Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5a2f80-cad4-495e-b6b7-dc3c7c3823db/1/hPal2zoW2cowQ4QrKU5T2g7dO54.roa
File: hPal2zoW2cowQ4QrKU5T2g7dO54.roa (raw, json)
Hash identifier: gJuNL/9y6bNca7Myv+VaBRFO3DVV52/w2SyPnvA9YUI=
Subject key identifier: 84:F6:A5:DB:3A:16:D9:CA:30:43:84:2B:29:4E:53:DA:0E:DD:3B:9E
Certificate issuer: /CN=a410dfd9476c92a14a377a11c2683b58fcb21dbd
Certificate serial: 01828DB0AAE24D709D6C38BC03418E41490F
Authority key identifier: A4:10:DF:D9:47:6C:92:A1:4A:37:7A:11:C2:68:3B:58:FC:B2:1D:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pBDf2UdskqFKN3oRwmg7WPyyHb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/5a2f80-cad4-495e-b6b7-dc3c7c3823db/1/hPal2zoW2cowQ4QrKU5T2g7dO54.roa
Signing time: Thu 11 Aug 2022 16:15:41 +0000
ROA not before: Thu 11 Aug 2022 16:15:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25145
IP address blocks: 2a10:7cc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:b0:aa:e2:4d:70:9d:6c:38:bc:03:41:8e:41:49:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a410dfd9476c92a14a377a11c2683b58fcb21dbd
Validity
Not Before: Aug 11 16:15:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84f6a5db3a16d9ca3043842b294e53da0edd3b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e6:2f:84:fc:3c:92:cc:ed:30:ad:de:dc:d2:
e7:19:19:1e:1d:0d:0f:87:b6:6a:f6:bb:09:0e:27:
59:27:aa:98:33:78:55:69:2c:55:01:5b:2b:97:98:
8d:73:96:59:79:4c:f8:8f:f6:60:c2:40:b9:85:74:
5a:67:f1:08:cc:00:ed:73:d5:ed:13:dc:29:8d:71:
68:94:c6:be:63:86:f6:92:03:c9:91:4a:e0:b3:3b:
69:22:6d:a9:ce:7c:6b:9f:e8:4c:7f:f5:c2:56:1f:
b2:e3:79:e1:cf:42:56:a3:8c:c7:0d:b1:73:30:b7:
99:22:d6:f0:2e:1e:ab:1b:61:a9:3d:5c:a4:85:6b:
59:78:c1:49:96:4e:1c:b1:8d:8d:49:48:51:86:ff:
0e:54:25:e1:ee:60:9c:eb:14:1f:c2:b1:36:3c:f8:
06:1a:83:3c:38:e5:d5:d0:c9:6d:1a:39:e7:57:7b:
27:a8:68:40:66:6a:d5:74:38:76:6b:f3:97:d8:af:
38:8d:28:78:f1:98:fb:23:8b:fb:f0:80:59:9b:f7:
44:5a:e4:00:1c:34:8f:b1:35:ff:4b:80:4d:c0:dc:
25:d7:67:62:d9:5a:c8:32:83:d3:90:cb:1e:80:58:
db:8a:d3:50:4d:00:2d:1b:35:83:00:d0:f7:d0:d3:
86:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F6:A5:DB:3A:16:D9:CA:30:43:84:2B:29:4E:53:DA:0E:DD:3B:9E
X509v3 Authority Key Identifier:
keyid:A4:10:DF:D9:47:6C:92:A1:4A:37:7A:11:C2:68:3B:58:FC:B2:1D:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pBDf2UdskqFKN3oRwmg7WPyyHb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5a2f80-cad4-495e-b6b7-dc3c7c3823db/1/hPal2zoW2cowQ4QrKU5T2g7dO54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5a2f80-cad4-495e-b6b7-dc3c7c3823db/1/pBDf2UdskqFKN3oRwmg7WPyyHb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
