Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/hp0pLX_QGiWhiOhgc-g-g3McIzI.roa
File: hp0pLX_QGiWhiOhgc-g-g3McIzI.roa (raw, json)
Hash identifier: iRmxgVLqjy7bOiMWp10+U3a2wekQwe0YpGsmUpp/wOw=
Subject key identifier: 86:9D:29:2D:7F:D0:1A:25:A1:88:E8:60:73:E8:3E:83:73:1C:23:32
Certificate issuer: /CN=255876412d20fbb6cab823481782ac47703b4404
Certificate serial: 0194228E0B17B623F943DF0A230619F4B57A
Authority key identifier: 25:58:76:41:2D:20:FB:B6:CA:B8:23:48:17:82:AC:47:70:3B:44:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/hp0pLX_QGiWhiOhgc-g-g3McIzI.roa
Signing time: Wed 01 Jan 2025 15:48:41 +0000
ROA not before: Wed 01 Jan 2025 15:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210152
IP address blocks: 2a01:ffc6:4000::/34 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:0b:17:b6:23:f9:43:df:0a:23:06:19:f4:b5:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=255876412d20fbb6cab823481782ac47703b4404
Validity
Not Before: Jan 1 15:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=869d292d7fd01a25a188e86073e83e83731c2332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:32:c4:d5:51:45:9f:79:c0:55:3a:bb:27:f3:
5f:03:4f:9b:b8:fb:4a:7a:99:e0:78:3a:dc:35:4a:
eb:50:84:50:1e:58:9d:09:75:30:c2:cb:34:4e:0a:
4b:d2:ab:4f:bf:4e:6b:49:2c:90:86:a4:de:5c:7a:
64:25:09:50:f8:40:98:e8:f0:ed:86:94:97:cd:f1:
42:a7:20:62:6f:df:1c:ab:f2:55:b1:32:8c:e2:cf:
b5:5a:1e:74:37:95:65:d8:9c:9d:d4:11:23:ea:03:
5c:53:11:ec:e1:29:7f:c4:77:9c:f5:07:1e:48:2d:
be:95:8e:79:0e:ad:79:be:b4:f9:09:bb:56:46:bf:
49:86:26:89:6d:59:4c:59:f4:f0:ef:0c:03:0b:23:
ec:fc:55:84:05:4f:ad:67:2d:ad:77:47:13:66:05:
ac:23:dd:cc:78:41:52:34:a9:f1:6d:62:be:97:90:
f4:12:3d:99:d1:7c:95:e2:38:20:26:60:4f:09:31:
a0:0d:13:be:d2:b5:a9:b6:e6:e1:23:7f:0a:b5:0f:
a2:38:73:07:a0:2c:da:e5:16:9d:5d:c9:b6:9b:e0:
5c:c4:1a:0c:9f:9e:06:1e:e1:e4:0d:09:1f:75:69:
3a:07:cb:a3:e2:0d:fc:29:a3:e9:7e:cf:e7:52:e9:
de:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9D:29:2D:7F:D0:1A:25:A1:88:E8:60:73:E8:3E:83:73:1C:23:32
X509v3 Authority Key Identifier:
keyid:25:58:76:41:2D:20:FB:B6:CA:B8:23:48:17:82:AC:47:70:3B:44:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/hp0pLX_QGiWhiOhgc-g-g3McIzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/dd062a-1319-4019-a551-876c7fca4b34/1/JVh2QS0g-7bKuCNIF4KsR3A7RAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ffc6:4000::/34
Signature Algorithm: sha256WithRSAEncryption
8c:b9:ae:90:ae:0e:59:b1:ee:2c:95:7b:2d:1c:75:a9:ba:3a:
