Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/hIagYPgcgLqF5hqMfUhJY2-sJAs.roa
File: hIagYPgcgLqF5hqMfUhJY2-sJAs.roa (raw, json)
Hash identifier: ZaaWq0BbjJoluHI5ROX+aFarBCsxRa8oHhsXlvsyUeU=
Subject key identifier: 84:86:A0:60:F8:1C:80:BA:85:E6:1A:8C:7D:48:49:63:6F:AC:24:0B
Certificate issuer: /CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3
Certificate serial: 019420D60A5717CE56FE155F54A5BE8CF0D1
Authority key identifier: 1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/hIagYPgcgLqF5hqMfUhJY2-sJAs.roa
Signing time: Wed 01 Jan 2025 07:48:05 +0000
ROA not before: Wed 01 Jan 2025 07:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58299
IP address blocks: 2001:678:ca0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0a:57:17:ce:56:fe:15:5f:54:a5:be:8c:f0:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d90344dcaffbd33e68d84895d87d8abf53c74a3
Validity
Not Before: Jan 1 07:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8486a060f81c80ba85e61a8c7d4849636fac240b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:04:0a:81:02:36:aa:f9:b7:62:93:ad:dc:6e:
82:6b:43:16:09:14:dc:13:3c:0f:9e:41:55:df:9b:
a8:f9:3b:c2:54:23:9d:57:93:f3:73:ec:2f:d6:bd:
67:c6:c9:30:12:71:f1:b5:74:84:d8:b7:ef:00:12:
ca:32:9e:ce:0b:01:f7:3c:43:7e:c4:08:c9:3e:d2:
43:56:88:2a:ed:b6:4a:04:bc:9c:eb:50:f2:04:23:
91:f6:2e:8d:31:0f:ab:63:8e:50:6c:94:5a:37:15:
02:71:e1:6e:45:b7:d3:e0:34:02:2e:d4:e1:3a:2c:
f7:45:9a:51:71:64:7c:e7:3b:b2:d7:ec:c5:f8:c1:
64:61:d9:a8:cc:fa:ea:da:a4:cd:ed:19:e9:a2:82:
3d:d0:80:98:b1:c3:54:48:4e:df:e4:0d:29:7f:d9:
3c:a8:f8:b3:9d:e7:65:4d:49:3b:37:73:83:a1:ed:
88:5b:d4:1e:9d:b6:b2:93:ba:14:96:2d:2a:8f:96:
9f:ca:16:b5:61:b0:80:34:57:70:be:af:77:62:a0:
3d:e9:c8:a8:9b:e8:ac:b8:3b:ba:ef:ca:61:7d:03:
a0:06:00:e4:0d:89:0b:a1:8d:71:c6:6c:c0:18:5a:
ae:9a:bd:8c:00:ec:12:c1:6c:23:21:51:a2:e5:b4:
4f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:86:A0:60:F8:1C:80:BA:85:E6:1A:8C:7D:48:49:63:6F:AC:24:0B
X509v3 Authority Key Identifier:
keyid:1D:90:34:4D:CA:FF:BD:33:E6:8D:84:89:5D:87:D8:AB:F5:3C:74:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/hIagYPgcgLqF5hqMfUhJY2-sJAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9c3d28-05d6-47b0-91ef-e5064db21b20/1/HZA0Tcr_vTPmjYSJXYfYq_U8dKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ca0::/48
Signature Algorithm: sha256WithRSAEncryption
a2:74:fb:3c:06:c4:d3:04:ca:e2:a6:76:bf:8e:67:61:b5:04:
48:2d:7a:26:78:16:b1:30:8d:b5:78:04:7f:f6:f9:b2:9b:1b:
28:13:40:fb:37:bd:af:ef:16:2c:2b:79:ba:ad:e5:37:4b:ba:
50:ba:2c:03:cd:ad:35:8f:3c:17:67:6f:8d:48:71:d2:5c:62:
56:c4:9c:da:59:30:e7:2c:d2:45:c8:93:42:26:4d:9d:f8:7a:
23:4e:df:e5:32:77:8c:81:72:4a:d1:c3:18:32:e3:02:48:fb:
5d:d6:fa:c7:76:a5:cf:5d:37:52:4c:48:e6:50:02:66:f0:44:
b7:a0:6d:be:3e:d3:93:a9:58:f3:7a:c0:53:0b:1c:56:31:94:
40:62:e9:a5:56:eb:45:8f:d4:52:7d:3b:b2:2d:ee:a5:fe:13:
c0:5c:7f:0f:7c:94:4e:f4:77:cf:14:76:df:b4:bd:14:ce:e8:
ff:5f:08:ca:d6:18:17:85:b4:de:b0:f6:7f:70:15:9e:ad:a9:
78:f1:da:3b:c5:24:f9:57:ac:80:28:cd:33:60:75:e0:77:11:
08:fb:2b:1e:23:13:93:0a:94:d0:29:a0:77:35:1c:2c:ae:d1:
d7:ee:22:63:4d:98:09:ad:a5:a1:af:2d:24:42:63:31:f8:3e:
6f:a4:f3:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1gpXF85W/hVfVKW+jPDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOTAzNDRkY2FmZmJkMzNlNjhkODQ4OTVkODdkOGFiZjUz
Yzc0YTMwHhcNMjUwMTAxMDc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg2YTA2MGY4MWM4MGJhODVlNjFhOGM3ZDQ4NDk2MzZmYWMyNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwQKgQI2qvm3YpOt3G6Ca0MWCRTc
EzwPnkFV35uo+TvCVCOdV5Pzc+wv1r1nxskwEnHxtXSE2LfvABLKMp7OCwH3PEN+
xAjJPtJDVogq7bZKBLyc61DyBCOR9i6NMQ+rY45QbJRaNxUCceFuRbfT4DQCLtTh
Oiz3RZpRcWR85zuy1+zF+MFkYdmozPrq2qTN7RnpooI90ICYscNUSE7f5A0pf9k8
qPiznedlTUk7N3ODoe2IW9Qenbayk7oUli0qj5afyha1YbCANFdwvq93YqA96cio
m+isuDu678phfQOgBgDkDYkLoY1xxmzAGFqumr2MAOwSwWwjIVGi5bRPEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFISGoGD4HIC6heYajH1ISWNvrCQLMB8GA1UdIwQY
MBaAFB2QNE3K/70z5o2EiV2H2Kv1PHSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYt
ZTUwNjRkYjIxYjIwLzEvaElhZ1lQZ2NnTHFGNWhxTWZVaEpZMi1zSkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85YzNkMjgtMDVkNi00N2IwLTkxZWYtZTUwNjRkYjIxYjIw
LzEvSFpBMFRjcl92VFBtallTSlhZZllxX1U4ZEtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAyg
MA0GCSqGSIb3DQEBCwUAA4IBAQCidPs8BsTTBMripna/jmdhtQRILXomeBaxMI21
eAR/9vmymxsoE0D7N72v7xYsK3m6reU3S7pQuiwDza01jzwXZ2+NSHHSXGJWxJza
WTDnLNJFyJNCJk2d+HojTt/lMneMgXJK0cMYMuMCSPtd1vrHdqXPXTdSTEjmUAJm
8ES3oG2+PtOTqVjzesBTCxxWMZRAYumlVutFj9RSfTuyLe6l/hPAXH8PfJRO9HfP
FHbftL0Uzuj/XwjK1hgXhbTesPZ/cBWeral48do7xST5V6yAKM0zYHXgdxEI+yse
IxOTCpTQKaB3NRwsrtHX7iJjTZgJraWhry0kQmMx+D5vpPMX
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:29:26 2025 by rpki-client