Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/H49hyQPEQJXxJVi2iR8A2ADQ41U.roa
File: H49hyQPEQJXxJVi2iR8A2ADQ41U.roa (raw, json)
Hash identifier: eqi7i//uHcpOg1OfB0kupkpo9kTQKxZE6a6NNvU+Pyg=
Subject key identifier: 1F:8F:61:C9:03:C4:40:95:F1:25:58:B6:89:1F:00:D8:00:D0:E3:55
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01953CFFF70718E7FA3A1E0F0A64BCF2FD91
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/H49hyQPEQJXxJVi2iR8A2ADQ41U.roa
Signing time: Tue 25 Feb 2025 12:06:02 +0000
ROA not before: Tue 25 Feb 2025 12:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212701
IP address blocks: 2a0d:d940:12::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:ff:f7:07:18:e7:fa:3a:1e:0f:0a:64:bc:f2:fd:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Feb 25 12:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f8f61c903c44095f12558b6891f00d800d0e355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:5c:ea:04:8d:53:6b:27:6d:a8:42:3d:3d:
8c:10:42:aa:10:17:e8:7e:3b:70:8f:31:26:11:5a:
77:4d:40:79:1a:12:3a:20:57:8f:66:da:71:df:c4:
ae:74:1d:6b:f8:e9:0f:0e:6b:89:05:78:47:08:45:
fc:b3:50:0b:c3:8b:28:e7:6b:9a:ef:71:d0:18:b0:
b0:7b:c7:d8:a7:ad:f9:9e:65:44:55:19:98:dd:51:
42:cd:63:83:51:99:05:b8:d9:bc:5a:a0:19:ac:89:
55:76:74:f3:a2:95:75:e4:69:9e:68:9f:eb:64:13:
e8:80:07:4e:e3:06:1b:a8:39:38:29:98:af:d5:f8:
ff:7d:5e:f6:a8:5e:63:a0:22:30:c3:ad:ce:8f:67:
f1:ee:66:d6:9a:27:cd:12:78:ae:e9:21:f4:a9:e6:
83:d1:f8:f3:25:80:7e:e5:7b:93:2a:28:52:0a:3e:
eb:c4:69:ac:2a:b0:b1:8f:74:30:03:df:1d:99:97:
54:d3:e1:0e:1a:4b:c1:28:a3:3d:34:6b:50:41:94:
81:24:1a:be:cb:94:67:b7:cd:b2:eb:ab:b8:d5:0a:
83:86:3f:33:6f:9c:e9:3c:16:b4:40:e8:dc:1c:11:
1c:60:12:97:37:f5:6e:53:2a:64:1b:54:9d:67:22:
66:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8F:61:C9:03:C4:40:95:F1:25:58:B6:89:1F:00:D8:00:D0:E3:55
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/H49hyQPEQJXxJVi2iR8A2ADQ41U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:12::/48
Signature Algorithm: sha256WithRSAEncryption
9a:df:b2:6f:73:ea:63:d2:65:4f:38:78:b0:f5:80:10:ec:0b:
8e:a4:02:9f:0f:b3:43:2d:3e:62:4c:c6:6a:dc:2c:5b:0b:73:
29:04:0e:4f:a5:09:19:24:52:81:63:c1:fc:c9:f4:80:11:36:
c1:d6:9d:45:59:02:11:84:27:b8:aa:bb:f8:38:6c:c4:61:b5:
a3:dc:f5:49:ff:98:0b:9d:c9:0c:f5:e1:f5:33:82:62:52:d6:
aa:cc:83:a8:5b:d9:e8:e0:7b:5f:fa:89:c5:42:0f:2f:09:9c:
28:5f:be:e8:af:78:ce:e8:f8:b2:6d:ba:3e:00:e6:3f:c1:c0:
9f:6d:c4:08:24:59:39:9e:dd:f7:03:da:56:7c:f7:02:bf:1d:
ff:2f:75:52:cd:64:4a:12:e1:73:84:c5:b9:4e:32:63:14:92:
47:97:7b:09:5e:d0:e5:db:d7:97:d3:6d:ab:68:45:8a:bb:94:
a6:51:88:ff:08:f0:2c:1e:2b:c3:16:74:b2:5b:dd:40:9d:ca:
2f:36:df:1a:4a:52:7e:c5:54:6e:26:f4:1b:7a:f1:af:bd:c5:
bc:ca:fd:66:a5:a5:e8:5d:47:19:44:32:3d:12:b1:bf:1f:25:
8d:db:13:b3:44:b3:50:d0:8c:11:18:96:7c:d4:a9:e5:b2:17:
82:45:f3:1b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZU8//cHGOf6Oh4PCmS88v2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwMjI1MTIwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhmNjFjOTAzYzQ0MDk1ZjEyNTU4YjY4OTFmMDBkODAwZDBlMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBlc6gSNU2snbahCPT2MEEKqEBfo
fjtwjzEmEVp3TUB5GhI6IFePZtpx38SudB1r+OkPDmuJBXhHCEX8s1ALw4so52ua
73HQGLCwe8fYp635nmVEVRmY3VFCzWODUZkFuNm8WqAZrIlVdnTzopV15GmeaJ/r
ZBPogAdO4wYbqDk4KZiv1fj/fV72qF5joCIww63Oj2fx7mbWmifNEniu6SH0qeaD
0fjzJYB+5XuTKihSCj7rxGmsKrCxj3QwA98dmZdU0+EOGkvBKKM9NGtQQZSBJBq+
y5Rnt82y66u41QqDhj8zb5zpPBa0QOjcHBEcYBKXN/VuUypkG1SdZyJmGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB+PYckDxECV8SVYtokfANgA0ONVMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvSDQ5aHlRUEVRSlh4SlZpMmlSOEEyQURRNDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg3ZQAAS
MA0GCSqGSIb3DQEBCwUAA4IBAQCa37Jvc+pj0mVPOHiw9YAQ7AuOpAKfD7NDLT5i
TMZq3CxbC3MpBA5PpQkZJFKBY8H8yfSAETbB1p1FWQIRhCe4qrv4OGzEYbWj3PVJ
/5gLnckM9eH1M4JiUtaqzIOoW9no4Htf+onFQg8vCZwoX77or3jO6Piybbo+AOY/
wcCfbcQIJFk5nt33A9pWfPcCvx3/L3VSzWRKEuFzhMW5TjJjFJJHl3sJXtDl29eX
022raEWKu5SmUYj/CPAsHivDFnSyW91AncovNt8aSlJ+xVRuJvQbevGvvcW8yv1m
paXoXUcZRDI9ErG/HyWN2xOzRLNQ0IwRGJZ81KnlsheCRfMb
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:52:07 2025 by rpki-client