Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/hhotygxTLvn3PYJVbl00cMb8h10.roa
File: hhotygxTLvn3PYJVbl00cMb8h10.roa (raw, json)
Hash identifier: SCQMRv/bByyhKp0uOjYpl5A0a/1qkl4H/RLi4wxXi8A=
Subject key identifier: 86:1A:2D:CA:0C:53:2E:F9:F7:3D:82:55:6E:5D:34:70:C6:FC:87:5D
Certificate issuer: /CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Certificate serial: 0195E08AD556DFF68B76BC00EDBE9B2960D1
Authority key identifier: 60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/hhotygxTLvn3PYJVbl00cMb8h10.roa
Signing time: Sat 29 Mar 2025 06:15:49 +0000
ROA not before: Sat 29 Mar 2025 06:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:dc6c:d9df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e0:8a:d5:56:df:f6:8b:76:bc:00:ed:be:9b:29:60:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6091160984cbc991ebc9ca0a857007d1f2c11a2d
Validity
Not Before: Mar 29 06:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=861a2dca0c532ef9f73d82556e5d3470c6fc875d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a7:ea:ed:2a:1d:67:c0:59:ce:ad:e6:d2:54:
3e:ba:9d:fc:11:4f:8e:e7:ed:ac:d3:86:3d:13:b4:
47:53:4a:e8:50:b7:94:a8:34:4a:80:d9:d8:48:e1:
0a:13:7b:89:0f:86:3b:1f:6a:d5:f9:49:ac:28:37:
e0:91:2f:c8:8e:34:20:fb:5f:44:62:94:74:55:77:
a5:20:a9:bd:63:1e:39:5e:2c:e9:fd:e9:47:8f:7d:
36:11:e7:4f:4e:20:f6:42:12:4b:a5:f3:35:76:85:
d1:00:de:d6:8a:c4:3b:18:55:69:6a:9e:ff:cd:01:
87:31:3f:67:9c:0f:67:c6:21:ff:05:80:46:da:05:
d6:3b:82:ae:df:d2:11:e5:6b:29:c9:9c:8e:00:9a:
c1:26:40:e9:37:7c:b8:67:97:f5:38:58:79:ed:a0:
de:87:94:20:d5:23:69:b5:dc:77:77:06:fc:b7:8c:
e3:41:dc:b8:a1:ca:96:f5:40:78:33:6a:c0:b1:ae:
1e:7a:0d:e0:5a:b4:b5:45:9d:e0:4d:f4:41:64:ae:
cf:ae:2a:65:f2:2d:d9:db:a2:5a:55:7c:58:14:ed:
d8:3e:59:4f:eb:a3:a4:31:2f:f1:3a:28:87:a3:a5:
21:19:bd:e8:d1:f9:f0:bc:08:cc:1d:aa:f3:ab:bf:
0d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1A:2D:CA:0C:53:2E:F9:F7:3D:82:55:6E:5D:34:70:C6:FC:87:5D
X509v3 Authority Key Identifier:
keyid:60:91:16:09:84:CB:C9:91:EB:C9:CA:0A:85:70:07:D1:F2:C1:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJEWCYTLyZHrycoKhXAH0fLBGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/hhotygxTLvn3PYJVbl00cMb8h10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/bcd829-3f3d-4e5a-adaf-03aa5511a75f/1/YJEWCYTLyZHrycoKhXAH0fLBGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:dc6c:d9df/128
