Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/HEH-PiK98XlRt8sYWcqF6zb9i0s.roa
File: HEH-PiK98XlRt8sYWcqF6zb9i0s.roa (raw, json)
Hash identifier: 62wt01qaSO/f39hHXI25r2X1R4XPQhF+4dB0Ay0veQo=
Subject key identifier: 1C:41:FE:3E:22:BD:F1:79:51:B7:CB:18:59:CA:85:EB:36:FD:8B:4B
Certificate issuer: /CN=6bb3ae11a3a6a5ee1e32ea6cce1f10df231ead88
Certificate serial: 070B3B4B
Authority key identifier: 6B:B3:AE:11:A3:A6:A5:EE:1E:32:EA:6C:CE:1F:10:DF:23:1E:AD:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7OuEaOmpe4eMupszh8Q3yMerYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/HEH-PiK98XlRt8sYWcqF6zb9i0s.roa
Signing time: Sat 01 Jan 2022 00:56:45 +0000
ROA not before: Sat 01 Jan 2022 00:56:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208751
IP address blocks: 2a0f:85c1:10::/44 maxlen: 44
2a0f:85c0:910::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118176587 (0x70b3b4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bb3ae11a3a6a5ee1e32ea6cce1f10df231ead88
Validity
Not Before: Jan 1 00:56:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c41fe3e22bdf17951b7cb1859ca85eb36fd8b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:54:16:33:1b:20:88:33:28:e2:90:0c:41:
95:fa:1c:6f:2a:16:71:a2:e9:0b:7a:03:75:dd:8e:
de:1c:34:f4:1b:22:8a:0e:78:79:f8:ae:38:bd:03:
a1:37:7a:a7:e5:d2:e1:a3:e7:b9:cf:93:e4:4a:03:
f6:72:0a:07:81:07:3c:8b:f8:15:05:f1:0c:78:50:
f8:e0:74:87:12:c0:08:16:28:50:10:49:a1:23:72:
9c:af:cd:12:c9:b5:31:7c:bf:c7:44:8e:01:1b:c7:
a4:6b:4e:82:b0:14:9e:85:e1:b2:eb:2a:72:1f:b7:
fe:a4:d4:3e:72:a6:50:25:b1:eb:9a:2e:d7:8c:d4:
15:53:ae:19:4e:c1:d3:24:a2:38:09:16:1a:58:03:
89:69:8a:3c:ea:78:9a:47:cf:6e:95:56:2e:32:37:
4c:ca:64:6b:59:49:e6:c8:23:ce:91:50:cf:40:de:
c8:71:88:65:63:e1:a5:ea:6a:d4:c1:62:86:d0:f0:
4b:10:a2:eb:5c:55:62:b6:58:ea:bd:e0:a6:b1:3d:
a3:11:69:f4:25:c6:03:75:62:62:49:a1:43:f9:57:
be:0d:07:87:4c:44:4b:f7:7c:27:5b:d5:80:ef:53:
6c:88:9a:46:7d:f4:f6:cd:b5:83:c1:68:69:0c:97:
1a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:41:FE:3E:22:BD:F1:79:51:B7:CB:18:59:CA:85:EB:36:FD:8B:4B
X509v3 Authority Key Identifier:
keyid:6B:B3:AE:11:A3:A6:A5:EE:1E:32:EA:6C:CE:1F:10:DF:23:1E:AD:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7OuEaOmpe4eMupszh8Q3yMerYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/HEH-PiK98XlRt8sYWcqF6zb9i0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cc11e8-d51b-4679-9c6c-1ef197d6dc69/1/a7OuEaOmpe4eMupszh8Q3yMerYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c0:910::/44
2a0f:85c1:10::/44
