Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/HJqh9LPhNU96BEOoiCFDiOzAQPY.roa
File: HJqh9LPhNU96BEOoiCFDiOzAQPY.roa (raw, json)
Hash identifier: Kn8EOpw3bBi0iQXW8fO4Sjg58AKy7QrqKxqXj68ts98=
Subject key identifier: 1C:9A:A1:F4:B3:E1:35:4F:7A:04:43:A8:88:21:43:88:EC:C0:40:F6
Certificate issuer: /CN=66dfc89c07ae1331bfb37138568ea79a87fecf3b
Certificate serial: 01941FFA811D3460A072100DC181E7BFD4F4
Authority key identifier: 66:DF:C8:9C:07:AE:13:31:BF:B3:71:38:56:8E:A7:9A:87:FE:CF:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt_InAeuEzG_s3E4Vo6nmof-zzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/HJqh9LPhNU96BEOoiCFDiOzAQPY.roa
Signing time: Wed 01 Jan 2025 03:48:18 +0000
ROA not before: Wed 01 Jan 2025 03:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48662
IP address blocks: 2a0a:4a00::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:81:1d:34:60:a0:72:10:0d:c1:81:e7:bf:d4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66dfc89c07ae1331bfb37138568ea79a87fecf3b
Validity
Not Before: Jan 1 03:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c9aa1f4b3e1354f7a0443a888214388ecc040f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d6:a5:12:e5:ca:73:e1:e4:26:75:34:95:87:
c1:0d:56:a0:be:b8:2d:07:82:1b:00:f6:76:7c:65:
1f:9c:86:02:be:d3:17:9d:c9:10:42:7c:e9:f0:0c:
95:53:e8:fb:ff:e7:cd:39:6b:3f:16:bf:62:eb:6c:
11:9c:a3:54:dc:0c:6d:20:8c:37:62:29:f8:fa:3f:
33:d5:de:3c:f3:73:03:f5:cb:02:98:d5:eb:1d:86:
4d:95:1c:11:e5:ec:0e:bf:01:4c:2b:b3:c7:f4:bc:
c6:41:b4:e9:de:a0:b8:4c:d0:f0:54:0c:ae:92:b2:
9a:4b:9d:9a:cf:a0:24:79:c8:aa:ff:20:94:94:ab:
d4:8b:60:87:18:cd:a5:4b:46:a6:5c:6c:5f:40:20:
b0:fe:2c:0d:22:29:b1:7a:22:6b:82:ca:c8:0f:c5:
f3:9b:f9:19:4a:30:a3:59:a5:d1:13:0b:28:89:9e:
63:f7:ef:04:39:0e:c9:6d:59:d7:11:24:34:4b:cd:
88:2e:ba:0d:fc:48:84:a9:f2:38:03:d2:a2:0a:74:
7c:db:60:3c:4e:7e:5c:52:30:3f:24:e0:9a:1a:63:
85:49:1d:80:c6:49:b9:10:7f:bf:fd:fe:34:19:8d:
5b:4a:ec:f5:1c:66:eb:0b:df:95:79:9a:ac:cb:5f:
e5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9A:A1:F4:B3:E1:35:4F:7A:04:43:A8:88:21:43:88:EC:C0:40:F6
X509v3 Authority Key Identifier:
keyid:66:DF:C8:9C:07:AE:13:31:BF:B3:71:38:56:8E:A7:9A:87:FE:CF:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt_InAeuEzG_s3E4Vo6nmof-zzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/HJqh9LPhNU96BEOoiCFDiOzAQPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/035de6-ea5f-40a6-a673-19c9298ff5d5/1/Zt_InAeuEzG_s3E4Vo6nmof-zzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:0f:d1:55:cf:6a:1b:79:0f:63:f5:87:e9:eb:a2:d3:b1:54:
