Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/NHMobz5RYRVit9LoY3zWGAN_HOc.roa
File: NHMobz5RYRVit9LoY3zWGAN_HOc.roa (raw, json)
Hash identifier: tGGn1zlHUoMNuDm6FPTyGRaUtT/oaeGBSOiswtnEYQU=
Subject key identifier: 34:73:28:6F:3E:51:61:15:62:B7:D2:E8:63:7C:D6:18:03:7F:1C:E7
Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Certificate serial: 019421442E7465E5C11296CCE63A076C7429
Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/NHMobz5RYRVit9LoY3zWGAN_HOc.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60672
IP address blocks: 2a10:c883::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2e:74:65:e5:c1:12:96:cc:e6:3a:07:6c:74:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3473286f3e51611562b7d2e8637cd618037f1ce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f0:f7:d7:56:5b:f8:28:f3:d8:ea:49:4f:55:
84:1c:f7:94:88:b9:e6:34:c5:50:f8:19:e4:54:6d:
51:ad:54:38:4e:ab:47:00:d8:5e:24:27:c3:eb:35:
62:63:a1:e2:8f:9e:24:40:a5:be:8e:68:a7:7f:d2:
66:85:72:7a:53:f6:d9:72:3d:0d:d1:94:4d:9f:02:
5a:34:41:de:92:1c:7b:d6:1d:a1:9f:66:fb:74:92:
cd:88:da:b3:86:99:f2:3a:2f:4e:83:cb:5e:73:82:
58:5b:42:32:33:bc:e0:e7:a5:cd:c0:de:6d:dc:d2:
b7:3e:ad:09:3a:18:81:22:3c:6c:25:75:5c:c3:ef:
fd:87:f0:12:b0:b7:d6:3c:8d:26:00:d3:b8:3b:ca:
70:5c:1f:a2:0f:03:76:fa:d6:c4:5a:ef:85:6b:19:
37:ae:dc:86:cc:73:78:65:a3:ba:67:23:81:e1:c6:
de:77:43:12:c1:45:97:96:3d:79:16:fe:fa:8b:94:
e4:3e:32:44:b1:74:83:3e:19:0c:e1:5c:0b:6c:3c:
ea:f7:99:f0:4e:79:4d:17:3b:45:53:44:14:e6:a4:
f0:ad:43:a7:0d:68:1a:4f:5b:3d:0b:49:92:2d:37:
30:46:87:44:0f:19:6c:3c:c1:ba:1d:de:3e:19:90:
7e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:73:28:6F:3E:51:61:15:62:B7:D2:E8:63:7C:D6:18:03:7F:1C:E7
X509v3 Authority Key Identifier:
keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/NHMobz5RYRVit9LoY3zWGAN_HOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:c883::/32
Signature Algorithm: sha256WithRSAEncryption
44:eb:08:d3:d7:f2:58:1f:fd:a8:88:af:47:a0:63:c9:6c:39:
19:62:16:25:cc:60:63:13:d7:d1:5b:f8:38:65:f1:67:20:ef:
4b:20:41:74:5e:47:b4:c1:e7:56:79:c4:d5:71:42:50:9f:0f:
14:d7:41:ef:a0:e6:78:61:7d:4d:5d:c9:f2:a8:ab:aa:6d:67:
b6:8e:85:c0:0f:fb:d6:b1:a7:4c:db:02:86:f3:0a:17:14:7f:
5b:10:ac:9d:5a:2d:7b:4b:63:32:59:63:02:b9:33:85:f6:e3:
67:a0:16:d0:70:e4:eb:62:86:95:18:79:ca:8d:d5:24:c5:9b:
c2:cd:54:33:b2:3d:3d:3b:9e:11:56:d8:b0:57:8a:d0:0e:4e:
46:9a:1f:80:b7:26:d4:56:02:99:cb:bc:2f:76:27:cb:df:fa:
f1:a6:82:3d:db:85:87:76:1c:85:f3:da:48:3b:cb:9c:7f:0f:
46:ac:ae:4b:c9:6f:96:1c:cf:87:02:25:6a:36:53:92:fd:c6:
a8:0e:8e:1e:fb:28:06:b0:c2:57:d0:56:af:77:1a:a3:21:04:
eb:64:62:33:a0:93:69:01:b3:98:54:26:69:c7:64:48:f9:d1:
bf:f4:59:b7:60:81:c0:ff:ef:76:da:5f:4c:e7:3e:cb:ba:1c:
b3:c6:61:50
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhRC50ZeXBEpbM5joHbHQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh
YjRmMDAwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDczMjg2ZjNlNTE2MTE1NjJiN2QyZTg2MzdjZDYxODAzN2YxY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/D311Zb+Cjz2OpJT1WEHPeUiLnm
NMVQ+BnkVG1RrVQ4TqtHANheJCfD6zViY6Hij54kQKW+jminf9JmhXJ6U/bZcj0N
0ZRNnwJaNEHekhx71h2hn2b7dJLNiNqzhpnyOi9Og8tec4JYW0IyM7zg56XNwN5t
3NK3Pq0JOhiBIjxsJXVcw+/9h/ASsLfWPI0mANO4O8pwXB+iDwN2+tbEWu+Faxk3
rtyGzHN4ZaO6ZyOB4cbed0MSwUWXlj15Fv76i5TkPjJEsXSDPhkM4VwLbDzq95nw
TnlNFztFU0QU5qTwrUOnDWgaT1s9C0mSLTcwRodEDxlsPMG6Hd4+GZB+SwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDRzKG8+UWEVYrfS6GN81hgDfxznMB8GA1UdIwQY
MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct
MDM3NWE5YzMyYjAwLzEvTkhNb2J6NVJZUlZpdDlMb1kzeldHQU5fSE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw
LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhDIgzAN
BgkqhkiG9w0BAQsFAAOCAQEAROsI09fyWB/9qIivR6BjyWw5GWIWJcxgYxPX0Vv4
OGXxZyDvSyBBdF5HtMHnVnnE1XFCUJ8PFNdB76DmeGF9TV3J8qirqm1nto6FwA/7
1rGnTNsChvMKFxR/WxCsnVote0tjMlljArkzhfbjZ6AW0HDk62KGlRh5yo3VJMWb
ws1UM7I9PTueEVbYsFeK0A5ORpofgLcm1FYCmcu8L3Yny9/68aaCPduFh3YchfPa
SDvLnH8PRqyuS8lvlhzPhwIlajZTkv3GqA6OHvsoBrDCV9BWr3caoyEE62RiM6CT
aQGzmFQmacdkSPnRv/RZt2CBwP/vdtpfTOc+y7ocs8ZhUA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:50:26 2025 by rpki-client