Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_mhw-rTUiiAc1xbZM_9nA9cicr4.roa
File: _mhw-rTUiiAc1xbZM_9nA9cicr4.roa (raw, json)
Hash identifier: HC1r1LnPNM75MzVp/s2qYDhgcRydPFOv1DHYFeqBWk8=
Subject key identifier: FE:68:70:FA:B4:D4:8A:20:1C:D7:16:D9:33:FF:67:03:D7:22:72:BE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D71DDDE3BCC5BD93B5E86DC434AC9B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_mhw-rTUiiAc1xbZM_9nA9cicr4.roa
Signing time: Wed 01 Jan 2025 21:48:07 +0000
ROA not before: Wed 01 Jan 2025 21:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201752
IP address blocks: 45.8.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1d:dd:e3:bc:c5:bd:93:b5:e8:6d:c4:34:ac:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe6870fab4d48a201cd716d933ff6703d72272be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:82:f0:d2:e9:24:ff:e6:14:66:91:0d:a2:82:
34:06:79:bd:59:a8:35:67:5f:f6:0d:e3:be:91:9c:
46:9a:6f:b1:d0:1a:c8:87:42:40:bf:8a:17:6b:40:
ea:07:28:e2:78:ad:0b:1d:0c:5a:31:b2:a0:f0:4a:
cb:81:80:0f:94:8c:25:0a:94:e5:68:01:95:ec:3a:
91:48:f4:2c:4a:d4:74:e2:2c:59:b3:dd:15:f0:16:
e6:6d:c2:61:ed:50:6d:46:51:c4:ca:2d:8b:42:9d:
6b:17:4b:17:4f:62:70:27:47:5c:da:8b:b2:9e:20:
67:69:3f:77:33:d3:bb:05:a8:6a:0f:d5:fd:24:47:
ff:59:45:4b:4a:da:bb:75:3f:74:c7:84:f2:fb:e4:
4d:63:33:c7:b7:09:37:a2:6c:4c:5c:ad:46:d8:75:
b4:ff:62:1c:60:6e:93:32:14:ae:26:19:b5:da:4d:
58:d4:b4:a5:83:10:88:23:af:74:90:63:47:f8:e1:
68:73:ac:bb:60:04:0b:5f:03:a0:0b:79:9c:24:2a:
b8:d0:70:28:fe:5d:e3:49:91:3d:d6:57:dd:31:7c:
b8:01:38:ce:e0:4b:4c:04:5b:2e:ff:80:e3:49:62:
df:50:a8:45:57:b2:ca:75:9f:02:68:b2:0b:2c:bf:
fa:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:68:70:FA:B4:D4:8A:20:1C:D7:16:D9:33:FF:67:03:D7:22:72:BE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/_mhw-rTUiiAc1xbZM_9nA9cicr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.210.0/24
Signature Algorithm: sha256WithRSAEncryption
27:2b:52:f8:91:e3:f9:83:70:80:50:14:5e:4b:07:53:40:19:
6b:9c:cd:87:c2:40:7a:1e:12:22:fc:96:34:3c:18:40:48:52:
de:9d:58:be:c0:b4:ae:65:46:bd:71:69:d4:e6:89:03:4c:5b:
68:d9:bd:af:9d:1a:de:ef:c3:c3:38:5e:8a:d8:20:4d:34:b3:
59:a3:87:bf:20:f8:ad:e6:e8:70:2c:d7:37:4e:f2:f0:6e:13:
5c:b2:60:30:a0:a1:86:f1:d3:89:ff:35:14:6f:c4:d7:1f:7b:
eb:8b:c7:c4:4e:f3:9b:16:8c:91:8e:5b:3b:f7:64:01:d1:98:
3e:8c:63:d5:b2:cc:77:15:ed:2c:0c:66:f2:bc:21:86:31:25:
eb:c5:0e:45:32:9b:23:28:8a:0a:60:9c:7e:53:cf:38:2d:0f:
c3:1e:c2:26:b9:db:d3:a3:2f:3a:28:15:90:1e:db:bb:ed:7f:
b1:38:44:67:06:9c:67:2e:3d:05:03:3f:18:29:9e:a3:e2:f2:
8b:f7:36:f7:92:eb:96:0e:2a:84:50:1b:e4:1e:64:82:09:63:
57:4f:60:ad:fa:f2:85:4b:ef:a3:0a:bc:d6:32:cb:a9:55:aa:
0d:04:f7:57:be:b1:84:c2:74:56:4e:a8:93:de:eb:b1:ad:d0:
aa:91:22:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1x3d47zFvZO16G3ENKybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTY4NzBmYWI0ZDQ4YTIwMWNkNzE2ZDkzM2ZmNjcwM2Q3MjI3MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24Lw0ukk/+YUZpENooI0Bnm9Wag1
Z1/2DeO+kZxGmm+x0BrIh0JAv4oXa0DqByjieK0LHQxaMbKg8ErLgYAPlIwlCpTl
aAGV7DqRSPQsStR04ixZs90V8BbmbcJh7VBtRlHEyi2LQp1rF0sXT2JwJ0dc2ouy
niBnaT93M9O7BahqD9X9JEf/WUVLStq7dT90x4Ty++RNYzPHtwk3omxMXK1G2HW0
/2IcYG6TMhSuJhm12k1Y1LSlgxCII690kGNH+OFoc6y7YAQLXwOgC3mcJCq40HAo
/l3jSZE91lfdMXy4ATjO4EtMBFsu/4DjSWLfUKhFV7LKdZ8CaLILLL/6NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5ocPq01IogHNcW2TP/ZwPXInK+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvX21ody1yVFVpaUFjMXhiWk1fOW5BOWNpY3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjSMA0G
CSqGSIb3DQEBCwUAA4IBAQAnK1L4keP5g3CAUBReSwdTQBlrnM2HwkB6HhIi/JY0
PBhASFLenVi+wLSuZUa9cWnU5okDTFto2b2vnRre78PDOF6K2CBNNLNZo4e/IPit
5uhwLNc3TvLwbhNcsmAwoKGG8dOJ/zUUb8TXH3vri8fETvObFoyRjls792QB0Zg+
jGPVssx3Fe0sDGbyvCGGMSXrxQ5FMpsjKIoKYJx+U884LQ/DHsImudvToy86KBWQ
Htu77X+xOERnBpxnLj0FAz8YKZ6j4vKL9zb3kuuWDiqEUBvkHmSCCWNXT2Ct+vKF
S++jCrzWMsupVaoNBPdXvrGEwnRWTqiT3uuxrdCqkSKn
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:51:42 2025 by rpki-client