOt58UhkMB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvSHRaUTlJaEZsZURLcXpSMWJSaU02M254U0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdlMA0G
CSqGSIb3DQEBCwUAA4IBAQAqPt3iyWqH9/9ZIe2YJIqJZao+ldZA+fIefhH1Fuyy
tkd7n3Xzgns/EBzr1ym31qO5eZDCyWJwiabq13aa5eFsRklWoIXsB9UAY5YEBQ5f
dU9qjTfp86iv9+aRzm1yC5LSBGj1TmD+BphJYXpU5Erv871N09Q98BlZt2ScQ9Ed
smg2tQsogUx/gaoW4v+pt8rUos3MHp/Oc3vynE3NUKyuBN8ZahRjubmibYXB9qc4
gb5Zeu8+1W6bM0JnAjWPeh37EYaS0fsTm34ey4NtKG5fztocCFpt8nI8BRZXG30v
ClaLnkdxR4nLr2KOlzm21GwiI530dyG5tn3cpNWdheGf
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:42:05 2025 by rpki-client