Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/vHIS8F7FUaWPmnzSYNqdRvJ0hNg.roa
File: vHIS8F7FUaWPmnzSYNqdRvJ0hNg.roa (raw, json)
Hash identifier: EFIi4OsRT416XILlMOg5YcH/AGtW65UCYXHHchcV1BA=
Subject key identifier: BC:72:12:F0:5E:C5:51:A5:8F:9A:7C:D2:60:DA:9D:46:F2:74:84:D8
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBFAC33074405E2A60FBC4839342DC
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/vHIS8F7FUaWPmnzSYNqdRvJ0hNg.roa
Signing time: Wed 01 Jan 2025 17:48:46 +0000
ROA not before: Wed 01 Jan 2025 17:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215788
IP address blocks: 2a0c:9a40:8600::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:fa:c3:30:74:40:5e:2a:60:fb:c4:83:93:42:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc7212f05ec551a58f9a7cd260da9d46f27484d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:da:de:a9:a8:de:b9:a4:23:63:05:f3:a9:86:
b2:2b:64:64:fd:5a:1b:3a:17:17:88:82:b9:09:41:
03:b4:69:47:44:54:12:ca:cb:7c:45:24:a0:9c:63:
2b:14:01:52:2a:32:c4:43:0a:c9:66:b9:d3:f8:05:
3b:12:cf:00:25:0f:ff:b4:4f:ff:e1:07:f3:bc:9b:
cd:22:e5:73:5f:3d:20:d0:ca:67:a3:6e:b0:77:ac:
e2:d6:1f:f3:c3:87:75:d5:b2:98:19:6c:3e:3e:6a:
03:34:aa:f9:7d:37:cd:9f:10:42:8b:20:0c:f4:82:
b4:4b:b5:4c:93:1f:b3:44:6c:bc:6c:a9:04:5e:c0:
df:01:2f:d1:e1:9b:11:5a:79:2c:72:7d:5a:cc:c5:
b1:83:dd:a4:be:5d:c1:46:8e:7a:58:57:b1:75:74:
01:ca:74:42:99:3a:8f:d9:cb:8c:6b:14:a7:a1:8f:
70:3f:81:f7:a7:b7:4b:77:e9:0a:b0:74:af:d0:66:
b3:be:96:97:cd:14:98:25:ee:f1:3f:7e:e8:66:6c:
61:a3:a4:a3:3c:e7:9c:8c:be:c9:db:d6:6f:2d:68:
2d:b8:cc:c6:0e:c4:45:b8:30:5f:d7:ee:c7:37:31:
b1:c4:3b:4e:0f:82:80:20:e2:ef:a2:e5:b5:a9:2c:
fe:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:72:12:F0:5E:C5:51:A5:8F:9A:7C:D2:60:DA:9D:46:F2:74:84:D8
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/vHIS8F7FUaWPmnzSYNqdRvJ0hNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8600::/44
Signature Algorithm: sha256WithRSAEncryption
17:39:8f:c5:cf:a9:53:d2:7e:8b:b9:91:99:66:cd:f7:6f:fe:
71:dc:73:9b:52:ec:dc:83:e2:5a:b4:8b:14:82:36:d1:9f:96:
a2:92:1e:90:92:81:a5:5d:8d:85:fc:a7:06:12:05:54:d2:73:
b8:b4:1e:8b:cb:a2:7b:d5:6c:2f:18:36:67:49:12:79:b2:e7:
90:10:64:93:72:9f:96:3b:41:31:f1:2b:8e:63:37:d8:03:f2:
a6:e3:83:89:4f:c6:68:20:b1:20:a9:84:ec:da:d9:b2:0c:61:
28:6e:46:a2:5e:6f:d7:29:a7:b7:04:9b:ab:ef:8e:7c:59:07:
ff:9d:c2:1e:4a:b0:45:80:f0:bf:11:97:ab:f1:83:98:f3:1f:
ec:c4:2a:f2:0b:92:ff:38:9d:40:92:f8:c1:e6:31:5e:55:05:
ad:3d:47:bc:d5:17:f3:b3:bc:71:08:88:3d:f2:c3:99:99:21:
7b:41:2c:93:da:6e:2c:da:7e:06:e0:04:0a:d8:fb:b6:e7:7a:
68:1e:de:b8:4f:86:02:b5:1c:5c:ca:3d:6f:79:63:0a:ff:73:
7c:7c:18:a6:c5:e8:d2:8b:ca:d0:a2:bc:92:72:38:63:d0:00:
fe:85:68:c1:fb:7d:4e:22:1c:18:fb:05:89:a4:7d:27:55:71:
94:69:c8:b1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/rDMHRAXipg+8SDk0LcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzcyMTJmMDVlYzU1MWE1OGY5YTdjZDI2MGRhOWQ0NmYyNzQ4NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNreqajeuaQjYwXzqYayK2Rk/Vob
OhcXiIK5CUEDtGlHRFQSyst8RSSgnGMrFAFSKjLEQwrJZrnT+AU7Es8AJQ//tE//
4QfzvJvNIuVzXz0g0Mpno26wd6zi1h/zw4d11bKYGWw+PmoDNKr5fTfNnxBCiyAM
9IK0S7VMkx+zRGy8bKkEXsDfAS/R4ZsRWnkscn1azMWxg92kvl3BRo56WFexdXQB
ynRCmTqP2cuMaxSnoY9wP4H3p7dLd+kKsHSv0GazvpaXzRSYJe7xP37oZmxho6Sj
POecjL7J29ZvLWgtuMzGDsRFuDBf1+7HNzGxxDtOD4KAIOLvouW1qSz+QwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLxyEvBexVGlj5p80mDanUbydITYMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvdkhJUzhGN0ZVYVdQbW56U1lOcWRSdkowaE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIYA
MA0GCSqGSIb3DQEBCwUAA4IBAQAXOY/Fz6lT0n6LuZGZZs33b/5x3HObUuzcg+Ja
tIsUgjbRn5aikh6QkoGlXY2F/KcGEgVU0nO4tB6Ly6J71WwvGDZnSRJ5sueQEGST
cp+WO0Ex8SuOYzfYA/Km44OJT8ZoILEgqYTs2tmyDGEobkaiXm/XKae3BJur7458
WQf/ncIeSrBFgPC/EZer8YOY8x/sxCryC5L/OJ1AkvjB5jFeVQWtPUe81Rfzs7xx
CIg98sOZmSF7QSyT2m4s2n4G4AQK2Pu253poHt64T4YCtRxcyj1veWMK/3N8fBim
xejSi8rQoryScjhj0AD+hWjB+31OIhwY+wWJpH0nVXGUacix
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:17 2025 by rpki-client