Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/HavbcCgPZNnbV93x4H2mttkwfe0.roa
File: HavbcCgPZNnbV93x4H2mttkwfe0.roa (raw, json)
Hash identifier: apKB0EwONkLCGe9wc5rKmSx7zLM5c5gIQP/6UTN2mF8=
Subject key identifier: 1D:AB:DB:70:28:0F:64:D9:DB:57:DD:F1:E0:7D:A6:B6:D9:30:7D:ED
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 085B4F25
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/HavbcCgPZNnbV93x4H2mttkwfe0.roa
Signing time: Wed 16 Feb 2022 14:47:04 +0000
ROA not before: Wed 16 Feb 2022 14:47:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 152.89.30.0/23 maxlen: 23
152.89.28.0/23 maxlen: 23
45.138.12.0/23 maxlen: 23
91.132.162.0/23 maxlen: 23
91.132.160.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140201765 (0x85b4f25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Feb 16 14:47:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dabdb70280f64d9db57ddf1e07da6b6d9307ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f8:34:41:a9:4a:94:50:1e:a8:ba:85:29:33:
45:78:3c:9d:1c:9c:c9:46:fe:1f:c8:cf:11:c0:9f:
ba:29:e5:7e:4f:05:7a:fb:d6:ca:ce:5a:b9:5b:dd:
c6:98:d6:d1:e9:7d:4f:2c:78:00:0e:14:04:b2:82:
40:d7:4d:27:16:da:04:ab:61:f1:ec:14:c9:2d:84:
62:8e:c6:12:18:13:e3:5e:83:d1:eb:a5:90:f2:c5:
e0:51:88:8b:9a:d6:0a:88:7b:8e:34:e5:72:a2:be:
6b:01:52:fe:19:ae:81:ab:c3:2b:f4:a7:d0:b3:2a:
3a:8b:e5:25:0d:92:38:86:ad:3f:c7:8b:3f:9f:a6:
63:45:ec:f0:e6:0e:95:07:67:7f:9b:d9:33:04:e4:
18:b7:1f:7d:07:bc:73:b5:60:0b:95:88:50:bf:a9:
26:13:82:2e:2f:45:dd:f1:38:53:0f:9a:77:7d:1d:
44:1a:87:03:21:92:bc:3f:a9:35:0e:f0:39:24:df:
72:6e:f0:68:20:ec:01:f9:93:18:1e:c5:33:9a:0f:
fe:44:a5:83:9a:c9:fa:1a:72:a2:eb:a1:ad:74:b5:
f3:b2:0d:81:0b:70:c9:58:8e:e1:7d:50:87:4e:c8:
74:29:6d:59:d2:b0:65:a7:48:e2:66:81:dc:cb:77:
4b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AB:DB:70:28:0F:64:D9:DB:57:DD:F1:E0:7D:A6:B6:D9:30:7D:ED
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/HavbcCgPZNnbV93x4H2mttkwfe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/23
91.132.160.0/22
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:47:cd:5a:36:29:da:b5:f7:38:b9:f7:49:94:44:4e:3b:43:
7a:93:4c:85:41:41:43:1c:2f:38:4d:e1:b8:4a:e6:eb:4d:7b:
1d:f6:ec:ce:97:3b:01:07:81:9c:0b:6c:cd:cf:6f:e7:c7:66:
af:a6:20:69:f7:4a:40:05:14:f1:a9:9a:93:19:fb:9e:b1:a8:
71:f8:c0:3c:d9:2e:bd:81:f5:d7:a6:50:42:c7:2c:ca:a0:63:
59:1d:7d:52:9f:b8:9d:f1:75:3c:72:16:10:4b:73:c4:a8:53:
1c:75:53:22:49:87:fc:35:7b:0b:a8:cd:14:2b:f7:40:22:07:
18:9b:27:6e:68:0e:8f:c5:30:fc:6f:a0:30:3f:88:86:30:c6:
ff:ee:7b:4b:61:fa:57:b5:9d:c6:da:61:70:31:94:89:15:4d:
56:5b:6f:ec:38:47:17:01:0c:df:a4:bc:02:88:14:78:4c:1a:
ba:3b:60:87:cd:1b:16:f1:3c:fa:a9:8b:29:60:62:d3:6a:29:
45:9d:a9:c5:c2:90:43:22:4e:8b:d9:ec:6d:5b:ab:e9:f3:f1:
3a:a0:88:43:7e:d2:a5:52:9a:9a:ff:6e:8c:b6:26:10:c6:a2:
50:9c:5c:74:62:96:95:73:cd:28:3e:58:a7:01:39:45:27:dc:
a9:c5:da:05
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECFtPJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTg2YzczOTk0ZDAyZDkxZmM5N2Q5MTZlOTgwOWE2ZDk4MWU2YjE3MB4XDTIyMDIx
NjE0NDcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRhYmRiNzAyODBm
NjRkOWRiNTdkZGYxZTA3ZGE2YjZkOTMwN2RlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIj4NEGpSpRQHqi6hSkzRXg8nRycyUb+H8jPEcCfuinlfk8F
evvWys5auVvdxpjW0el9Tyx4AA4UBLKCQNdNJxbaBKth8ewUyS2EYo7GEhgT416D
0eulkPLF4FGIi5rWCoh7jjTlcqK+awFS/hmugavDK/Sn0LMqOovlJQ2SOIatP8eL
P5+mY0Xs8OYOlQdnf5vZMwTkGLcffQe8c7VgC5WIUL+pJhOCLi9F3fE4Uw+ad30d
RBqHAyGSvD+pNQ7wOSTfcm7waCDsAfmTGB7FM5oP/kSlg5rJ+hpyouuhrXS187IN
gQtwyViO4X1Qh07IdCltWdKwZadI4maB3Mt3S/UCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQdq9twKA9k2dtX3fHgfaa22TB97TAfBgNVHSMEGDAWgBRJhsc5lNAtkfyX
2RbpgJptmB5rFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NZYkhPWlRRTFpIOGw5a1c2WUNhYlpnZWF4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvNDU3ZTEzLTQxZDMtNDBlZi1iNTcyLTllODk1ZDBlZjhkMi8x
L0hhdmJjQ2dQWk5uYlY5M3g0SDJtdHRrd2ZlMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
NDU3ZTEzLTQxZDMtNDBlZi1iNTcyLTllODk1ZDBlZjhkMi8xL1NZYkhPWlRRTFpI
OGw5a1c2WUNhYlpnZWF4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAS2KDAMEAluEoAMEAphZHDANBgkq
hkiG9w0BAQsFAAOCAQEAe0fNWjYp2rX3OLn3SZRETjtDepNMhUFBQxwvOE3huErm
6017Hfbszpc7AQeBnAtszc9v58dmr6YgafdKQAUU8amakxn7nrGocfjAPNkuvYH1
16ZQQscsyqBjWR19Up+4nfF1PHIWEEtzxKhTHHVTIkmH/DV7C6jNFCv3QCIHGJsn
bmgOj8Uw/G+gMD+IhjDG/+57S2H6V7WdxtphcDGUiRVNVltv7DhHFwEM36S8AogU
eEwaujtgh80bFvE8+qmLKWBi02opRZ2pxcKQQyJOi9nsbVur6fPxOqCIQ37SpVKa
mv9ujLYmEMaiUJxcdGKWlXPNKD5YpwE5RSfcqcXaBQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:34 2025 by rpki-client