Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/ehgAzBDC5TDJSiS2woTLYA9Z-4E.roa
File: ehgAzBDC5TDJSiS2woTLYA9Z-4E.roa (raw, json)
Hash identifier: K6RVhNClpsXwi3nvwOK5VpovbryAZNiXfSXsDcn1PP4=
Subject key identifier: 7A:18:00:CC:10:C2:E5:30:C9:4A:24:B6:C2:84:CB:60:0F:59:FB:81
Certificate issuer: /CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Certificate serial: 0194B2814F4D98A41BCFE2FFB65FC1479B6B
Authority key identifier: 4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/ehgAzBDC5TDJSiS2woTLYA9Z-4E.roa
Signing time: Wed 29 Jan 2025 14:40:06 +0000
ROA not before: Wed 29 Jan 2025 14:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212123
IP address blocks: 2001:678:110::/48 maxlen: 48
2001:67c:e70::/48 maxlen: 48
2001:67c:e74::/48 maxlen: 48
2001:67c:e78::/48 maxlen: 48
2001:67c:e7c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b2:81:4f:4d:98:a4:1b:cf:e2:ff:b6:5f:c1:47:9b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Validity
Not Before: Jan 29 14:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a1800cc10c2e530c94a24b6c284cb600f59fb81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3b:61:31:82:e3:e6:ca:e4:36:b8:4a:74:6b:
fd:ea:69:da:09:ba:67:5e:d2:8d:d8:9f:21:8a:6a:
1e:25:44:a1:1e:f1:a4:af:70:3d:b1:51:7d:aa:9f:
93:0b:e8:c9:98:73:87:11:6e:e2:6e:4c:ba:e9:e8:
5d:53:db:2c:ee:07:0d:c9:4a:45:25:67:77:af:d9:
b7:6f:09:1f:17:0d:79:47:33:fd:20:53:d8:11:dd:
91:ff:1b:ff:39:ef:a6:52:f9:41:ec:31:46:d1:0b:
cf:d3:87:3d:8e:c5:f4:73:59:07:d4:ff:21:94:26:
53:04:a3:8e:f4:44:93:88:13:88:e7:52:f0:ef:f1:
11:01:f5:35:b9:db:50:b0:8e:81:87:c0:8a:49:9d:
8d:fe:26:81:36:67:67:50:2e:1e:d7:ad:77:aa:b0:
9d:02:0e:09:12:e5:e9:db:bb:e8:91:59:8e:e0:b8:
e4:2b:78:17:59:61:5a:df:0c:18:e6:b5:33:30:7a:
b8:ad:63:1b:c8:d4:be:37:b7:e6:e9:78:69:57:c7:
3e:43:b2:b9:ca:b3:ab:92:a6:de:fe:a5:74:9c:96:
70:4b:4d:cf:d2:4c:96:cc:51:92:8c:b2:b1:d2:56:
79:11:74:91:64:31:f2:06:22:8c:05:bb:ba:31:73:
e7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:18:00:CC:10:C2:E5:30:C9:4A:24:B6:C2:84:CB:60:0F:59:FB:81
X509v3 Authority Key Identifier:
keyid:4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/ehgAzBDC5TDJSiS2woTLYA9Z-4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Tq8Utn4FHPvV4bHVFpPURoI5J5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:110::/48
2001:67c:e70::/48
2001:67c:e74::/48
2001:67c:e78::/48
2001:67c:e7c::/48