a5:a2:03:09:29:4e:3a:59:68:a4:64:f7:a6:e3:27:1b:8d:ab:
02:29:ea:4d:b9:e1:81:31:d1:be:e3:64:67:90:d9:14:44:77:
85:16:a4:a3:3b:95:88:26:55:4c:89:7a:56:88:7d:8a:5a:05:
6a:0f:85:70:0d:67:13:52:dd:29:5f:bb:ba:9b:7c:4f:17:e3:
98:84:59:09:7f:ac:05:cc:2a:8c:83:22:e6:c8:4f:4b:8d:97:
7b:0f:ee:e0:b5:44:fb:8c:d5:9e:1d:90:29:97:b6:9c:ff:4b:
7c:8b:0a:c1:5f:4b:2a:69:32:b1:fb:40:ca:2d:ca:35:d2:2d:
bb:ef:43:35:f4:25:44:32:0f:2a:7d:3f:eb:35:8b:6f:35:45:
4d:26:3e:da:fe:82:d9:79:d0:3c:c6:b1:e2:9b:a2:f2:1f:e0:
ac:e9:87:9e:03:0a:76:59:81:62:70:e1:71:85:04:c4:c1:c3:
c9:0c:4e:6a:e3:fb:e9:2a:b6:f0:63:23:7e:f0:5c:48:c5:22:
a2:fe:2f:00:a1:c6:6c:47:05:48:84:e3:a3:8a:d2:1e:70:79:
d8:74:b3:eb:ee:52:8a:88:43:04:86:ba:5e:26:7b:10:de:76:
36:78:67:60
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQf+oEdNGCgchANwYHnv9T0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGZjODljMDdhZTEzMzFiZmIzNzEzODU2OGVhNzlhODdm
ZWNmM2IwHhcNMjUwMTAxMDM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzlhYTFmNGIzZTEzNTRmN2EwNDQzYTg4ODIxNDM4OGVjYzA0MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtalEuXKc+HkJnU0lYfBDVagvrgt
B4IbAPZ2fGUfnIYCvtMXnckQQnzp8AyVU+j7/+fNOWs/Fr9i62wRnKNU3AxtIIw3
Yin4+j8z1d4883MD9csCmNXrHYZNlRwR5ewOvwFMK7PH9LzGQbTp3qC4TNDwVAyu
krKaS52az6Akeciq/yCUlKvUi2CHGM2lS0amXGxfQCCw/iwNIimxeiJrgsrID8Xz
m/kZSjCjWaXREwsoiZ5j9+8EOQ7JbVnXESQ0S82ILroN/EiEqfI4A9KiCnR822A8
Tn5cUjA/JOCaGmOFSR2Axkm5EH+//f40GY1bSuz1HGbrC9+VeZqsy1/lyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFByaofSz4TVPegRDqIghQ4jswED2MB8GA1UdIwQY
MBaAFGbfyJwHrhMxv7NxOFaOp5qH/s87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRfSW5BZXVFekdfczNFNFZvNm5tb2YtenpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMzVkZTYtZWE1Zi00MGE2LWE2NzMt
MTljOTI5OGZmNWQ1LzEvSEpxaDlMUGhOVTk2QkVPb2lDRkRpT3pBUVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMzVkZTYtZWE1Zi00MGE2LWE2NzMtMTljOTI5OGZmNWQ1
LzEvWnRfSW5BZXVFekdfczNFNFZvNm5tb2YtenpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgpKADAN
BgkqhkiG9w0BAQsFAAOCAQEAiw/RVc9qG3kPY/WH6eui07FUpaIDCSlOOllopGT3
puMnG42rAinqTbnhgTHRvuNkZ5DZFER3hRakozuViCZVTIl6Voh9iloFag+FcA1n
E1LdKV+7upt8TxfjmIRZCX+sBcwqjIMi5shPS42Xew/u4LVE+4zVnh2QKZe2nP9L
fIsKwV9LKmkysftAyi3KNdItu+9DNfQlRDIPKn0/6zWLbzVFTSY+2v6C2XnQPMax
4pui8h/grOmHngMKdlmBYnDhcYUExMHDyQxOauP76Sq28GMjfvBcSMUiov4vAKHG
bEcFSITjo4rSHnB52HSz6+5SiohDBIa6XiZ7EN52NnhnYA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:56:10 2025 by rpki-client