Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hbiqB0P-ZoFBn9K3zFxrvk7ikOw.roa
File: hbiqB0P-ZoFBn9K3zFxrvk7ikOw.roa (raw, json)
Hash identifier: Xx9dMlHq95OiWVklB54nFVbDwniDAuE72y398DJB8bo=
Subject key identifier: 85:B8:AA:07:43:FE:66:81:41:9F:D2:B7:CC:5C:6B:BE:4E:E2:90:EC
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01942445A24019509711D98134978BD6FBDD
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hbiqB0P-ZoFBn9K3zFxrvk7ikOw.roa
Signing time: Wed 01 Jan 2025 23:48:50 +0000
ROA not before: Wed 01 Jan 2025 23:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 146.255.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a2:40:19:50:97:11:d9:81:34:97:8b:d6:fb:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jan 1 23:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85b8aa0743fe6681419fd2b7cc5c6bbe4ee290ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4e:3a:c0:d1:d3:72:19:32:da:1e:7a:63:ee:
fc:12:08:69:67:27:ae:ef:22:cf:61:20:8c:3d:5a:
11:cd:70:32:73:80:37:30:27:2a:e2:8c:31:37:10:
9d:eb:b9:a0:c5:1c:a3:90:a6:fe:7f:a3:1f:30:f6:
50:70:d3:45:e4:44:90:59:34:cb:52:1a:d4:ed:d2:
af:3e:eb:95:de:6a:72:86:2e:55:af:be:3e:2c:12:
28:94:2d:a0:57:91:79:13:87:d7:04:1a:64:52:41:
d2:5d:35:33:e5:21:d7:ad:fe:c1:ce:9e:7d:b8:eb:
a3:e9:e4:3c:ed:c6:84:ea:ce:e4:de:34:e5:87:80:
cf:45:6c:35:96:ec:1a:77:c6:92:da:25:cb:d8:fb:
6f:79:f4:f0:0d:0e:dc:2f:ac:ef:a0:21:83:b7:e6:
d9:4e:e9:fa:75:b2:8f:74:c9:c7:44:26:4f:d9:37:
0e:31:44:9e:ca:f9:19:6e:b6:3a:b6:c9:98:b9:f6:
de:d4:e1:9c:c4:ef:93:cc:37:05:e1:69:2e:d8:38:
e5:5d:f7:81:e2:0f:3e:d5:c4:69:fb:69:3a:3a:74:
79:96:21:5d:28:8d:9c:83:65:77:30:47:7c:e4:4c:
52:61:57:0c:6b:e2:a2:62:17:80:e7:05:a4:2f:55:
c0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B8:AA:07:43:FE:66:81:41:9F:D2:B7:CC:5C:6B:BE:4E:E2:90:EC
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hbiqB0P-ZoFBn9K3zFxrvk7ikOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.189.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:c4:9a:d3:1a:4d:1e:be:a9:6b:c3:1c:51:44:6f:23:cc:f0:
76:6a:91:f6:49:4b:32:73:1a:65:b9:9f:86:e4:2e:23:c4:4b:
cc:b8:da:a0:16:f4:b3:b7:4f:07:c4:11:e5:6a:db:35:33:d6:
ba:31:17:22:72:b6:dd:0b:1c:03:c7:75:6a:e4:39:d3:b8:f8:
b3:60:73:8b:c4:a4:b9:e5:da:04:a8:fa:f6:20:50:4e:d6:db:
f3:df:55:08:1e:28:36:0f:49:50:28:42:7a:f6:41:4d:a8:80:
08:90:f7:df:f5:04:09:0a:7f:de:32:2f:12:5d:60:70:28:ae:
40:d9:e2:56:48:34:44:7e:3e:9f:cd:74:ab:33:46:ba:c9:96:
3f:48:5b:7a:3e:0e:de:31:02:5a:d7:76:f4:d0:f5:2d:c1:b2:
5d:2f:70:39:18:5c:c8:d2:2d:fe:65:12:85:fa:ac:a8:82:b3:
55:5e:b4:99:24:2a:4e:73:ea:a4:c9:40:9c:a0:1a:3d:af:cd:
eb:f8:1c:6e:ea:9c:7a:9a:b5:2a:e7:90:46:0c:24:ff:a9:7c:
3e:f8:ad:90:1c:f8:b5:74:fe:ea:85:e9:9c:41:87:5c:fd:9a:
e3:37:29:a7:80:52:7f:94:5a:c7:e6:70:02:12:d8:90:01:a2:
8e:fa:82:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaJAGVCXEdmBNJeL1vvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMTAxMjM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI4YWEwNzQzZmU2NjgxNDE5ZmQyYjdjYzVjNmJiZTRlZTI5MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU46wNHTchky2h56Y+78EghpZyeu
7yLPYSCMPVoRzXAyc4A3MCcq4owxNxCd67mgxRyjkKb+f6MfMPZQcNNF5ESQWTTL
UhrU7dKvPuuV3mpyhi5Vr74+LBIolC2gV5F5E4fXBBpkUkHSXTUz5SHXrf7Bzp59
uOuj6eQ87caE6s7k3jTlh4DPRWw1luwad8aS2iXL2PtvefTwDQ7cL6zvoCGDt+bZ
Tun6dbKPdMnHRCZP2TcOMUSeyvkZbrY6tsmYufbe1OGcxO+TzDcF4Wku2DjlXfeB
4g8+1cRp+2k6OnR5liFdKI2cg2V3MEd85ExSYVcMa+KiYheA5wWkL1XAwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIW4qgdD/maBQZ/St8xca75O4pDsMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvaGJpcUIwUC1ab0ZCbjlLM3pGeHJ2azdpa093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkv+9MA0G
CSqGSIb3DQEBCwUAA4IBAQAtxJrTGk0evqlrwxxRRG8jzPB2apH2SUsycxpluZ+G
5C4jxEvMuNqgFvSzt08HxBHlats1M9a6MRcicrbdCxwDx3Vq5DnTuPizYHOLxKS5
5doEqPr2IFBO1tvz31UIHig2D0lQKEJ69kFNqIAIkPff9QQJCn/eMi8SXWBwKK5A
2eJWSDREfj6fzXSrM0a6yZY/SFt6Pg7eMQJa13b00PUtwbJdL3A5GFzI0i3+ZRKF
+qyogrNVXrSZJCpOc+qkyUCcoBo9r83r+Bxu6px6mrUq55BGDCT/qXw++K2QHPi1
dP7qhemcQYdc/ZrjNymngFJ/lFrH5nACEtiQAaKO+oJm
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:15 2025 by rpki-client