Signature Algorithm: sha256WithRSAEncryption
1d:ff:4d:9d:9e:4b:bc:e9:f1:1e:b7:60:c0:16:f4:9c:bc:4c:
1a:41:24:f8:f2:d5:0d:df:84:61:7f:06:64:9d:d0:5f:33:ec:
fd:79:b7:ca:25:40:22:12:73:f0:b3:93:be:89:76:c2:ff:9e:
88:ee:ad:c9:65:a7:cc:8b:68:5e:6f:a6:87:71:0d:c4:a8:a1:
c1:b2:e8:1f:ed:ce:f3:c4:01:37:67:e8:25:b8:fb:4b:67:42:
17:bc:29:ee:ce:bf:e3:5d:54:fb:29:90:2b:49:91:f4:8a:af:
e4:cf:1a:59:e0:50:20:60:94:4a:08:41:8f:ec:79:0f:4c:70:
04:38:31:a6:36:73:90:c7:2c:ce:ec:2a:ed:55:b9:55:de:6e:
bc:25:19:c1:d2:a8:cc:60:6a:53:94:49:72:03:6d:b4:53:ef:
d6:e8:10:2d:77:f6:48:78:25:65:6c:68:2b:2a:47:2a:5c:6b:
b3:0e:9d:d0:ea:26:c5:02:96:9d:2f:3c:ad:04:83:23:08:4e:
ad:5e:be:ed:4c:97:be:96:8e:31:28:60:1c:1a:52:d2:1f:cd:
8f:b2:77:ac:53:3b:f4:3d:c3:d1:cf:17:ef:98:a6:f8:0b:46:
d2:07:07:55:fa:31:f1:1e:0d:42:e2:21:e1:c1:0c:89:ee:10:
f8:64:76:54
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBws7SzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmIzYWUxMWEzYTZhNWVlMWUzMmVhNmNjZTFmMTBkZjIzMWVhZDg4MB4XDTIyMDEw
MTAwNTY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM0MWZlM2UyMmJk
ZjE3OTUxYjdjYjE4NTljYTg1ZWIzNmZkOGI0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1ZVBYzGyCIMyjikAxBlfocbyoWcaLpC3oDdd2O3hw09Bsi
ig54efiuOL0DoTd6p+XS4aPnuc+T5EoD9nIKB4EHPIv4FQXxDHhQ+OB0hxLACBYo
UBBJoSNynK/NEsm1MXy/x0SOARvHpGtOgrAUnoXhsusqch+3/qTUPnKmUCWx65ou
14zUFVOuGU7B0ySiOAkWGlgDiWmKPOp4mkfPbpVWLjI3TMpka1lJ5sgjzpFQz0De
yHGIZWPhpepq1MFihtDwSxCi61xVYrZY6r3gprE9oxFp9CXGA3ViYkmhQ/lXvg0H
h0xES/d8J1vVgO9TbIiaRn309s21g8FoaQyXGjcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQcQf4+Ir3xeVG3yxhZyoXrNv2LSzAfBgNVHSMEGDAWgBRrs64Ro6al7h4y
6mzOHxDfIx6tiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E3T3VFYU9tcGU0ZU11cHN6aDhRM3lNZXJZZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvY2MxMWU4LWQ1MWItNDY3OS05YzZjLTFlZjE5N2Q2ZGM2OS8x
L0hFSC1QaUs5OFhsUnQ4c1lXY3FGNnpiOWkwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
Y2MxMWU4LWQ1MWItNDY3OS05YzZjLTFlZjE5N2Q2ZGM2OS8xL2E3T3VFYU9tcGU0
ZU11cHN6aDhRM3lNZXJZZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoPhcAJEAMHBCoPhcEAEDANBgkq
hkiG9w0BAQsFAAOCAQEAHf9NnZ5LvOnxHrdgwBb0nLxMGkEk+PLVDd+EYX8GZJ3Q
XzPs/Xm3yiVAIhJz8LOTvol2wv+eiO6tyWWnzItoXm+mh3ENxKihwbLoH+3O88QB
N2foJbj7S2dCF7wp7s6/411U+ymQK0mR9Iqv5M8aWeBQIGCUSghBj+x5D0xwBDgx
pjZzkMcszuwq7VW5Vd5uvCUZwdKozGBqU5RJcgNttFPv1ugQLXf2SHglZWxoKypH
Klxrsw6d0OomxQKWnS88rQSDIwhOrV6+7UyXvpaOMShgHBpS0h/Nj7J3rFM79D3D
0c8X75im+AtG0gcHVfox8R4NQuIh4cEMie4Q+GR2VA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:32:49 2025 by rpki-client