Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hvMPPRnB1ZHMbZPJbgf9Twc9U_k.roa
File: hvMPPRnB1ZHMbZPJbgf9Twc9U_k.roa (raw, json)
Hash identifier: iBdnR2gAGVOblxV/MqL9hziTuySYRM0h7Z9By6l/4AQ=
Subject key identifier: 86:F3:0F:3D:19:C1:D5:91:CC:6D:93:C9:6E:07:FD:4F:07:3D:53:F9
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191D643E4980CFF72885DEF6A81A45F585B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hvMPPRnB1ZHMbZPJbgf9Twc9U_k.roa
Signing time: Mon 09 Sep 2024 10:10:59 +0000
ROA not before: Mon 09 Sep 2024 10:10:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
2001:67c:64:ffff:0:191:d606:d79c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:43:e4:98:0c:ff:72:88:5d:ef:6a:81:a4:5f:58:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 9 10:10:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86f30f3d19c1d591cc6d93c96e07fd4f073d53f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3d:ff:5e:cc:69:04:df:45:c8:58:57:77:0d:
a4:01:8e:71:62:66:8c:3b:d0:24:29:cc:27:da:6a:
f9:db:01:e4:9b:8b:f8:a2:57:1a:4d:8a:66:4d:ae:
22:7c:d5:2a:a6:42:6c:40:a1:6c:48:12:ba:f4:75:
8c:4e:75:d8:0c:37:b3:8b:6b:5d:cf:bb:48:cf:09:
c6:ad:df:09:5c:c6:3e:3c:fe:da:07:40:27:81:4d:
a9:16:f5:07:88:68:c3:5c:8f:7f:5f:4f:75:bf:e3:
6f:11:81:5a:11:df:83:46:1c:08:7b:59:c7:2a:dc:
b9:71:3c:ff:fa:c5:78:c1:93:ee:26:04:f1:58:6e:
c0:f4:9c:4f:30:ef:14:cd:ec:f4:49:f4:28:a1:6e:
7d:41:7c:fb:85:e8:26:79:c1:94:c4:84:91:19:8d:
c2:c5:0e:d8:a3:9e:48:d4:8c:6f:06:e2:ec:73:dd:
99:02:69:44:c9:eb:9b:4b:7d:be:e3:8d:49:9c:52:
ec:66:8c:99:7f:d6:c7:a8:77:90:12:e6:4a:1b:fb:
39:46:0c:08:e6:35:40:3e:56:d9:05:cf:68:86:2a:
af:51:22:f2:33:77:03:f7:f4:85:f4:26:2d:19:49:
34:43:f4:4b:d4:55:3b:46:7e:72:70:1f:d2:0b:02:
a5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F3:0F:3D:19:C1:D5:91:CC:6D:93:C9:6E:07:FD:4F:07:3D:53:F9
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hvMPPRnB1ZHMbZPJbgf9Twc9U_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
2001:67c:64:ffff:0:191:d606:d79c/128
Signature Algorithm: sha256WithRSAEncryption
01:0d:94:3e:ec:3b:e1:5b:8b:15:97:33:09:4b:f6:d1:82:98:
a8:37:e0:71:e1:5e:c7:72:d8:e8:01:64:3c:25:18:b9:d4:70:
a9:d7:fc:e7:15:84:7a:b3:05:78:02:93:75:5f:40:d7:fa:18:
96:3b:77:45:3c:5f:c4:ae:af:57:4d:f8:38:f5:c7:b8:c2:09:
d2:67:37:1b:a3:74:16:ea:de:f4:f2:4d:6e:d1:c9:60:70:7b:
91:7a:da:e0:97:92:7e:32:60:2e:aa:7c:eb:4c:0f:19:24:dd:
ca:f9:ee:91:da:06:13:80:45:1c:0e:51:ba:c4:72:18:93:15:
dd:bc:27:0e:b2:fe:6d:c5:08:f0:72:87:f0:01:2e:4e:48:24:
3b:99:9d:d5:05:c7:c0:d3:0d:7f:86:b6:0c:be:d5:f1:5c:9f:
b3:a7:3d:91:c3:48:21:73:2a:7c:c3:f7:f6:3e:7e:7a:43:21:
21:19:35:ec:68:1e:65:c7:e8:7f:38:eb:c1:9c:93:67:fc:a7:
8c:23:8e:a0:e3:cd:ff:46:a7:2d:54:55:31:c4:92:87:72:e8:
39:ae:71:7d:63:67:af:24:96:69:11:ed:7f:40:5b:46:92:83:
ef:b9:10:a1:e5:74:c8:d0:e2:8d:41:ff:cc:41:4e:38:17:b5:
31:87:29:b6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZHWQ+SYDP9yiF3vaoGkX1hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTA5MTAxMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYzMGYzZDE5YzFkNTkxY2M2ZDkzYzk2ZTA3ZmQ0ZjA3M2Q1M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD3/XsxpBN9FyFhXdw2kAY5xYmaM
O9AkKcwn2mr52wHkm4v4olcaTYpmTa4ifNUqpkJsQKFsSBK69HWMTnXYDDezi2td
z7tIzwnGrd8JXMY+PP7aB0AngU2pFvUHiGjDXI9/X091v+NvEYFaEd+DRhwIe1nH
Kty5cTz/+sV4wZPuJgTxWG7A9JxPMO8Uzez0SfQooW59QXz7hegmecGUxISRGY3C
xQ7Yo55I1IxvBuLsc92ZAmlEyeubS32+441JnFLsZoyZf9bHqHeQEuZKG/s5RgwI
5jVAPlbZBc9ohiqvUSLyM3cD9/SF9CYtGUk0Q/RL1FU7Rn5ycB/SCwKl/QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIbzDz0ZwdWRzG2TyW4H/U8HPVP5MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaHZNUFBSbkIxWkhNYlpQSmJnZjlUd2M5VV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAxEAIAEGfABk
//8AAAGQ/fLzAgMRACABBnwAZP//AAABkdYG15wwDQYJKoZIhvcNAQELBQADggEB
AAENlD7sO+FbixWXMwlL9tGCmKg34HHhXsdy2OgBZDwlGLnUcKnX/OcVhHqzBXgC
k3VfQNf6GJY7d0U8X8Sur1dN+Dj1x7jCCdJnNxujdBbq3vTyTW7RyWBwe5F62uCX
kn4yYC6qfOtMDxkk3cr57pHaBhOARRwOUbrEchiTFd28Jw6y/m3FCPByh/ABLk5I
JDuZndUFx8DTDX+Gtgy+1fFcn7OnPZHDSCFzKnzD9/Y+fnpDISEZNexoHmXH6H84
68Gck2f8p4wjjqDjzf9Gpy1UVTHEkody6DmucX1jZ68klmkR7X9AW0aSg++5EKHl
dMjQ4o1B/8xBTjgXtTGHKbY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:03:08 2025 by rpki-client