Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/hBf-hoIhETw06OBRpv7F1WdTrE8.roa
File: hBf-hoIhETw06OBRpv7F1WdTrE8.roa (raw, json)
Hash identifier: LSEM+beBKj2xu4gyMsUhzku59BFOyI6BOdyKq1jM8vA=
Subject key identifier: 84:17:FE:86:82:21:11:3C:34:E8:E0:51:A6:FE:C5:D5:67:53:AC:4F
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 019424B393603410BF20A1E8D78E1B71650B
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/hBf-hoIhETw06OBRpv7F1WdTrE8.roa
Signing time: Thu 02 Jan 2025 01:48:55 +0000
ROA not before: Thu 02 Jan 2025 01:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207616
IP address blocks: 2a0f:ca83::/40 maxlen: 48
2a0f:ca85::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:93:60:34:10:bf:20:a1:e8:d7:8e:1b:71:65:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 2 01:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8417fe868221113c34e8e051a6fec5d56753ac4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8c:a5:50:93:10:be:68:c2:de:89:3e:0c:7d:
69:fd:af:14:fd:93:18:c6:42:44:70:a0:e4:4e:19:
60:d5:c4:f6:e5:bd:12:b1:e2:9b:94:2e:06:df:91:
10:41:5a:d4:f0:9d:5f:5a:b3:ac:a1:7e:bb:e0:f2:
48:0e:45:af:64:19:6e:2f:44:d2:9a:5f:e4:0d:4a:
cb:e5:f0:1a:e4:45:ff:3d:03:72:74:a2:f0:e2:c1:
16:7f:b8:3f:63:b9:15:59:61:d1:74:3d:de:63:6d:
c2:0a:bf:78:0f:aa:60:c1:2a:22:b7:56:8d:1d:84:
8b:e8:73:c4:ae:d6:d6:e8:ff:3a:a0:84:0b:1f:1c:
b9:d5:40:b7:74:b9:f9:9b:90:51:17:91:a2:f8:1d:
d0:86:46:d1:a6:a4:da:8a:9a:81:61:e4:6e:c8:79:
96:ea:f8:61:9c:76:b4:00:78:4c:b6:00:ac:a7:3c:
85:be:7c:f3:3e:2a:40:9f:65:49:3d:b3:e2:47:ad:
3f:9c:27:a5:18:74:14:b1:3d:76:b1:98:f3:c1:97:
2b:46:83:38:7e:b0:93:2f:3a:f4:76:f2:6a:98:e2:
7f:d8:9c:06:4c:29:b7:be:75:f7:d5:77:b7:c4:5a:
97:21:30:cb:26:4e:cd:26:0f:5f:a5:5c:b1:92:9c:
69:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:17:FE:86:82:21:11:3C:34:E8:E0:51:A6:FE:C5:D5:67:53:AC:4F
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/hBf-hoIhETw06OBRpv7F1WdTrE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca83::/40
2a0f:ca85::/48
Signature Algorithm: sha256WithRSAEncryption
42:67:71:ad:b0:54:56:b4:ac:4c:f0:0c:00:ed:13:ed:16:4f:
5a:37:ac:60:b6:f5:bb:cf:92:5e:14:c4:38:cd:3a:46:ee:0d:
8d:66:06:3d:87:f2:2c:16:d9:33:5d:b0:7b:50:ea:54:26:e6:
97:3b:4c:a5:1d:29:0a:9b:28:71:03:7a:91:72:74:cd:68:b2:
2b:f3:08:6c:40:3f:f9:f3:d1:32:7f:93:39:06:15:b0:52:b5:
32:0d:e6:a3:6c:78:c9:98:02:00:d4:8f:c7:13:84:c9:3f:c4:
65:ff:20:bf:0f:72:65:49:72:34:ee:45:83:c9:45:f8:e5:40:
16:f0:64:cd:87:24:bb:7d:e0:0b:0e:47:40:8c:70:34:ed:11:
9c:9b:6c:da:f8:2b:83:f9:33:21:3e:c4:2a:12:7e:b1:4c:ef:
cc:bd:5f:fb:a7:f2:4f:08:ce:30:b1:14:a7:d8:a9:4d:d2:64:
4d:21:f7:84:b1:d2:bf:0d:bc:bb:16:46:40:d0:df:4f:2c:ea:
ab:7c:3c:c2:8a:84:fb:1f:0b:db:00:d4:96:71:79:bf:8e:56:
b1:b1:5b:0b:f1:62:03:74:54:59:15:db:32:c1:b8:77:41:56:
e9:2a:29:34:e1:27:0e:55:5f:60:81:4b:47:fd:ce:fa:dc:54:
0b:82:fb:f1
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQks5NgNBC/IKHo144bcWULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjUwMTAyMDE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDE3ZmU4NjgyMjExMTNjMzRlOGUwNTFhNmZlYzVkNTY3NTNhYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoylUJMQvmjC3ok+DH1p/a8U/ZMY
xkJEcKDkThlg1cT25b0SseKblC4G35EQQVrU8J1fWrOsoX674PJIDkWvZBluL0TS
ml/kDUrL5fAa5EX/PQNydKLw4sEWf7g/Y7kVWWHRdD3eY23CCr94D6pgwSoit1aN
HYSL6HPErtbW6P86oIQLHxy51UC3dLn5m5BRF5Gi+B3QhkbRpqTaipqBYeRuyHmW
6vhhnHa0AHhMtgCspzyFvnzzPipAn2VJPbPiR60/nCelGHQUsT12sZjzwZcrRoM4
frCTLzr0dvJqmOJ/2JwGTCm3vnX31Xe3xFqXITDLJk7NJg9fpVyxkpxpDQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFIQX/oaCIRE8NOjgUab+xdVnU6xPMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvaEJmLWhvSWhFVHcwNk9CUnB2N0YxV2RUckU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKg/KgwAD
BwAqD8qFAAAwDQYJKoZIhvcNAQELBQADggEBAEJnca2wVFa0rEzwDADtE+0WT1o3
rGC29bvPkl4UxDjNOkbuDY1mBj2H8iwW2TNdsHtQ6lQm5pc7TKUdKQqbKHEDepFy
dM1osivzCGxAP/nz0TJ/kzkGFbBStTIN5qNseMmYAgDUj8cThMk/xGX/IL8PcmVJ
cjTuRYPJRfjlQBbwZM2HJLt94AsOR0CMcDTtEZybbNr4K4P5MyE+xCoSfrFM78y9
X/un8k8IzjCxFKfYqU3SZE0h94Sx0r8NvLsWRkDQ308s6qt8PMKKhPsfC9sA1JZx
eb+OVrGxWwvxYgN0VFkV2zLBuHdBVukqKTThJw5VX2CBS0f9zvrcVAuC+/E=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:41:25 2025 by rpki-client