Signature Algorithm: sha256WithRSAEncryption
99:7b:00:dd:8d:1b:c0:a8:c7:b7:31:80:56:98:e9:b3:c8:b6:
d6:f3:cf:81:4d:d3:43:bb:83:09:47:a9:11:07:4f:61:41:dc:
07:c5:91:8b:d6:6f:5f:be:e7:70:08:57:68:ef:f8:ef:1b:c7:
ff:53:58:8a:77:7d:d0:1a:2f:a6:19:e4:eb:e2:c5:a4:54:54:
bc:1a:a8:c6:a2:e6:ed:b2:43:7c:e4:52:41:aa:de:16:84:ee:
9f:36:a5:d1:d1:0a:f6:78:df:42:8f:e8:31:2c:14:da:1c:8d:
74:f3:98:19:b6:80:1b:35:aa:17:7f:e7:63:29:e4:7e:f0:74:
5d:6c:33:8d:8e:0a:d9:95:74:23:85:84:a8:76:d8:54:73:ce:
ce:ed:60:8f:23:f6:63:ba:4c:b9:60:cf:53:85:62:6c:3a:7a:
f7:9d:7f:43:60:9b:73:65:c0:a0:a8:a6:f5:1c:c6:7f:af:8c:
31:78:14:4c:c5:22:47:09:9b:6f:6c:c1:6b:43:8b:e0:ab:2e:
c2:ca:68:b4:ec:1b:f0:e5:8e:eb:12:0c:5f:3d:5b:4d:4a:96:
fa:04:44:c0:3e:54:e4:70:a1:e2:aa:6a:37:fd:49:55:12:89:
4e:a0:38:5a:51:c2:45:c5:92:b3:d9:e8:6f:3c:de:03:9b:c3:
4b:29:b0:a9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZXgitVW3/aLdrwA7b6bKWDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTExNjA5ODRjYmM5OTFlYmM5Y2EwYTg1NzAwN2QxZjJj
MTFhMmQwHhcNMjUwMzI5MDYxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFhMmRjYTBjNTMyZWY5ZjczZDgyNTU2ZTVkMzQ3MGM2ZmM4NzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqfq7SodZ8BZzq3m0lQ+up38EU+O
5+2s04Y9E7RHU0roULeUqDRKgNnYSOEKE3uJD4Y7H2rV+UmsKDfgkS/IjjQg+19E
YpR0VXelIKm9Yx45Xizp/elHj302EedPTiD2QhJLpfM1doXRAN7WisQ7GFVpap7/
zQGHMT9nnA9nxiH/BYBG2gXWO4Ku39IR5WspyZyOAJrBJkDpN3y4Z5f1OFh57aDe
h5Qg1SNptdx3dwb8t4zjQdy4ocqW9UB4M2rAsa4eeg3gWrS1RZ3gTfRBZK7Pripl
8i3Z26JaVXxYFO3YPllP66OkMS/xOiiHo6UhGb3o0fnwvAjMHarzq78N4QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIYaLcoMUy759z2CVW5dNHDG/IddMB8GA1UdIwQY
MBaAFGCRFgmEy8mR68nKCoVwB9HywRotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYt
MDNhYTU1MTFhNzVmLzEvaGhvdHlneFRMdm4zUFlKVmJsMDBjTWI4aDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iY2Q4MjktM2YzZC00ZTVhLWFkYWYtMDNhYTU1MTFhNzVm
LzEvWUpFV0NZVEx5WkhyeWNvS2hYQUgwZkxCR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGV3GzZ3zANBgkqhkiG9w0BAQsFAAOCAQEAmXsA3Y0bwKjHtzGAVpjps8i2
1vPPgU3TQ7uDCUepEQdPYUHcB8WRi9ZvX77ncAhXaO/47xvH/1NYind90Bovphnk
6+LFpFRUvBqoxqLm7bJDfORSQareFoTunzal0dEK9njfQo/oMSwU2hyNdPOYGbaA
GzWqF3/nYynkfvB0XWwzjY4K2ZV0I4WEqHbYVHPOzu1gjyP2Y7pMuWDPU4VibDp6
951/Q2Cbc2XAoKim9RzGf6+MMXgUTMUiRwmbb2zBa0OL4KsuwspotOwb8OWO6xIM
Xz1bTUqW+gREwD5U5HCh4qpqN/1JVRKJTqA4WlHCRcWSs9nobzzeA5vDSymwqQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:46 2025 by rpki-client