Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/L_HboAza7_jHG8RjW8QVJFS4Gxw.roa
File: L_HboAza7_jHG8RjW8QVJFS4Gxw.roa (raw, json)
Hash identifier: J8lCAEyKHl9YL5ZBxWN886kcqbBqWMefE2K/PtbSByI=
Subject key identifier: 2F:F1:DB:A0:0C:DA:EF:F8:C7:1B:C4:63:5B:C4:15:24:54:B8:1B:1C
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019311F4456FF286E0EC6356751C82D5C841
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/L_HboAza7_jHG8RjW8QVJFS4Gxw.roa
Signing time: Sat 09 Nov 2024 17:24:01 +0000
ROA not before: Sat 09 Nov 2024 17:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214046
IP address blocks: 150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:11:f4:45:6f:f2:86:e0:ec:63:56:75:1c:82:d5:c8:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Nov 9 17:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ff1dba00cdaeff8c71bc4635bc4152454b81b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:13:cc:27:ac:50:b8:3d:39:8f:99:0e:69:e4:
f3:35:f6:67:27:fe:60:99:ca:f4:a4:ca:42:a8:05:
98:dd:77:5e:de:52:c6:24:88:99:ed:4c:e7:f9:90:
1a:15:ae:1f:14:7f:4d:df:d1:5a:72:92:8d:d2:13:
04:da:b1:84:de:70:34:04:25:ab:7a:72:fa:0f:e2:
e9:63:33:18:5d:5b:13:6f:eb:43:77:61:ec:09:bb:
e7:7b:71:e0:37:e3:d6:41:83:73:87:35:47:35:b7:
1f:6d:67:70:2e:f6:6a:f2:05:d9:eb:2c:18:5c:d0:
96:72:b2:b4:46:d2:04:f7:ed:3d:cc:ce:cd:b9:04:
84:8f:a4:6e:39:8b:b0:61:a1:55:01:5f:cc:fe:3a:
49:d3:14:43:25:4f:b0:52:33:23:5f:e0:65:4b:2e:
c4:de:8d:cb:bc:2b:ce:f8:e1:e7:73:2c:59:d5:63:
06:38:07:76:de:e3:8b:0e:c7:7e:ed:55:49:03:11:
de:3e:78:b8:ff:ca:b3:b2:d2:34:52:f9:7b:cd:aa:
67:d7:63:9b:05:19:d0:d6:3c:e7:c6:d2:1e:c7:55:
f3:40:e8:d3:69:e1:c4:48:db:ce:2c:cc:17:90:25:
ca:e7:a6:f8:7f:ac:45:e3:40:80:c9:85:c0:81:fb:
75:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F1:DB:A0:0C:DA:EF:F8:C7:1B:C4:63:5B:C4:15:24:54:B8:1B:1C
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/L_HboAza7_jHG8RjW8QVJFS4Gxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:f9:ed:9d:dd:ba:44:9c:25:f9:2a:c4:11:68:41:bc:0b:b6:
b8:67:b1:98:47:db:0d:fc:d8:de:11:10:1e:30:8f:54:1a:b1:
43:b8:5d:eb:38:ec:0e:7d:a7:a9:b2:38:5e:c2:9b:dd:b2:34:
1d:fb:a8:ec:b6:2d:8d:58:d6:0c:d1:ef:82:b7:32:44:c9:bc:
e2:70:2a:74:5e:37:6b:e9:b9:e8:9c:7a:fb:aa:eb:af:f9:8f:
ce:2d:8e:af:1f:46:af:03:34:f3:6f:2e:47:11:4f:4e:65:60:
5f:ad:f6:f2:8d:a8:92:4e:cd:62:c8:86:b4:c5:ee:fd:f3:84:
0e:11:7b:a8:ea:68:73:87:e5:f1:f3:51:db:ab:b7:a4:05:a6:
ff:6e:7b:c2:b9:db:f8:4c:8f:67:17:f0:1e:62:7c:9b:44:8c:
fa:04:97:9c:8e:3d:08:e7:d3:99:7f:85:7b:51:58:d6:d1:1c:
f3:db:13:c5:b9:55:1b:51:9f:cb:a6:44:40:a6:1a:cb:86:f9:
30:b8:79:cd:ee:57:ed:ab:39:95:85:7b:b6:7b:10:e2:85:73:
51:d9:b8:d0:78:84:3f:5a:35:52:ba:9e:26:19:95:56:90:68:
0d:07:a6:8e:33:79:49:bf:e3:68:d5:a2:ac:6b:6a:15:23:7b:
73:18:9f:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMR9EVv8obg7GNWdRyC1chBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQxMTA5MTcyNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmYxZGJhMDBjZGFlZmY4YzcxYmM0NjM1YmM0MTUyNDU0YjgxYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BPMJ6xQuD05j5kOaeTzNfZnJ/5g
mcr0pMpCqAWY3Xde3lLGJIiZ7Uzn+ZAaFa4fFH9N39FacpKN0hME2rGE3nA0BCWr
enL6D+LpYzMYXVsTb+tDd2HsCbvne3HgN+PWQYNzhzVHNbcfbWdwLvZq8gXZ6ywY
XNCWcrK0RtIE9+09zM7NuQSEj6RuOYuwYaFVAV/M/jpJ0xRDJU+wUjMjX+BlSy7E
3o3LvCvO+OHncyxZ1WMGOAd23uOLDsd+7VVJAxHePni4/8qzstI0Uvl7zapn12Ob
BRnQ1jznxtIex1XzQOjTaeHESNvOLMwXkCXK56b4f6xF40CAyYXAgft1HwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC/x26AM2u/4xxvEY1vEFSRUuBscMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTF9IYm9BemE3X2pIRzhSalc4UVZKRlM0R3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAlvFpAwQA
lvFsAwQAlvF7MA0GCSqGSIb3DQEBCwUAA4IBAQAc+e2d3bpEnCX5KsQRaEG8C7a4
Z7GYR9sN/NjeERAeMI9UGrFDuF3rOOwOfaepsjhewpvdsjQd+6jsti2NWNYM0e+C
tzJEybzicCp0Xjdr6bnonHr7quuv+Y/OLY6vH0avAzTzby5HEU9OZWBfrfbyjaiS
Ts1iyIa0xe7984QOEXuo6mhzh+Xx81Hbq7ekBab/bnvCudv4TI9nF/AeYnybRIz6
BJecjj0I59OZf4V7UVjW0Rzz2xPFuVUbUZ/LpkRAphrLhvkwuHnN7lftqzmVhXu2
exDihXNR2bjQeIQ/WjVSup4mGZVWkGgNB6aOM3lJv+No1aKsa2oVI3tzGJ+m
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:39 2025 by rpki-client