Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/HGpVKnEzqVtX36PeGPT0uVXmkCM.roa
File: HGpVKnEzqVtX36PeGPT0uVXmkCM.roa (raw, json)
Hash identifier: VVqtKA6csUX+pA8XY/wHo9khqJsIGRXAj/4N0e6iQIM=
Subject key identifier: 1C:6A:55:2A:71:33:A9:5B:57:DF:A3:DE:18:F4:F4:B9:55:E6:90:23
Certificate issuer: /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial: 01943A80FC4D4036919CBC5B4DA8FE672966
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/HGpVKnEzqVtX36PeGPT0uVXmkCM.roa
Signing time: Mon 06 Jan 2025 07:25:18 +0000
ROA not before: Mon 06 Jan 2025 07:25:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 45.81.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3a:80:fc:4d:40:36:91:9c:bc:5b:4d:a8:fe:67:29:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Validity
Not Before: Jan 6 07:25:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c6a552a7133a95b57dfa3de18f4f4b955e69023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:c4:02:20:51:a6:8d:8a:88:66:88:22:1d:
32:9b:26:b8:9b:28:4a:6a:83:13:31:04:53:72:0e:
7f:cc:13:8b:dc:0e:0a:fb:7a:7f:bf:46:76:f6:f2:
e4:d4:6d:39:15:6e:d9:61:a4:8c:01:03:1c:39:81:
63:26:2b:b1:93:c8:a4:11:4e:42:bf:ca:02:02:4c:
76:ee:aa:3a:d9:9f:37:9b:36:38:a6:23:f0:e9:95:
f9:25:b9:a1:c8:98:77:1b:ea:1a:3f:bb:54:5c:81:
82:b4:69:e7:93:1f:ca:cf:b2:44:63:14:41:c3:d2:
45:05:6c:60:06:4a:86:75:ec:49:bc:47:49:63:26:
f8:3b:86:79:92:46:6b:47:42:e5:15:64:60:75:ee:
6e:cb:8b:97:a7:1b:d7:22:00:81:be:da:18:b2:47:
f0:86:bb:40:b4:7c:53:df:06:88:6e:d7:47:14:96:
62:98:13:0c:00:f1:5d:0e:0c:26:f0:7e:64:cc:af:
e5:ed:fc:c5:77:10:b4:78:dd:3b:24:fc:91:12:a6:
cf:40:12:54:db:81:5c:79:c1:6a:3a:d0:1a:59:6b:
24:d1:57:c2:f0:74:0e:a6:9b:e7:b5:5d:83:8c:1a:
6d:e3:f1:93:10:85:5c:73:22:8b:92:72:00:fc:b0:
36:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6A:55:2A:71:33:A9:5B:57:DF:A3:DE:18:F4:F4:B9:55:E6:90:23
X509v3 Authority Key Identifier:
keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/HGpVKnEzqVtX36PeGPT0uVXmkCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e5:a3:6b:f2:87:97:00:09:a6:f8:66:97:4e:2f:05:96:67:
74:b7:b1:d4:af:79:13:91:99:4a:0c:f8:ca:88:e0:88:10:14:
3e:95:f7:05:65:86:3c:7b:d9:27:77:0d:d3:76:f1:fe:f9:69:
2c:b9:14:bc:c1:6d:6c:a7:e8:30:fb:a2:46:55:43:64:62:7e:
1d:5f:cb:ea:91:7e:6a:50:c0:e0:f5:95:a5:87:3d:4d:a5:81:
df:f7:5e:47:07:c4:48:0a:19:e5:0c:0f:7c:c5:fa:59:79:75:
36:ac:31:8b:9f:d3:f2:f5:83:3e:9e:d8:90:2b:e4:b9:67:17:
b1:99:d2:e5:be:d2:3b:6a:32:61:ba:90:60:8e:33:92:9f:0a:
8f:c6:c3:8a:f3:9e:11:eb:d6:32:c0:eb:20:3a:3f:11:dc:15:
24:04:33:71:db:85:39:2f:4a:01:28:dc:18:d3:72:8d:80:53:
f3:b1:33:06:3f:3e:11:dc:60:e9:ef:aa:d7:17:9f:74:27:88:
22:9b:07:ac:1d:da:e9:76:66:f3:ed:5d:d7:90:1d:0a:32:b6:
b5:f2:06:2c:23:13:09:ea:cb:9d:86:27:7d:2c:93:cf:52:6c:
07:80:bf:e0:1d:bd:ac:41:13:a4:ee:7b:1a:f7:62:31:f6:e2:
c2:1e:56:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ6gPxNQDaRnLxbTaj+ZylmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjUwMTA2MDcyNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZhNTUyYTcxMzNhOTViNTdkZmEzZGUxOGY0ZjRiOTU1ZTY5MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYvEAiBRpo2KiGaIIh0ymya4myhK
aoMTMQRTcg5/zBOL3A4K+3p/v0Z29vLk1G05FW7ZYaSMAQMcOYFjJiuxk8ikEU5C
v8oCAkx27qo62Z83mzY4piPw6ZX5JbmhyJh3G+oaP7tUXIGCtGnnkx/Kz7JEYxRB
w9JFBWxgBkqGdexJvEdJYyb4O4Z5kkZrR0LlFWRgde5uy4uXpxvXIgCBvtoYskfw
hrtAtHxT3waIbtdHFJZimBMMAPFdDgwm8H5kzK/l7fzFdxC0eN07JPyREqbPQBJU
24FcecFqOtAaWWsk0VfC8HQOppvntV2DjBpt4/GTEIVccyKLknIA/LA2jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxqVSpxM6lbV9+j3hj09LlV5pAjMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvSEdwVktuRXpxVnRYMzZQZUdQVDB1Vlhta0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVH/MA0G
CSqGSIb3DQEBCwUAA4IBAQBM5aNr8oeXAAmm+GaXTi8Flmd0t7HUr3kTkZlKDPjK
iOCIEBQ+lfcFZYY8e9kndw3TdvH++WksuRS8wW1sp+gw+6JGVUNkYn4dX8vqkX5q
UMDg9ZWlhz1NpYHf915HB8RIChnlDA98xfpZeXU2rDGLn9Py9YM+ntiQK+S5Zxex
mdLlvtI7ajJhupBgjjOSnwqPxsOK854R69YywOsgOj8R3BUkBDNx24U5L0oBKNwY
03KNgFPzsTMGPz4R3GDp76rXF590J4gimwesHdrpdmbz7V3XkB0KMra18gYsIxMJ
6sudhid9LJPPUmwHgL/gHb2sQROk7nsa92Ix9uLCHlb7
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:47:38 2025 by rpki-client on console.sobornost.net