Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/HNqlM2j7BKSTJ39BnPyzk5RM_to.roa
File: HNqlM2j7BKSTJ39BnPyzk5RM_to.roa (raw, json)
Hash identifier: C2Uw3VILvLax6SJ09lnjk/eU1zPiTQL5zsyEmXWnfqw=
Subject key identifier: 1C:DA:A5:33:68:FB:04:A4:93:27:7F:41:9C:FC:B3:93:94:4C:FE:DA
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 0185710C3D7BE1D465ED5A3FFAC96DA52925
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/HNqlM2j7BKSTJ39BnPyzk5RM_to.roa
Signing time: Mon 02 Jan 2023 05:55:05 +0000
ROA not before: Mon 02 Jan 2023 05:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206634
IP address blocks: 2a04:ff00:600::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:3d:7b:e1:d4:65:ed:5a:3f:fa:c9:6d:a5:29:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 2 05:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cdaa53368fb04a493277f419cfcb393944cfeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7c:02:6c:b0:0f:33:4a:2e:33:68:e0:89:f6:
25:54:09:fe:7d:5c:b9:ca:98:be:8b:a8:19:d7:19:
95:36:e3:9c:be:84:06:56:39:27:94:d9:9b:85:2d:
96:aa:e2:ee:31:32:3e:2f:18:e8:df:ff:02:7c:0e:
7b:d0:d6:25:d8:96:04:a4:4b:b0:74:b7:3d:33:43:
b1:8d:07:45:04:c5:3c:03:23:56:6f:94:74:b0:3e:
56:fe:ac:09:0f:34:b4:e9:ac:57:e7:61:a6:5c:38:
45:ce:05:94:71:32:4e:38:ce:d4:4d:ff:88:28:3f:
94:00:44:30:fb:9f:59:48:a5:15:e6:8c:aa:45:79:
d5:07:b3:ee:2e:22:6b:e2:79:95:42:3f:c0:ff:86:
82:a8:2c:7b:cf:ec:6d:0a:1a:b1:99:bf:ce:b3:1b:
cb:e2:84:c1:6c:e7:d7:8a:1e:6a:bf:55:99:11:4f:
92:91:d5:e8:a2:e4:e0:f7:b2:05:2e:04:a1:54:f5:
42:48:1d:f0:04:26:a0:75:00:50:1f:0a:dc:dd:ab:
ba:dc:9a:0d:e8:c4:ac:97:5d:28:e5:6c:04:c6:cb:
8a:8b:7b:71:bb:ba:b3:32:39:d6:65:1f:07:7c:63:
eb:01:49:36:81:d2:ee:1a:9b:6b:e9:76:64:a2:ef:
0f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DA:A5:33:68:FB:04:A4:93:27:7F:41:9C:FC:B3:93:94:4C:FE:DA
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/HNqlM2j7BKSTJ39BnPyzk5RM_to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:600::/40
Signature Algorithm: sha256WithRSAEncryption
57:c9:0e:1a:59:8a:ae:85:4b:9e:1b:7c:12:f2:25:52:f7:0d:
56:ce:55:20:21:25:28:ee:b9:e9:8b:19:1a:37:a7:68:a4:70:
db:9e:fc:ec:ef:7d:f5:f9:e9:44:9b:56:0f:20:28:2a:e9:39:
e7:c2:57:1c:8c:13:1f:9b:7e:6c:c8:10:64:f7:c4:e8:03:4b:
cc:52:1a:20:ca:15:92:a2:45:4d:60:b4:66:5c:8f:ae:3a:df:
3e:c7:94:40:ee:8e:6a:7f:05:4f:f3:97:6c:0e:1d:f3:61:6e:
4b:6d:64:d5:0e:3b:2a:76:c8:46:d7:45:a2:88:fd:cf:70:16:
e4:17:fc:a8:9f:07:00:2d:da:37:c9:61:1d:70:28:df:5a:e2:
11:0e:39:1c:c6:bb:14:dd:fc:3b:37:3a:11:8a:d4:c2:9d:e5:
a4:c6:4b:92:61:b3:95:1b:39:3d:cd:5a:90:3d:e8:10:3e:34:
59:39:c9:3e:2d:54:c8:d7:95:a7:0e:e4:ec:67:23:ef:dd:da:
62:c5:e7:ce:10:94:1b:42:8e:d9:1f:a3:dd:df:87:21:de:c2:
6e:08:2a:b6:40:00:d8:67:6d:a4:0b:97:df:66:63:2a:8d:10:
4e:73:c6:e4:d3:b9:78:85:34:be:17:11:83:b7:b8:91:ed:4e:
46:84:b0:f1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxDD174dRl7Vo/+sltpSklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjMwMTAyMDU1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RhYTUzMzY4ZmIwNGE0OTMyNzdmNDE5Y2ZjYjM5Mzk0NGNmZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3wCbLAPM0ouM2jgifYlVAn+fVy5
ypi+i6gZ1xmVNuOcvoQGVjknlNmbhS2WquLuMTI+Lxjo3/8CfA570NYl2JYEpEuw
dLc9M0OxjQdFBMU8AyNWb5R0sD5W/qwJDzS06axX52GmXDhFzgWUcTJOOM7UTf+I
KD+UAEQw+59ZSKUV5oyqRXnVB7PuLiJr4nmVQj/A/4aCqCx7z+xtChqxmb/OsxvL
4oTBbOfXih5qv1WZEU+SkdXoouTg97IFLgShVPVCSB3wBCagdQBQHwrc3au63JoN
6MSsl10o5WwExsuKi3txu7qzMjnWZR8HfGPrAUk2gdLuGptr6XZkou8PcwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBzapTNo+wSkkyd/QZz8s5OUTP7aMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvSE5xbE0yajdCS1NUSjM5Qm5QeXprNVJNX3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgT/AAYw
DQYJKoZIhvcNAQELBQADggEBAFfJDhpZiq6FS54bfBLyJVL3DVbOVSAhJSjuuemL
GRo3p2ikcNue/OzvffX56USbVg8gKCrpOefCVxyMEx+bfmzIEGT3xOgDS8xSGiDK
FZKiRU1gtGZcj6463z7HlEDujmp/BU/zl2wOHfNhbkttZNUOOyp2yEbXRaKI/c9w
FuQX/KifBwAt2jfJYR1wKN9a4hEOORzGuxTd/Ds3OhGK1MKd5aTGS5Jhs5UbOT3N
WpA96BA+NFk5yT4tVMjXlacO5OxnI+/d2mLF584QlBtCjtkfo93fhyHewm4IKrZA
ANhnbaQLl99mYyqNEE5zxuTTuXiFNL4XEYO3uJHtTkaEsPE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:49 2025 by rpki-client