Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HC0jvxUI9CAr42TH34h4NlrHGus.roa
File: HC0jvxUI9CAr42TH34h4NlrHGus.roa (raw, json)
Hash identifier: fQhsRYm83nt9B2lK94dzNtg1gedcs7rFa/7Y/1CHzL0=
Subject key identifier: 1C:2D:23:BF:15:08:F4:20:2B:E3:64:C7:DF:88:78:36:5A:C7:1A:EB
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C6DFE57C3317B6515B396D71A732F
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HC0jvxUI9CAr42TH34h4NlrHGus.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215290
IP address blocks: 2a12:bec4:10e0::/44 maxlen: 48
2a12:bec4:1130::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6d:fe:57:c3:31:7b:65:15:b3:96:d7:1a:73:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c2d23bf1508f4202be364c7df8878365ac71aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e4:f5:db:d3:c2:59:cf:6e:13:19:7a:59:30:
e7:63:f6:dc:4e:b1:f7:e3:de:61:64:2c:02:04:03:
d1:f9:93:15:90:5d:48:c8:b0:7f:cd:f9:4d:25:8c:
40:3b:d3:0e:dd:3c:85:59:d3:0f:71:d9:2d:76:07:
d0:83:90:38:9c:00:f6:ea:fa:7e:4a:4e:56:81:4a:
8a:4d:0c:f5:34:f3:f3:d5:63:99:54:e8:7d:44:8b:
3f:5a:21:3f:ce:5c:cd:c1:99:67:d5:f6:52:b2:fd:
a1:6c:5e:27:da:df:65:fd:88:12:b2:2f:bf:da:f7:
89:69:35:ae:1c:9b:0f:fd:62:50:b3:f2:07:83:b2:
da:43:83:c7:fd:b3:7d:c7:e9:c4:07:45:e9:d5:7e:
19:8e:d0:87:02:db:fc:89:13:06:35:3a:39:a1:9d:
18:30:2b:01:8b:1c:51:d4:cd:5b:6f:21:dd:e3:ef:
69:b6:6e:30:a2:17:df:69:00:00:e5:45:8f:7c:40:
a2:a4:d5:43:27:b0:c9:0f:1c:d8:15:89:1f:df:d4:
76:4a:61:28:8d:46:45:7c:d1:33:c9:d2:2a:e6:49:
87:1c:48:c9:1a:82:6f:73:1f:6f:a6:12:ba:1a:59:
71:f5:63:32:38:ea:46:b1:bc:43:2b:b4:1e:59:23:
54:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2D:23:BF:15:08:F4:20:2B:E3:64:C7:DF:88:78:36:5A:C7:1A:EB
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HC0jvxUI9CAr42TH34h4NlrHGus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:10e0::/44
2a12:bec4:1130::/44
Signature Algorithm: sha256WithRSAEncryption
48:e7:a4:55:a4:b6:14:d3:78:b1:aa:4a:4f:07:b5:d2:ea:8d:
1d:fd:30:52:3f:54:d2:cd:d5:ac:db:55:4d:50:5a:c1:70:3b:
f7:0c:8e:8f:3a:e2:f7:32:c5:25:92:df:91:29:fa:1e:e7:1b:
1e:7e:f6:05:89:7f:16:b3:36:df:0f:19:db:e4:ea:b0:b1:85:
0a:65:a2:69:c2:a1:aa:60:b2:b1:dd:8e:b6:f8:66:2d:32:3d:
d7:12:45:44:49:6e:b9:ce:fb:c4:22:85:06:7c:85:66:29:95:
bd:18:b8:b6:d2:57:3f:19:02:03:72:b3:c9:91:2b:26:8e:ac:
49:0b:14:4b:f3:db:27:b6:65:2c:ca:27:2d:4d:1e:f9:80:6f:
87:5d:45:b8:06:1d:4b:3c:81:d3:7e:e9:fd:3c:74:b7:07:1a:
7f:b6:60:b3:f7:72:a0:ae:dd:44:98:28:50:58:9c:99:53:96:
54:c0:09:fd:72:0c:7e:b5:dc:42:ae:9d:20:c6:ae:aa:73:19:
73:59:42:da:68:d9:19:75:d4:09:15:6d:ab:9b:5a:42:72:2b:
f3:ca:f0:72:c0:4d:d8:57:3a:ce:b1:c3:3e:53:71:55:64:d3:
c5:2c:51:f6:d7:f1:9a:da:2f:5a:fd:72:e5:92:39:c7:bd:bb:
a0:ab:d1:f1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjG3+V8Mxe2UVs5bXGnMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJkMjNiZjE1MDhmNDIwMmJlMzY0YzdkZjg4NzgzNjVhYzcxYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+T129PCWc9uExl6WTDnY/bcTrH3
495hZCwCBAPR+ZMVkF1IyLB/zflNJYxAO9MO3TyFWdMPcdktdgfQg5A4nAD26vp+
Sk5WgUqKTQz1NPPz1WOZVOh9RIs/WiE/zlzNwZln1fZSsv2hbF4n2t9l/YgSsi+/
2veJaTWuHJsP/WJQs/IHg7LaQ4PH/bN9x+nEB0Xp1X4ZjtCHAtv8iRMGNTo5oZ0Y
MCsBixxR1M1bbyHd4+9ptm4wohffaQAA5UWPfECipNVDJ7DJDxzYFYkf39R2SmEo
jUZFfNEzydIq5kmHHEjJGoJvcx9vphK6Gllx9WMyOOpGsbxDK7QeWSNUZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBwtI78VCPQgK+Nkx9+IeDZaxxrrMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvSEMwanZ4VUk5Q0FyNDJUSDM0aDRObHJIR3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhK+xBDg
AwcEKhK+xBEwMA0GCSqGSIb3DQEBCwUAA4IBAQBI56RVpLYU03ixqkpPB7XS6o0d
/TBSP1TSzdWs21VNUFrBcDv3DI6POuL3MsUlkt+RKfoe5xsefvYFiX8WszbfDxnb
5OqwsYUKZaJpwqGqYLKx3Y62+GYtMj3XEkVESW65zvvEIoUGfIVmKZW9GLi20lc/
GQIDcrPJkSsmjqxJCxRL89sntmUsyictTR75gG+HXUW4Bh1LPIHTfun9PHS3Bxp/
tmCz93Kgrt1EmChQWJyZU5ZUwAn9cgx+tdxCrp0gxq6qcxlzWULaaNkZddQJFW2r
m1pCcivzyvBywE3YVzrOscM+U3FVZNPFLFH21/Ga2i9a/XLlkjnHvbugq9Hx
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:53:56 2025 by rpki-client