Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/HdvygVOruYbTXwlr1NLClydlYqo.roa
File: HdvygVOruYbTXwlr1NLClydlYqo.roa (raw, json)
Hash identifier: sMi8mYGDSncYX0REgUe1LpnyiMZD3xdRzWB6T1gaSas=
Subject key identifier: 1D:DB:F2:81:53:AB:B9:86:D3:5F:09:6B:D4:D2:C2:97:27:65:62:AA
Certificate issuer: /CN=72d1b5cb6fb0423986871ef01e663f365ce0d895
Certificate serial: 019424B382A177465565F5FE0FE1559699AC
Authority key identifier: 72:D1:B5:CB:6F:B0:42:39:86:87:1E:F0:1E:66:3F:36:5C:E0:D8:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ctG1y2-wQjmGhx7wHmY_Nlzg2JU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/HdvygVOruYbTXwlr1NLClydlYqo.roa
Signing time: Thu 02 Jan 2025 01:48:51 +0000
ROA not before: Thu 02 Jan 2025 01:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15600
IP address blocks: 5.145.32.0/19 maxlen: 24
185.74.128.0/22 maxlen: 22
2a00:d3e0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:82:a1:77:46:55:65:f5:fe:0f:e1:55:96:99:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72d1b5cb6fb0423986871ef01e663f365ce0d895
Validity
Not Before: Jan 2 01:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ddbf28153abb986d35f096bd4d2c297276562aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:8e:6f:2f:c8:32:84:3c:69:b8:56:5f:aa:
80:34:60:10:ae:9d:21:94:ce:0b:84:f8:19:89:ab:
7d:3a:64:0d:d0:f4:9f:f6:7d:0f:9d:22:13:7e:2e:
37:1e:0e:3a:f8:4f:2e:f6:57:27:1a:e0:da:f8:df:
7c:32:26:46:05:e2:78:a4:79:c4:ca:f3:cd:5b:85:
54:6b:97:d4:7c:b9:45:2b:c7:1d:50:c1:17:6b:b6:
0d:fd:96:7e:a1:75:b9:43:7a:53:49:76:2f:54:69:
e6:96:ef:c5:bb:d4:82:cb:ef:99:23:cc:f0:6a:74:
a6:ac:31:2a:cc:8e:83:6d:7c:f2:05:0d:ee:17:50:
ee:b4:c1:0d:ef:8b:5c:c7:68:9a:fa:7b:70:ce:e9:
be:da:d9:8e:39:cb:b2:c5:11:f3:a4:83:f7:55:94:
80:ca:ef:b6:3f:64:4b:63:5a:db:6b:0e:6f:63:d7:
58:e9:74:a0:86:b0:31:15:46:ec:a3:99:db:70:40:
8e:7b:ac:85:2c:f1:ca:ad:64:62:e5:6b:08:24:81:
4f:1f:36:07:6c:ee:6c:43:cb:d6:46:bf:93:14:a4:
61:a2:47:5e:8a:cc:d6:b6:66:59:99:dd:1b:97:5f:
96:97:cb:d7:e9:1b:cb:40:58:37:4a:7c:63:1c:e3:
50:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DB:F2:81:53:AB:B9:86:D3:5F:09:6B:D4:D2:C2:97:27:65:62:AA
X509v3 Authority Key Identifier:
keyid:72:D1:B5:CB:6F:B0:42:39:86:87:1E:F0:1E:66:3F:36:5C:E0:D8:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ctG1y2-wQjmGhx7wHmY_Nlzg2JU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/HdvygVOruYbTXwlr1NLClydlYqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a600f5-9428-485c-b42e-64de34f1f464/1/ctG1y2-wQjmGhx7wHmY_Nlzg2JU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.32.0/19
185.74.128.0/22
