Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/ha2nFfVJWyn8mnFx0yDMVULMqjo.roa
File: ha2nFfVJWyn8mnFx0yDMVULMqjo.roa (raw, json)
Hash identifier: s5PfLdhpOThuFaOJXuG5CupKz8np3rC3PGcm6xVzJAc=
Subject key identifier: 85:AD:A7:15:F5:49:5B:29:FC:9A:71:71:D3:20:CC:55:42:CC:AA:3A
Certificate issuer: /CN=ad12daa384888b5247df712965803f0d3fa8989d
Certificate serial: 02DA857C
Authority key identifier: AD:12:DA:A3:84:88:8B:52:47:DF:71:29:65:80:3F:0D:3F:A8:98:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRLao4SIi1JH33EpZYA_DT-omJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/ha2nFfVJWyn8mnFx0yDMVULMqjo.roa
Signing time: Sat 01 Jan 2022 11:04:00 +0000
ROA not before: Sat 01 Jan 2022 11:04:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 2a06:7380::/29 maxlen: 29
2a0a:db80::/29 maxlen: 29
2a0b:6500::/29 maxlen: 29
2a07:4980::/29 maxlen: 29
2a07:ec40::/29 maxlen: 29
2a06:7d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47875452 (0x2da857c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad12daa384888b5247df712965803f0d3fa8989d
Validity
Not Before: Jan 1 11:04:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85ada715f5495b29fc9a7171d320cc5542ccaa3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f8:24:0d:ce:eb:a5:f0:3e:e7:b6:f5:eb:06:
62:f6:36:ff:f7:dc:f7:25:6b:18:c6:47:7d:bc:c6:
e7:ea:80:4a:de:49:80:32:b2:c7:32:c2:aa:5d:3d:
37:a9:d3:9e:1f:28:99:d3:e6:0b:29:f3:15:c0:15:
3e:9a:36:f2:28:5f:41:fb:9c:75:a6:62:aa:a6:7e:
be:d4:b6:09:41:52:c8:8d:18:cd:de:99:8b:1a:a2:
0d:0d:7d:2d:cd:d4:53:74:80:fe:17:01:5b:47:35:
f8:05:58:8b:23:db:b9:6c:12:88:b6:02:08:7b:8f:
36:2c:d3:25:8c:d8:ca:92:26:91:b4:10:dc:c9:ef:
32:a6:cc:bf:78:ad:6e:88:41:54:90:4f:71:a3:1a:
ae:db:c5:63:63:2a:b9:99:04:0f:cf:40:c6:c5:14:
5b:9b:7e:61:df:18:33:22:df:79:9b:fc:f4:bd:59:
91:f3:a5:78:50:39:94:5c:fb:d3:94:46:e9:b9:e4:
2e:65:cd:34:ca:66:24:f6:58:a9:17:fb:8c:b4:dd:
d8:7c:b7:ed:7c:43:63:a3:cb:ba:d5:0e:ac:e7:ae:
ba:67:8c:f3:49:e1:e7:23:eb:77:a3:ba:6b:d9:c6:
a3:b1:1a:34:db:ef:12:db:c6:a3:17:8c:82:92:ae:
41:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AD:A7:15:F5:49:5B:29:FC:9A:71:71:D3:20:CC:55:42:CC:AA:3A
X509v3 Authority Key Identifier:
keyid:AD:12:DA:A3:84:88:8B:52:47:DF:71:29:65:80:3F:0D:3F:A8:98:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRLao4SIi1JH33EpZYA_DT-omJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/ha2nFfVJWyn8mnFx0yDMVULMqjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2a965c-3347-443e-88c7-5b4d52dc2de2/1/rRLao4SIi1JH33EpZYA_DT-omJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7380::/29
2a06:7d00::/29
2a07:4980::/29
2a07:ec40::/29
