Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hu0DNVNBS-52vImMrFag5xmRonA.roa
File: hu0DNVNBS-52vImMrFag5xmRonA.roa (raw, json)
Hash identifier: S+JBIuGEFQfqRFNizmiIiEzsKVPxb9FoL2Uoi+rMdKU=
Subject key identifier: 86:ED:03:35:53:41:4B:EE:76:BC:89:8C:AC:56:A0:E7:19:91:A2:70
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0195DF52A41A12C8CF4C066F8C7C49C3F3CA
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hu0DNVNBS-52vImMrFag5xmRonA.roa
Signing time: Sat 29 Mar 2025 00:34:49 +0000
ROA not before: Sat 29 Mar 2025 00:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52025
IP address blocks: 2a0f:b241:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:df:52:a4:1a:12:c8:cf:4c:06:6f:8c:7c:49:c3:f3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Mar 29 00:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86ed033553414bee76bc898cac56a0e71991a270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:21:83:d0:4e:01:31:db:6d:72:63:1b:15:
01:6e:27:99:e7:37:17:a0:4a:73:ed:2d:2a:63:5b:
3f:0a:f4:7c:b7:a5:03:52:b5:fa:dc:1e:25:76:42:
16:d3:08:9a:85:09:6d:3a:a4:01:05:ca:05:c5:c1:
fa:8c:ed:55:18:59:79:ef:9a:de:91:13:28:e2:6d:
e1:b8:34:11:94:25:59:6a:9d:3d:ee:55:48:4f:7d:
3e:39:a1:d9:2e:af:18:5b:81:b9:d0:b8:d5:65:ea:
13:39:73:d3:ab:74:da:ce:17:94:e4:11:a5:cf:2a:
da:43:c7:25:94:a3:4c:1e:2a:fc:80:1d:89:7d:3b:
27:fc:b4:b6:58:88:6e:c2:ab:39:81:ec:76:e0:48:
58:82:2f:1c:df:e0:30:c2:21:71:8e:28:83:b5:8a:
fe:ca:2e:a1:01:be:71:78:04:4f:a9:2a:c1:68:8c:
98:22:9e:97:79:e3:45:b8:2c:78:b2:4f:52:18:ce:
2e:28:c8:e6:99:95:7d:89:f9:ff:d1:60:d2:5f:bd:
b0:af:32:d4:2d:bf:f0:c8:7a:df:0f:ef:60:f0:44:
33:27:a3:46:8a:ac:96:e0:e2:4f:96:89:f1:fd:07:
fc:ac:97:af:1b:58:d5:f6:30:7e:87:79:74:73:36:
79:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:ED:03:35:53:41:4B:EE:76:BC:89:8C:AC:56:A0:E7:19:91:A2:70
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/hu0DNVNBS-52vImMrFag5xmRonA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:3::/48
Signature Algorithm: sha256WithRSAEncryption
37:06:1e:62:aa:26:f5:2d:cf:b0:dd:17:cd:7d:36:e2:d4:a0:
90:9d:08:f1:47:e0:a9:88:8a:32:19:f2:8c:8b:b7:f5:55:41:
40:0b:fa:b2:50:e8:d0:51:be:5e:07:91:43:cf:ba:f4:74:13:
97:c0:bb:5d:fd:ec:84:0d:c9:b1:b8:87:34:54:44:58:e0:e6:
7d:84:3e:f7:26:40:2a:0b:4b:05:3f:af:0c:56:24:d0:36:1f:
66:94:b1:dd:09:13:74:62:f1:e7:e4:71:17:aa:fb:dc:52:cd:
65:76:c6:ef:19:3d:ce:c4:02:b8:3f:56:b6:e1:40:12:f6:8d:
77:be:a0:b5:7b:c4:00:19:3a:33:1c:98:af:29:51:58:fb:5c:
f1:fc:c8:a9:2a:30:22:96:45:96:b3:0e:f3:27:8d:fe:4c:eb:
8d:c3:f9:9e:80:03:16:fb:dc:02:23:77:5d:71:ce:29:f6:52:
81:74:b7:32:da:1b:e5:88:95:63:74:54:69:af:4d:95:eb:3c:
7d:30:9d:00:3b:7d:a8:e1:3a:1c:48:01:cc:32:6b:85:a5:6d:
30:ae:86:96:b2:66:cd:d2:7c:94:cd:4d:89:9c:ac:16:ac:e4:
77:d8:46:37:87:2f:23:62:b8:a8:5c:2f:76:65:f3:6a:73:7e:
58:f3:71:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZXfUqQaEsjPTAZvjHxJw/PKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMzI5MDAzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmVkMDMzNTUzNDE0YmVlNzZiYzg5OGNhYzU2YTBlNzE5OTFhMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbEhg9BOATHbbXJjGxUBbieZ5zcX
oEpz7S0qY1s/CvR8t6UDUrX63B4ldkIW0wiahQltOqQBBcoFxcH6jO1VGFl575re
kRMo4m3huDQRlCVZap097lVIT30+OaHZLq8YW4G50LjVZeoTOXPTq3TazheU5BGl
zyraQ8cllKNMHir8gB2JfTsn/LS2WIhuwqs5gex24EhYgi8c3+AwwiFxjiiDtYr+
yi6hAb5xeARPqSrBaIyYIp6XeeNFuCx4sk9SGM4uKMjmmZV9ifn/0WDSX72wrzLU
Lb/wyHrfD+9g8EQzJ6NGiqyW4OJPlonx/Qf8rJevG1jV9jB+h3l0czZ5zQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIbtAzVTQUvudryJjKxWoOcZkaJwMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvaHUwRE5WTkJTLTUydkltTXJGYWc1eG1Sb25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAD
MA0GCSqGSIb3DQEBCwUAA4IBAQA3Bh5iqib1Lc+w3RfNfTbi1KCQnQjxR+CpiIoy
GfKMi7f1VUFAC/qyUOjQUb5eB5FDz7r0dBOXwLtd/eyEDcmxuIc0VERY4OZ9hD73
JkAqC0sFP68MViTQNh9mlLHdCRN0YvHn5HEXqvvcUs1ldsbvGT3OxAK4P1a24UAS
9o13vqC1e8QAGTozHJivKVFY+1zx/MipKjAilkWWsw7zJ43+TOuNw/megAMW+9wC
I3ddcc4p9lKBdLcy2hvliJVjdFRpr02V6zx9MJ0AO32o4TocSAHMMmuFpW0wroaW
smbN0nyUzU2JnKwWrOR32EY3hy8jYrioXC92ZfNqc35Y83EL
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:15:54 2025 by rpki-client