Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/HahR5soNktUlYKPgZEbE7H3aKhs.roa
File: HahR5soNktUlYKPgZEbE7H3aKhs.roa (raw, json)
Hash identifier: lStniR/EONynfdLx+qNvUDgudFR2+K1QsCmoIxTWUXU=
Subject key identifier: 1D:A8:51:E6:CA:0D:92:D5:25:60:A3:E0:64:46:C4:EC:7D:DA:2A:1B
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 019421B231854E5A7E4882C6620346BB6D1E
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/HahR5soNktUlYKPgZEbE7H3aKhs.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58145
IP address blocks: 45.157.8.0/22 maxlen: 22
2a0f:3780::/29 maxlen: 29
2a0f:3780::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:31:85:4e:5a:7e:48:82:c6:62:03:46:bb:6d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1da851e6ca0d92d52560a3e06446c4ec7dda2a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:64:9f:b2:c4:6f:b2:57:a5:73:61:7c:dc:2f:
b3:ec:8d:a4:f8:c1:1e:34:69:06:c8:72:5c:39:12:
f4:b2:be:50:ca:52:67:8a:e2:2c:7b:70:4c:d5:d1:
51:40:7d:4d:8f:3e:77:13:ae:e1:e6:fc:87:c7:4b:
d2:01:71:fe:6a:1b:fc:48:b9:bc:8f:b4:76:4b:35:
82:0e:76:dc:1a:db:44:20:f6:d1:8d:97:36:dd:dd:
3d:5d:66:f4:76:b9:1a:d4:0b:18:f6:e5:7e:77:d7:
9d:a5:a0:b0:41:c7:ee:d6:b3:ac:95:6d:6f:6f:e7:
1c:fc:28:95:47:9c:b5:6a:78:b0:d5:8c:87:fe:70:
52:92:bf:07:91:57:c5:a3:94:33:26:a7:b5:6e:1e:
be:38:3b:86:1f:14:2d:d8:b8:75:a8:d9:c1:04:b8:
06:3c:b0:4a:2a:01:b6:5e:7c:4a:cb:05:7c:ee:23:
03:10:8f:e5:33:c3:42:ed:2c:0e:59:dc:7c:6c:1b:
09:3f:b3:b0:1c:f8:29:a9:eb:73:dc:15:ea:5b:15:
24:09:51:6e:76:58:62:6d:4c:bb:48:62:6e:5b:94:
bc:97:ba:b3:92:f7:18:1c:6f:a2:6d:43:9b:d4:c1:
fc:72:16:2d:3f:f7:e4:02:8e:2a:b4:ce:5c:b7:22:
27:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A8:51:E6:CA:0D:92:D5:25:60:A3:E0:64:46:C4:EC:7D:DA:2A:1B
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/HahR5soNktUlYKPgZEbE7H3aKhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.8.0/22
IPv6:
2a0f:3780::/29
Signature Algorithm: sha256WithRSAEncryption
b0:af:d3:6a:1c:bd:e5:89:4a:37:20:97:5c:64:ab:ed:5b:24:
88:c2:7a:4a:11:68:b5:f0:51:ff:4e:99:72:47:7b:94:33:d4:
84:3f:9b:69:28:ac:04:5f:29:c7:6f:19:dd:a9:f0:7f:f9:43:
a4:7b:bd:b7:4b:98:2d:31:e9:53:eb:fe:d2:af:b6:b3:d4:8e:
31:0d:90:de:53:19:47:a8:2a:c0:08:83:c3:f3:9e:eb:e1:87:
d4:be:9d:64:0e:1a:06:b0:73:d4:ae:d8:7b:50:d4:d3:51:93:
05:c5:fe:3d:66:9e:18:ff:ec:b2:97:8a:84:02:a2:09:7e:24:
61:24:85:53:b3:b4:5b:ec:6a:5e:e7:8c:8d:a9:26:6e:a2:e6:
c5:fb:66:08:ec:a9:39:fe:99:96:1d:6b:09:ae:3e:2e:6e:aa:
ef:e0:42:12:59:db:76:cc:e0:46:7f:fd:9b:16:16:c3:01:42:
64:8c:59:c5:06:c8:9f:a7:9c:03:00:90:71:f5:19:97:e5:6e:
0c:1a:ad:ca:a5:ea:46:6d:0d:87:09:fa:ca:3a:84:7e:10:9d:
6b:ac:5f:4e:2d:62:15:b8:a2:b7:e2:12:1c:35:2f:a4:77:c8:
20:a0:92:43:fd:38:a1:2c:39:91:0c:cd:88:6f:1d:ea:07:a8:
ed:74:d9:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsjGFTlp+SILGYgNGu20eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE4NTFlNmNhMGQ5MmQ1MjU2MGEzZTA2NDQ2YzRlYzdkZGEyYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GSfssRvslelc2F83C+z7I2k+MEe
NGkGyHJcORL0sr5QylJniuIse3BM1dFRQH1Njz53E67h5vyHx0vSAXH+ahv8SLm8
j7R2SzWCDnbcGttEIPbRjZc23d09XWb0drka1AsY9uV+d9edpaCwQcfu1rOslW1v
b+cc/CiVR5y1aniw1YyH/nBSkr8HkVfFo5QzJqe1bh6+ODuGHxQt2Lh1qNnBBLgG
PLBKKgG2XnxKywV87iMDEI/lM8NC7SwOWdx8bBsJP7OwHPgpqetz3BXqWxUkCVFu
dlhibUy7SGJuW5S8l7qzkvcYHG+ibUOb1MH8chYtP/fkAo4qtM5ctyIn6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB2oUebKDZLVJWCj4GRGxOx92iobMB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvSGFoUjVzb05rdFVsWUtQZ1pFYkU3SDNhS2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ0IMA0E
AgACMAcDBQMqDzeAMA0GCSqGSIb3DQEBCwUAA4IBAQCwr9NqHL3liUo3IJdcZKvt
WySIwnpKEWi18FH/TplyR3uUM9SEP5tpKKwEXynHbxndqfB/+UOke723S5gtMelT
6/7Sr7az1I4xDZDeUxlHqCrACIPD857r4YfUvp1kDhoGsHPUrth7UNTTUZMFxf49
Zp4Y/+yyl4qEAqIJfiRhJIVTs7Rb7Gpe54yNqSZuoubF+2YI7Kk5/pmWHWsJrj4u
bqrv4EISWdt2zOBGf/2bFhbDAUJkjFnFBsifp5wDAJBx9RmX5W4MGq3KpepGbQ2H
CfrKOoR+EJ1rrF9OLWIVuKK34hIcNS+kd8ggoJJD/TihLDmRDM2Ibx3qB6jtdNmT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:27 2025 by rpki-client