Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/HZwokTuDHsI8h-fzTOEC6oBOUUI.roa
File: HZwokTuDHsI8h-fzTOEC6oBOUUI.roa (raw, json)
Hash identifier: WM7QJ6OQyLcuKoO0U9leXRvAuei8nXuZdEOZY6w3qXc=
Subject key identifier: 1D:9C:28:91:3B:83:1E:C2:3C:87:E7:F3:4C:E1:02:EA:80:4E:51:42
Certificate issuer: /CN=1b68656126198373d07886bf4ab8fb06b9006780
Certificate serial: 0194214434F5C797BF49B9D5A4CF3DE51A0D
Authority key identifier: 1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/HZwokTuDHsI8h-fzTOEC6oBOUUI.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59566
IP address blocks: 2a0e:1bc1:2000::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:34:f5:c7:97:bf:49:b9:d5:a4:cf:3d:e5:1a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b68656126198373d07886bf4ab8fb06b9006780
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d9c28913b831ec23c87e7f34ce102ea804e5142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:14:c0:3a:37:d3:0f:dc:8b:2f:b5:3b:82:02:
a1:24:4a:3b:05:20:e3:26:af:f2:6a:18:52:32:5a:
f6:2d:a3:64:33:71:90:44:28:03:44:a6:2b:c9:a6:
5e:0a:d8:56:93:da:67:e7:57:c6:65:90:03:d9:4a:
68:b6:6c:ac:04:50:61:21:5f:3e:3b:b8:ee:1b:62:
cf:d1:b3:fa:42:03:8f:09:f3:7c:d5:ea:94:ee:fb:
bd:f9:1d:eb:1b:8f:79:69:fc:d2:24:fc:2a:72:a4:
b1:e3:60:18:55:a3:06:b4:7f:eb:84:82:1c:a9:20:
1b:79:a3:d9:41:4f:11:68:e6:b4:10:6f:27:58:1b:
30:46:70:b1:34:78:3d:6e:68:81:9d:fa:b0:eb:de:
15:ff:e1:5b:6c:e8:0e:55:5c:f5:5d:88:f0:0d:3f:
e5:67:5d:bc:33:5c:16:e8:f3:06:4d:e4:94:35:d7:
39:43:45:29:93:0d:b3:97:a8:0d:41:c5:df:76:b9:
59:22:2d:bd:62:b8:76:b0:06:6d:50:2e:bf:21:7e:
f0:8e:35:5b:81:96:af:01:ca:16:5c:00:30:1d:5c:
2c:70:31:8b:a3:9a:22:e5:34:5a:bf:30:2b:7c:cf:
d0:1d:5b:d0:68:95:d5:2f:62:4e:de:77:85:4f:d5:
6a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9C:28:91:3B:83:1E:C2:3C:87:E7:F3:4C:E1:02:EA:80:4E:51:42
X509v3 Authority Key Identifier:
keyid:1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/HZwokTuDHsI8h-fzTOEC6oBOUUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1bc1:2000::/35
Signature Algorithm: sha256WithRSAEncryption
72:11:24:fc:1b:eb:2b:69:66:bf:fd:0c:29:08:ae:86:a0:53:
1b:2c:0f:1b:e5:ec:fc:36:b5:3b:5c:f7:6d:83:76:43:78:46:
b2:6c:34:7d:e8:5a:61:28:de:e0:de:a1:cb:04:0f:9b:f2:08:
a0:35:97:3f:30:ce:22:32:e6:4b:fa:c8:6b:7c:e9:8a:31:e9:
1f:11:b4:bb:70:52:fb:33:aa:66:73:ad:bb:81:13:9a:7b:46:
e0:76:e7:ab:94:1f:96:13:67:90:f9:75:d6:99:e8:00:a6:43:
3a:ed:88:6a:f6:42:73:1b:45:f8:28:fc:ed:59:4a:01:5d:74:
5c:6b:0c:b3:4a:51:b3:13:1a:5d:be:f8:ca:7a:6e:39:47:74:
71:9d:8c:f6:fd:65:ad:5f:ae:c9:3a:1c:bd:3f:4a:b9:6d:f5:
57:b1:25:44:62:30:72:1e:1e:d0:6c:93:22:01:ff:d2:18:3d:
9b:2f:2d:35:7d:40:fb:68:6c:e8:83:b7:38:69:53:97:b8:90:
66:49:ca:77:56:0a:18:82:c5:7e:93:06:e5:18:fc:1d:56:3c:
db:3c:c4:f6:0e:4b:6b:bc:af:00:c9:32:1b:1b:61:fb:37:18:
34:6e:45:0a:fe:fa:ea:4f:c8:03:14:9e:ba:61:78:07:2c:e4:
60:89:a1:f8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhRDT1x5e/SbnVpM895RoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjg2NTYxMjYxOTgzNzNkMDc4ODZiZjRhYjhmYjA2Yjkw
MDY3ODAwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDljMjg5MTNiODMxZWMyM2M4N2U3ZjM0Y2UxMDJlYTgwNGU1MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hTAOjfTD9yLL7U7ggKhJEo7BSDj
Jq/yahhSMlr2LaNkM3GQRCgDRKYryaZeCthWk9pn51fGZZAD2UpotmysBFBhIV8+
O7juG2LP0bP6QgOPCfN81eqU7vu9+R3rG495afzSJPwqcqSx42AYVaMGtH/rhIIc
qSAbeaPZQU8RaOa0EG8nWBswRnCxNHg9bmiBnfqw694V/+FbbOgOVVz1XYjwDT/l
Z128M1wW6PMGTeSUNdc5Q0Upkw2zl6gNQcXfdrlZIi29Yrh2sAZtUC6/IX7wjjVb
gZavAcoWXAAwHVwscDGLo5oi5TRavzArfM/QHVvQaJXVL2JO3neFT9VqCQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFB2cKJE7gx7CPIfn80zhAuqATlFCMB8GA1UdIwQY
MBaAFBtoZWEmGYNz0HiGv0q4+wa5AGeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODIt
MjM5ODcwNGFiNTBjLzEvSFp3b2tUdURIc0k4aC1melRPRUM2b0JPVVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODItMjM5ODcwNGFiNTBj
LzEvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKg4bwSAw
DQYJKoZIhvcNAQELBQADggEBAHIRJPwb6ytpZr/9DCkIroagUxssDxvl7Pw2tTtc
922DdkN4RrJsNH3oWmEo3uDeocsED5vyCKA1lz8wziIy5kv6yGt86Yox6R8RtLtw
UvszqmZzrbuBE5p7RuB256uUH5YTZ5D5ddaZ6ACmQzrtiGr2QnMbRfgo/O1ZSgFd
dFxrDLNKUbMTGl2++Mp6bjlHdHGdjPb9Za1frsk6HL0/Srlt9VexJURiMHIeHtBs
kyIB/9IYPZsvLTV9QPtobOiDtzhpU5e4kGZJyndWChiCxX6TBuUY/B1WPNs8xPYO
S2u8rwDJMhsbYfs3GDRuRQr++upPyAMUnrpheAcs5GCJofg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:03:55 2025 by rpki-client