Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/lHOT3YU_9vjKOSliZQ6pQChkT-g.roa
File: lHOT3YU_9vjKOSliZQ6pQChkT-g.roa (raw, json)
Hash identifier: fbKlL5tCwAQLvmmUtOHcWxhT3UbXzvOEjpyh3jzzGYk=
Subject key identifier: 94:73:93:DD:85:3F:F6:F8:CA:39:29:62:65:0E:A9:40:28:64:4F:E8
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 0194519D01135870A6E4929F3E72184246F8
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/lHOT3YU_9vjKOSliZQ6pQChkT-g.roa
Signing time: Fri 10 Jan 2025 19:07:11 +0000
ROA not before: Fri 10 Jan 2025 19:07:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0f:9c01::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:51:9d:01:13:58:70:a6:e4:92:9f:3e:72:18:42:46:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Jan 10 19:07:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=947393dd853ff6f8ca392962650ea94028644fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:31:00:d4:3b:3d:74:23:f4:fd:cc:e1:0a:
47:16:cc:f2:e3:6d:be:99:0b:88:ec:50:3e:5f:f4:
45:62:f5:3c:cb:a3:72:fa:1a:e5:a1:ab:67:af:c5:
e9:dc:35:f8:47:b4:bd:04:34:5b:a0:2a:fe:25:a0:
6b:a2:50:62:fc:c1:0d:a8:3b:3a:90:50:32:f9:a6:
55:82:71:66:11:04:2e:19:06:e5:1c:43:fd:66:17:
ee:c7:0f:78:c5:99:88:1b:2b:04:df:c8:be:d5:f6:
f1:df:48:65:a0:a9:bc:c0:0b:25:50:a8:6a:40:14:
64:ce:d4:f1:2c:ab:cb:bd:2e:0d:1b:39:8b:ef:55:
17:0e:09:df:ea:9a:b1:c7:f4:90:be:11:17:40:17:
6f:41:cd:38:71:92:62:c7:ea:ae:3f:86:5b:f4:99:
d6:21:8e:9b:59:cf:a2:57:0e:0a:4d:7b:fd:e7:9a:
d3:f2:7e:3a:78:c9:e7:28:c1:f0:6b:cd:f1:83:9f:
30:40:63:6d:3c:28:03:da:e7:1c:ac:4e:1f:7b:46:
65:75:21:a1:c4:1f:dc:d6:92:88:7e:b1:65:1b:09:
95:bb:2e:1c:eb:bb:f6:b3:6a:d8:fd:d1:ed:bc:d0:
5e:e8:9c:ea:9d:0c:5b:97:a0:88:ae:4b:ad:94:46:
eb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:73:93:DD:85:3F:F6:F8:CA:39:29:62:65:0E:A9:40:28:64:4F:E8
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/lHOT3YU_9vjKOSliZQ6pQChkT-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9c01::/32
Signature Algorithm: sha256WithRSAEncryption
62:58:bb:1b:a5:37:ca:d7:81:4b:8c:87:49:a8:a6:45:bd:1d:
31:35:23:62:88:57:82:97:3f:a6:48:00:88:9e:f1:ab:6e:ee:
57:7d:3e:3d:d7:f1:72:62:4d:d3:2c:5a:86:d2:5a:00:2d:c7:
21:f8:7f:6b:90:3d:c7:ab:98:2c:35:b5:65:65:13:ed:1b:2c:
50:4f:bd:bf:c8:70:0c:39:ea:a2:dc:c0:8b:64:1b:34:2c:b8:
b4:10:06:30:39:d1:bd:91:e4:56:b5:09:11:46:fc:4d:38:dd:
de:99:35:de:4b:f7:59:55:92:31:5d:f0:a1:79:91:2e:06:14:
bd:55:23:40:75:93:7d:b7:c9:32:0a:92:47:fb:50:95:2f:64:
fd:4f:02:c2:43:23:e2:e3:1f:0e:5b:6c:71:f8:9b:9d:d1:6e:
26:81:80:34:af:e4:53:e9:77:c8:1b:68:89:c7:a0:bf:bd:7d:
e4:5d:0f:0d:ac:74:03:84:b0:f0:27:ae:a8:97:50:52:79:87:
5b:0d:68:48:26:00:74:36:2c:be:c0:e2:c1:b5:94:e1:89:5d:
7c:fa:ac:5d:4f:81:48:37:75:b1:1b:2a:e1:ee:99:f7:7d:79:
be:21:bc:1b:ab:78:2a:9e:52:c7:10:24:af:80:71:af:0a:41:
ab:44:3f:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRRnQETWHCm5JKfPnIYQkb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwMTEwMTkwNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDczOTNkZDg1M2ZmNmY4Y2EzOTI5NjI2NTBlYTk0MDI4NjQ0ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2cxANQ7PXQj9P3M4QpHFszy422+
mQuI7FA+X/RFYvU8y6Ny+hrloatnr8Xp3DX4R7S9BDRboCr+JaBrolBi/MENqDs6
kFAy+aZVgnFmEQQuGQblHEP9Zhfuxw94xZmIGysE38i+1fbx30hloKm8wAslUKhq
QBRkztTxLKvLvS4NGzmL71UXDgnf6pqxx/SQvhEXQBdvQc04cZJix+quP4Zb9JnW
IY6bWc+iVw4KTXv955rT8n46eMnnKMHwa83xg58wQGNtPCgD2uccrE4fe0ZldSGh
xB/c1pKIfrFlGwmVuy4c67v2s2rY/dHtvNBe6JzqnQxbl6CIrkutlEbrtwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJRzk92FP/b4yjkpYmUOqUAoZE/oMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvbEhPVDNZVV85dmpLT1NsaVpRNnBRQ2hrVC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+cATAN
BgkqhkiG9w0BAQsFAAOCAQEAYli7G6U3yteBS4yHSaimRb0dMTUjYohXgpc/pkgA
iJ7xq27uV30+PdfxcmJN0yxahtJaAC3HIfh/a5A9x6uYLDW1ZWUT7RssUE+9v8hw
DDnqotzAi2QbNCy4tBAGMDnRvZHkVrUJEUb8TTjd3pk13kv3WVWSMV3woXmRLgYU
vVUjQHWTfbfJMgqSR/tQlS9k/U8CwkMj4uMfDltscfibndFuJoGANK/kU+l3yBto
icegv7195F0PDax0A4Sw8CeuqJdQUnmHWw1oSCYAdDYsvsDiwbWU4YldfPqsXU+B
SDd1sRsq4e6Z9315viG8G6t4Kp5SxxAkr4BxrwpBq0Q/hg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:59:08 2025 by rpki-client