Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/HzmVnaiCNqBjYZEtvBGgusn0eMo.roa
File: HzmVnaiCNqBjYZEtvBGgusn0eMo.roa (raw, json)
Hash identifier: NSeYHYzjApJ3lOKIioksmvbG5UWZ24kLuBNOUe36ev4=
Subject key identifier: 1F:39:95:9D:A8:82:36:A0:63:61:91:2D:BC:11:A0:BA:C9:F4:78:CA
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258EF30F483D8D3C85A4EAE8A3A56653
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/HzmVnaiCNqBjYZEtvBGgusn0eMo.roa
Signing time: Thu 02 Jan 2025 05:48:32 +0000
ROA not before: Thu 02 Jan 2025 05:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216426
IP address blocks: 2a0e:aa07:e100::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f3:0f:48:3d:8d:3c:85:a4:ea:e8:a3:a5:66:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f39959da88236a06361912dbc11a0bac9f478ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:13:9b:26:76:dc:78:98:82:0c:00:11:ea:a6:
8f:ca:a5:35:32:b1:0d:62:1f:b1:cd:0f:c8:ef:26:
7a:92:60:85:ff:1a:bb:f8:3b:8e:b0:0d:4f:ca:7e:
df:4c:8c:c5:5b:aa:f7:e2:6c:b7:99:9a:1b:cc:1b:
87:8a:9d:9f:52:b2:1a:a8:6e:8e:96:f3:16:fc:90:
3c:65:63:16:d5:dd:21:c6:4f:40:03:5c:e9:e9:c1:
2c:fb:12:0e:6a:d1:ee:d8:8a:c0:c0:e0:66:2f:65:
5c:a8:62:6e:36:b4:58:59:a9:5f:8b:2c:d2:e8:1d:
1f:c9:8e:b5:64:c7:67:1f:96:68:16:60:31:56:5e:
25:ee:81:cb:d6:a9:20:b1:a7:6b:a1:8e:e6:50:6a:
0e:46:1f:e0:1e:56:98:f9:66:21:fd:1e:24:ae:b3:
9c:6e:b9:f7:12:3f:18:d6:60:65:09:e4:60:f4:16:
99:4c:85:b4:d9:4d:11:59:be:0e:d6:0e:89:3c:dc:
52:ce:15:7d:bf:4e:d6:4d:af:ea:14:58:34:f3:cb:
55:1b:0b:09:cf:dd:23:0d:b9:25:cc:d8:7c:f4:63:
11:08:b0:88:56:15:6a:c9:cd:64:7b:dc:84:5c:ee:
8e:56:1e:60:dd:e6:fe:23:00:64:71:f8:26:5e:54:
84:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:39:95:9D:A8:82:36:A0:63:61:91:2D:BC:11:A0:BA:C9:F4:78:CA
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/HzmVnaiCNqBjYZEtvBGgusn0eMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e100::/44
Signature Algorithm: sha256WithRSAEncryption
30:2e:f0:2b:85:e4:3c:77:b8:ec:23:51:83:0d:a2:0e:ab:19:
33:85:a3:ce:b7:77:74:2e:dd:e2:d6:bd:e6:e8:81:6a:04:92:
47:1b:67:2e:e6:02:cf:91:f2:12:a6:1d:8e:99:e8:20:04:90:
4c:61:98:82:e2:50:81:49:8f:f7:14:35:cf:45:db:7a:ea:75:
e2:53:dd:60:e9:cf:c1:f3:53:d1:2e:01:01:86:ba:0f:25:10:
41:2a:bd:27:55:02:51:9a:0e:ef:1e:f3:18:15:55:c9:38:57:
b4:db:69:46:09:c0:16:e3:28:c8:cf:01:47:e9:0d:30:e5:47:
1b:6d:a2:c2:bf:ff:d3:d9:79:79:f0:37:0d:ad:46:65:b2:35:
cd:2b:fa:a4:0b:79:ce:e7:95:cc:63:ed:19:13:fa:62:2b:05:
fb:ed:a6:00:3c:d0:db:47:11:2a:1e:6b:a9:c7:6c:5b:f0:c4:
df:29:b2:e8:0c:b1:20:e8:11:c5:ad:6d:67:bb:cc:65:16:50:
f5:6f:d9:f9:42:f2:e3:c3:4a:c7:f2:6b:83:8c:51:e0:32:ee:
02:26:be:d5:d4:2e:cb:46:7d:07:cf:cd:e1:b4:31:b0:f2:37:
b4:2b:25:82:4d:a8:87:77:5b:c6:9f:e1:a2:f0:d7:4d:b0:51:
90:9c:cd:e9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljvMPSD2NPIWk6uijpWZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjM5OTU5ZGE4ODIzNmEwNjM2MTkxMmRiYzExYTBiYWM5ZjQ3OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBObJnbceJiCDAAR6qaPyqU1MrEN
Yh+xzQ/I7yZ6kmCF/xq7+DuOsA1Pyn7fTIzFW6r34my3mZobzBuHip2fUrIaqG6O
lvMW/JA8ZWMW1d0hxk9AA1zp6cEs+xIOatHu2IrAwOBmL2VcqGJuNrRYWalfiyzS
6B0fyY61ZMdnH5ZoFmAxVl4l7oHL1qkgsadroY7mUGoORh/gHlaY+WYh/R4krrOc
brn3Ej8Y1mBlCeRg9BaZTIW02U0RWb4O1g6JPNxSzhV9v07WTa/qFFg088tVGwsJ
z90jDbklzNh89GMRCLCIVhVqyc1ke9yEXO6OVh5g3eb+IwBkcfgmXlSE+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB85lZ2ogjagY2GRLbwRoLrJ9HjKMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvSHptVm5haUNOcUJqWVpFdHZCR2d1c24wZU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+EA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwLvArheQ8d7jsI1GDDaIOqxkzhaPOt3d0Lt3i
1r3m6IFqBJJHG2cu5gLPkfISph2OmeggBJBMYZiC4lCBSY/3FDXPRdt66nXiU91g
6c/B81PRLgEBhroPJRBBKr0nVQJRmg7vHvMYFVXJOFe022lGCcAW4yjIzwFH6Q0w
5UcbbaLCv//T2Xl58DcNrUZlsjXNK/qkC3nO55XMY+0ZE/piKwX77aYAPNDbRxEq
Hmupx2xb8MTfKbLoDLEg6BHFrW1nu8xlFlD1b9n5QvLjw0rH8muDjFHgMu4CJr7V
1C7LRn0Hz83htDGw8je0KyWCTaiHd1vGn+Gi8NdNsFGQnM3p
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:17:50 2025 by rpki-client