Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hx8COhVdZH3qD7ow8tVDVEthRPc.roa
File: hx8COhVdZH3qD7ow8tVDVEthRPc.roa (raw, json)
Hash identifier: 9Fb/TlXj91Uiy/zQMHh1FmWNO1ee5ZA/jKsf3Ls2K6w=
Subject key identifier: 87:1F:02:3A:15:5D:64:7D:EA:0F:BA:30:F2:D5:43:54:4B:61:44:F7
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01941FFA4D17DE1153D86B6FD79F6FD1F00C
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hx8COhVdZH3qD7ow8tVDVEthRPc.roa
Signing time: Wed 01 Jan 2025 03:48:04 +0000
ROA not before: Wed 01 Jan 2025 03:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29577
IP address blocks: 81.12.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4d:17:de:11:53:d8:6b:6f:d7:9f:6f:d1:f0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 1 03:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=871f023a155d647dea0fba30f2d543544b6144f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8b:a6:25:df:92:3e:43:60:0e:28:b9:9d:ab:
1d:b1:40:4e:b3:6e:5a:08:86:09:34:34:72:0b:13:
72:2f:69:0f:1f:70:0f:d8:c9:10:d4:d5:7c:4e:b1:
0f:8b:71:aa:2c:8f:a1:d6:85:53:2c:d8:c7:ae:70:
68:8b:79:24:4e:67:fb:76:db:77:49:56:c8:03:8d:
5b:e1:7d:a8:02:07:98:95:4d:8d:e7:36:28:28:ae:
bd:3f:8c:f6:42:1a:13:0a:46:a2:e4:70:1c:41:53:
1c:ff:8a:a0:11:ad:8c:a3:9f:58:0d:6f:cc:4f:2a:
ae:d9:39:e8:82:f2:dd:3c:4c:c2:6c:38:60:2d:65:
df:5a:4b:da:ae:3f:e3:9a:d9:1a:43:fa:0c:d0:e7:
d0:33:f0:6b:c2:cf:4d:ca:82:9d:46:a9:bc:a0:7a:
95:8b:0b:bb:e1:89:e3:36:d7:c3:31:53:65:14:eb:
f4:52:ad:f7:5e:07:e5:6d:7a:b0:d8:be:aa:73:7a:
2b:65:ba:c7:de:34:52:0f:1c:17:cc:8a:7c:e9:cb:
e5:ff:5a:4f:48:bc:b0:ed:ba:ce:3a:bb:4a:0e:95:
f2:8c:ed:d5:04:8e:4c:24:2c:19:09:93:1e:e3:bd:
9f:eb:95:11:a4:15:8c:02:68:f6:a4:52:00:51:71:
a2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:1F:02:3A:15:5D:64:7D:EA:0F:BA:30:F2:D5:43:54:4B:61:44:F7
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/hx8COhVdZH3qD7ow8tVDVEthRPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.0.0/22
Signature Algorithm: sha256WithRSAEncryption
85:0b:7a:9b:18:b4:59:cf:a2:e7:5b:10:af:93:78:ea:ef:c0:
dc:14:0b:d1:36:b2:32:8b:63:da:17:26:38:9a:30:68:ec:07:
fb:28:c6:1b:0b:fe:50:20:66:34:56:2a:c5:06:1f:48:90:4e:
df:50:3d:f7:26:19:79:e8:ff:ce:2a:85:76:e8:84:af:e7:48:
4d:62:71:5d:10:94:46:a1:6e:91:ee:3c:31:07:22:2c:c6:47:
82:5f:e4:6d:29:42:9e:83:ac:68:bc:8e:b7:da:82:c3:55:68:
79:b8:31:01:01:c8:30:94:76:5d:36:24:71:c0:8c:04:14:c0:
d0:dd:9c:36:de:da:b5:17:f1:60:7d:77:ee:45:2d:ea:67:11:
62:13:52:ec:f9:bb:49:7c:2d:56:7e:f6:35:57:79:20:8e:4d:
3e:b0:1e:93:44:ff:cd:95:f0:07:4c:ba:8d:83:ef:36:32:d7:
90:3a:30:94:2d:3b:ab:a4:28:1d:11:d7:e0:0c:2a:98:bd:7a:
32:65:71:57:df:20:a1:4e:7a:a4:e6:f0:07:1f:cd:87:e3:44:
e4:36:4b:71:f9:46:b4:94:87:a9:4d:3e:4b:21:bd:6a:2e:02:
38:75:c2:34:63:d2:de:ec:7a:eb:ba:20:81:64:f2:d2:08:d6:
c1:d4:28:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+k0X3hFT2Gtv159v0fAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwMTAxMDM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzFmMDIzYTE1NWQ2NDdkZWEwZmJhMzBmMmQ1NDM1NDRiNjE0NGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoumJd+SPkNgDii5nasdsUBOs25a
CIYJNDRyCxNyL2kPH3AP2MkQ1NV8TrEPi3GqLI+h1oVTLNjHrnBoi3kkTmf7dtt3
SVbIA41b4X2oAgeYlU2N5zYoKK69P4z2QhoTCkai5HAcQVMc/4qgEa2Mo59YDW/M
Tyqu2TnogvLdPEzCbDhgLWXfWkvarj/jmtkaQ/oM0OfQM/Brws9NyoKdRqm8oHqV
iwu74YnjNtfDMVNlFOv0Uq33XgflbXqw2L6qc3orZbrH3jRSDxwXzIp86cvl/1pP
SLyw7brOOrtKDpXyjO3VBI5MJCwZCZMe472f65URpBWMAmj2pFIAUXGiCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcfAjoVXWR96g+6MPLVQ1RLYUT3MB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvaHg4Q09oVmRaSDNxRDdvdzh0VkRWRXRoUlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUQwAMA0G
CSqGSIb3DQEBCwUAA4IBAQCFC3qbGLRZz6LnWxCvk3jq78DcFAvRNrIyi2PaFyY4
mjBo7Af7KMYbC/5QIGY0VirFBh9IkE7fUD33Jhl56P/OKoV26ISv50hNYnFdEJRG
oW6R7jwxByIsxkeCX+RtKUKeg6xovI632oLDVWh5uDEBAcgwlHZdNiRxwIwEFMDQ
3Zw23tq1F/FgfXfuRS3qZxFiE1Ls+btJfC1WfvY1V3kgjk0+sB6TRP/NlfAHTLqN
g+82MteQOjCULTurpCgdEdfgDCqYvXoyZXFX3yChTnqk5vAHH82H40TkNktx+Ua0
lIepTT5LIb1qLgI4dcI0Y9Le7HrruiCBZPLSCNbB1Chf
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:45:19 2025 by rpki-client