Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HdAewwC573hiBDNOvxUE1KDmA0U.roa
File: HdAewwC573hiBDNOvxUE1KDmA0U.roa (raw, json)
Hash identifier: KO8T/mtPU/jWMm5QwJMrMb75ru1J2zxHJsmxNEkocNE=
Subject key identifier: 1D:D0:1E:C3:00:B9:EF:78:62:04:33:4E:BF:15:04:D4:A0:E6:03:45
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019534A0B722B57A415F09769283570043F0
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HdAewwC573hiBDNOvxUE1KDmA0U.roa
Signing time: Sun 23 Feb 2025 21:05:02 +0000
ROA not before: Sun 23 Feb 2025 21:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:34a0:3ec9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:34:a0:b7:22:b5:7a:41:5f:09:76:92:83:57:00:43:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 23 21:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dd01ec300b9ef786204334ebf1504d4a0e60345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:06:90:d6:d6:54:c6:f3:bd:de:70:82:b0:24:
f1:03:35:02:45:36:a2:53:ea:77:23:2e:ba:26:40:
89:7f:c2:8a:e9:20:dd:cb:8d:00:3d:ed:af:91:92:
41:6b:f5:cb:11:e7:d1:ac:1d:29:69:03:ef:78:2f:
93:20:db:6a:78:23:cb:6e:8d:eb:dc:ff:8b:4f:e2:
3f:ad:61:98:d4:9d:54:26:3d:a1:0d:2f:8f:24:20:
c0:ff:20:c7:4c:99:3b:23:4a:33:a7:b6:98:d4:84:
05:50:31:23:f1:10:a7:64:31:c3:d7:33:25:3e:73:
e6:41:0a:3c:09:10:73:77:95:b8:c4:86:05:8c:bd:
8a:ca:65:2a:e4:8b:2c:1e:38:6f:f1:25:e9:fe:a7:
02:78:1f:1b:51:8f:5d:65:95:11:23:ab:d1:c5:5e:
58:90:70:6c:dc:d0:08:e4:95:7c:df:ff:97:2f:c1:
90:04:9a:b8:34:c1:a4:53:bd:e5:ca:60:5f:30:96:
87:75:e4:11:ad:1f:dc:51:35:47:e9:31:1a:30:2e:
31:a0:24:9b:b7:c5:e9:d4:4b:69:c3:b5:af:7f:f2:
2d:46:34:42:60:af:1d:e9:3a:65:14:b7:e9:a8:1a:
b6:32:68:30:f8:17:2b:dc:a5:5b:f5:59:26:43:e6:
6f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D0:1E:C3:00:B9:EF:78:62:04:33:4E:BF:15:04:D4:A0:E6:03:45
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HdAewwC573hiBDNOvxUE1KDmA0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:34a0:3ec9/128
Signature Algorithm: sha256WithRSAEncryption
4c:44:0c:b9:08:f5:29:5b:2c:bc:db:be:50:a6:a8:42:af:14:
5a:67:9f:6d:59:c4:6c:4c:ed:ae:48:eb:48:f2:01:a8:f1:72:
fb:7d:21:f6:45:2e:14:3e:e4:0b:27:c7:24:3d:31:9e:0c:c9:
a5:84:de:41:41:e1:a2:f9:44:6e:91:c4:ef:1b:7a:c6:22:20:
58:8d:32:05:88:cc:2a:8e:64:2b:e0:c0:f5:8b:96:93:b8:09:
c2:2f:2a:5d:6a:39:82:bd:5e:9e:7a:59:0d:47:96:a3:08:e6:
e8:e6:f2:48:46:06:eb:11:7d:a1:7f:42:32:14:d3:00:09:6e:
87:e4:5f:e0:b5:99:90:33:c5:fe:92:ea:3c:0c:97:4d:fc:e8:
a3:ef:aa:66:5f:e3:1a:91:48:f9:25:77:87:33:18:b8:00:9a:
d5:e7:16:1b:20:6e:14:45:a3:21:c9:ea:3b:68:63:c2:c2:63:
6d:3c:49:aa:81:94:01:f5:e6:56:83:5a:dc:61:8a:48:75:41:
33:47:29:d8:4a:75:83:8d:d6:f9:01:70:32:b6:17:50:11:f1:
49:c6:cd:54:34:2f:5d:06:fc:05:fb:35:f8:d8:6e:3e:91:44:
30:4b:66:c8:8e:d8:ba:9f:24:b4:18:4c:f8:da:a1:3e:07:43:
a3:7e:69:8d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZU0oLcitXpBXwl2koNXAEPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjIzMjEwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQwMWVjMzAwYjllZjc4NjIwNDMzNGViZjE1MDRkNGEwZTYwMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQaQ1tZUxvO93nCCsCTxAzUCRTai
U+p3Iy66JkCJf8KK6SDdy40APe2vkZJBa/XLEefRrB0paQPveC+TINtqeCPLbo3r
3P+LT+I/rWGY1J1UJj2hDS+PJCDA/yDHTJk7I0ozp7aY1IQFUDEj8RCnZDHD1zMl
PnPmQQo8CRBzd5W4xIYFjL2KymUq5IssHjhv8SXp/qcCeB8bUY9dZZURI6vRxV5Y
kHBs3NAI5JV83/+XL8GQBJq4NMGkU73lymBfMJaHdeQRrR/cUTVH6TEaMC4xoCSb
t8Xp1Etpw7Wvf/ItRjRCYK8d6TplFLfpqBq2Mmgw+Bcr3KVb9VkmQ+Zv8wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFB3QHsMAue94YgQzTr8VBNSg5gNFMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSGRBZXd3QzU3M2hpQkROT3Z4VUUxS0RtQTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVNKA+yTANBgkqhkiG9w0BAQsFAAOCAQEATEQMuQj1KVssvNu+UKaoQq8U
WmefbVnEbEztrkjrSPIBqPFy+30h9kUuFD7kCyfHJD0xngzJpYTeQUHhovlEbpHE
7xt6xiIgWI0yBYjMKo5kK+DA9YuWk7gJwi8qXWo5gr1ennpZDUeWowjm6ObySEYG
6xF9oX9CMhTTAAluh+Rf4LWZkDPF/pLqPAyXTfzoo++qZl/jGpFI+SV3hzMYuACa
1ecWGyBuFEWjIcnqO2hjwsJjbTxJqoGUAfXmVoNa3GGKSHVBM0cp2Ep1g43W+QFw
MrYXUBHxScbNVDQvXQb8Bfs1+NhuPpFEMEtmyI7Yup8ktBhM+NqhPgdDo35pjQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:36 2025 by rpki-client