Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/HZHU7uNC18H1AiCx35Xk22FpOrU.roa
File: HZHU7uNC18H1AiCx35Xk22FpOrU.roa (raw, json)
Hash identifier: uDPXdRRSpniPWDBDJpriTbwY3qugBu3+G959rzyvi4A=
Subject key identifier: 1D:91:D4:EE:E3:42:D7:C1:F5:02:20:B1:DF:95:E4:DB:61:69:3A:B5
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 019422FB7BE43B882122D6CFC1C82E6E7E53
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/HZHU7uNC18H1AiCx35Xk22FpOrU.roa
Signing time: Wed 01 Jan 2025 17:48:13 +0000
ROA not before: Wed 01 Jan 2025 17:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212128
IP address blocks: 2a0d:95c3::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7b:e4:3b:88:21:22:d6:cf:c1:c8:2e:6e:7e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 17:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d91d4eee342d7c1f50220b1df95e4db61693ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:72:d4:2b:0d:a3:38:d2:fe:1b:12:eb:f2:24:
be:6a:97:45:af:69:4e:b2:53:7d:49:85:5e:f4:e0:
12:b5:82:bd:99:6f:d5:fb:bf:94:6d:69:63:8b:00:
9e:f4:02:5f:fc:9d:c1:28:97:e0:8d:ab:83:dd:b3:
17:67:c0:2c:09:24:24:51:b2:0a:d2:7e:6e:ed:a5:
55:fa:d9:22:44:26:cd:46:a7:3a:80:c9:34:14:43:
c6:6a:85:92:e6:c3:6a:2d:f2:13:74:6b:52:d0:3c:
7b:23:56:63:67:07:9d:a8:ed:92:30:c4:83:4a:1e:
6b:c0:d3:8d:de:84:3a:a2:51:a4:47:b2:09:c1:d4:
e5:11:c9:1a:dc:cc:46:61:33:6c:41:05:91:cf:67:
e4:b1:d2:c4:e2:92:18:13:aa:23:68:7a:ff:65:fa:
42:0c:6b:d0:a9:67:25:f1:41:a1:bc:c4:72:65:07:
66:1f:3b:1e:36:c1:a2:18:ee:8e:c0:58:df:c8:0e:
66:f8:b8:c0:71:0a:5e:fc:07:e9:f3:a1:8d:cf:c8:
51:32:b7:12:1b:1f:83:6e:ac:30:e5:94:3d:cb:c4:
80:f5:87:78:d3:ad:92:a0:dd:17:77:c8:81:14:bb:
8f:a1:16:a6:28:35:2d:a7:1f:ec:b9:fc:63:34:ff:
4a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:91:D4:EE:E3:42:D7:C1:F5:02:20:B1:DF:95:E4:DB:61:69:3A:B5
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/HZHU7uNC18H1AiCx35Xk22FpOrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:95c3::/32
Signature Algorithm: sha256WithRSAEncryption
55:2a:23:bd:b1:71:a3:3c:64:2a:28:51:40:a9:1e:3c:72:58:
70:07:4e:a9:35:b1:b0:93:a9:e7:6e:58:0d:4e:85:3f:ed:8c:
bd:0b:13:51:0d:09:ca:5c:21:f0:60:31:80:71:24:3a:34:ef:
c4:9b:65:40:b2:e0:0a:e6:57:3a:26:a4:cd:66:a8:1f:b5:8e:
47:46:88:93:00:a5:38:b6:5d:ca:33:99:6d:69:ff:c7:4a:4d:
75:8d:31:67:ce:9d:b3:23:01:2e:a4:e4:92:5a:39:19:4d:8a:
4b:43:04:60:f1:71:f3:52:67:a7:14:b4:f1:25:65:0c:8b:28:
1f:7d:32:1e:03:99:c2:c9:13:80:17:c1:76:24:53:ea:e1:62:
03:e1:c0:c9:38:1b:ed:70:99:d3:cd:63:33:1a:00:93:29:79:
52:a9:62:9f:92:9d:22:e4:79:13:0a:96:bb:b5:36:1c:34:ca:
59:04:2d:d1:87:05:a2:c8:0d:76:7e:13:1e:67:ec:8b:36:c9:
a0:db:63:c6:0f:82:f1:62:d8:ae:b5:3d:d6:50:5e:ae:01:26:
0b:80:c8:12:ae:c8:0f:fd:47:91:61:20:93:01:c7:3c:04:6c:
76:0c:2e:35:57:e7:0f:23:16:b3:a3:5f:31:39:60:8a:4f:bc:
56:63:ca:bd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+3vkO4ghItbPwcgubn5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMTAxMTc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkxZDRlZWUzNDJkN2MxZjUwMjIwYjFkZjk1ZTRkYjYxNjkzYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnLUKw2jONL+GxLr8iS+apdFr2lO
slN9SYVe9OAStYK9mW/V+7+UbWljiwCe9AJf/J3BKJfgjauD3bMXZ8AsCSQkUbIK
0n5u7aVV+tkiRCbNRqc6gMk0FEPGaoWS5sNqLfITdGtS0Dx7I1ZjZwedqO2SMMSD
Sh5rwNON3oQ6olGkR7IJwdTlEcka3MxGYTNsQQWRz2fksdLE4pIYE6ojaHr/ZfpC
DGvQqWcl8UGhvMRyZQdmHzseNsGiGO6OwFjfyA5m+LjAcQpe/Afp86GNz8hRMrcS
Gx+Dbqww5ZQ9y8SA9Yd4062SoN0Xd8iBFLuPoRamKDUtpx/sufxjNP9KGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB2R1O7jQtfB9QIgsd+V5NthaTq1MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvSFpIVTd1TkMxOEgxQWlDeDM1WGsyMkZwT3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg2VwzAN
BgkqhkiG9w0BAQsFAAOCAQEAVSojvbFxozxkKihRQKkePHJYcAdOqTWxsJOp525Y
DU6FP+2MvQsTUQ0Jylwh8GAxgHEkOjTvxJtlQLLgCuZXOiakzWaoH7WOR0aIkwCl
OLZdyjOZbWn/x0pNdY0xZ86dsyMBLqTkklo5GU2KS0MEYPFx81JnpxS08SVlDIso
H30yHgOZwskTgBfBdiRT6uFiA+HAyTgb7XCZ081jMxoAkyl5Uqlin5KdIuR5EwqW
u7U2HDTKWQQt0YcFosgNdn4THmfsizbJoNtjxg+C8WLYrrU91lBergEmC4DIEq7I
D/1HkWEgkwHHPARsdgwuNVfnDyMWs6NfMTlgik+8VmPKvQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:50:11 2025 by rpki-client