Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/CyHt2lul2yFB2vphDcbjVVDd0_U.roa
File: CyHt2lul2yFB2vphDcbjVVDd0_U.roa (raw, json)
Hash identifier: JNcXechkkf1ykatJDUp1TccloQQ5dXsydSsy6hR4Mcw=
Subject key identifier: 0B:21:ED:DA:5B:A5:DB:21:41:DA:FA:61:0D:C6:E3:55:50:DD:D3:F5
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 01958F4A0E23B681D86B49751E70D15278BC
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/CyHt2lul2yFB2vphDcbjVVDd0_U.roa
Signing time: Thu 13 Mar 2025 11:35:49 +0000
ROA not before: Thu 13 Mar 2025 11:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34346
IP address blocks: 152.89.194.0/23 maxlen: 23
152.89.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:4a:0e:23:b6:81:d8:6b:49:75:1e:70:d1:52:78:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Mar 13 11:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b21edda5ba5db2141dafa610dc6e35550ddd3f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:59:e1:70:9f:24:fc:42:f3:84:ff:3b:e8:8b:
27:15:e8:ec:a1:b8:6b:6d:09:17:73:f1:37:d0:05:
1b:7d:0e:bb:4c:c1:34:c6:59:0c:c6:55:41:a3:22:
37:c1:08:a1:91:f2:f1:42:ce:3d:de:3d:ba:31:36:
5d:22:ae:a5:a5:74:be:67:77:25:1d:b7:2b:de:fc:
1e:71:b4:33:9a:16:f9:92:0b:63:82:0a:b7:5f:05:
06:10:fd:b6:0a:34:00:a0:4d:c2:ce:62:8b:91:e5:
7e:d6:e0:d8:e3:df:ea:d4:c1:dc:67:e6:b7:23:07:
c9:75:02:97:fe:58:c1:d7:3b:b1:01:55:86:a6:55:
0c:0c:3b:66:b6:4a:1f:52:5a:04:90:f7:24:ba:6b:
d1:b9:67:78:d0:30:85:27:c1:a4:ff:77:63:f8:a7:
4b:ca:b4:f5:e7:ef:15:99:fc:05:b1:1e:62:5c:2e:
26:43:6d:b7:42:b0:22:bc:21:3e:63:ee:eb:dd:a1:
fb:a6:ca:20:74:b2:51:1c:c7:33:a3:48:5d:c4:c8:
a3:f3:bf:9f:61:10:8d:c4:51:a6:ce:df:2e:77:23:
bb:10:5b:92:0b:0a:9a:50:50:cc:e5:c3:67:fd:7a:
e8:8e:36:c1:1b:fd:92:c1:c2:e2:f7:0b:b6:52:99:
cb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:21:ED:DA:5B:A5:DB:21:41:DA:FA:61:0D:C6:E3:55:50:DD:D3:F5
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/CyHt2lul2yFB2vphDcbjVVDd0_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:66:ea:5f:3e:d5:ee:d5:8d:d6:65:13:df:11:35:32:8b:56:
4e:21:c5:73:4c:64:20:c2:04:d9:fb:cc:2e:1a:29:85:d1:c5:
9a:6d:da:df:a2:3d:4a:de:22:e3:95:87:c3:e0:8f:aa:4d:e2:
53:e1:ca:b8:b5:84:ce:69:f6:44:58:33:8c:1f:ae:75:ad:d4:
a7:28:7a:3c:ad:62:c9:d4:e8:ee:9c:43:69:80:ac:91:12:f3:
74:9c:c5:e0:7b:0d:49:99:f3:65:cf:6f:5c:a0:06:66:2a:28:
8b:4f:68:78:3a:5f:06:65:d8:b4:b2:03:05:a9:33:54:5b:93:
2c:69:12:30:61:7b:25:b4:8b:e3:6d:91:d3:4a:85:55:e9:8a:
fc:7d:bd:35:ef:ac:ea:12:f3:d8:8d:48:99:d4:6c:7e:51:72:
e2:c7:52:7f:41:77:4c:7d:eb:cc:7a:86:2a:ae:8d:70:95:68:
f3:88:e2:94:27:f7:52:56:0a:2c:9a:de:da:e3:34:28:a0:b0:
ed:cd:2a:bb:59:0c:09:db:df:51:f3:ab:77:ce:e0:6d:6f:c9:
4c:5f:f9:b7:cc:76:02:ee:2a:e2:fa:a2:c8:87:e9:00:f5:5f:
8d:3a:44:24:d8:a5:e7:e7:4f:60:20:ab:83:51:70:0b:9a:23:
7e:d8:ea:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWPSg4jtoHYa0l1HnDRUni8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwMzEzMTEzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjIxZWRkYTViYTVkYjIxNDFkYWZhNjEwZGM2ZTM1NTUwZGRkM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVnhcJ8k/ELzhP876IsnFejsobhr
bQkXc/E30AUbfQ67TME0xlkMxlVBoyI3wQihkfLxQs493j26MTZdIq6lpXS+Z3cl
Hbcr3vwecbQzmhb5kgtjggq3XwUGEP22CjQAoE3CzmKLkeV+1uDY49/q1MHcZ+a3
IwfJdQKX/ljB1zuxAVWGplUMDDtmtkofUloEkPckumvRuWd40DCFJ8Gk/3dj+KdL
yrT15+8VmfwFsR5iXC4mQ223QrAivCE+Y+7r3aH7psogdLJRHMczo0hdxMij87+f
YRCNxFGmzt8udyO7EFuSCwqaUFDM5cNn/XrojjbBG/2SwcLi9wu2UpnLCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsh7dpbpdshQdr6YQ3G41VQ3dP1MB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvQ3lIdDJsdWwyeUZCMnZwaERjYmpWVkRkMF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQBLZupfPtXu1Y3WZRPfETUyi1ZOIcVzTGQgwgTZ+8wu
GimF0cWabdrfoj1K3iLjlYfD4I+qTeJT4cq4tYTOafZEWDOMH651rdSnKHo8rWLJ
1OjunENpgKyREvN0nMXgew1JmfNlz29coAZmKiiLT2h4Ol8GZdi0sgMFqTNUW5Ms
aRIwYXsltIvjbZHTSoVV6Yr8fb0176zqEvPYjUiZ1Gx+UXLix1J/QXdMfevMeoYq
ro1wlWjziOKUJ/dSVgosmt7a4zQooLDtzSq7WQwJ299R86t3zuBtb8lMX/m3zHYC
7iri+qLIh+kA9V+NOkQk2KXn509gIKuDUXALmiN+2Or6
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:31:39 2025 by rpki-client