Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/hcpaXJt23u4k5563Lrz0ULFkoPc.roa
File: hcpaXJt23u4k5563Lrz0ULFkoPc.roa (raw, json)
Hash identifier: t9Cetu8Bu+iQvEggTmlxM5kCXlMh8aVEhjCukn8Sgo0=
Subject key identifier: 85:CA:5A:5C:9B:76:DE:EE:24:E7:9E:B7:2E:BC:F4:50:B1:64:A0:F7
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADEAA69582680E19DCAF3B4C5A9A7
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/hcpaXJt23u4k5563Lrz0ULFkoPc.roa
Signing time: Sun 01 Jan 2023 14:44:49 +0000
ROA not before: Sun 01 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41661
IP address blocks: 2a02:2698:9000::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:de:aa:69:58:26:80:e1:9d:ca:f3:b4:c5:a9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85ca5a5c9b76deee24e79eb72ebcf450b164a0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:62:1b:b4:01:21:de:c6:c5:70:cc:70:78:a8:
98:d3:10:f7:05:1e:39:0f:9d:ab:e0:e7:3f:b3:93:
2c:33:c1:66:4a:da:d2:cc:c1:10:2d:ff:5c:3d:e7:
67:67:65:c3:d0:e6:a6:05:61:89:87:f6:f9:b0:b4:
44:c0:80:9a:00:df:c0:a0:65:6a:c4:57:bb:b1:65:
f3:62:c9:58:ac:0f:06:fc:56:80:e9:3e:d4:78:9f:
82:7e:18:dd:51:86:e2:39:bd:05:35:e7:07:8b:3b:
11:31:01:27:a0:9c:e6:2f:74:64:b6:66:8b:63:41:
44:de:35:a2:c5:05:b3:71:57:50:12:f2:53:a6:d8:
ab:c9:ed:18:ad:38:92:d2:5d:42:cf:fe:eb:5a:4b:
89:29:bd:4e:3e:b5:90:21:7a:3e:08:63:43:99:9c:
d9:e3:f5:be:08:18:fe:69:48:c4:04:d7:a2:c0:ec:
26:f5:3d:23:96:19:77:2e:79:5d:e6:73:98:10:8f:
85:fb:05:5d:a1:b5:5f:22:bf:1b:04:03:c3:d3:86:
0b:83:60:36:22:72:1c:15:e7:30:27:e9:58:ec:ff:
35:f9:96:ee:f9:c0:39:45:1f:e6:31:ad:ea:84:3f:
50:28:41:0a:fc:2e:28:a2:a0:6d:3a:dd:e2:f3:a5:
22:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CA:5A:5C:9B:76:DE:EE:24:E7:9E:B7:2E:BC:F4:50:B1:64:A0:F7
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/hcpaXJt23u4k5563Lrz0ULFkoPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:9000::/38
Signature Algorithm: sha256WithRSAEncryption
dc:04:a1:a4:b1:7d:d2:ef:54:b8:90:27:79:9d:b7:54:e4:6f:
a5:15:e6:19:34:70:b9:39:0e:bd:cd:b9:de:e9:d8:bf:ca:c2:
62:c7:02:67:33:fe:fe:c6:63:43:ed:4e:77:54:9d:04:a4:06:
e7:b4:39:3f:b5:75:82:c3:6a:f7:01:b9:d7:95:c2:4a:50:c5:
85:a2:61:0a:b0:85:a1:f1:1a:dd:32:5c:e3:e6:69:48:c9:60:
68:76:0d:88:ab:26:f2:0d:2c:ad:d9:ad:7f:ea:3e:ad:d0:8e:
61:bf:7e:44:6d:5d:b7:75:0a:04:83:37:fd:b7:6d:9d:85:23:
c4:c4:00:05:d9:aa:57:36:44:18:4f:42:8d:c3:73:df:fc:b3:
cc:f5:07:72:58:83:4d:40:54:87:67:e0:5b:1f:24:d6:78:60:
9d:a3:4b:57:b4:6e:c9:8a:a0:a2:9a:33:5a:0f:97:1c:69:31:
82:2c:b5:92:38:ce:80:41:f6:01:3b:3c:7a:e3:cf:f1:7f:67:
ba:77:11:1d:b8:5c:b1:c2:ea:4b:e4:f8:a3:cd:cc:ad:33:9d:
b8:1d:57:aa:12:19:cf:37:8c:a6:90:c5:65:03:c0:7f:37:30:
1e:05:8c:26:08:f6:5d:8d:c9:0f:0b:7d:a7:3a:48:d7:37:6a:
1c:02:2f:bc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyt6qaVgmgOGdyvO0xamnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWNhNWE1YzliNzZkZWVlMjRlNzllYjcyZWJjZjQ1MGIxNjRhMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWIbtAEh3sbFcMxweKiY0xD3BR45
D52r4Oc/s5MsM8FmStrSzMEQLf9cPednZ2XD0OamBWGJh/b5sLREwICaAN/AoGVq
xFe7sWXzYslYrA8G/FaA6T7UeJ+CfhjdUYbiOb0FNecHizsRMQEnoJzmL3RktmaL
Y0FE3jWixQWzcVdQEvJTptirye0YrTiS0l1Cz/7rWkuJKb1OPrWQIXo+CGNDmZzZ
4/W+CBj+aUjEBNeiwOwm9T0jlhl3Lnld5nOYEI+F+wVdobVfIr8bBAPD04YLg2A2
InIcFecwJ+lY7P81+Zbu+cA5RR/mMa3qhD9QKEEK/C4ooqBtOt3i86UiKwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIXKWlybdt7uJOeety689FCxZKD3MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvaGNwYVhKdDIzdTRrNTU2M0xyejBVTEZrb1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmJAw
DQYJKoZIhvcNAQELBQADggEBANwEoaSxfdLvVLiQJ3mdt1Tkb6UV5hk0cLk5Dr3N
ud7p2L/KwmLHAmcz/v7GY0PtTndUnQSkBue0OT+1dYLDavcBudeVwkpQxYWiYQqw
haHxGt0yXOPmaUjJYGh2DYirJvINLK3ZrX/qPq3QjmG/fkRtXbd1CgSDN/23bZ2F
I8TEAAXZqlc2RBhPQo3Dc9/8s8z1B3JYg01AVIdn4FsfJNZ4YJ2jS1e0bsmKoKKa
M1oPlxxpMYIstZI4zoBB9gE7PHrjz/F/Z7p3ER24XLHC6kvk+KPNzK0znbgdV6oS
Gc83jKaQxWUDwH83MB4FjCYI9l2NyQ8Lfac6SNc3ahwCL7w=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:18 2025 by rpki-client