Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/3hqHxrvg3mzouwJIaLoLL_1aNOk.roa
File: 3hqHxrvg3mzouwJIaLoLL_1aNOk.roa (raw, json)
Hash identifier: drAUMdvTeG+q3QoTZVXvlX6+e/XeTGI2FRMHejM5978=
Subject key identifier: DE:1A:87:C6:BB:E0:DE:6C:E8:BB:02:48:68:BA:0B:2F:FD:5A:34:E9
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 0194266B96B0BF672D9C5C161487BB5A5D93
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/3hqHxrvg3mzouwJIaLoLL_1aNOk.roa
Signing time: Thu 02 Jan 2025 09:49:32 +0000
ROA not before: Thu 02 Jan 2025 09:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215303
IP address blocks: 45.143.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:96:b0:bf:67:2d:9c:5c:16:14:87:bb:5a:5d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jan 2 09:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de1a87c6bbe0de6ce8bb024868ba0b2ffd5a34e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:db:d7:b4:c6:53:2b:85:3a:66:f2:89:ff:
c0:df:f4:25:92:f8:eb:d7:53:8f:b5:cd:22:b7:5e:
77:21:02:e1:1f:c7:38:a0:47:7f:fc:1e:f2:ca:97:
a9:5e:75:78:4b:c0:76:dd:08:8c:a0:b0:eb:cf:f9:
3c:4a:1e:d8:ba:8a:66:9b:b0:48:cc:b5:f6:c5:b0:
a5:9b:30:95:d1:39:22:ec:05:66:55:e2:51:ad:ab:
df:5b:2e:62:d8:ee:b9:80:21:12:c0:a9:ea:fd:75:
29:d5:ac:17:f1:46:5e:67:78:53:2e:cc:42:38:d0:
71:f4:c8:9d:26:af:50:fd:0e:a5:11:b4:68:f3:07:
44:8d:9b:c1:eb:9d:5f:be:96:a2:56:a4:30:aa:57:
09:c3:2e:e2:78:5b:ab:f9:73:39:9e:d8:4b:63:d8:
d5:e9:e0:e9:9a:41:c3:5c:1e:cc:9d:10:df:97:d3:
4b:4f:0e:bf:f5:11:ca:5c:5f:04:b4:71:12:11:a9:
55:a0:b0:9f:3e:e1:fb:6d:5e:ea:e8:cd:13:4c:d9:
68:4d:9b:f9:77:2f:29:15:b1:b8:c9:7f:63:b6:25:
61:f0:41:7e:90:2b:f1:d3:a6:bf:e5:d8:2d:30:b6:
6e:ad:0c:73:1c:18:16:b2:8e:79:52:53:9f:0c:1e:
8d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1A:87:C6:BB:E0:DE:6C:E8:BB:02:48:68:BA:0B:2F:FD:5A:34:E9
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/3hqHxrvg3mzouwJIaLoLL_1aNOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.6.0/24
Signature Algorithm: sha256WithRSAEncryption
79:0b:20:ba:df:12:f1:9d:85:f5:26:c2:41:22:3b:98:2b:64:
ff:10:77:57:bd:40:45:1d:47:8e:42:8c:10:82:fb:6e:d6:35:
7b:60:bb:94:ae:3c:9a:09:0e:d8:5e:45:95:8b:8b:47:85:68:
f7:46:a5:9e:79:b8:a7:01:87:4b:e7:f9:63:2e:0b:09:4c:3b:
51:9f:ed:be:a5:ee:57:fd:ab:90:31:61:44:db:97:eb:0c:85:
89:66:87:8d:6a:9c:70:50:08:a2:f5:38:d8:ca:2c:2e:b2:16:
2a:a7:c1:4d:be:86:44:2d:81:01:6b:7f:13:d1:7e:58:3f:4b:
b5:eb:65:b0:08:5b:39:1c:05:23:11:73:bd:0f:9d:a7:c9:43:
74:d5:e2:b2:be:a9:68:e0:7f:b8:fd:7f:41:f9:f0:06:37:f1:
c3:ff:ec:e8:86:75:8b:a6:a9:a5:b0:e2:d6:9c:59:2b:0f:4c:
6a:51:08:3c:d7:63:86:ee:da:94:39:d0:af:92:71:44:8a:0d:
db:c4:8a:16:3a:34:77:89:d2:ae:08:fb:17:b9:44:c0:5a:fb:
e9:38:d5:72:9b:3c:c3:00:90:5d:8d:db:3e:04:ce:2c:de:2a:
e2:99:57:8a:5e:b7:94:84:81:f4:40:ce:c9:50:5b:48:9d:3c:
18:cc:a5:4a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQma5awv2ctnFwWFIe7Wl2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjUwMTAyMDk0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTFhODdjNmJiZTBkZTZjZThiYjAyNDg2OGJhMGIyZmZkNWEzNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMHb17TGUyuFOmbyif/A3/Qlkvjr
11OPtc0it153IQLhH8c4oEd//B7yypepXnV4S8B23QiMoLDrz/k8Sh7Yuopmm7BI
zLX2xbClmzCV0Tki7AVmVeJRravfWy5i2O65gCESwKnq/XUp1awX8UZeZ3hTLsxC
ONBx9MidJq9Q/Q6lEbRo8wdEjZvB651fvpaiVqQwqlcJwy7ieFur+XM5nthLY9jV
6eDpmkHDXB7MnRDfl9NLTw6/9RHKXF8EtHESEalVoLCfPuH7bV7q6M0TTNloTZv5
dy8pFbG4yX9jtiVh8EF+kCvx06a/5dgtMLZurQxzHBgWso55UlOfDB6NqwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFN4ah8a74N5s6LsCSGi6Cy/9WjTpMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xLzNocUh4cnZnM216b3V3SklhTG9MTF8xYU5Pay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtjwYw
DQYJKoZIhvcNAQELBQADggEBAHkLILrfEvGdhfUmwkEiO5grZP8Qd1e9QEUdR45C
jBCC+27WNXtgu5SuPJoJDtheRZWLi0eFaPdGpZ55uKcBh0vn+WMuCwlMO1Gf7b6l
7lf9q5AxYUTbl+sMhYlmh41qnHBQCKL1ONjKLC6yFiqnwU2+hkQtgQFrfxPRflg/
S7XrZbAIWzkcBSMRc70PnafJQ3TV4rK+qWjgf7j9f0H58AY38cP/7OiGdYumqaWw
4tacWSsPTGpRCDzXY4bu2pQ50K+ScUSKDdvEihY6NHeJ0q4I+xe5RMBa++k41XKb
PMMAkF2N2z4EzizeKuKZV4pet5SEgfRAzslQW0idPBjMpUo=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:15:05 2025 by rpki-client