e7:7c:e0:f6:fb:b2:65:65:64:42:c5:1f:09:9f:dd:09:05:a0:
36:13:84:d3:c9:b9:ee:e4:96:05:da:03:1d:bc:28:69:dc:5b:
76:c4:36:27:db:fb:da:3b:4d:d9:be:3f:04:67:5b:c1:de:00:
ea:1f:74:be:27:86:b3:8b:71:7f:10:77:95:db:e0:a1:75:61:
12:64:43:d7:55:f5:5d:3d:83:11:0d:b7:c7:ba:0b:75:63:af:
f0:27:94:0c:51:86:ce:38:c4:26:e9:fc:a3:cd:bb:2b:3d:8a:
d2:43:a1:ea:11:db:78:da:df:5a:82:7c:27:47:5e:2a:2a:78:
4b:8b:ef:79:f4:78:b3:57:64:98:33:88:a3:b3:70:64:0e:76:
e2:c0:4c:97:c1:9e:ff:36:40:77:b1:69:ff:8f:aa:c6:37:3b:
fb:a6:15:0c:61:17:57:fc:48:61:06:3f:4f:ea:81:91:0f:e6:
3c:17:00:e8:cc:14:f7:12:85:b5:6b:52:08:f1:dd:b2:09:fb:
41:97:9d:91:f8:4c:40:0d:0f:70:8b:9b:60:5e:b9:66:cd:0e:
68:ff:3d:2e:d5:a8:94:95:9e:7a:71:bd:f8:1a:69:81:76:61:
f1:0d:87:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQijgsXtiP5Q98KIwYZ9LV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTg3NjQxMmQyMGZiYjZjYWI4MjM0ODE3ODJhYzQ3NzAz
YjQ0MDQwHhcNMjUwMTAxMTU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlkMjkyZDdmZDAxYTI1YTE4OGU4NjA3M2U4M2U4MzczMWMyMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TLE1VFFn3nAVTq7J/NfA0+buPtK
epngeDrcNUrrUIRQHlidCXUwwss0TgpL0qtPv05rSSyQhqTeXHpkJQlQ+ECY6PDt
hpSXzfFCpyBib98cq/JVsTKM4s+1Wh50N5Vl2Jyd1BEj6gNcUxHs4Sl/xHec9Qce
SC2+lY55Dq15vrT5CbtWRr9JhiaJbVlMWfTw7wwDCyPs/FWEBU+tZy2td0cTZgWs
I93MeEFSNKnxbWK+l5D0Ej2Z0XyV4jggJmBPCTGgDRO+0rWptubhI38KtQ+iOHMH
oCza5RadXcm2m+BcxBoMn54GHuHkDQkfdWk6B8uj4g38KaPpfs/nUune4QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIadKS1/0BoloYjoYHPoPoNzHCMyMB8GA1UdIwQY
MBaAFCVYdkEtIPu2yrgjSBeCrEdwO0QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZoMlFTMGctN2JLdUNOSUY0S3NSM0E3UkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kZDA2MmEtMTMxOS00MDE5LWE1NTEt
ODc2YzdmY2E0YjM0LzEvaHAwcExYX1FHaVdoaU9oZ2MtZy1nM01jSXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kZDA2MmEtMTMxOS00MDE5LWE1NTEtODc2YzdmY2E0YjM0
LzEvSlZoMlFTMGctN2JLdUNOSUY0S3NSM0E3UkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgH/xkAw
DQYJKoZIhvcNAQELBQADggEBAIy5rpCuDlmx7iyVey0cdam6Oud84Pb7smVlZELF
Hwmf3QkFoDYThNPJue7klgXaAx28KGncW3bENifb+9o7Tdm+PwRnW8HeAOofdL4n
hrOLcX8Qd5Xb4KF1YRJkQ9dV9V09gxENt8e6C3Vjr/AnlAxRhs44xCbp/KPNuys9
itJDoeoR23ja31qCfCdHXioqeEuL73n0eLNXZJgziKOzcGQOduLATJfBnv82QHex
af+PqsY3O/umFQxhF1f8SGEGP0/qgZEP5jwXAOjMFPcShbVrUgjx3bIJ+0GXnZH4
TEAND3CLm2BeuWbNDmj/PS7VqJSVnnpxvfgaaYF2YfENh4Q=
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:17:53 2025 by rpki-client