Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8HMlEMu_BSHgTuVZxYXkPOUH-XA.roa
File: 8HMlEMu_BSHgTuVZxYXkPOUH-XA.roa (raw, json)
Hash identifier: nzR0epdeX2+WJtESwgq5prAKeUM2fNXd9Y9hluvNjBg=
Subject key identifier: F0:73:25:10:CB:BF:05:21:E0:4E:E5:59:C5:85:E4:3C:E5:07:F9:70
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019422202BDA698C92E0F1A62E5A5C51116E
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8HMlEMu_BSHgTuVZxYXkPOUH-XA.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44222
IP address blocks: 45.159.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2b:da:69:8c:92:e0:f1:a6:2e:5a:5c:51:11:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0732510cbbf0521e04ee559c585e43ce507f970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:40:7f:94:c3:fe:4b:97:37:ed:56:9c:06:ed:
6c:a4:e7:49:5b:68:58:d8:2a:88:08:f3:32:9d:d7:
cf:31:1d:23:0a:a0:7a:6b:ad:3c:87:42:e5:ad:af:
a9:ed:9b:52:a7:ea:7e:4c:71:76:a7:b1:55:09:47:
7c:14:27:d8:00:c3:db:fa:19:0d:bd:bf:b4:b9:2d:
f1:3f:b5:3a:ad:c5:51:09:32:1e:f7:05:8b:c7:6e:
8c:30:a3:4e:6c:14:72:e9:73:43:65:a6:12:11:1c:
46:d6:3d:6a:58:0d:03:ac:1e:b9:41:c2:20:d6:00:
ea:b5:5c:62:ec:5b:04:98:01:77:7a:33:dd:61:90:
e8:67:ee:a0:0d:3c:b2:c0:ef:c3:39:bd:e8:b5:55:
50:5b:22:75:07:9c:83:a3:85:86:31:57:fc:e0:40:
75:0f:cb:0b:da:0a:e2:35:07:6b:93:c0:cf:18:87:
ae:56:d5:89:4e:2b:9a:1b:35:98:bc:6f:3c:64:f0:
3d:39:64:f2:04:8d:9b:84:3c:df:fc:a7:ab:ab:49:
23:8d:0f:da:a4:2a:f8:2b:11:2b:01:16:6d:07:66:
02:d6:3c:42:17:53:15:8e:95:ff:db:02:b5:8e:b3:
25:17:0e:3b:36:98:12:f9:44:c1:de:16:0e:a5:4b:
0c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:73:25:10:CB:BF:05:21:E0:4E:E5:59:C5:85:E4:3C:E5:07:F9:70
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8HMlEMu_BSHgTuVZxYXkPOUH-XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.251.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:1e:59:47:44:c8:e1:16:9f:33:1c:72:74:4a:f5:59:d8:15:
68:0a:83:29:66:4a:a3:f9:d1:83:71:a0:c5:f8:e0:c0:07:7a:
ed:d9:89:c2:a3:49:93:46:38:4b:e9:8e:6d:6f:e8:ab:88:7f:
89:7c:c1:af:53:48:45:b4:9b:6c:f4:4f:b2:0d:3c:31:66:97:
1a:c3:dd:96:a8:c8:ba:ee:26:fd:98:af:27:c0:b8:ca:4d:e7:
b1:1e:fe:e3:7a:da:fb:6a:f7:fe:98:75:7a:93:e7:15:15:34:
bf:97:dd:4b:8c:66:4a:40:a1:f3:d1:af:01:ed:22:60:f8:e6:
b0:8a:bc:23:8c:da:ec:0e:a0:2b:ec:40:f7:ca:eb:92:ac:c9:
e0:3c:6f:ab:73:6f:88:98:f0:63:b0:fe:6f:66:e3:af:a9:69:
da:13:4e:0f:df:d4:81:20:fa:cd:54:4b:94:c8:65:c3:a6:06:
d2:7b:4c:33:f7:eb:bf:20:86:1c:35:33:6f:39:62:ac:b4:b9:
d2:3a:33:02:00:7b:b6:07:6f:41:93:a3:d4:f7:7e:24:68:0b:
f8:b6:48:0c:6f:9c:82:ca:ff:a9:0d:39:ab:df:5e:4e:fd:4a:
d4:8a:e9:e6:04:a5:79:d8:53:f6:da:b9:22:5e:ec:3c:09:08:
92:7c:49:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiICvaaYyS4PGmLlpcURFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDczMjUxMGNiYmYwNTIxZTA0ZWU1NTljNTg1ZTQzY2U1MDdmOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0B/lMP+S5c37VacBu1spOdJW2hY
2CqICPMyndfPMR0jCqB6a608h0Llra+p7ZtSp+p+THF2p7FVCUd8FCfYAMPb+hkN
vb+0uS3xP7U6rcVRCTIe9wWLx26MMKNObBRy6XNDZaYSERxG1j1qWA0DrB65QcIg
1gDqtVxi7FsEmAF3ejPdYZDoZ+6gDTyywO/DOb3otVVQWyJ1B5yDo4WGMVf84EB1
D8sL2griNQdrk8DPGIeuVtWJTiuaGzWYvG88ZPA9OWTyBI2bhDzf/Kerq0kjjQ/a
pCr4KxErARZtB2YC1jxCF1MVjpX/2wK1jrMlFw47NpgS+UTB3hYOpUsM4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBzJRDLvwUh4E7lWcWF5DzlB/lwMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvOEhNbEVNdV9CU0hnVHVWWnhZWGtQT1VILVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ/7MA0G
CSqGSIb3DQEBCwUAA4IBAQCpHllHRMjhFp8zHHJ0SvVZ2BVoCoMpZkqj+dGDcaDF
+ODAB3rt2YnCo0mTRjhL6Y5tb+iriH+JfMGvU0hFtJts9E+yDTwxZpcaw92WqMi6
7ib9mK8nwLjKTeexHv7jetr7avf+mHV6k+cVFTS/l91LjGZKQKHz0a8B7SJg+Oaw
irwjjNrsDqAr7ED3yuuSrMngPG+rc2+ImPBjsP5vZuOvqWnaE04P39SBIPrNVEuU
yGXDpgbSe0wz9+u/IIYcNTNvOWKstLnSOjMCAHu2B29Bk6PU934kaAv4tkgMb5yC
yv+pDTmr315O/UrUiunmBKV52FP22rkiXuw8CQiSfEmb
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:35:58 2025 by rpki-client