Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/HDNRSdVahLmL1Sup5ZKqNL54zIs.roa
File: HDNRSdVahLmL1Sup5ZKqNL54zIs.roa (raw, json)
Hash identifier: txoM4c6KVqpVa64xpwBXiGwHcuKDnZaSSfvN5cxsaS0=
Subject key identifier: 1C:33:51:49:D5:5A:84:B9:8B:D5:2B:A9:E5:92:AA:34:BE:78:CC:8B
Certificate issuer: /CN=8331a361bdc51d7aacadce302f1257d5c3f35ae1
Certificate serial: 01896499DB0025431621D3BEF21BFFBC2CDE
Authority key identifier: 83:31:A3:61:BD:C5:1D:7A:AC:AD:CE:30:2F:12:57:D5:C3:F3:5A:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzGjYb3FHXqsrc4wLxJX1cPzWuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/HDNRSdVahLmL1Sup5ZKqNL54zIs.roa
Signing time: Mon 17 Jul 2023 16:05:51 +0000
ROA not before: Mon 17 Jul 2023 16:05:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 45.89.70.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:99:db:00:25:43:16:21:d3:be:f2:1b:ff:bc:2c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8331a361bdc51d7aacadce302f1257d5c3f35ae1
Validity
Not Before: Jul 17 16:05:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c335149d55a84b98bd52ba9e592aa34be78cc8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6c:74:61:a7:4c:d1:29:be:46:99:32:0a:e4:
24:45:3e:41:1d:74:94:83:a3:08:6f:7d:31:95:ac:
a3:8d:a7:d1:9a:fd:c6:69:6e:e1:2a:e1:e7:6a:98:
2f:74:68:b9:b0:5c:6b:0a:0b:9a:73:ce:7f:bb:d3:
43:3f:15:e6:4a:3b:53:53:b2:65:71:83:70:e2:ce:
8e:c9:7f:bf:ec:95:c6:c2:78:99:5a:3b:ca:e6:ff:
18:11:fa:28:b7:ef:27:41:28:b9:c9:43:3e:f7:3b:
9b:92:a5:4d:17:69:b1:0e:b9:bb:c0:55:56:d8:85:
37:a3:c0:99:1b:33:51:7c:7d:2a:7a:12:da:ec:c1:
8b:39:0b:e7:d6:7e:74:bd:c8:a7:c7:ad:61:9d:ef:
c6:9e:3a:d1:45:dd:61:f3:78:e9:f3:4d:e0:e3:eb:
0f:06:d7:b6:71:b4:75:cd:b5:e2:dd:9c:1b:9d:27:
8d:e8:23:23:d9:ed:e4:e1:62:d7:7a:dd:b1:bb:d4:
ab:ca:99:47:84:64:6b:a2:c6:9f:c6:f8:e9:29:03:
a8:b3:a9:46:e1:4a:6f:aa:71:af:d7:80:10:0c:97:
73:a0:42:27:29:19:de:27:cd:f5:ae:f3:c2:40:47:
33:e1:a1:2c:83:9c:58:8d:99:64:98:fe:2a:b7:a8:
7e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:33:51:49:D5:5A:84:B9:8B:D5:2B:A9:E5:92:AA:34:BE:78:CC:8B
X509v3 Authority Key Identifier:
keyid:83:31:A3:61:BD:C5:1D:7A:AC:AD:CE:30:2F:12:57:D5:C3:F3:5A:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzGjYb3FHXqsrc4wLxJX1cPzWuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/HDNRSdVahLmL1Sup5ZKqNL54zIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/gzGjYb3FHXqsrc4wLxJX1cPzWuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.70.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:eb:be:98:57:f8:d1:15:64:64:01:db:0b:d6:94:85:99:c8:
