Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/haIvU17zidKk2fze2NgbkmQbW8A.roa
File: haIvU17zidKk2fze2NgbkmQbW8A.roa (raw, json)
Hash identifier: OkzFoDJQPzTHuuinMyzt+yD9DqqAXGVv53bP7uMNE5w=
Subject key identifier: 85:A2:2F:53:5E:F3:89:D2:A4:D9:FC:DE:D8:D8:1B:92:64:1B:5B:C0
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 09E5FF15
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/haIvU17zidKk2fze2NgbkmQbW8A.roa
Signing time: Wed 23 Feb 2022 12:50:09 +0000
ROA not before: Wed 23 Feb 2022 12:50:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398559
IP address blocks: 2a0f:306::/32 maxlen: 32
2a0f:305::/32 maxlen: 32
2a0f:302::/32 maxlen: 32
2a0f:303::/32 maxlen: 32
2a0f:301::/32 maxlen: 32
2a0f:307::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166067989 (0x9e5ff15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Feb 23 12:50:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85a22f535ef389d2a4d9fcded8d81b92641b5bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8e:e4:ab:a7:37:4f:9e:fc:33:15:db:66:0b:
7d:ee:4c:bb:57:a6:cf:3c:bb:9c:16:59:65:18:c3:
7f:3a:0d:d4:f0:ec:87:5c:18:f2:4f:e7:fc:98:65:
79:bb:92:8d:cb:9e:b6:10:b4:8f:3c:8d:eb:4c:9d:
49:47:d9:c4:d6:7e:8f:90:b9:33:03:2e:51:7b:69:
39:f4:1c:e2:8d:48:eb:84:be:6a:86:f4:5d:71:c7:
ee:7b:6d:cc:d7:70:1d:36:75:ff:45:6b:26:64:1f:
20:25:9a:65:b4:42:e2:4b:98:94:11:a7:8f:30:4b:
c4:5c:a6:49:f8:3d:d4:aa:08:6a:39:9e:10:ef:7d:
1a:5f:9c:2e:1d:44:37:1f:b3:7c:df:3d:c4:72:ae:
99:1b:fa:a8:66:57:ec:40:3f:74:83:91:63:38:50:
41:07:71:fc:42:2c:32:7c:e7:d6:03:5d:91:52:6c:
80:93:5e:cf:dc:7e:4b:90:b4:07:27:90:5f:ff:36:
2c:c3:19:80:f2:32:88:c1:d6:eb:b8:1f:a2:a3:63:
6e:a6:4e:85:a5:59:29:a4:39:7d:a2:50:48:e4:9a:
21:4a:89:b9:d4:c9:60:71:fd:74:1b:97:b7:d7:a3:
d9:d5:9d:fc:75:97:e4:15:a9:30:8b:b0:ca:d2:ae:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A2:2F:53:5E:F3:89:D2:A4:D9:FC:DE:D8:D8:1B:92:64:1B:5B:C0
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/haIvU17zidKk2fze2NgbkmQbW8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:301::-2a0f:303:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:305::-2a0f:307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8b:4c:3b:57:19:5a:36:0f:00:55:fb:6b:f1:76:6a:f2:93:76:
0b:0f:1f:63:af:b1:7c:71:6a:1e:5a:b2:60:0b:ed:3b:e6:18:
75:97:1d:7b:74:c1:6a:d5:29:14:7b:19:33:b1:6b:88:24:54:
42:6b:5c:7b:13:51:c1:45:e2:48:cf:f1:db:fe:17:50:26:31:
f6:c0:09:21:82:0f:b4:40:36:ff:60:fc:66:23:82:30:40:da:
3c:ae:60:e5:3d:cb:73:c9:28:1c:92:fd:f0:ec:43:69:a1:47:
cf:51:d4:39:e1:05:3c:d5:df:68:10:56:1e:c9:6b:42:1f:a5:
5f:ee:93:af:16:36:bf:12:ac:b2:f0:b5:e4:e7:4b:f3:e2:8f:
64:0a:c2:73:ce:b2:0c:5e:a8:eb:e3:bd:54:a0:7b:ff:0d:33:
ba:05:b0:c4:3c:91:6a:5c:94:47:8a:73:72:d3:7a:78:fc:bf:
b4:85:41:20:b2:1d:2c:3c:e6:fa:e7:84:96:b9:3e:20:0a:d2:
c3:69:4f:a9:e8:75:c8:5e:14:fb:b8:6a:5c:15:52:a9:b1:f6:
aa:46:a2:ad:96:1c:55:5b:0d:7c:e5:73:18:ff:28:3e:b7:d3:
c3:77:c8:fa:8f:c2:c9:56:f6:f7:c8:ee:35:f7:4c:a6:37:0a:
17:ef:64:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECeX/FTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmJlY2M0YmE4YTRkNTI0OThhMGQyOTgzYTY4YjYxMzgzYWE3ZmQ3MB4XDTIyMDIy
MzEyNTAwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVhMjJmNTM1ZWYz
ODlkMmE0ZDlmY2RlZDhkODFiOTI2NDFiNWJjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+O5KunN0+e/DMV22YLfe5Mu1emzzy7nBZZZRjDfzoN1PDs
h1wY8k/n/JhlebuSjcuethC0jzyN60ydSUfZxNZ+j5C5MwMuUXtpOfQc4o1I64S+
aob0XXHH7nttzNdwHTZ1/0VrJmQfICWaZbRC4kuYlBGnjzBLxFymSfg91KoIajme
EO99Gl+cLh1ENx+zfN89xHKumRv6qGZX7EA/dIORYzhQQQdx/EIsMnzn1gNdkVJs
gJNez9x+S5C0ByeQX/82LMMZgPIyiMHW67gfoqNjbqZOhaVZKaQ5faJQSOSaIUqJ
udTJYHH9dBuXt9ej2dWd/HWX5BWpMIuwytKuXFkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSFoi9TXvOJ0qTZ/N7Y2BuSZBtbwDAfBgNVHSMEGDAWgBRivsxLqKTVJJig
0pg6aLYTg6p/1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lyN01TNmlrMVNTWW9OS1lPbWkyRTRPcWY5Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvOWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8x
L2hhSXZVMTd6aWRLazJmemUyTmdia21RYlc4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
OWM0OTNiLTQxN2ItNGFmNi05ZjQzLTJmZjE0YzIxODcxOS8xL1lyN01TNmlrMVNT
WW9OS1lPbWkyRTRPcWY5Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAIwIDAOAwUAKg8DAQMFAioPAwAwDgMFACoP
AwUDBQMqDwMAMA0GCSqGSIb3DQEBCwUAA4IBAQCLTDtXGVo2DwBV+2vxdmryk3YL
Dx9jr7F8cWoeWrJgC+075hh1lx17dMFq1SkUexkzsWuIJFRCa1x7E1HBReJIz/Hb
/hdQJjH2wAkhgg+0QDb/YPxmI4IwQNo8rmDlPctzySgckv3w7ENpoUfPUdQ54QU8
1d9oEFYeyWtCH6Vf7pOvFja/Eqyy8LXk50vz4o9kCsJzzrIMXqjr471UoHv/DTO6
BbDEPJFqXJRHinNy03p4/L+0hUEgsh0sPOb654SWuT4gCtLDaU+p6HXIXhT7uGpc
FVKpsfaqRqKtlhxVWw185XMY/yg+t9PDd8j6j8LJVvb3yO4190ymNwoX72TP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:34 2025 by rpki-client