Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/HavUegxQlzGYpSFn1oo248lNPYM.roa
File: HavUegxQlzGYpSFn1oo248lNPYM.roa (raw, json)
Hash identifier: 2qMdxxlTiK85dgCWI56GizGoKeX7hGM9EI17W6Ks/YY=
Subject key identifier: 1D:AB:D4:7A:0C:50:97:31:98:A5:21:67:D6:8A:36:E3:C9:4D:3D:83
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 019421B1C8102B4A9C0C5AFF372EA7DF3D40
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/HavUegxQlzGYpSFn1oo248lNPYM.roa
Signing time: Wed 01 Jan 2025 11:48:06 +0000
ROA not before: Wed 01 Jan 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:cb42:8013::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c8:10:2b:4a:9c:0c:5a:ff:37:2e:a7:df:3d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Jan 1 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dabd47a0c50973198a52167d68a36e3c94d3d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:73:98:2b:9c:56:73:eb:e7:14:31:84:c2:b5:
46:d6:aa:03:59:e8:d1:57:9c:49:2a:67:8f:6e:90:
ad:f4:16:6d:1e:1a:72:6e:47:84:fb:ca:6e:15:e2:
42:f7:7f:bb:cb:79:5d:45:9b:93:81:76:dc:e0:35:
d2:88:8b:42:dc:6c:b7:be:27:16:86:a3:db:69:a7:
79:d8:94:72:12:34:61:59:43:2b:90:c5:62:d9:a0:
c5:a5:7d:45:4c:c7:42:0e:1f:78:d7:8c:90:95:1a:
22:96:fc:77:96:16:69:75:29:1c:86:e0:99:c0:4f:
bf:6b:6a:60:8f:d9:cc:1a:68:78:da:12:b7:a9:49:
ba:37:95:2c:e9:d5:54:c6:20:bd:48:de:e2:66:5c:
e1:38:b4:09:2c:54:38:b5:18:91:93:8c:26:8d:e6:
5a:ef:21:fb:ee:3e:e8:a9:ba:18:99:a9:ca:0f:2e:
ec:b4:ce:ae:16:44:6d:6e:11:20:18:cd:01:62:41:
7a:04:7e:41:45:f0:81:87:ac:f3:1d:8d:ea:5f:71:
18:50:77:b9:6f:61:ee:70:45:a0:a8:5c:c2:52:fe:
a5:c2:68:a7:b6:68:41:fd:27:40:9d:83:10:ed:25:
e3:42:c0:cd:f4:83:72:26:4d:ff:e9:c1:37:59:a7:
7c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AB:D4:7A:0C:50:97:31:98:A5:21:67:D6:8A:36:E3:C9:4D:3D:83
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/HavUegxQlzGYpSFn1oo248lNPYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cb42:8013::/48
Signature Algorithm: sha256WithRSAEncryption
6e:21:33:4a:1f:08:ad:60:1a:36:77:19:a6:58:ef:e2:6f:81:
40:77:17:23:90:74:80:dd:24:d9:d1:cb:3f:f0:1b:91:4b:89:
01:8a:24:58:cd:00:8f:79:21:ec:ba:75:68:09:f1:e4:cb:93:
fc:77:26:05:1d:c2:39:63:2b:96:ff:60:63:6b:70:6f:0f:ce:
f9:5a:52:d4:ba:0c:0d:1e:6c:c6:9f:0a:7d:02:e7:49:a6:65:
5d:ce:72:c0:43:87:b7:97:08:99:45:06:e8:3b:6e:a2:0a:7c:
f4:4f:23:92:1d:07:71:d7:25:45:c2:82:9d:63:cc:21:34:d4:
a3:ef:aa:2b:a0:4f:6e:bc:ca:39:24:e3:dc:76:bb:79:2e:aa:
41:88:25:f5:9f:24:74:24:0f:c6:bc:a0:42:e7:96:2f:21:b8:
fb:65:c6:cd:bb:65:79:b6:e5:75:26:55:b5:e1:5b:f9:28:7b:
63:2c:8b:8f:f8:17:27:47:51:65:65:df:75:73:16:52:7c:2e:
c0:19:f5:fa:4b:0d:2a:6c:2f:f7:a0:86:9f:08:cb:9e:43:36:
86:ad:da:95:79:44:ca:4b:f2:4b:a8:52:08:e6:17:07:79:bc:
9f:86:9f:fc:46:7a:49:01:c3:3c:d9:73:dc:34:fb:39:28:e4:
0a:4f:e0:b8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhscgQK0qcDFr/Ny6n3z1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjUwMTAxMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFiZDQ3YTBjNTA5NzMxOThhNTIxNjdkNjhhMzZlM2M5NGQzZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHOYK5xWc+vnFDGEwrVG1qoDWejR
V5xJKmePbpCt9BZtHhpybkeE+8puFeJC93+7y3ldRZuTgXbc4DXSiItC3Gy3vicW
hqPbaad52JRyEjRhWUMrkMVi2aDFpX1FTMdCDh9414yQlRoilvx3lhZpdSkchuCZ
wE+/a2pgj9nMGmh42hK3qUm6N5Us6dVUxiC9SN7iZlzhOLQJLFQ4tRiRk4wmjeZa
7yH77j7oqboYmanKDy7stM6uFkRtbhEgGM0BYkF6BH5BRfCBh6zzHY3qX3EYUHe5
b2HucEWgqFzCUv6lwmintmhB/SdAnYMQ7SXjQsDN9INyJk3/6cE3Wad80wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB2r1HoMUJcxmKUhZ9aKNuPJTT2DMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvSGF2VWVneFFsekdZcFNGbjFvbzI0OGxOUFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPLQoAT
MA0GCSqGSIb3DQEBCwUAA4IBAQBuITNKHwitYBo2dxmmWO/ib4FAdxcjkHSA3STZ
0cs/8BuRS4kBiiRYzQCPeSHsunVoCfHky5P8dyYFHcI5YyuW/2Bja3BvD875WlLU
ugwNHmzGnwp9AudJpmVdznLAQ4e3lwiZRQboO26iCnz0TyOSHQdx1yVFwoKdY8wh
NNSj76oroE9uvMo5JOPcdrt5LqpBiCX1nyR0JA/GvKBC55YvIbj7ZcbNu2V5tuV1
JlW14Vv5KHtjLIuP+BcnR1FlZd91cxZSfC7AGfX6Sw0qbC/3oIafCMueQzaGrdqV
eUTKS/JLqFII5hcHebyfhp/8RnpJAcM82XPcNPs5KOQKT+C4
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:01:32 2025 by rpki-client