Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/HYe2DB-lN0nLZHPMykP9Y8-TnW0.roa
File: HYe2DB-lN0nLZHPMykP9Y8-TnW0.roa (raw, json)
Hash identifier: S9gPAa4SULDeLUBnJ7OBWfRihcUxiyuBHK6RszcyiLQ=
Subject key identifier: 1D:87:B6:0C:1F:A5:37:49:CB:64:73:CC:CA:43:FD:63:CF:93:9D:6D
Certificate issuer: /CN=37915673b28bdfadb2c2019ac68d0464fd21b71a
Certificate serial: 018CC7267A18F70A305958B9C98D0AB52BD5
Authority key identifier: 37:91:56:73:B2:8B:DF:AD:B2:C2:01:9A:C6:8D:04:64:FD:21:B7:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5FWc7KL362ywgGaxo0EZP0htxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/HYe2DB-lN0nLZHPMykP9Y8-TnW0.roa
Signing time: Mon 01 Jan 2024 22:30:36 +0000
ROA not before: Mon 01 Jan 2024 22:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34108
IP address blocks: 145.32.66.0/24 maxlen: 24
145.32.86.0/23 maxlen: 24
145.32.0.0/24 maxlen: 24
145.32.0.0/17 maxlen: 17
145.32.10.0/23 maxlen: 23
145.32.0.0/16 maxlen: 16
145.32.128.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:7a:18:f7:0a:30:59:58:b9:c9:8d:0a:b5:2b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37915673b28bdfadb2c2019ac68d0464fd21b71a
Validity
Not Before: Jan 1 22:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d87b60c1fa53749cb6473ccca43fd63cf939d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a4:a3:86:51:8f:6a:d9:86:fa:fd:33:74:cb:
66:c8:c8:a2:92:a4:71:da:97:a1:2b:56:6c:7f:73:
4f:67:ff:b5:31:42:86:0f:cb:2a:0c:d7:59:ba:7d:
3f:06:d3:7d:f9:38:76:91:79:9e:77:0c:d3:2c:7c:
91:96:1f:af:c1:53:d6:a3:e9:97:6e:7c:9d:43:87:
47:bb:9d:8e:f2:e5:ea:a4:1f:25:64:79:12:e4:7a:
2d:32:f8:ce:26:c8:bb:14:57:18:e8:47:d8:ed:ca:
9e:91:71:d8:81:61:46:4b:e1:e3:de:54:fe:16:bc:
a6:ef:d0:2c:5d:34:54:7e:3d:85:80:71:b3:cd:9a:
4f:da:1a:59:13:d5:df:4c:8a:23:ab:71:65:88:1d:
df:e6:4e:5c:04:e8:b7:62:68:84:c6:1a:e1:9d:1f:
2e:0b:0f:4e:b2:2e:15:a0:c9:8f:5f:ea:1d:ec:f4:
f7:35:a3:28:1e:d1:4d:85:d3:ba:92:0c:21:ca:43:
7d:cf:81:09:6e:b1:18:79:e4:50:be:94:e0:9f:9e:
6f:19:ee:b4:9e:1a:db:82:4d:48:d7:b0:dd:cc:af:
22:a7:ab:a8:87:aa:f7:61:a3:45:eb:fa:05:83:4b:
cf:b7:63:1e:8a:d6:04:a6:99:7e:75:c3:60:e3:a4:
cd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:87:B6:0C:1F:A5:37:49:CB:64:73:CC:CA:43:FD:63:CF:93:9D:6D
X509v3 Authority Key Identifier:
keyid:37:91:56:73:B2:8B:DF:AD:B2:C2:01:9A:C6:8D:04:64:FD:21:B7:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5FWc7KL362ywgGaxo0EZP0htxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/HYe2DB-lN0nLZHPMykP9Y8-TnW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/N5FWc7KL362ywgGaxo0EZP0htxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:8a:99:4f:2b:bd:98:4e:2f:c2:c4:62:8c:7d:dd:e5:de:1e:
