Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hHjCSLjuCQBZBA95X8bVCalUWR8.roa
File: hHjCSLjuCQBZBA95X8bVCalUWR8.roa (raw, json)
Hash identifier: rGpMAbAWagqBUP9bihP4/mD8g+heJdTBN8m9uaijg+I=
Subject key identifier: 84:78:C2:48:B8:EE:09:00:59:04:0F:79:5F:C6:D5:09:A9:54:59:1F
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA8687AEFDAEB70017D7E8988ACB93
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hHjCSLjuCQBZBA95X8bVCalUWR8.roa
Signing time: Wed 01 Jan 2025 03:48:19 +0000
ROA not before: Wed 01 Jan 2025 03:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204625
IP address blocks: 2a0c:b642:900::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:86:87:ae:fd:ae:b7:00:17:d7:e8:98:8a:cb:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8478c248b8ee090059040f795fc6d509a954591f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:92:1b:39:27:af:20:4d:55:7d:1b:1e:b3:c2:
31:ce:c7:39:b3:06:92:6b:b8:9e:91:43:a0:7d:3a:
12:12:70:02:a8:8e:14:5f:11:05:24:2c:d1:08:41:
8a:89:77:4f:c4:97:5e:6e:f2:39:e9:4b:53:d1:75:
33:98:d1:eb:47:4a:a4:68:00:66:7f:aa:66:ec:12:
d7:5f:f3:25:5e:0a:d0:19:0e:21:95:43:13:9e:0d:
ef:d0:fc:cc:50:75:74:1c:fb:6a:df:6b:13:dd:aa:
dd:0d:ea:4d:a2:74:99:05:76:e2:50:b5:14:66:37:
b3:16:c5:ef:17:b1:81:76:4a:ff:b5:48:f7:cc:9e:
82:72:9e:8c:9c:63:98:2d:b0:97:42:1d:46:a0:bb:
06:34:9b:33:9b:32:63:93:77:2a:30:b5:14:a4:19:
c9:f6:b4:0d:1a:63:bf:99:f7:d1:b9:41:91:b4:7b:
37:97:18:86:9a:62:69:b4:ac:1d:9c:46:f0:17:3c:
9f:18:c6:e5:47:12:b5:4f:f6:d3:44:80:b4:5f:bd:
ef:75:1a:e0:a8:46:1e:aa:0f:a6:cc:91:8c:af:96:
b9:b8:80:c7:3f:00:15:3a:90:06:25:57:78:59:11:
b1:c1:3e:a8:bc:cb:32:f9:9c:24:d1:a2:53:f7:61:
e0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:78:C2:48:B8:EE:09:00:59:04:0F:79:5F:C6:D5:09:A9:54:59:1F
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/hHjCSLjuCQBZBA95X8bVCalUWR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:900::/40
Signature Algorithm: sha256WithRSAEncryption
9a:0b:96:4c:7a:35:e7:3b:80:4c:4b:74:50:de:6f:6a:36:ec:
2d:84:2f:c7:69:9c:85:c6:18:12:0c:8f:43:bf:36:3c:f7:3a:
b2:f2:43:7c:01:68:79:db:82:0d:cd:31:ff:92:43:98:2d:d0:
0e:01:3b:80:b7:3c:5d:17:72:2d:aa:18:86:ac:74:a6:cd:7b:
4b:17:d8:4f:24:11:92:e7:b2:d0:c0:f0:8a:ca:23:83:80:ad:
4e:9f:32:f0:bc:14:27:c6:29:00:de:6a:34:c6:b5:7b:d0:62:
90:9d:1c:f4:ab:05:7c:76:e1:66:d8:48:b3:f9:2d:c1:11:91:
67:1d:2f:25:f3:c6:13:0c:85:8c:3e:58:31:2d:40:d8:c5:dd:
de:91:3c:02:6d:1a:58:0e:c5:18:17:aa:ff:56:44:ae:25:de:
c4:5f:56:79:ba:19:51:49:cc:77:4b:77:28:2b:01:90:89:4d:
2b:f7:b6:da:bf:a3:c0:9c:4c:c8:ee:fa:b2:48:63:db:19:21:
85:35:24:a7:bb:7e:7d:0c:4a:bc:37:f4:60:16:c3:a8:ef:ba:
1d:54:59:02:40:4d:b6:d6:4f:ab:22:23:09:3a:0b:e9:65:74:
3e:d5:ec:b2:86:9c:13:67:dd:e1:73:b9:7d:05:c1:6b:0f:7a:
21:ca:37:ba
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQf+oaHrv2utwAX1+iYisuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDc4YzI0OGI4ZWUwOTAwNTkwNDBmNzk1ZmM2ZDUwOWE5NTQ1OTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZIbOSevIE1VfRses8Ixzsc5swaS
a7iekUOgfToSEnACqI4UXxEFJCzRCEGKiXdPxJdebvI56UtT0XUzmNHrR0qkaABm
f6pm7BLXX/MlXgrQGQ4hlUMTng3v0PzMUHV0HPtq32sT3ardDepNonSZBXbiULUU
ZjezFsXvF7GBdkr/tUj3zJ6Ccp6MnGOYLbCXQh1GoLsGNJszmzJjk3cqMLUUpBnJ
9rQNGmO/mffRuUGRtHs3lxiGmmJptKwdnEbwFzyfGMblRxK1T/bTRIC0X73vdRrg
qEYeqg+mzJGMr5a5uIDHPwAVOpAGJVd4WRGxwT6ovMsy+Zwk0aJT92HgcwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIR4wki47gkAWQQPeV/G1QmpVFkfMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvaEhqQ1NManVDUUJaQkE5NVg4YlZDYWxVV1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgy2Qgkw
DQYJKoZIhvcNAQELBQADggEBAJoLlkx6Nec7gExLdFDeb2o27C2EL8dpnIXGGBIM
j0O/Njz3OrLyQ3wBaHnbgg3NMf+SQ5gt0A4BO4C3PF0Xci2qGIasdKbNe0sX2E8k
EZLnstDA8IrKI4OArU6fMvC8FCfGKQDeajTGtXvQYpCdHPSrBXx24WbYSLP5LcER
kWcdLyXzxhMMhYw+WDEtQNjF3d6RPAJtGlgOxRgXqv9WRK4l3sRfVnm6GVFJzHdL
dygrAZCJTSv3ttq/o8CcTMju+rJIY9sZIYU1JKe7fn0MSrw39GAWw6jvuh1UWQJA
TbbWT6siIwk6C+lldD7V7LKGnBNn3eFzuX0FwWsPeiHKN7o=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:38:53 2025 by rpki-client