IPv6:
2a00:d3e0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:e7:54:7b:34:0b:f2:f3:99:97:37:89:ba:fd:31:d7:f4:45:
04:d9:85:71:6e:21:17:76:60:cb:c8:a6:9e:e6:37:f5:9b:49:
1c:64:e5:57:64:cc:92:dd:0f:af:25:a6:90:d8:77:9e:f9:5b:
50:1c:28:05:5e:1a:e5:d7:12:82:15:e3:31:00:75:30:d3:05:
1f:1e:8a:9e:60:8e:77:41:18:87:00:cd:1b:38:6d:8c:c7:11:
70:64:f9:38:23:6c:3c:bd:b6:37:57:a8:72:6b:84:7d:d9:14:
f6:c2:b6:68:ee:bf:b5:e5:d3:2b:5d:23:40:8c:9e:84:50:b9:
f6:42:b2:b0:cf:dc:dd:0f:37:36:6f:8a:e8:10:0a:45:77:c2:
06:d4:1f:ef:e5:68:b5:8e:af:2b:11:fc:18:1f:25:fe:e6:49:
ac:0d:92:e9:71:dd:b8:3c:0a:a8:cc:1e:57:7d:02:ab:ff:50:
32:64:99:7b:30:9e:5c:3f:7d:ce:41:d0:82:6f:bf:e3:db:ae:
1b:1b:cc:5c:61:fd:f5:01:97:b5:80:57:9d:f6:5c:81:cd:ce:
d8:9a:dd:96:3e:bf:83:fe:91:3b:4c:5b:ee:17:03:26:91:69:
07:dd:04:4e:a0:97:6b:4c:91:38:25:cb:35:8e:d4:71:8a:2b:
b3:a3:1a:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks4Khd0ZVZfX+D+FVlpmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZDFiNWNiNmZiMDQyMzk4Njg3MWVmMDFlNjYzZjM2NWNl
MGQ4OTUwHhcNMjUwMTAyMDE0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGRiZjI4MTUzYWJiOTg2ZDM1ZjA5NmJkNGQyYzI5NzI3NjU2MmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY2Oby/IMoQ8abhWX6qANGAQrp0h
lM4LhPgZiat9OmQN0PSf9n0PnSITfi43Hg46+E8u9lcnGuDa+N98MiZGBeJ4pHnE
yvPNW4VUa5fUfLlFK8cdUMEXa7YN/ZZ+oXW5Q3pTSXYvVGnmlu/Fu9SCy++ZI8zw
anSmrDEqzI6DbXzyBQ3uF1DutMEN74tcx2ia+ntwzum+2tmOOcuyxRHzpIP3VZSA
yu+2P2RLY1rbaw5vY9dY6XSghrAxFUbso5nbcECOe6yFLPHKrWRi5WsIJIFPHzYH
bO5sQ8vWRr+TFKRhokdeiszWtmZZmd0bl1+Wl8vX6RvLQFg3SnxjHONQmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB3b8oFTq7mG018Ja9TSwpcnZWKqMB8GA1UdIwQY
MBaAFHLRtctvsEI5hoce8B5mPzZc4NiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3RHMXkyLXdRam1HaHg3d0htWV9ObHpnMkpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hNjAwZjUtOTQyOC00ODVjLWI0MmUt
NjRkZTM0ZjFmNDY0LzEvSGR2eWdWT3J1WWJUWHdscjFOTENseWRsWXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hNjAwZjUtOTQyOC00ODVjLWI0MmUtNjRkZTM0ZjFmNDY0
LzEvY3RHMXkyLXdRam1HaHg3d0htWV9ObHpnMkpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFBZEgAwQC
uUqAMA0EAgACMAcDBQMqANPgMA0GCSqGSIb3DQEBCwUAA4IBAQCc51R7NAvy85mX
N4m6/THX9EUE2YVxbiEXdmDLyKae5jf1m0kcZOVXZMyS3Q+vJaaQ2Hee+VtQHCgF
Xhrl1xKCFeMxAHUw0wUfHoqeYI53QRiHAM0bOG2MxxFwZPk4I2w8vbY3V6hya4R9
2RT2wrZo7r+15dMrXSNAjJ6EULn2QrKwz9zdDzc2b4roEApFd8IG1B/v5Wi1jq8r
EfwYHyX+5kmsDZLpcd24PAqozB5XfQKr/1AyZJl7MJ5cP33OQdCCb7/j264bG8xc
Yf31AZe1gFed9lyBzc7Ymt2WPr+D/pE7TFvuFwMmkWkH3QROoJdrTJE4Jcs1jtRx
iiuzoxrV
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:23 2025 by rpki-client