Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/hSruO-0GUUCBlueA4q5S0Rp872Q.roa
File: hSruO-0GUUCBlueA4q5S0Rp872Q.roa (raw, json)
Hash identifier: +lTogF7+B3/G+E3x3KuoL5RTIDbYv5X2+PjUd4IvDOY=
Subject key identifier: 85:2A:EE:3B:ED:06:51:40:81:96:E7:80:E2:AE:52:D1:1A:7C:EF:64
Certificate issuer: /CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Certificate serial: 018CC42450488D6A89878638BEF5F257840B
Authority key identifier: 97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/hSruO-0GUUCBlueA4q5S0Rp872Q.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207267
IP address blocks: 2a09:ca06::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:50:48:8d:6a:89:87:86:38:be:f5:f2:57:84:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ac47b51244ef49c52378aecd29c58cfb72089b
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=852aee3bed0651408196e780e2ae52d11a7cef64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:31:4f:e3:9b:4d:ac:da:d9:0c:53:bc:ee:97:
e5:3c:43:19:dd:f6:c1:16:ac:9e:9a:88:3e:ec:d5:
f3:8c:91:2d:c3:1f:e7:25:82:e6:44:0d:53:74:44:
b9:c6:75:93:76:61:e7:12:92:81:c4:b4:00:5d:e1:
ca:f5:54:22:2f:19:30:26:5f:62:96:ab:e6:57:3c:
09:0c:42:81:4e:d9:72:a6:ae:46:f8:5a:13:94:f4:
77:9b:c5:bd:9f:29:19:7d:8c:96:18:af:c3:ec:94:
65:5a:c1:9e:d3:87:ba:f9:6a:c7:b3:0d:2f:87:e2:
1d:cf:7a:c5:e0:d3:1a:54:11:96:71:0a:a6:cb:60:
08:73:36:d6:83:c4:ba:46:b6:fa:b9:df:76:01:b2:
4f:f4:0d:3f:df:e4:88:31:e0:8b:21:ab:4a:01:54:
d0:ac:88:5b:59:8f:d4:ce:1b:18:97:81:2f:10:a2:
41:88:63:9a:b6:29:32:3c:22:97:55:70:9a:8c:6f:
8d:90:09:65:1a:45:08:a9:18:bb:c4:3f:df:90:5e:
ee:1b:b6:15:d7:db:aa:a2:35:f3:79:00:4d:64:5a:
5a:48:dc:6b:2b:a9:b1:59:79:da:9b:ad:fd:16:99:
8c:07:9c:dd:26:45:6f:9c:28:69:c0:84:22:ce:4f:
e1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2A:EE:3B:ED:06:51:40:81:96:E7:80:E2:AE:52:D1:1A:7C:EF:64
X509v3 Authority Key Identifier:
keyid:97:AC:47:B5:12:44:EF:49:C5:23:78:AE:CD:29:C5:8C:FB:72:08:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6xHtRJE70nFI3iuzSnFjPtyCJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/hSruO-0GUUCBlueA4q5S0Rp872Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5f063f-100d-4310-a046-3f6568b59589/1/l6xHtRJE70nFI3iuzSnFjPtyCJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:ca06::/44
Signature Algorithm: sha256WithRSAEncryption
93:71:60:fa:28:c4:ec:0d:d7:6b:10:db:21:20:87:6b:95:c6:
65:d7:12:82:7f:b0:3f:5c:19:9a:c6:1e:43:7b:f4:ff:b3:09:
08:7f:a8:7f:68:3b:96:97:a5:e0:94:f4:a4:96:d8:14:8c:f6:
42:f4:46:f5:d4:7c:44:4d:ba:79:6e:6e:6e:36:78:e2:9e:6a:
8c:1e:93:6e:d9:af:c6:5d:16:f8:32:b9:77:98:cc:a7:b9:58:
fb:b0:9a:6d:5d:1c:92:3f:46:81:1e:ee:82:46:37:63:ab:93:
f8:82:0a:26:f2:bc:dc:8c:53:15:c2:7d:c9:28:d1:0f:f3:0c:
2a:26:ee:4b:3b:f4:0e:60:ad:66:61:5c:04:4c:14:52:c3:53:
be:b9:8b:2e:2b:98:f1:29:57:f6:c2:b6:95:52:26:75:6d:a5:
56:f7:2e:b9:1d:b4:ee:34:9b:8c:c9:8a:d1:b1:94:53:11:3c:
22:81:70:78:68:3a:88:5e:db:45:b9:7c:e6:d7:05:99:1e:8f:
a0:ab:d5:8c:4f:53:8d:28:07:ce:e1:3c:f8:fb:18:99:16:f2:
cd:6d:64:a9:e0:d9:c2:a5:56:2d:1f:2b:6b:cd:fc:45:4a:a7:
4e:af:68:d3:f5:cf:a9:b9:6f:90:63:9d:37:a5:70:99:47:db:
eb:cf:28:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJFBIjWqJh4Y4vvXyV4QLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YWM0N2I1MTI0NGVmNDljNTIzNzhhZWNkMjljNThjZmI3
MjA4OWIwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJhZWUzYmVkMDY1MTQwODE5NmU3ODBlMmFlNTJkMTFhN2NlZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjFP45tNrNrZDFO87pflPEMZ3fbB
Fqyemog+7NXzjJEtwx/nJYLmRA1TdES5xnWTdmHnEpKBxLQAXeHK9VQiLxkwJl9i
lqvmVzwJDEKBTtlypq5G+FoTlPR3m8W9nykZfYyWGK/D7JRlWsGe04e6+WrHsw0v
h+Idz3rF4NMaVBGWcQqmy2AIczbWg8S6Rrb6ud92AbJP9A0/3+SIMeCLIatKAVTQ
rIhbWY/UzhsYl4EvEKJBiGOatikyPCKXVXCajG+NkAllGkUIqRi7xD/fkF7uG7YV
19uqojXzeQBNZFpaSNxrK6mxWXnam639FpmMB5zdJkVvnChpwIQizk/hcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIUq7jvtBlFAgZbngOKuUtEafO9kMB8GA1UdIwQY
MBaAFJesR7USRO9JxSN4rs0pxYz7cgibMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYt
M2Y2NTY4YjU5NTg5LzEvaFNydU8tMEdVVUNCbHVlQTRxNVMwUnA4NzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZjA2M2YtMTAwZC00MzEwLWEwNDYtM2Y2NTY4YjU5NTg5
LzEvbDZ4SHRSSkU3MG5GSTNpdXpTbkZqUHR5Q0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnKBgAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCTcWD6KMTsDddrENshIIdrlcZl1xKCf7A/XBma
xh5De/T/swkIf6h/aDuWl6XglPSkltgUjPZC9Eb11HxETbp5bm5uNnjinmqMHpNu
2a/GXRb4Mrl3mMynuVj7sJptXRySP0aBHu6CRjdjq5P4ggom8rzcjFMVwn3JKNEP
8wwqJu5LO/QOYK1mYVwETBRSw1O+uYsuK5jxKVf2wraVUiZ1baVW9y65HbTuNJuM
yYrRsZRTETwigXB4aDqIXttFuXzm1wWZHo+gq9WMT1ONKAfO4Tz4+xiZFvLNbWSp
4NnCpVYtHytrzfxFSqdOr2jT9c+puW+QY503pXCZR9vrzygR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:52 2025 by rpki-client