Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/hrlb05XVWxal9wrsip6TFG9vJpw.roa
File: hrlb05XVWxal9wrsip6TFG9vJpw.roa (raw, json)
Hash identifier: DAUHUDWAwTHdz54SmFgZNiIxv/GW2yF/DG+qez6YzQs=
Subject key identifier: 86:B9:5B:D3:95:D5:5B:16:A5:F7:0A:EC:8A:9E:93:14:6F:6F:26:9C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01942143F7FD6C12828D777371812F0528CD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/hrlb05XVWxal9wrsip6TFG9vJpw.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34582
IP address blocks: 45.150.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f7:fd:6c:12:82:8d:77:73:71:81:2f:05:28:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86b95bd395d55b16a5f70aec8a9e93146f6f269c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:21:18:fd:5f:96:c6:78:7b:19:a1:ac:04:42:
7c:16:27:2f:3d:cf:50:d5:e0:b2:29:70:0f:16:1a:
d3:e1:99:62:6b:a8:99:3b:40:e7:50:1c:ec:51:a5:
65:30:e0:06:39:0b:00:cd:65:2d:df:87:1a:3f:4d:
d1:c2:14:9b:80:6a:f8:ad:b8:9f:78:07:7a:68:34:
d0:59:a4:ec:76:04:20:41:ae:24:dd:a2:74:eb:3c:
d1:13:5f:98:8c:ea:18:f0:75:ac:2b:52:83:72:6d:
30:d2:ad:04:2d:fa:46:bf:b0:8e:50:b3:79:ba:ea:
59:fe:27:77:87:da:bb:8d:48:c8:c5:74:6a:ca:c6:
7a:80:21:ea:82:3f:d9:f5:07:38:e1:a8:7f:33:f6:
f6:51:df:0a:14:60:b4:5a:07:23:40:90:b0:a9:19:
a3:63:86:08:02:47:4b:b6:b2:9b:98:11:d0:81:87:
77:4d:a3:15:de:4c:87:22:eb:11:57:13:28:7a:2e:
cd:a7:67:2b:79:e4:34:17:f0:51:16:e6:0f:9b:12:
18:41:61:fe:e9:70:32:ed:e2:64:b9:0d:f4:2c:0e:
fb:a2:8c:eb:3b:17:0c:57:74:b7:fa:93:cf:06:df:
2f:73:3b:3d:c9:25:02:2c:fd:6d:2d:83:28:b1:eb:
21:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B9:5B:D3:95:D5:5B:16:A5:F7:0A:EC:8A:9E:93:14:6F:6F:26:9C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/hrlb05XVWxal9wrsip6TFG9vJpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.113.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ac:ac:b2:60:22:f6:2b:9f:b7:5d:7f:3f:2b:8a:53:40:c9:
d2:6b:e6:89:df:bb:d7:9f:e2:a3:f3:a4:49:95:7d:f0:94:f6:
17:38:6b:02:6e:6c:a1:00:21:69:0c:57:be:50:15:a9:fe:4c:
e7:a9:e1:e5:7f:1d:d1:68:b3:49:78:bf:5a:ef:32:1c:cc:63:
c2:0e:b0:f0:3c:a1:44:fe:53:b4:50:28:06:6b:19:2e:4d:46:
f3:d9:04:06:2a:a0:27:40:cb:77:53:9f:e2:3f:13:39:6e:c6:
52:8b:4a:20:19:81:ee:99:55:51:9e:8f:15:a1:ff:b3:ce:c1:
19:95:91:4c:58:e1:33:3c:74:41:97:86:27:8e:7f:ee:b5:4e:
74:2e:32:ec:a9:63:a1:e1:87:62:0c:e4:6b:a7:28:72:cc:03:
61:85:ba:47:e6:e2:f0:e1:bf:1d:98:81:c4:ce:f1:55:c3:59:
ea:7b:8e:6f:99:e1:4a:24:15:76:bd:0b:b8:71:40:a1:a8:74:
95:15:db:4c:06:f4:11:63:3f:8f:1d:31:7c:7c:6c:6a:0b:51:
d1:e8:d5:d6:e0:75:73:88:8c:d3:ff:9d:4a:c7:80:63:01:c8:
81:d4:b4:c3:32:22:01:d4:b6:2a:0e:9f:b9:15:ec:96:80:6e:
b8:7a:9e:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/f9bBKCjXdzcYEvBSjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI5NWJkMzk1ZDU1YjE2YTVmNzBhZWM4YTllOTMxNDZmNmYyNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyEY/V+Wxnh7GaGsBEJ8FicvPc9Q
1eCyKXAPFhrT4Zlia6iZO0DnUBzsUaVlMOAGOQsAzWUt34caP03RwhSbgGr4rbif
eAd6aDTQWaTsdgQgQa4k3aJ06zzRE1+YjOoY8HWsK1KDcm0w0q0ELfpGv7COULN5
uupZ/id3h9q7jUjIxXRqysZ6gCHqgj/Z9Qc44ah/M/b2Ud8KFGC0WgcjQJCwqRmj
Y4YIAkdLtrKbmBHQgYd3TaMV3kyHIusRVxMoei7Np2creeQ0F/BRFuYPmxIYQWH+
6XAy7eJkuQ30LA77oozrOxcMV3S3+pPPBt8vczs9ySUCLP1tLYMoseshjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIa5W9OV1VsWpfcK7IqekxRvbyacMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvaHJsYjA1WFZXeGFsOXdyc2lwNlRGRzl2SnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZZxMA0G
CSqGSIb3DQEBCwUAA4IBAQB5rKyyYCL2K5+3XX8/K4pTQMnSa+aJ37vXn+Kj86RJ
lX3wlPYXOGsCbmyhACFpDFe+UBWp/kznqeHlfx3RaLNJeL9a7zIczGPCDrDwPKFE
/lO0UCgGaxkuTUbz2QQGKqAnQMt3U5/iPxM5bsZSi0ogGYHumVVRno8Vof+zzsEZ
lZFMWOEzPHRBl4Ynjn/utU50LjLsqWOh4YdiDORrpyhyzANhhbpH5uLw4b8dmIHE
zvFVw1nqe45vmeFKJBV2vQu4cUChqHSVFdtMBvQRYz+PHTF8fGxqC1HR6NXW4HVz
iIzT/51Kx4BjAciB1LTDMiIB1LYqDp+5FeyWgG64ep4Q
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:59 2025 by rpki-client