Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hGAIPyxEd30EiWjgC2vNfW5gVNQ.roa
File: hGAIPyxEd30EiWjgC2vNfW5gVNQ.roa (raw, json)
Hash identifier: R7YvaOmAp3AbJrBuBqn04pU0eRMPtUaXGuW8wEzAoWk=
Subject key identifier: 84:60:08:3F:2C:44:77:7D:04:89:68:E0:0B:6B:CD:7D:6E:60:54:D4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01950B36E8E4E4E2AA03CA28B4F4D4007E07
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hGAIPyxEd30EiWjgC2vNfW5gVNQ.roa
Signing time: Sat 15 Feb 2025 20:05:02 +0000
ROA not before: Sat 15 Feb 2025 20:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:b36:6e6e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0b:36:e8:e4:e4:e2:aa:03:ca:28:b4:f4:d4:00:7e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 15 20:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8460083f2c44777d048968e00b6bcd7d6e6054d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6c:6b:45:ea:b6:01:31:63:6a:b2:b8:2d:1c:
d7:02:ae:5b:95:0f:62:7c:f6:83:6b:b0:79:bb:80:
2e:7f:03:02:f4:ee:4f:f5:16:ac:32:58:85:48:6e:
0a:4a:ab:c5:24:c1:42:f5:de:62:4f:6b:62:29:93:
08:3b:d7:65:0e:df:a3:08:4f:ff:3e:46:a8:6e:6e:
34:9d:76:43:87:23:29:a2:31:54:ac:6b:48:02:5c:
b5:ee:44:1b:04:4d:0f:60:a5:37:58:4f:0a:18:c9:
98:47:a9:3e:4f:8b:03:9e:0d:cf:47:59:d8:c2:55:
c0:54:29:d3:a0:62:ef:da:ec:2f:95:ca:34:cc:fc:
f9:f7:55:7a:01:75:eb:b1:d5:c6:45:e2:d9:43:c7:
45:01:00:9d:6c:29:51:c6:22:79:f3:7a:b7:21:3b:
2f:77:5b:60:10:e7:30:7d:71:50:e1:25:16:e4:72:
78:55:d1:a2:3b:95:61:eb:f9:60:b0:4d:51:2d:5a:
41:98:12:ef:05:16:db:f3:76:a0:b6:c5:5b:f6:7d:
96:f9:c6:07:aa:3b:e4:d9:33:2e:56:08:19:51:f9:
92:0c:87:85:77:f9:b6:65:83:e3:e6:e0:29:fb:11:
91:90:9f:98:52:84:3f:78:e2:b9:d7:ff:28:ec:79:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:60:08:3F:2C:44:77:7D:04:89:68:E0:0B:6B:CD:7D:6E:60:54:D4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hGAIPyxEd30EiWjgC2vNfW5gVNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:b36:6e6e/128
Signature Algorithm: sha256WithRSAEncryption
3f:c6:7e:82:f4:b2:78:f9:11:61:33:db:66:e5:90:37:97:a3:
c0:e1:de:d5:12:2c:5e:69:73:f9:c3:d9:b2:71:eb:91:f4:9d:
08:e8:cf:1c:19:e5:57:dd:9d:dc:a7:be:e6:7d:ca:1f:a4:79:
c0:c5:00:20:26:ae:61:e5:86:e8:7e:c0:24:0f:7c:0a:50:8d:
46:e2:62:be:f2:4b:47:81:13:b4:ca:da:f2:70:ec:03:92:9e:
6d:af:0e:2f:2a:45:48:98:d8:1b:1e:ad:2a:11:e0:45:16:a3:
f3:57:80:0f:d1:3c:0b:fa:63:fa:d6:2d:1b:ca:0a:7c:d5:8d:
b2:24:c6:f3:b2:c2:20:b1:83:22:26:01:34:48:96:81:ee:68:
ec:31:c2:ee:82:56:f4:dc:61:26:fc:ea:49:74:57:8d:52:42:
d1:1a:1b:10:45:0c:e9:5d:7e:22:38:13:72:41:05:a0:41:f2:
03:cc:4d:5e:5c:4e:b1:9d:df:ab:c4:b0:7e:07:64:99:5b:59:
b2:4a:5f:be:de:94:89:e6:e5:ce:c1:11:dd:b8:80:83:ed:9b:
00:f7:1f:d2:53:53:c5:a2:79:55:2e:e8:eb:ca:ab:9c:73:6c:
a1:93:0d:37:3c:7d:86:c1:b9:a8:f6:8f:6a:e1:bc:ed:33:5b:
4b:cc:a9:f6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZULNujk5OKqA8ootPTUAH4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjE1MjAwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDYwMDgzZjJjNDQ3NzdkMDQ4OTY4ZTAwYjZiY2Q3ZDZlNjA1NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WxrReq2ATFjarK4LRzXAq5blQ9i
fPaDa7B5u4AufwMC9O5P9RasMliFSG4KSqvFJMFC9d5iT2tiKZMIO9dlDt+jCE//
Pkaobm40nXZDhyMpojFUrGtIAly17kQbBE0PYKU3WE8KGMmYR6k+T4sDng3PR1nY
wlXAVCnToGLv2uwvlco0zPz591V6AXXrsdXGReLZQ8dFAQCdbClRxiJ583q3ITsv
d1tgEOcwfXFQ4SUW5HJ4VdGiO5Vh6/lgsE1RLVpBmBLvBRbb83agtsVb9n2W+cYH
qjvk2TMuVggZUfmSDIeFd/m2ZYPj5uAp+xGRkJ+YUoQ/eOK51/8o7HnRSQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFIRgCD8sRHd9BIlo4AtrzX1uYFTUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaEdBSVB5eEVkMzBFaVdqZ0Mydk5mVzVnVk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVCzZubjANBgkqhkiG9w0BAQsFAAOCAQEAP8Z+gvSyePkRYTPbZuWQN5ej
wOHe1RIsXmlz+cPZsnHrkfSdCOjPHBnlV92d3Ke+5n3KH6R5wMUAICauYeWG6H7A
JA98ClCNRuJivvJLR4ETtMra8nDsA5Keba8OLypFSJjYGx6tKhHgRRaj81eAD9E8
C/pj+tYtG8oKfNWNsiTG87LCILGDIiYBNEiWge5o7DHC7oJW9NxhJvzqSXRXjVJC
0RobEEUM6V1+IjgTckEFoEHyA8xNXlxOsZ3fq8SwfgdkmVtZskpfvt6UieblzsER
3biAg+2bAPcf0lNTxaJ5VS7o68qrnHNsoZMNNzx9hsG5qPaPauG87TNbS8yp9g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:17:48 2025 by rpki-client