Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HkvH-lW4UlRKnBhe1zZVLosheEM.roa
File: HkvH-lW4UlRKnBhe1zZVLosheEM.roa (raw, json)
Hash identifier: X3Jb2r4Y8Sfo+7C41dbrcHASucp4/ALtF1eHfsf06bw=
Subject key identifier: 1E:4B:C7:FA:55:B8:52:54:4A:9C:18:5E:D7:36:55:2E:8B:21:78:43
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01943584BC233A410C4E9C1182E42FB79B9E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HkvH-lW4UlRKnBhe1zZVLosheEM.roa
Signing time: Sun 05 Jan 2025 08:11:18 +0000
ROA not before: Sun 05 Jan 2025 08:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:35:84:bc:23:3a:41:0c:4e:9c:11:82:e4:2f:b7:9b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 5 08:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e4bc7fa55b852544a9c185ed736552e8b217843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:d4:67:e1:23:1b:5c:17:8d:35:31:cb:8d:
da:f4:6e:d6:78:f0:39:80:17:13:c2:cd:17:13:55:
c0:e6:a1:fd:6c:99:04:69:25:90:86:4e:72:64:85:
3e:23:36:8c:a2:86:76:40:ae:5d:6c:d5:10:12:e4:
80:d1:41:20:fd:39:84:d2:fb:df:3d:8c:22:48:a8:
d7:ac:a4:1b:40:3f:2d:f2:20:85:5c:eb:8b:8d:3a:
b2:b2:5c:b8:1d:99:f6:0e:ba:e6:e4:21:f4:16:37:
6c:da:97:eb:64:9c:10:d7:62:6b:20:ce:d0:a1:75:
69:a0:1f:16:84:71:7f:3d:be:26:9b:38:52:0d:a2:
df:c3:62:74:45:e2:05:09:49:45:6b:4e:b8:8d:a8:
b5:98:30:5c:41:b2:06:e9:02:f7:e5:12:70:6a:7b:
b6:0f:56:6f:ef:cb:96:e9:37:f7:ba:28:73:d9:47:
2d:d3:fe:06:16:de:7f:35:30:a1:6d:77:df:f7:65:
c0:80:6c:b0:66:32:fd:cf:6d:f5:09:9b:57:5a:ce:
ac:c7:24:fb:76:62:1a:6b:b2:3e:2b:86:8c:e3:45:
d3:77:96:07:58:d2:45:8a:b5:1f:c1:c5:b5:05:e8:
5d:15:29:85:2f:e0:c5:ac:64:34:8e:dc:76:ff:5d:
a8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4B:C7:FA:55:B8:52:54:4A:9C:18:5E:D7:36:55:2E:8B:21:78:43
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/HkvH-lW4UlRKnBhe1zZVLosheEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
12:66:39:6d:ff:79:d7:3e:e4:c6:e1:8e:9b:38:c6:27:8c:06:
9a:91:ac:1c:41:89:ba:be:ad:af:d0:89:46:8a:e5:95:7f:af:
e8:5c:22:7f:05:39:6b:41:8c:d5:a8:3c:4f:61:bb:e3:c3:3e:
65:20:29:4c:8a:03:39:09:e5:a1:91:13:07:54:2d:cb:3c:97:
ef:6a:cf:78:33:6a:01:df:63:06:b3:78:b8:84:8e:80:4c:87:
f7:01:98:35:4c:89:fc:05:f6:8a:a7:b5:d5:9b:03:9b:5a:84:
59:82:09:e1:5c:3f:ab:49:ee:d5:c6:cc:e9:bf:1e:b4:65:eb:
03:9f:63:70:3d:b1:e3:29:66:31:35:ed:1c:93:f6:e5:3b:12:
44:03:05:97:21:3a:83:34:1f:89:41:75:d0:b3:fd:b9:ef:20:
e7:98:95:89:90:dd:0f:5e:a9:1c:fb:ab:d1:3a:a2:c5:17:a9:
09:dc:78:69:02:9b:e1:bd:ba:a1:95:69:91:39:df:48:33:f2:
f8:52:9b:08:e0:5a:3e:e2:a8:7a:52:4d:3d:82:71:ca:74:41:
67:09:d3:90:35:c0:03:f8:9b:31:e6:ed:b9:1f:e6:cc:bd:e1:
38:30:01:c1:13:22:84:3f:d9:59:67:1c:bc:0f:c7:1c:e4:a8:
f2:ab:72:d9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQ1hLwjOkEMTpwRguQvt5ueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTA1MDgxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRiYzdmYTU1Yjg1MjU0NGE5YzE4NWVkNzM2NTUyZThiMjE3ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttzUZ+EjG1wXjTUxy43a9G7WePA5
gBcTws0XE1XA5qH9bJkEaSWQhk5yZIU+IzaMooZ2QK5dbNUQEuSA0UEg/TmE0vvf
PYwiSKjXrKQbQD8t8iCFXOuLjTqysly4HZn2Drrm5CH0Fjds2pfrZJwQ12JrIM7Q
oXVpoB8WhHF/Pb4mmzhSDaLfw2J0ReIFCUlFa064jai1mDBcQbIG6QL35RJwanu2
D1Zv78uW6Tf3uihz2Uct0/4GFt5/NTChbXff92XAgGywZjL9z231CZtXWs6sxyT7
dmIaa7I+K4aM40XTd5YHWNJFirUfwcW1BehdFSmFL+DFrGQ0jtx2/12oFwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFB5Lx/pVuFJUSpwYXtc2VS6LIXhDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSGt2SC1sVzRVbFJLbkJoZTF6WlZMb3NoZUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEAEmY5bf951z7kxuGOmzjGJ4wG
mpGsHEGJur6tr9CJRorllX+v6FwifwU5a0GM1ag8T2G748M+ZSApTIoDOQnloZET
B1QtyzyX72rPeDNqAd9jBrN4uISOgEyH9wGYNUyJ/AX2iqe11ZsDm1qEWYIJ4Vw/
q0nu1cbM6b8etGXrA59jcD2x4ylmMTXtHJP25TsSRAMFlyE6gzQfiUF10LP9ue8g
55iViZDdD16pHPur0TqixRepCdx4aQKb4b26oZVpkTnfSDPy+FKbCOBaPuKoelJN
PYJxynRBZwnTkDXAA/ibMebtuR/mzL3hODABwRMihD/ZWWccvA/HHOSo8qty2Q==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:09:34 2025 by rpki-client