Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f8f9c8-0deb-40de-8946-291e4bd70309/1/hI5edSKk9SDqGgkmF4OcRVaTqCk.roa
File: hI5edSKk9SDqGgkmF4OcRVaTqCk.roa (raw, json)
Hash identifier: l/blfIEQUSaiKWBLl4Zw+Q08icOowG6w3h/+ddEop3w=
Subject key identifier: 84:8E:5E:75:22:A4:F5:20:EA:1A:09:26:17:83:9C:45:56:93:A8:29
Certificate issuer: /CN=1a11a6636f8ce2cef5836c443565c5fe3ae2f208
Certificate serial: 0194228DADF197EC6804A316A0088424337E
Authority key identifier: 1A:11:A6:63:6F:8C:E2:CE:F5:83:6C:44:35:65:C5:FE:3A:E2:F2:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhGmY2-M4s71g2xENWXF_jri8gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f8f9c8-0deb-40de-8946-291e4bd70309/1/hI5edSKk9SDqGgkmF4OcRVaTqCk.roa
Signing time: Wed 01 Jan 2025 15:48:17 +0000
ROA not before: Wed 01 Jan 2025 15:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206671
IP address blocks: 2001:678:91c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ad:f1:97:ec:68:04:a3:16:a0:08:84:24:33:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a11a6636f8ce2cef5836c443565c5fe3ae2f208
Validity
Not Before: Jan 1 15:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=848e5e7522a4f520ea1a092617839c455693a829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0f:15:f3:73:36:69:ef:53:15:fa:52:0c:79:
22:9f:14:7f:11:a8:c4:5a:b4:a6:c3:0c:94:82:ae:
94:69:41:64:47:dc:03:3b:aa:ef:75:7d:2b:26:83:
16:09:b1:b5:75:b5:0d:36:ba:16:b6:e8:1a:86:bc:
7f:f8:9b:84:d5:55:f0:b4:6e:b3:e2:e8:77:b2:39:
fa:c8:22:46:f2:4e:f4:d4:87:49:6c:6d:03:86:34:
d9:6b:5a:12:1e:70:74:b6:bc:af:66:b1:27:f7:3b:
d4:cc:52:54:4d:b1:42:07:d0:e3:1c:f7:5c:97:ea:
d1:31:09:7d:ab:27:69:c2:5d:1e:49:71:59:bd:a1:
ee:89:be:93:8a:a6:67:2b:0a:9d:c8:7d:9a:b8:f1:
00:9b:7d:68:19:a6:2a:e1:36:08:67:52:5c:47:08:
ce:c2:e6:d3:8c:72:86:13:12:47:c3:b8:05:00:72:
c5:44:c3:da:4c:f1:bf:5b:d0:a9:2d:0e:b2:02:67:
1f:03:3e:0e:4f:f2:f8:3c:a5:da:19:a7:eb:04:3d:
5c:92:4b:7b:82:ac:42:37:6c:03:1f:94:1b:43:31:
dc:d2:2a:9a:13:7f:6c:e3:0b:4d:97:58:f1:e0:1a:
4c:db:4f:d7:b7:08:4e:c0:a5:ad:b8:c8:02:fa:98:
e6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8E:5E:75:22:A4:F5:20:EA:1A:09:26:17:83:9C:45:56:93:A8:29
X509v3 Authority Key Identifier:
keyid:1A:11:A6:63:6F:8C:E2:CE:F5:83:6C:44:35:65:C5:FE:3A:E2:F2:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhGmY2-M4s71g2xENWXF_jri8gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f8f9c8-0deb-40de-8946-291e4bd70309/1/hI5edSKk9SDqGgkmF4OcRVaTqCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f8f9c8-0deb-40de-8946-291e4bd70309/1/GhGmY2-M4s71g2xENWXF_jri8gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:91c::/48