Signature Algorithm: sha256WithRSAEncryption
7c:38:cd:40:5d:0f:7b:40:21:04:de:eb:62:55:21:e2:d4:5f:
78:b4:be:50:4d:48:89:12:fa:73:d2:93:74:86:bf:87:00:65:
38:f4:10:5d:f6:ff:0b:64:ef:5a:0e:3b:d6:01:56:e9:ce:79:
f3:6a:93:8a:51:72:c2:a7:48:01:20:cd:7f:2b:b5:be:93:17:
f6:39:3c:26:7f:3a:1a:cb:b3:2f:31:1f:c5:32:c0:be:e4:89:
3b:86:99:27:2f:69:82:e2:be:ab:d4:4c:38:0e:a1:a0:4b:b4:
40:55:dd:c1:56:f2:d6:c3:35:11:02:b6:68:9c:e7:b3:d4:d9:
62:4f:d4:7d:7e:9c:f4:c3:f6:61:39:82:00:b2:52:f2:73:ca:
81:33:3c:6d:2f:3f:13:c3:d3:32:22:d1:f4:1e:c8:3b:4a:a0:
4c:ff:c3:06:33:b0:5e:94:4a:93:f3:b8:ca:db:b1:b3:db:5e:
8d:fc:59:5d:dd:1e:ed:40:5f:d9:3c:a3:7e:9e:9b:15:ce:06:
ea:ee:7e:a4:43:49:02:9f:93:e7:8d:45:18:7f:84:e8:29:e5:
a2:69:09:f5:c5:7b:57:ab:95:7e:f7:cd:1b:05:2a:8e:35:11:
73:6c:f9:39:5a:74:d2:45:f2:6c:ce:ab:4f:f9:1f:dc:e4:5f:
2b:25:49:3e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZSygU9NmKQbz+L/tl/BR5trMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYWYxNGI2N2UwNTFjZmJkNWUxYjFkNTE2OTNkNDQ2ODIz
OTI3OTIwHhcNMjUwMTI5MTQ0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE4MDBjYzEwYzJlNTMwYzk0YTI0YjZjMjg0Y2I2MDBmNTlmYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DthMYLj5srkNrhKdGv96mnaCbpn
XtKN2J8himoeJUShHvGkr3A9sVF9qp+TC+jJmHOHEW7ibky66ehdU9ss7gcNyUpF
JWd3r9m3bwkfFw15RzP9IFPYEd2R/xv/Oe+mUvlB7DFG0QvP04c9jsX0c1kH1P8h
lCZTBKOO9ESTiBOI51Lw7/ERAfU1udtQsI6Bh8CKSZ2N/iaBNmdnUC4e1613qrCd
Ag4JEuXp27vokVmO4LjkK3gXWWFa3wwY5rUzMHq4rWMbyNS+N7fm6XhpV8c+Q7K5
yrOrkqbe/qV0nJZwS03P0kyWzFGSjLKx0lZ5EXSRZDHyBiKMBbu6MXPnAQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHoYAMwQwuUwyUoktsKEy2APWfuBMB8GA1UdIwQY
MBaAFE6vFLZ+BRz71eGx1RaT1EaCOSeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQt
YmQ1MTJlZDU4Zjc4LzEvZWhnQXpCREM1VERKU2lTMndvVExZQTlaLTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQtYmQ1MTJlZDU4Zjc4
LzEvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAIAEGeAEQ
AwcAIAEGfA5wAwcAIAEGfA50AwcAIAEGfA54AwcAIAEGfA58MA0GCSqGSIb3DQEB
CwUAA4IBAQB8OM1AXQ97QCEE3utiVSHi1F94tL5QTUiJEvpz0pN0hr+HAGU49BBd
9v8LZO9aDjvWAVbpznnzapOKUXLCp0gBIM1/K7W+kxf2OTwmfzoay7MvMR/FMsC+
5Ik7hpknL2mC4r6r1Ew4DqGgS7RAVd3BVvLWwzURArZonOez1NliT9R9fpz0w/Zh
OYIAslLyc8qBMzxtLz8Tw9MyItH0Hsg7SqBM/8MGM7BelEqT87jK27Gz216N/Fld
3R7tQF/ZPKN+npsVzgbq7n6kQ0kCn5PnjUUYf4ToKeWiaQn1xXtXq5V+980bBSqO
NRFzbPk5WnTSRfJszqtP+R/c5F8rJUk+
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:58:36 2025 by rpki-client