Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/H23yH2UNetR5LvxmUrL9ZH7hhkw.roa
File: H23yH2UNetR5LvxmUrL9ZH7hhkw.roa (raw, json)
Hash identifier: zQ5QCaLJ6F1p4Im8HHBNWIGninfkK9oT3VWP/j32huE=
Subject key identifier: 1F:6D:F2:1F:65:0D:7A:D4:79:2E:FC:66:52:B2:FD:64:7E:E1:86:4C
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 018571B0EF3554F912B6ABDB27428D63C31A
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/H23yH2UNetR5LvxmUrL9ZH7hhkw.roa
Signing time: Mon 02 Jan 2023 08:54:59 +0000
ROA not before: Mon 02 Jan 2023 08:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206075
IP address blocks: 2a07:e041::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:ef:35:54:f9:12:b6:ab:db:27:42:8d:63:c3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Jan 2 08:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f6df21f650d7ad4792efc6652b2fd647ee1864c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a0:18:bd:a3:66:7e:21:82:dd:9f:07:62:ee:
af:8d:cf:c9:67:31:4e:81:3c:c2:4a:ae:60:09:e7:
15:f8:db:52:64:e6:49:90:f9:27:7f:24:fc:1a:47:
c6:2c:2b:ae:58:e6:67:c2:a9:2c:ae:f2:4f:26:6a:
cd:95:7f:33:bf:d2:e1:76:01:68:f8:e3:f4:54:7b:
50:8a:15:52:bc:b8:60:f3:f7:69:e0:6a:7f:84:be:
de:85:89:a0:e0:f7:c8:6a:43:37:9e:b8:c1:77:d3:
60:4d:d4:18:bb:92:5f:f4:3e:77:48:ce:4c:89:13:
7b:d4:6e:7f:4a:af:ad:4a:f9:f4:37:fd:0c:39:9d:
9b:6b:91:2f:d4:d7:46:e4:0c:23:12:4d:1b:7c:ad:
32:55:d1:9c:c3:68:f1:c3:fa:3e:32:b4:f5:57:76:
1c:ce:37:29:44:f9:7e:64:54:44:67:8f:dd:cd:1e:
4c:58:52:10:a9:27:e3:3b:07:24:6e:5a:31:a7:d7:
c1:2e:60:b7:a4:c5:aa:67:3a:63:90:a4:29:c8:27:
3e:e1:8f:0d:00:a5:df:db:b8:2d:0c:98:e5:e6:fb:
00:35:89:ed:d1:da:32:ce:d1:32:b1:19:1c:68:8f:
44:da:0c:be:c0:a9:6c:2d:be:22:9d:99:3f:6a:c4:
30:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6D:F2:1F:65:0D:7A:D4:79:2E:FC:66:52:B2:FD:64:7E:E1:86:4C
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/H23yH2UNetR5LvxmUrL9ZH7hhkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:e041::/32
Signature Algorithm: sha256WithRSAEncryption
3b:42:df:6f:e4:19:09:2e:9c:ea:9e:24:5e:77:54:87:19:52:
39:4d:9d:77:33:df:af:f0:8c:ab:55:02:ef:b9:cf:a1:14:c1:
23:0a:01:e9:f0:2e:51:fb:22:a7:b2:67:db:e9:a6:95:8b:46:
7c:6a:cf:b3:3a:f9:c0:71:71:30:79:5f:1e:28:9e:b1:f8:eb:
1b:04:2e:1d:89:de:b2:36:d1:da:e1:1e:b4:96:e5:1f:f8:b1:
7e:f8:97:82:0a:f9:ab:3c:b6:fa:18:01:52:b4:6c:1c:75:ca:
ab:b9:4a:32:dd:a3:42:0b:39:f5:2b:89:5b:1c:5c:da:e2:b4:
fc:9a:8d:43:18:c3:15:4c:62:fa:bb:98:29:17:ca:e0:a0:90:
1f:7d:02:22:01:4d:12:8b:50:fe:54:69:ee:d8:ec:a5:dc:89:
3b:0d:27:7c:a9:a3:aa:6d:f3:ea:d9:04:b4:a7:e5:f3:12:3f:
69:24:d5:7c:c5:a5:f3:0e:64:1a:75:bc:9b:0e:cb:ad:c7:6e:
41:7c:be:66:17:0e:1c:4b:a2:0e:6c:0e:46:a1:6e:f6:cd:56:
e7:90:c1:d1:ac:4b:e5:ef:a1:88:43:5f:b2:af:89:50:b6:46:
71:21:cc:e7:13:1a:c8:0c:25:6a:93:8f:5f:e3:a5:ad:55:5d:
0e:4f:e3:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxsO81VPkStqvbJ0KNY8MaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjMwMTAyMDg1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZkZjIxZjY1MGQ3YWQ0NzkyZWZjNjY1MmIyZmQ2NDdlZTE4NjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6AYvaNmfiGC3Z8HYu6vjc/JZzFO
gTzCSq5gCecV+NtSZOZJkPknfyT8GkfGLCuuWOZnwqksrvJPJmrNlX8zv9LhdgFo
+OP0VHtQihVSvLhg8/dp4Gp/hL7ehYmg4PfIakM3nrjBd9NgTdQYu5Jf9D53SM5M
iRN71G5/Sq+tSvn0N/0MOZ2ba5Ev1NdG5AwjEk0bfK0yVdGcw2jxw/o+MrT1V3Yc
zjcpRPl+ZFREZ4/dzR5MWFIQqSfjOwckbloxp9fBLmC3pMWqZzpjkKQpyCc+4Y8N
AKXf27gtDJjl5vsANYnt0doyztEysRkcaI9E2gy+wKlsLb4inZk/asQwFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB9t8h9lDXrUeS78ZlKy/WR+4YZMMB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvSDIzeUgyVU5ldFI1THZ4bVVyTDlaSDdoaGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfgQTAN
BgkqhkiG9w0BAQsFAAOCAQEAO0Lfb+QZCS6c6p4kXndUhxlSOU2ddzPfr/CMq1UC
77nPoRTBIwoB6fAuUfsip7Jn2+mmlYtGfGrPszr5wHFxMHlfHiiesfjrGwQuHYne
sjbR2uEetJblH/ixfviXggr5qzy2+hgBUrRsHHXKq7lKMt2jQgs59SuJWxxc2uK0
/JqNQxjDFUxi+ruYKRfK4KCQH30CIgFNEotQ/lRp7tjspdyJOw0nfKmjqm3z6tkE
tKfl8xI/aSTVfMWl8w5kGnW8mw7LrcduQXy+ZhcOHEuiDmwORqFu9s1W55DB0axL
5e+hiENfsq+JULZGcSHM5xMayAwlapOPX+OlrVVdDk/jzA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:17 2025 by rpki-client