Signature Algorithm: sha256WithRSAEncryption
bd:c6:76:a7:b0:47:c0:5c:2a:e3:63:fe:04:1e:9e:81:3f:9d:
1b:9f:23:fa:79:75:02:d8:1b:a7:af:5e:f4:e8:b3:23:ff:61:
ca:61:3b:33:43:87:86:aa:25:a4:fa:72:fd:6b:cf:3e:77:f2:
a5:e5:d0:17:84:0a:51:e6:09:aa:7c:03:b2:5b:12:a6:0e:38:
03:48:10:2f:e5:9c:36:53:b1:fa:4f:88:b2:bf:c8:60:16:dc:
1e:ee:06:58:8b:a6:79:68:0f:52:c6:af:a3:d4:e3:b6:8e:5f:
ad:e9:6b:41:17:da:f7:47:5a:96:f3:63:c6:4f:ce:53:ae:6a:
3e:15:a4:08:53:6a:ad:04:b9:83:82:c3:99:af:3c:b8:2e:48:
29:5e:3e:78:5c:37:2d:d2:9e:71:03:ee:98:2b:b5:4b:52:90:
9e:37:c1:0a:12:a1:e7:18:63:66:40:e3:d2:e9:1e:7e:d8:32:
7f:38:0f:41:2f:90:a9:6a:a0:af:5e:61:f4:5f:d6:59:65:52:
b4:ef:0c:d8:7d:2c:64:6f:c1:b3:36:12:1b:c9:46:32:ca:3f:
2f:94:13:8f:f0:4b:e0:34:3e:7e:38:0a:28:36:5d:d2:23:a6:
bb:76:af:52:c1:1d:78:b1:07:a1:1e:1e:9f:ef:b5:ac:5f:1b:
94:85:93:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQija3xl+xoBKMWoAiEJDN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTFhNjYzNmY4Y2UyY2VmNTgzNmM0NDM1NjVjNWZlM2Fl
MmYyMDgwHhcNMjUwMTAxMTU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDhlNWU3NTIyYTRmNTIwZWExYTA5MjYxNzgzOWM0NTU2OTNhODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyw8V83M2ae9TFfpSDHkinxR/EajE
WrSmwwyUgq6UaUFkR9wDO6rvdX0rJoMWCbG1dbUNNroWtugahrx/+JuE1VXwtG6z
4uh3sjn6yCJG8k701IdJbG0DhjTZa1oSHnB0tryvZrEn9zvUzFJUTbFCB9DjHPdc
l+rRMQl9qydpwl0eSXFZvaHuib6TiqZnKwqdyH2auPEAm31oGaYq4TYIZ1JcRwjO
wubTjHKGExJHw7gFAHLFRMPaTPG/W9CpLQ6yAmcfAz4OT/L4PKXaGafrBD1ckkt7
gqxCN2wDH5QbQzHc0iqaE39s4wtNl1jx4BpM20/XtwhOwKWtuMgC+pjmFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFISOXnUipPUg6hoJJheDnEVWk6gpMB8GA1UdIwQY
MBaAFBoRpmNvjOLO9YNsRDVlxf464vIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hHbVkyLU00czcxZzJ4RU5XWEZfanJpOGdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mOGY5YzgtMGRlYi00MGRlLTg5NDYt
MjkxZTRiZDcwMzA5LzEvaEk1ZWRTS2s5U0RxR2drbUY0T2NSVmFUcUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mOGY5YzgtMGRlYi00MGRlLTg5NDYtMjkxZTRiZDcwMzA5
LzEvR2hHbVkyLU00czcxZzJ4RU5XWEZfanJpOGdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAkc
MA0GCSqGSIb3DQEBCwUAA4IBAQC9xnansEfAXCrjY/4EHp6BP50bnyP6eXUC2Bun
r1706LMj/2HKYTszQ4eGqiWk+nL9a88+d/Kl5dAXhApR5gmqfAOyWxKmDjgDSBAv
5Zw2U7H6T4iyv8hgFtwe7gZYi6Z5aA9Sxq+j1OO2jl+t6WtBF9r3R1qW82PGT85T
rmo+FaQIU2qtBLmDgsOZrzy4LkgpXj54XDct0p5xA+6YK7VLUpCeN8EKEqHnGGNm
QOPS6R5+2DJ/OA9BL5CpaqCvXmH0X9ZZZVK07wzYfSxkb8GzNhIbyUYyyj8vlBOP
8EvgND5+OAooNl3SI6a7dq9SwR14sQehHh6f77WsXxuUhZPH
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:12:45 2025 by rpki-client