83:2d:03:ca:29:c4:00:d7:3f:b7:f1:29:78:45:12:89:39:35:
ca:df:ee:8b:d6:43:6b:9a:63:8b:57:ac:a6:d8:d0:0a:fa:95:
87:9c:59:17:87:3c:31:94:3a:44:d9:5d:dd:66:c6:e8:97:b8:
e8:97:85:7c:ed:a0:ae:a9:94:b6:a1:0f:bb:86:a6:f2:11:03:
a1:0e:ac:e7:bf:0c:f5:38:db:39:5d:e5:b0:23:e3:8d:b5:11:
70:ee:eb:51:f6:0a:ba:2e:17:96:c3:0a:02:60:52:92:40:60:
12:4e:69:9b:df:cc:ac:5f:63:59:4a:b1:08:65:8a:9b:30:84:
f0:4a:8e:f4:70:4e:65:81:2b:a4:34:73:f3:c3:4a:b0:12:ee:
81:26:ff:05:30:b3:02:2f:7d:aa:47:e1:74:72:7c:d3:50:27:
52:d3:1c:c2:38:0d:32:1e:bc:53:43:f8:9a:db:8c:d5:78:a2:
4e:4a:89:97:a1:b9:00:5a:34:c2:f0:d5:05:67:74:9f:41:71:
bf:1f:b4:c2:07:20:8c:18:96:35:b7:17:10:1b:aa:e9:2f:10:
eb:95:1e:90:87:eb:b6:22:26:62:48:df:45:55:c1:29:da:81:
a3:4f:e6:33:0f:e3:09:2b:df:89:5f:ac:c1:e5:08:26:26:4a:
1c:c5:3d:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYKNsKriTXCdbDi8A0GOQUkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MTBkZmQ5NDc2YzkyYTE0YTM3N2ExMWMyNjgzYjU4ZmNi
MjFkYmQwHhcNMjIwODExMTYxNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY2YTVkYjNhMTZkOWNhMzA0Mzg0MmIyOTRlNTNkYTBlZGQzYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOYvhPw8ksztMK3e3NLnGRkeHQ0P
h7Zq9rsJDidZJ6qYM3hVaSxVAVsrl5iNc5ZZeUz4j/ZgwkC5hXRaZ/EIzADtc9Xt
E9wpjXFolMa+Y4b2kgPJkUrgsztpIm2pznxrn+hMf/XCVh+y43nhz0JWo4zHDbFz
MLeZItbwLh6rG2GpPVykhWtZeMFJlk4csY2NSUhRhv8OVCXh7mCc6xQfwrE2PPgG
GoM8OOXV0MltGjnnV3snqGhAZmrVdDh2a/OX2K84jSh48Zj7I4v78IBZm/dEWuQA
HDSPsTX/S4BNwNwl12di2VrIMoPTkMsegFjbitNQTQAtGzWDAND30NOG6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIT2pds6FtnKMEOEKylOU9oO3TueMB8GA1UdIwQY
MBaAFKQQ39lHbJKhSjd6EcJoO1j8sh29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEJEZjJVZHNrcUZLTjNvUndtZzdXUHl5SGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81YTJmODAtY2FkNC00OTVlLWI2Yjct
ZGMzYzdjMzgyM2RiLzEvaFBhbDJ6b1cyY293UTRRcktVNVQyZzdkTzU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81YTJmODAtY2FkNC00OTVlLWI2YjctZGMzYzdjMzgyM2Ri
LzEvcEJEZjJVZHNrcUZLTjNvUndtZzdXUHl5SGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhB8wDAN
BgkqhkiG9w0BAQsFAAOCAQEAgy0DyinEANc/t/EpeEUSiTk1yt/ui9ZDa5pji1es
ptjQCvqVh5xZF4c8MZQ6RNld3WbG6Je46JeFfO2grqmUtqEPu4am8hEDoQ6s578M
9TjbOV3lsCPjjbURcO7rUfYKui4XlsMKAmBSkkBgEk5pm9/MrF9jWUqxCGWKmzCE
8EqO9HBOZYErpDRz88NKsBLugSb/BTCzAi99qkfhdHJ801AnUtMcwjgNMh68U0P4
mtuM1XiiTkqJl6G5AFo0wvDVBWd0n0Fxvx+0wgcgjBiWNbcXEBuq6S8Q65UekIfr
tiImYkjfRVXBKdqBo0/mMw/jCSvfiV+sweUIJiZKHMU9Ug==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:02 2025 by rpki-client