Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/HbD_TR3_mqlACMnF4iTXIAuOjsg.roa
File: HbD_TR3_mqlACMnF4iTXIAuOjsg.roa (raw, json)
Hash identifier: T3tCAy3O2wLO9qO83uugLqRmkiFNSfdwlXWERB4+Mok=
Subject key identifier: 1D:B0:FF:4D:1D:FF:9A:A9:40:08:C9:C5:E2:24:D7:20:0B:8E:8E:C8
Certificate issuer: /CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Certificate serial: 0194221F758C6FCAB7E110D9CB51899C3AFA
Authority key identifier: 80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/HbD_TR3_mqlACMnF4iTXIAuOjsg.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200436
IP address blocks: 45.142.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:75:8c:6f:ca:b7:e1:10:d9:cb:51:89:9c:3a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1db0ff4d1dff9aa94008c9c5e224d7200b8e8ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:66:30:c6:f5:67:28:53:96:60:e0:61:fc:f9:
1a:bd:98:c3:a2:98:ad:02:d9:be:13:d1:55:28:58:
55:bd:ca:16:b1:93:f6:e8:f8:c9:e3:21:31:bc:82:
1d:ba:48:aa:b2:ec:44:e7:eb:4a:93:b0:72:d2:08:
68:68:2b:2e:70:c7:c8:5d:f0:75:c9:23:fc:5c:a4:
ff:9a:fa:30:46:ff:71:c0:3e:2f:f2:34:f8:bf:86:
f6:4d:14:da:4e:cb:a1:f5:e6:30:0d:68:a0:ef:8a:
27:92:ac:4a:84:28:57:84:70:10:c1:3b:93:83:d8:
4a:94:bc:c1:75:d5:3d:aa:50:de:01:61:36:5b:b2:
39:62:cd:9c:ee:e3:a9:d8:85:f1:10:88:8a:d4:89:
c7:98:ed:6e:8c:39:0c:3a:7d:dc:bc:cd:7c:7d:19:
5a:f6:57:46:de:cf:3d:08:e1:f5:1e:34:1e:95:b1:
4d:82:fd:f7:1e:32:f5:8a:8b:7f:4d:4d:5d:3b:12:
bc:89:31:df:6a:9a:94:35:a3:65:75:03:ea:6a:da:
45:83:e0:6e:14:c0:c5:94:56:b3:3f:97:98:49:58:
f5:d8:33:5b:2e:bd:f6:98:cc:65:ea:76:42:19:34:
bb:fd:f8:53:6e:f1:78:83:cf:19:43:44:79:9a:de:
31:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B0:FF:4D:1D:FF:9A:A9:40:08:C9:C5:E2:24:D7:20:0B:8E:8E:C8
X509v3 Authority Key Identifier:
keyid:80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/HbD_TR3_mqlACMnF4iTXIAuOjsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.188.0/24
Signature Algorithm: sha256WithRSAEncryption
69:22:d9:bf:31:3d:5e:d3:f3:52:1c:e3:2e:0f:83:a0:83:a7:
0f:11:06:86:c9:b2:27:ed:41:4a:b8:f6:6b:d2:7d:7f:c5:68:
68:67:02:13:55:d7:2d:66:6a:e3:1a:06:42:77:96:aa:88:00:
1c:43:04:f4:f1:ad:e6:23:14:76:29:92:ff:55:b4:82:40:27:
e6:c3:e3:d5:06:52:11:a7:64:d0:48:f4:7e:d2:8f:10:4c:6f:
5f:c5:1d:61:86:11:8a:6f:c8:d7:1a:ef:5e:51:26:c3:4b:a0:
8e:e8:42:49:14:73:ff:0d:4f:73:0b:52:d3:5e:9e:0f:3b:a9:
a1:d6:6b:7e:dd:5b:43:ca:bd:21:b7:79:f1:59:c2:bd:56:b5:
b4:72:27:fd:e1:80:d2:82:a3:62:92:bf:77:86:8b:bd:bb:4e:
da:e1:8b:b3:a0:9d:f9:51:48:95:61:5f:59:f4:42:fe:d5:89:
b1:66:0a:e6:1a:f2:a2:b8:e2:09:10:39:3e:40:03:66:3e:e2:
d5:27:42:fe:8e:31:d0:bc:f4:e9:7b:82:00:d9:52:75:86:fe:
12:67:be:4b:c0:84:4f:58:02:64:44:b9:da:37:33:93:f4:53:
45:da:09:a0:bc:6b:d2:2b:d6:62:32:68:ec:0e:7e:30:6f:4f:
06:d0:b9:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3WMb8q34RDZy1GJnDr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYWQ4YzUyMGJiOTY3NzQ2MWRkYzRlYzA5Yjc2ZDczM2I3
ZDgzNzAwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIwZmY0ZDFkZmY5YWE5NDAwOGM5YzVlMjI0ZDcyMDBiOGU4ZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWYwxvVnKFOWYOBh/PkavZjDopit
Atm+E9FVKFhVvcoWsZP26PjJ4yExvIIdukiqsuxE5+tKk7By0ghoaCsucMfIXfB1
ySP8XKT/mvowRv9xwD4v8jT4v4b2TRTaTsuh9eYwDWig74onkqxKhChXhHAQwTuT
g9hKlLzBddU9qlDeAWE2W7I5Ys2c7uOp2IXxEIiK1InHmO1ujDkMOn3cvM18fRla
9ldG3s89COH1HjQelbFNgv33HjL1iot/TU1dOxK8iTHfapqUNaNldQPqatpFg+Bu
FMDFlFazP5eYSVj12DNbLr32mMxl6nZCGTS7/fhTbvF4g88ZQ0R5mt4xWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2w/00d/5qpQAjJxeIk1yALjo7IMB8GA1UdIwQY
MBaAFICtjFILuWd0Yd3E7Am3bXM7fYNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEt
YzYxNzUxYzZiMTk1LzEvSGJEX1RSM19tcWxBQ01uRjRpVFhJQXVPanNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEtYzYxNzUxYzZiMTk1
LzEvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY68MA0G
CSqGSIb3DQEBCwUAA4IBAQBpItm/MT1e0/NSHOMuD4Ogg6cPEQaGybIn7UFKuPZr
0n1/xWhoZwITVdctZmrjGgZCd5aqiAAcQwT08a3mIxR2KZL/VbSCQCfmw+PVBlIR
p2TQSPR+0o8QTG9fxR1hhhGKb8jXGu9eUSbDS6CO6EJJFHP/DU9zC1LTXp4PO6mh
1mt+3VtDyr0ht3nxWcK9VrW0cif94YDSgqNikr93hou9u07a4YuzoJ35UUiVYV9Z
9EL+1YmxZgrmGvKiuOIJEDk+QANmPuLVJ0L+jjHQvPTpe4IA2VJ1hv4SZ75LwIRP
WAJkRLnaNzOT9FNF2gmgvGvSK9ZiMmjsDn4wb08G0Ln0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:28 2025 by rpki-client on console.sobornost.net