Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HI4vK6sgC_e2_VJAT6SWHExa_4A.roa
File: HI4vK6sgC_e2_VJAT6SWHExa_4A.roa (raw, json)
Hash identifier: JXwAl3BbQ37GntOQaDKDfxezP/lK7RrPBJp/EXZUTT0=
Subject key identifier: 1C:8E:2F:2B:AB:20:0B:F7:B6:FD:52:40:4F:A4:96:1C:4C:5A:FF:80
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5CF78C2BE82AA65B9A24ECAB29F97
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HI4vK6sgC_e2_VJAT6SWHExa_4A.roa
Signing time: Wed 01 Jan 2025 07:47:50 +0000
ROA not before: Wed 01 Jan 2025 07:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 2a09:e01::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:cf:78:c2:be:82:aa:65:b9:a2:4e:ca:b2:9f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c8e2f2bab200bf7b6fd52404fa4961c4c5aff80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:82:d7:0b:51:f8:ec:9f:ef:73:da:cf:36:37:
ed:83:78:4b:38:3b:e3:b8:5f:1f:50:07:6b:32:1e:
1b:56:ce:8b:e1:0f:77:7a:ee:cc:e3:31:cb:2f:cd:
d7:35:90:0c:51:f2:a1:b1:c8:58:a9:ce:19:5d:19:
84:f8:7f:ef:fe:0e:2a:1b:fe:6e:3d:dc:d1:28:fa:
1e:ef:f5:db:10:4f:c2:12:80:c6:5a:b5:1a:08:19:
20:df:7e:78:05:00:06:1b:eb:e3:58:97:ab:5c:6a:
3a:2b:6e:7f:0d:d6:77:b6:1b:b4:60:58:35:4e:2a:
d3:50:86:fe:1e:c2:37:ce:e9:3a:85:52:71:4a:91:
fa:a4:c2:99:f5:67:6c:ae:59:d1:6e:86:30:56:20:
58:1b:cc:b0:83:aa:74:3d:7b:60:c2:ea:df:86:af:
19:b5:74:da:01:81:a1:5a:e5:c5:f5:2f:06:01:60:
c5:9a:ba:90:01:0c:47:f4:eb:02:af:97:28:2b:b4:
60:fd:06:d1:33:91:9f:bd:c5:35:b6:e2:30:06:a3:
32:09:79:6b:00:a5:3c:f0:63:b8:0e:15:28:0a:b4:
dc:17:93:1e:6b:d2:c2:eb:c6:26:ee:e6:5b:5f:3c:
02:86:f1:a7:7a:d8:b6:90:d9:23:3d:be:54:e1:ce:
29:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8E:2F:2B:AB:20:0B:F7:B6:FD:52:40:4F:A4:96:1C:4C:5A:FF:80
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HI4vK6sgC_e2_VJAT6SWHExa_4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e01::/32
Signature Algorithm: sha256WithRSAEncryption
b3:b1:23:a8:61:5d:fa:fa:84:dc:1a:26:41:3d:0d:31:e0:c5:
13:e0:2a:1d:46:af:a4:d2:0d:0b:92:0f:03:5f:bd:1b:d9:62:
50:65:73:f3:d5:00:db:2b:ec:28:8a:eb:7f:d3:ae:e9:2e:c3:
ed:64:a5:ad:51:37:ef:ea:ba:14:b5:cc:33:4b:a3:01:4c:25:
e7:07:ad:c8:b8:e4:a7:e0:10:f8:b8:4b:02:56:32:51:2b:a4:
8e:f4:60:b5:5a:06:3f:0d:d1:38:ac:21:b1:38:50:af:4b:e3:
d2:1a:c3:e6:8a:10:54:42:34:1c:6d:c9:f7:a4:75:1f:00:a0:
ab:96:d4:81:14:f2:d6:80:4a:5e:7b:00:36:a5:ef:75:10:09:
c0:12:9a:98:97:96:1a:4a:f4:94:7a:37:5b:16:ad:8c:e6:64:
eb:c7:f7:c6:83:8a:bf:60:38:fb:0d:a2:0a:bb:dd:2f:73:ee:
af:be:c2:58:37:3b:88:b2:74:84:98:8a:b5:2d:e3:0d:55:5f:
f8:e0:94:24:12:f7:36:39:81:e6:48:57:3e:83:1c:c8:ce:11:
1e:71:1d:fc:a2:44:97:b9:7b:b0:41:c5:18:ca:95:0d:ce:95:
13:29:b8:cb:3e:58:e5:a2:83:1d:70:1f:57:09:83:5d:e9:8d:
d4:a0:3c:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQg1c94wr6CqmW5ok7Ksp+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzhlMmYyYmFiMjAwYmY3YjZmZDUyNDA0ZmE0OTYxYzRjNWFmZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYLXC1H47J/vc9rPNjftg3hLODvj
uF8fUAdrMh4bVs6L4Q93eu7M4zHLL83XNZAMUfKhschYqc4ZXRmE+H/v/g4qG/5u
PdzRKPoe7/XbEE/CEoDGWrUaCBkg3354BQAGG+vjWJerXGo6K25/DdZ3thu0YFg1
TirTUIb+HsI3zuk6hVJxSpH6pMKZ9WdsrlnRboYwViBYG8ywg6p0PXtgwurfhq8Z
tXTaAYGhWuXF9S8GAWDFmrqQAQxH9OsCr5coK7Rg/QbRM5GfvcU1tuIwBqMyCXlr
AKU88GO4DhUoCrTcF5Mea9LC68Ym7uZbXzwChvGneti2kNkjPb5U4c4pPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFByOLyurIAv3tv1SQE+klhxMWv+AMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSEk0dks2c2dDX2UyX1ZKQVQ2U1dIRXhhXzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgkOATAN
BgkqhkiG9w0BAQsFAAOCAQEAs7EjqGFd+vqE3BomQT0NMeDFE+AqHUavpNINC5IP
A1+9G9liUGVz89UA2yvsKIrrf9Ou6S7D7WSlrVE37+q6FLXMM0ujAUwl5wetyLjk
p+AQ+LhLAlYyUSukjvRgtVoGPw3ROKwhsThQr0vj0hrD5ooQVEI0HG3J96R1HwCg
q5bUgRTy1oBKXnsANqXvdRAJwBKamJeWGkr0lHo3WxatjOZk68f3xoOKv2A4+w2i
CrvdL3Pur77CWDc7iLJ0hJiKtS3jDVVf+OCUJBL3NjmB5khXPoMcyM4RHnEd/KJE
l7l7sEHFGMqVDc6VEym4yz5Y5aKDHXAfVwmDXemN1KA82Q==
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:02:32 2025 by rpki-client