2a0a:db80::/29
2a0b:6500::/29
Signature Algorithm: sha256WithRSAEncryption
31:69:3f:17:aa:2a:af:79:d5:42:65:c2:76:cf:89:75:96:1e:
bb:2a:23:b8:9e:ac:f3:01:b8:3c:23:c1:b3:2a:99:de:f1:0e:
ab:b9:ea:9c:24:20:79:4f:4a:22:ab:66:bd:e2:b9:ab:66:2d:
9d:9a:1e:3c:54:e7:2e:bd:7d:79:ee:d3:b8:a0:d1:71:f5:b4:
13:d0:6a:3f:96:2a:48:87:ea:20:91:25:5d:3e:22:99:72:dd:
dd:5d:1a:5c:da:59:8f:a8:53:7a:ba:36:2a:39:20:38:ac:63:
77:ca:bd:9b:c2:2e:83:4c:8f:bf:a2:3e:ac:28:10:f1:6b:db:
25:11:35:ef:27:42:73:97:71:67:f8:5e:30:3f:9a:98:ee:70:
8d:68:e5:a2:a5:f2:54:ae:3a:a1:b8:bd:5b:52:e8:74:ca:43:
16:24:c8:3e:6c:9c:a4:6c:07:de:21:ea:d9:92:60:ab:f5:48:
57:2d:53:04:6a:bc:55:1a:1a:1c:eb:a9:57:1e:3a:9a:8a:ec:
8e:5f:e2:3f:51:25:0c:cb:b1:e7:04:4d:b5:1f:f1:36:6a:89:
e4:c6:68:ed:3e:5e:e8:0d:26:ee:11:d5:52:4b:43:d8:39:d8:
65:5e:b9:fb:ab:6b:0a:23:dd:f8:f3:a5:36:14:2c:23:17:d9:
8a:36:de:10
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEAtqFfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDEyZGFhMzg0ODg4YjUyNDdkZjcxMjk2NTgwM2YwZDNmYTg5ODlkMB4XDTIyMDEw
MTExMDQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVhZGE3MTVmNTQ5
NWIyOWZjOWE3MTcxZDMyMGNjNTU0MmNjYWEzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKn4JA3O66XwPue29esGYvY2//fc9yVrGMZHfbzG5+qASt5J
gDKyxzLCql09N6nTnh8omdPmCynzFcAVPpo28ihfQfucdaZiqqZ+vtS2CUFSyI0Y
zd6ZixqiDQ19Lc3UU3SA/hcBW0c1+AVYiyPbuWwSiLYCCHuPNizTJYzYypImkbQQ
3MnvMqbMv3itbohBVJBPcaMartvFY2MquZkED89AxsUUW5t+Yd8YMyLfeZv89L1Z
kfOleFA5lFz705RG6bnkLmXNNMpmJPZYqRf7jLTd2Hy37XxDY6PLutUOrOeuumeM
80nh5yPrd6O6a9nGo7EaNNvvEtvGoxeMgpKuQdcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBSFracV9UlbKfyacXHTIMxVQsyqOjAfBgNVHSMEGDAWgBStEtqjhIiLUkff
cSllgD8NP6iYnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JSTGFvNFNJaTFKSDMzRXBaWUFfRFQtb21KMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvMmE5NjVjLTMzNDctNDQzZS04OGM3LTViNGQ1MmRjMmRlMi8x
L2hhMm5GZlZKV3luOG1uRngweURNVlVMTXFqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
MmE5NjVjLTMzNDctNDQzZS04OGM3LTViNGQ1MmRjMmRlMi8xL3JSTGFvNFNJaTFK
SDMzRXBaWUFfRFQtb21KMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAIwKgMFAyoGc4ADBQMqBn0AAwUDKgdJgAMF
AyoH7EADBQMqCtuAAwUDKgtlADANBgkqhkiG9w0BAQsFAAOCAQEAMWk/F6oqr3nV
QmXCds+JdZYeuyojuJ6s8wG4PCPBsyqZ3vEOq7nqnCQgeU9KIqtmveK5q2YtnZoe
PFTnLr19ee7TuKDRcfW0E9BqP5YqSIfqIJElXT4imXLd3V0aXNpZj6hTero2Kjkg
OKxjd8q9m8Iug0yPv6I+rCgQ8WvbJRE17ydCc5dxZ/heMD+amO5wjWjloqXyVK46
obi9W1LodMpDFiTIPmycpGwH3iHq2ZJgq/VIVy1TBGq8VRoaHOupVx46morsjl/i
P1ElDMux5wRNtR/xNmqJ5MZo7T5e6A0m7hHVUktD2DnYZV65+6trCiPd+POlNhQs
IxfZijbeEA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:42 2025 by rpki-client