Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/HRJaIehlqdUQOZwaPo6dI6mb5MQ.roa
File: HRJaIehlqdUQOZwaPo6dI6mb5MQ.roa (raw, json)
Hash identifier: NAZLCo/vu2u7I92Xt0rJZZjC+drQdPYyxSFtuqS2OpE=
Subject key identifier: 1D:12:5A:21:E8:65:A9:D5:10:39:9C:1A:3E:8E:9D:23:A9:9B:E4:C4
Certificate issuer: /CN=96448e840d272a3e3159192d1df11f100e506f6a
Certificate serial: 019420D619E0190002EE279EE7646AC05587
Authority key identifier: 96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/HRJaIehlqdUQOZwaPo6dI6mb5MQ.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216021
IP address blocks: 2001:67c:634::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:19:e0:19:00:02:ee:27:9e:e7:64:6a:c0:55:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96448e840d272a3e3159192d1df11f100e506f6a
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d125a21e865a9d510399c1a3e8e9d23a99be4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:78:04:c8:b7:20:31:1e:8a:d3:e0:4d:73:
6c:ef:27:f9:7a:12:77:4c:2a:c9:28:9f:f3:b8:d4:
f0:cc:88:bb:00:4e:65:70:29:85:d7:71:d6:1d:86:
25:d7:ea:74:cb:41:0f:89:77:48:69:8a:3c:61:39:
d8:ea:08:dd:15:d3:f6:5f:a8:28:22:44:53:8f:81:
08:94:b4:ef:ac:18:13:c1:29:cb:1a:9e:91:e5:34:
e8:0b:a6:35:1c:96:37:35:db:9c:b4:26:0a:be:d0:
7e:8f:64:a4:60:6b:cc:e5:02:13:cc:dd:61:47:41:
4e:36:66:bb:0d:e0:e6:22:54:29:f9:61:d6:97:0b:
da:7d:26:63:f7:5c:e8:d2:5a:1b:70:54:93:ab:9b:
fc:24:4a:d0:70:40:55:95:aa:67:7d:a9:bb:aa:c8:
d4:6c:04:0b:b5:56:68:56:32:8f:a4:d8:cd:ba:e1:
18:83:7b:9b:79:87:fb:e5:a0:fc:f1:a3:3c:ce:90:
c6:c5:65:f9:47:ef:07:84:20:e0:ff:6a:9f:67:95:
c6:9b:07:08:3b:c2:56:01:77:88:f1:9b:52:f0:05:
ff:8f:71:85:e4:53:14:8a:06:dd:c3:33:24:9f:70:
38:14:d0:05:c9:c2:f0:b1:89:38:88:0b:d5:00:46:
61:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:12:5A:21:E8:65:A9:D5:10:39:9C:1A:3E:8E:9D:23:A9:9B:E4:C4
X509v3 Authority Key Identifier:
keyid:96:44:8E:84:0D:27:2A:3E:31:59:19:2D:1D:F1:1F:10:0E:50:6F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lkSOhA0nKj4xWRktHfEfEA5Qb2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/HRJaIehlqdUQOZwaPo6dI6mb5MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/4ee734-efe8-41a1-80df-16afba987b06/1/lkSOhA0nKj4xWRktHfEfEA5Qb2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:634::/48
Signature Algorithm: sha256WithRSAEncryption
89:6b:14:68:a0:95:1b:61:b2:b9:72:e0:2e:e1:97:03:9b:be:
64:06:47:27:33:34:24:32:c6:f4:fc:88:f8:9c:88:f5:6a:d6:
14:0a:aa:36:97:9a:7e:1f:d1:33:20:c0:42:db:71:8f:56:93:
8d:c9:68:4f:4c:19:ee:c5:ad:04:5a:d4:07:26:0a:70:a0:20:
63:4d:c0:c3:47:20:ac:5f:32:3b:84:df:59:c0:80:b7:8b:ba:
4e:87:de:f0:50:cf:1d:97:13:81:6e:5e:a4:98:8d:e6:48:08:
3e:e7:25:22:93:74:cd:8e:25:97:00:9c:ad:cb:1e:13:b2:83:
33:42:0c:37:02:3c:ce:0b:d3:df:b7:0c:9e:8f:b4:87:16:b8:
0a:fe:a4:a6:62:b0:dc:a9:9d:2e:11:45:14:2e:70:fa:6a:91:
f2:72:1a:5d:5c:23:27:81:2a:c4:03:47:59:40:0a:1c:1a:34:
f0:e2:f0:2a:85:0d:a8:82:7e:c4:7b:c1:35:31:17:3a:5d:49:
63:f8:f2:55:38:5b:1c:72:a5:99:8e:f7:1d:dd:c6:97:c2:44:
ec:06:12:17:bd:07:4d:04:8e:da:74:47:41:c1:47:68:85:e1:
f5:33:32:41:b1:cd:e3:70:74:ef:23:ff:f5:52:f7:71:75:f2:
35:e0:71:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1hngGQAC7iee52RqwFWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NDQ4ZTg0MGQyNzJhM2UzMTU5MTkyZDFkZjExZjEwMGU1
MDZmNmEwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDEyNWEyMWU4NjVhOWQ1MTAzOTljMWEzZThlOWQyM2E5OWJlNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki14BMi3IDEeitPgTXNs7yf5ehJ3
TCrJKJ/zuNTwzIi7AE5lcCmF13HWHYYl1+p0y0EPiXdIaYo8YTnY6gjdFdP2X6go
IkRTj4EIlLTvrBgTwSnLGp6R5TToC6Y1HJY3NductCYKvtB+j2SkYGvM5QITzN1h
R0FONma7DeDmIlQp+WHWlwvafSZj91zo0lobcFSTq5v8JErQcEBVlapnfam7qsjU
bAQLtVZoVjKPpNjNuuEYg3ubeYf75aD88aM8zpDGxWX5R+8HhCDg/2qfZ5XGmwcI
O8JWAXeI8ZtS8AX/j3GF5FMUigbdwzMkn3A4FNAFycLwsYk4iAvVAEZh4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB0SWiHoZanVEDmcGj6OnSOpm+TEMB8GA1UdIwQY
MBaAFJZEjoQNJyo+MVkZLR3xHxAOUG9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYt
MTZhZmJhOTg3YjA2LzEvSFJKYUllaGxxZFVRT1p3YVBvNmRJNm1iNU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy80ZWU3MzQtZWZlOC00MWExLTgwZGYtMTZhZmJhOTg3YjA2
LzEvbGtTT2hBMG5LajR4V1JrdEhmRWZFQTVRYjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAY0
MA0GCSqGSIb3DQEBCwUAA4IBAQCJaxRooJUbYbK5cuAu4ZcDm75kBkcnMzQkMsb0
/Ij4nIj1atYUCqo2l5p+H9EzIMBC23GPVpONyWhPTBnuxa0EWtQHJgpwoCBjTcDD
RyCsXzI7hN9ZwIC3i7pOh97wUM8dlxOBbl6kmI3mSAg+5yUik3TNjiWXAJytyx4T
soMzQgw3AjzOC9Pftwyej7SHFrgK/qSmYrDcqZ0uEUUULnD6apHychpdXCMngSrE
A0dZQAocGjTw4vAqhQ2ogn7Ee8E1MRc6XUlj+PJVOFsccqWZjvcd3caXwkTsBhIX
vQdNBI7adEdBwUdoheH1MzJBsc3jcHTvI//1UvdxdfI14HHH
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:16:00 2025 by rpki-client