Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/HLXgW9g3LABWkFIyEESTxGOx85U.roa
File: HLXgW9g3LABWkFIyEESTxGOx85U.roa (raw, json)
Hash identifier: Jl3vie7iN8reVNinZ0G4doJvIc2+E+YXOFkhA/Y59v4=
Subject key identifier: 1C:B5:E0:5B:D8:37:2C:00:56:90:52:32:10:44:93:C4:63:B1:F3:95
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 019424457A3BA7D992283302E9A654F90593
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/HLXgW9g3LABWkFIyEESTxGOx85U.roa
Signing time: Wed 01 Jan 2025 23:48:40 +0000
ROA not before: Wed 01 Jan 2025 23:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.152.32.0/24 maxlen: 24
45.152.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7a:3b:a7:d9:92:28:33:02:e9:a6:54:f9:05:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 23:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cb5e05bd8372c0056905232104493c463b1f395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:70:15:91:ba:da:fe:6e:3b:a5:1a:8b:e8:61:
a2:64:3a:c8:81:bf:93:42:7e:1f:3a:b6:4a:01:ac:
c5:4f:c6:a4:e3:84:dd:e9:68:0e:0e:74:61:59:22:
9a:49:71:20:2d:43:e2:7e:ac:14:48:c8:d4:a2:e1:
82:70:58:00:75:cf:34:47:9b:0e:05:0c:26:37:e5:
de:05:9b:f7:c7:1a:a8:72:3c:de:e9:d0:ad:6a:cc:
4f:d6:5f:f1:0e:15:c8:a1:c1:59:c6:61:c1:e8:b6:
cc:ea:3c:29:a3:55:92:79:25:94:5a:62:fd:a0:29:
45:93:4f:01:d3:d4:b8:d9:bc:c2:a4:ae:7f:df:bf:
ef:7d:11:61:92:0e:82:64:a1:e0:1b:bc:d5:78:c0:
a4:26:8d:85:f6:ee:e5:ef:92:4f:8e:1d:75:ac:ee:
e6:7f:aa:52:60:ac:54:32:25:5c:55:89:bc:a1:b0:
04:d9:97:85:4b:ea:5a:70:5b:10:4d:20:ac:5f:03:
ee:f2:f8:0b:f6:5d:8e:cb:89:c6:5c:7f:93:9e:dc:
e2:ae:92:61:c5:89:c3:90:2e:3d:7b:40:77:b4:11:
d2:0c:a6:29:5a:91:23:66:05:1f:6d:c2:e6:11:72:
b4:1a:7a:7c:32:2e:d7:74:86:97:35:d7:25:b0:75:
32:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B5:E0:5B:D8:37:2C:00:56:90:52:32:10:44:93:C4:63:B1:F3:95
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/HLXgW9g3LABWkFIyEESTxGOx85U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.32.0/23
Signature Algorithm: sha256WithRSAEncryption
94:3d:61:eb:21:a4:25:6e:af:a4:26:f3:07:58:40:96:db:55:
a7:fb:93:7f:0e:ee:7d:8c:a5:6d:41:63:dd:55:4d:27:b8:44:
d6:b0:ff:95:c0:1a:1d:66:99:5a:24:27:20:a2:6c:b0:73:55:
53:64:ad:34:77:47:22:22:ab:4d:61:f1:e9:14:b8:90:3f:8e:
d6:68:42:c2:af:61:cd:74:92:aa:2e:ca:2c:98:eb:64:8f:1a:
48:8b:2b:40:e4:cc:28:1e:4c:61:98:d5:3d:88:63:ea:76:4a:
09:3a:1b:30:7c:f2:83:13:64:b4:a2:c8:27:bd:a0:5f:42:f0:
d0:e3:02:ec:5d:ea:93:61:ea:34:8d:f7:f1:7f:8d:33:9a:e4:
81:a0:b8:33:c5:9b:a4:00:f5:2d:88:6b:5a:b2:b7:c4:71:78:
0c:3c:76:4f:b0:23:e4:9e:4e:76:79:fc:8d:9e:10:62:d5:b4:
ed:48:c7:71:ce:c2:0e:4b:c6:73:2c:5e:d6:01:bd:5f:f3:dc:
6e:ce:93:ed:b4:d4:6f:cf:33:4d:32:d1:06:2b:e0:35:74:9d:
77:07:69:36:37:bc:9f:bf:51:78:9b:ac:af:aa:5b:ad:e4:37:
f6:41:9c:f4:b6:ac:87:d1:ee:fe:dc:3a:2c:e8:30:cf:c2:bd:
54:67:60:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRXo7p9mSKDMC6aZU+QWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjUwMTAxMjM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2I1ZTA1YmQ4MzcyYzAwNTY5MDUyMzIxMDQ0OTNjNDYzYjFmMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/nAVkbra/m47pRqL6GGiZDrIgb+T
Qn4fOrZKAazFT8ak44Td6WgODnRhWSKaSXEgLUPifqwUSMjUouGCcFgAdc80R5sO
BQwmN+XeBZv3xxqocjze6dCtasxP1l/xDhXIocFZxmHB6LbM6jwpo1WSeSWUWmL9
oClFk08B09S42bzCpK5/37/vfRFhkg6CZKHgG7zVeMCkJo2F9u7l75JPjh11rO7m
f6pSYKxUMiVcVYm8obAE2ZeFS+pacFsQTSCsXwPu8vgL9l2Oy4nGXH+TntzirpJh
xYnDkC49e0B3tBHSDKYpWpEjZgUfbcLmEXK0Gnp8Mi7XdIaXNdclsHUyHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBy14FvYNywAVpBSMhBEk8RjsfOVMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvSExYZ1c5ZzNMQUJXa0ZJeUVFU1R4R094ODVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZggMA0G
CSqGSIb3DQEBCwUAA4IBAQCUPWHrIaQlbq+kJvMHWECW21Wn+5N/Du59jKVtQWPd
VU0nuETWsP+VwBodZplaJCcgomywc1VTZK00d0ciIqtNYfHpFLiQP47WaELCr2HN
dJKqLsosmOtkjxpIiytA5MwoHkxhmNU9iGPqdkoJOhswfPKDE2S0osgnvaBfQvDQ
4wLsXeqTYeo0jffxf40zmuSBoLgzxZukAPUtiGtasrfEcXgMPHZPsCPknk52efyN
nhBi1bTtSMdxzsIOS8ZzLF7WAb1f89xuzpPttNRvzzNNMtEGK+A1dJ13B2k2N7yf
v1F4m6yvqlut5Df2QZz0tqyH0e7+3Dos6DDPwr1UZ2CK
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:14:10 2025 by rpki-client on console.sobornost.net