b6:c9:10:d4:09:97:68:5b:59:9c:49:0f:46:10:6c:f5:dd:4b:
9f:77:70:44:00:d5:e6:ea:51:cc:09:64:37:30:50:d9:69:8e:
82:d4:1c:14:66:51:88:89:ef:ea:80:01:e7:97:57:3e:0e:2b:
f1:f9:98:b5:4d:f8:a8:22:18:ac:ed:a7:2f:a4:b5:86:36:22:
35:8e:76:ee:3c:b8:a4:b1:dd:60:cf:f7:36:d3:f2:d9:ee:84:
81:81:eb:6f:9f:f1:a1:11:3c:e5:cb:17:a4:9f:80:db:b4:1b:
36:8e:4a:43:7c:f2:14:42:7a:c1:9f:fa:fe:6e:da:b0:01:4b:
53:fe:88:10:df:6e:72:89:89:aa:6d:fd:3e:a9:4b:e8:07:f8:
09:2c:db:51:d6:f5:e8:f5:8b:98:a0:57:61:90:71:dd:84:b9:
25:8f:80:42:04:0e:ba:25:c5:0d:98:7a:7d:45:9f:0e:2e:07:
73:37:48:d7:32:ab:3c:7d:20:06:8c:0f:0c:ea:ae:c6:1b:40:
55:e2:54:dc:43:b3:07:6a:72:c0:cc:e1:13:cd:48:be:79:15:
5d:47:37:20:89:08:43:8d:27:1a:72:98:b3:26:a7:79:39:02:
d0:a3:03:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkmdsAJUMWIdO+8hv/vCzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzFhMzYxYmRjNTFkN2FhY2FkY2UzMDJmMTI1N2Q1YzNm
MzVhZTEwHhcNMjMwNzE3MTYwNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMzNTE0OWQ1NWE4NGI5OGJkNTJiYTllNTkyYWEzNGJlNzhjYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGx0YadM0Sm+RpkyCuQkRT5BHXSU
g6MIb30xlayjjafRmv3GaW7hKuHnapgvdGi5sFxrCguac85/u9NDPxXmSjtTU7Jl
cYNw4s6OyX+/7JXGwniZWjvK5v8YEfoot+8nQSi5yUM+9zubkqVNF2mxDrm7wFVW
2IU3o8CZGzNRfH0qehLa7MGLOQvn1n50vcinx61hne/GnjrRRd1h83jp803g4+sP
Bte2cbR1zbXi3ZwbnSeN6CMj2e3k4WLXet2xu9SryplHhGRrosafxvjpKQOos6lG
4UpvqnGv14AQDJdzoEInKRneJ831rvPCQEcz4aEsg5xYjZlkmP4qt6h+5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwzUUnVWoS5i9UrqeWSqjS+eMyLMB8GA1UdIwQY
MBaAFIMxo2G9xR16rK3OMC8SV9XD81rhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pHalliM0ZIWHFzcmM0d0x4SlgxY1B6V3VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMGI3NTEtOGUyNi00MDY2LThkZmUt
MjQ1Y2M4MTYzMTc0LzEvSEROUlNkVmFoTG1MMVN1cDVaS3FOTDU0eklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMGI3NTEtOGUyNi00MDY2LThkZmUtMjQ1Y2M4MTYzMTc0
LzEvZ3pHalliM0ZIWHFzcmM0d0x4SlgxY1B6V3VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVlGMA0G
CSqGSIb3DQEBCwUAA4IBAQCL676YV/jRFWRkAdsL1pSFmci2yRDUCZdoW1mcSQ9G
EGz13Uufd3BEANXm6lHMCWQ3MFDZaY6C1BwUZlGIie/qgAHnl1c+Divx+Zi1Tfio
Ihis7acvpLWGNiI1jnbuPLiksd1gz/c20/LZ7oSBgetvn/GhETzlyxekn4DbtBs2
jkpDfPIUQnrBn/r+btqwAUtT/ogQ325yiYmqbf0+qUvoB/gJLNtR1vXo9YuYoFdh
kHHdhLklj4BCBA66JcUNmHp9RZ8OLgdzN0jXMqs8fSAGjA8M6q7GG0BV4lTcQ7MH
anLAzOETzUi+eRVdRzcgiQhDjScacpizJqd5OQLQowP9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:53 2025 by rpki-client