24:73:7f:3a:c5:c5:c1:a6:d0:6a:da:72:7d:33:8f:75:5f:90:
bb:bd:c1:f9:20:a4:4d:88:90:51:d0:d4:a6:bb:45:1e:4a:bb:
43:d1:29:a8:e8:a5:e1:41:8f:1c:2e:7e:40:3c:47:8a:a6:61:
71:51:9c:f0:c6:48:bf:e5:81:d3:22:83:89:6f:5f:2c:fe:38:
04:be:77:cb:30:5f:2c:8b:0b:04:36:74:9c:bb:24:93:5c:d1:
1b:ba:47:a0:3b:95:0b:22:85:ef:fa:d3:42:2a:b8:81:8b:7c:
01:ba:ec:5a:74:85:cf:e2:17:f3:dd:c9:10:95:35:27:a3:75:
09:3e:4f:8f:4e:80:1a:c3:e1:77:d8:94:ab:71:09:ef:0d:2e:
95:9a:03:61:04:f6:b1:fd:75:ae:b7:b7:09:7b:87:03:33:d6:
ea:d1:ee:a9:ac:55:98:1e:df:a4:33:ad:9e:fd:6a:df:4a:77:
e8:bc:96:41:b3:65:7a:30:ff:48:1d:e3:68:0a:bf:e1:4f:1c:
bb:28:3e:83:a0:a7:53:69:af:63:db:ad:c2:89:82:a4:9d:b5:
36:00:2c:ab:05:be:9f:2b:29:be:10:bf:4c:db:d8:e0:3b:00:
d4:7a:5a:bb
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzHJnoY9wowWVi5yY0KtSvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTE1NjczYjI4YmRmYWRiMmMyMDE5YWM2OGQwNDY0ZmQy
MWI3MWEwHhcNMjQwMTAxMjIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg3YjYwYzFmYTUzNzQ5Y2I2NDczY2NjYTQzZmQ2M2NmOTM5ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6SjhlGPatmG+v0zdMtmyMiikqRx
2pehK1Zsf3NPZ/+1MUKGD8sqDNdZun0/BtN9+Th2kXmedwzTLHyRlh+vwVPWo+mX
bnydQ4dHu52O8uXqpB8lZHkS5HotMvjOJsi7FFcY6EfY7cqekXHYgWFGS+Hj3lT+
Frym79AsXTRUfj2FgHGzzZpP2hpZE9XfTIojq3FliB3f5k5cBOi3YmiExhrhnR8u
Cw9Osi4VoMmPX+od7PT3NaMoHtFNhdO6kgwhykN9z4EJbrEYeeRQvpTgn55vGe60
nhrbgk1I17DdzK8ip6uoh6r3YaNF6/oFg0vPt2MeitYEppl+dcNg46TN5wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFB2HtgwfpTdJy2RzzMpD/WPPk51tMB8GA1UdIwQY
MBaAFDeRVnOyi9+tssIBmsaNBGT9IbcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVGV2M3S0wzNjJ5d2dHYXhvMEVaUDBodHhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS80ZWE0ZjctZDcwZS00MmEyLWFmZDct
M2UzYTE4OGY0OWRlLzEvSFllMkRCLWxOMG5MWkhQTXlrUDlZOC1UblcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS80ZWE0ZjctZDcwZS00MmEyLWFmZDctM2UzYTE4OGY0OWRl
LzEvTjVGV2M3S0wzNjJ5d2dHYXhvMEVaUDBodHhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkSAwDQYJ
KoZIhvcNAQELBQADggEBAKiKmU8rvZhOL8LEYox93eXeHiRzfzrFxcGm0Gracn0z
j3VfkLu9wfkgpE2IkFHQ1Ka7RR5Ku0PRKajopeFBjxwufkA8R4qmYXFRnPDGSL/l
gdMig4lvXyz+OAS+d8swXyyLCwQ2dJy7JJNc0Ru6R6A7lQsihe/600IquIGLfAG6
7Fp0hc/iF/PdyRCVNSejdQk+T49OgBrD4XfYlKtxCe8NLpWaA2EE9rH9da63twl7
hwMz1urR7qmsVZge36QzrZ79at9Kd+i8lkGzZXow/0gd42gKv+FPHLsoPoOgp1Np
r2PbrcKJgqSdtTYALKsFvp8rKb4Qv0zb2OA7ANR6Wrs=
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:45 2024 by rpki-client on console.sobornost.net