Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/tEHZfneCQIrzPHx7xxJWY2H5_m0.roa
File: tEHZfneCQIrzPHx7xxJWY2H5_m0.roa (raw, json)
Hash identifier: II452b380u/TSzZ9PciQ789kJ9+jkesKYn503H3DqV4=
Subject key identifier: B4:41:D9:7E:77:82:40:8A:F3:3C:7C:7B:C7:12:56:63:61:F9:FE:6D
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 0193ECCA9641FB20E02D5F517E90E97AB50A
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/tEHZfneCQIrzPHx7xxJWY2H5_m0.roa
Signing time: Sun 22 Dec 2024 05:15:19 +0000
ROA not before: Sun 22 Dec 2024 05:15:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213673
IP address blocks: 2a01:ecc0:c0::/42 maxlen: 42
2a01:ecc0:100::/42 maxlen: 42
2a01:ecc0:140::/42 maxlen: 42
2a01:ecc0:180::/42 maxlen: 42
2a01:ecc0:1c0::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ec:ca:96:41:fb:20:e0:2d:5f:51:7e:90:e9:7a:b5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Dec 22 05:15:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b441d97e7782408af33c7c7bc712566361f9fe6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:71:a9:70:c8:c8:23:f2:bf:06:5a:1d:e3:00:
d8:32:69:cc:9b:47:7f:f7:0e:f9:75:b2:c9:c2:1e:
7f:0d:4e:f4:1d:34:be:7b:4c:09:6e:9d:fb:01:5f:
05:06:3d:89:e6:18:1f:c5:d7:78:55:67:6e:33:b3:
76:84:57:b0:e8:2f:61:cb:c8:2c:66:34:a3:8b:7d:
1f:e7:c8:88:59:ce:ff:c5:2e:df:90:85:e6:59:7c:
b7:e8:02:ef:dc:58:90:65:58:2c:eb:80:e7:ad:7d:
9a:0a:6b:a0:0a:7c:10:0f:92:cd:27:6e:4b:c6:b5:
ba:d9:ec:cc:85:73:1a:88:2b:2d:ae:36:72:a4:67:
06:8a:ee:30:4c:92:c7:1d:df:19:5e:df:ca:b2:1c:
20:7c:f0:29:6f:41:ae:62:97:52:3f:d2:9a:f8:97:
d9:eb:b9:06:a6:aa:7b:9c:5a:51:16:9f:ee:c2:34:
70:a2:82:69:09:72:a8:4f:41:9a:a3:40:5d:f2:e6:
27:58:74:6d:1f:a5:ec:bd:c2:84:22:da:a6:40:32:
47:a4:3b:30:36:37:01:64:5a:33:24:a7:55:d3:64:
fa:02:db:72:c1:01:71:c7:cb:2a:7d:63:f5:ad:84:
f6:68:55:fa:ce:d6:12:49:6e:49:10:31:98:71:64:
7b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:41:D9:7E:77:82:40:8A:F3:3C:7C:7B:C7:12:56:63:61:F9:FE:6D
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/tEHZfneCQIrzPHx7xxJWY2H5_m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:c0::-2a01:ecc0:1ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:1b:65:49:da:99:10:a2:2b:9a:ed:9f:ea:11:9a:21:01:a5:
67:d6:ce:22:89:23:54:d3:e9:bf:44:ed:9a:e2:1a:7a:d0:7e:
c4:99:ec:04:c2:8b:3d:67:06:57:17:41:18:f7:3b:25:61:ff:
ce:b7:5f:4b:70:44:67:c9:24:f4:9d:c1:43:8c:38:61:4e:d3:
2a:01:4a:8a:a2:11:96:ef:54:ee:2f:41:71:9d:69:75:1f:af:
1c:ff:76:01:2b:b4:a4:60:c9:b4:21:5a:b0:d2:bf:49:26:40:
72:ee:9d:53:b8:c6:9f:30:9f:3e:23:c8:20:e1:43:d0:5b:d9:
4e:66:73:83:a4:1b:7f:a2:b5:35:32:57:c3:54:85:dd:5d:92:
51:48:32:a4:17:5b:1c:db:df:08:6c:00:a9:6d:39:21:d8:4d:
be:ea:64:dd:19:35:97:f4:95:60:2e:27:33:f8:f4:68:fe:5f:
53:bb:22:54:b2:9d:9a:c4:7d:f7:c5:5e:0d:a8:a9:96:a4:86:
36:27:ce:83:c7:df:b6:5b:2e:a7:16:70:76:27:a2:a8:21:cc:
8d:a4:2c:9e:9c:7f:d4:d7:f8:44:b3:30:5a:ce:03:31:29:68:
33:39:ab:a8:99:58:5f:2c:bf:4f:36:dc:04:e6:58:84:ae:93:
08:42:cd:90
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZPsypZB+yDgLV9RfpDperUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjQxMjIyMDUxNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDQxZDk3ZTc3ODI0MDhhZjMzYzdjN2JjNzEyNTY2MzYxZjlmZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XGpcMjII/K/Blod4wDYMmnMm0d/
9w75dbLJwh5/DU70HTS+e0wJbp37AV8FBj2J5hgfxdd4VWduM7N2hFew6C9hy8gs
ZjSji30f58iIWc7/xS7fkIXmWXy36ALv3FiQZVgs64DnrX2aCmugCnwQD5LNJ25L
xrW62ezMhXMaiCstrjZypGcGiu4wTJLHHd8ZXt/KshwgfPApb0GuYpdSP9Ka+JfZ
67kGpqp7nFpRFp/uwjRwooJpCXKoT0Gao0Bd8uYnWHRtH6XsvcKEItqmQDJHpDsw
NjcBZFozJKdV02T6AttywQFxx8sqfWP1rYT2aFX6ztYSSW5JEDGYcWR7pQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFLRB2X53gkCK8zx8e8cSVmNh+f5tMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvdEVIWmZuZUNRSXJ6UEh4N3h4SldZMkg1X20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBwYqAezA
AMADBgEqAezAADANBgkqhkiG9w0BAQsFAAOCAQEAfhtlSdqZEKIrmu2f6hGaIQGl
Z9bOIokjVNPpv0TtmuIaetB+xJnsBMKLPWcGVxdBGPc7JWH/zrdfS3BEZ8kk9J3B
Q4w4YU7TKgFKiqIRlu9U7i9BcZ1pdR+vHP92ASu0pGDJtCFasNK/SSZAcu6dU7jG
nzCfPiPIIOFD0FvZTmZzg6Qbf6K1NTJXw1SF3V2SUUgypBdbHNvfCGwAqW05IdhN
vupk3Rk1l/SVYC4nM/j0aP5fU7siVLKdmsR998VeDaiplqSGNifOg8fftlsupxZw
dieiqCHMjaQsnpx/1Nf4RLMwWs4DMSloMzmrqJlYXyy/TzbcBOZYhK6TCELNkA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:40:21 2025 by rpki-client