Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/HXkMZsrBmT3pdly4pNHClnxxiAs.roa
File: HXkMZsrBmT3pdly4pNHClnxxiAs.roa (raw, json)
Hash identifier: uINrlSFHfmPOAUFp+GFnrxpC6bCJm76Z7RhHxB80xWI=
Subject key identifier: 1D:79:0C:66:CA:C1:99:3D:E9:76:5C:B8:A4:D1:C2:96:7C:71:88:0B
Certificate issuer: /CN=e465acc90809efb45ccda250a1057618494b86eb
Certificate serial: 019426D9CF7B22A5E858D5CED21A8B927864
Authority key identifier: E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/HXkMZsrBmT3pdly4pNHClnxxiAs.roa
Signing time: Thu 02 Jan 2025 11:49:56 +0000
ROA not before: Thu 02 Jan 2025 11:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5408
IP address blocks: 2a07:8504:1a0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:cf:7b:22:a5:e8:58:d5:ce:d2:1a:8b:92:78:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e465acc90809efb45ccda250a1057618494b86eb
Validity
Not Before: Jan 2 11:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d790c66cac1993de9765cb8a4d1c2967c71880b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:18:5c:95:f0:da:cc:1e:c6:27:0c:8d:a0:b2:
a3:a3:ba:ca:4c:9f:e9:70:dd:19:ba:d4:25:56:6d:
43:39:63:08:ca:f5:82:a2:4f:23:ac:d9:af:f0:4a:
b1:5b:8f:19:12:fb:85:8c:76:a4:bf:b0:be:87:2b:
28:14:67:98:dc:e5:86:74:f4:36:68:ba:6d:da:01:
cb:78:82:f2:73:90:c0:27:47:73:89:38:4f:35:d7:
48:e0:8c:b1:2c:ef:23:91:b0:35:fb:9d:f8:c2:fb:
47:be:1e:c8:43:79:cf:59:51:9d:56:f8:de:9c:13:
01:86:47:4d:4e:02:0c:1a:eb:a7:5c:35:eb:41:a7:
4d:5f:be:16:53:9a:49:c8:6d:0e:b2:5c:0d:b6:63:
1d:73:5c:00:71:14:95:be:78:a3:18:f9:61:b2:09:
0b:87:cc:b4:e5:af:ba:82:41:62:cb:2c:77:1e:54:
e9:35:d1:6c:c0:aa:ab:b6:66:c6:23:eb:9e:14:5c:
d0:1b:56:5b:fa:6e:47:14:93:ad:bf:f2:98:c0:df:
a0:18:69:20:79:72:2c:42:03:09:1f:e5:1a:19:0c:
a4:bf:7d:cb:ed:72:32:c5:76:76:2c:d1:d6:25:83:
c3:39:79:fb:68:d2:18:ed:6c:94:70:02:78:08:1d:
5c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:79:0C:66:CA:C1:99:3D:E9:76:5C:B8:A4:D1:C2:96:7C:71:88:0B
X509v3 Authority Key Identifier:
keyid:E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/HXkMZsrBmT3pdly4pNHClnxxiAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5GWsyQgJ77RczaJQoQV2GElLhus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:8504:1a0::/48
Signature Algorithm: sha256WithRSAEncryption
ba:44:81:e9:7d:b5:6e:fa:88:c4:87:63:c1:f3:0b:51:4f:80:
0e:d1:2f:0a:9f:b8:8b:84:8c:d5:a8:70:6e:c7:1f:14:53:87:
27:0c:45:93:51:d8:9b:e6:c0:23:1a:b1:9f:7d:0f:2c:38:2c:
6d:2c:13:6a:d0:7c:2c:84:11:36:ac:49:52:13:57:2a:f4:8d:
7f:3d:b5:37:a5:a9:40:21:4d:9d:28:e5:2f:16:e8:d8:c7:5a:
a4:8d:fb:c7:7a:e5:17:63:34:5e:c4:fa:2b:24:ff:0d:3e:d9:
bb:db:f2:dc:ab:06:f3:9b:d4:b9:16:38:0b:6f:84:62:51:4c:
af:21:4b:c8:7d:8d:61:fb:a3:d1:df:21:b7:55:77:d7:e4:38:
75:25:2a:97:c1:cc:16:34:12:92:0c:77:c6:bc:41:fb:e3:ab:
cf:b0:82:b6:6f:e7:ae:65:95:db:38:ec:e4:d7:77:a8:9d:9c:
94:1f:07:30:25:a2:00:2f:cf:07:40:b4:20:df:c5:1d:0f:42:
e8:d9:c9:f0:7d:62:ed:c9:18:75:d5:1a:f8:fe:7c:04:d9:12:
18:ff:d6:95:29:32:28:30:4b:37:a0:68:4b:17:49:05:5e:5f:
c1:22:23:98:94:98:40:30:a6:99:16:5d:ae:b5:ea:37:71:f3:
2a:90:6a:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2c97IqXoWNXO0hqLknhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NjVhY2M5MDgwOWVmYjQ1Y2NkYTI1MGExMDU3NjE4NDk0
Yjg2ZWIwHhcNMjUwMTAyMTE0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc5MGM2NmNhYzE5OTNkZTk3NjVjYjhhNGQxYzI5NjdjNzE4ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRhclfDazB7GJwyNoLKjo7rKTJ/p
cN0ZutQlVm1DOWMIyvWCok8jrNmv8EqxW48ZEvuFjHakv7C+hysoFGeY3OWGdPQ2
aLpt2gHLeILyc5DAJ0dziThPNddI4IyxLO8jkbA1+534wvtHvh7IQ3nPWVGdVvje
nBMBhkdNTgIMGuunXDXrQadNX74WU5pJyG0OslwNtmMdc1wAcRSVvnijGPlhsgkL
h8y05a+6gkFiyyx3HlTpNdFswKqrtmbGI+ueFFzQG1Zb+m5HFJOtv/KYwN+gGGkg
eXIsQgMJH+UaGQykv33L7XIyxXZ2LNHWJYPDOXn7aNIY7WyUcAJ4CB1cDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB15DGbKwZk96XZcuKTRwpZ8cYgLMB8GA1UdIwQY
MBaAFORlrMkICe+0XM2iUKEFdhhJS4brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYt
YzBiM2IwZjU0YmViLzEvSFhrTVpzckJtVDNwZGx5NHBOSENsbnh4aUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYtYzBiM2IwZjU0YmVi
LzEvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgeFBAGg
MA0GCSqGSIb3DQEBCwUAA4IBAQC6RIHpfbVu+ojEh2PB8wtRT4AO0S8Kn7iLhIzV
qHBuxx8UU4cnDEWTUdib5sAjGrGffQ8sOCxtLBNq0HwshBE2rElSE1cq9I1/PbU3
palAIU2dKOUvFujYx1qkjfvHeuUXYzRexPorJP8NPtm72/Lcqwbzm9S5FjgLb4Ri
UUyvIUvIfY1h+6PR3yG3VXfX5Dh1JSqXwcwWNBKSDHfGvEH746vPsIK2b+euZZXb
OOzk13eonZyUHwcwJaIAL88HQLQg38UdD0Lo2cnwfWLtyRh11Rr4/nwE2RIY/9aV
KTIoMEs3oGhLF0kFXl/BIiOYlJhAMKaZFl2uteo3cfMqkGq5
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:28:20 2025 by rpki-client