Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/HUjG5wlXIs_S_8BTLmPoqHtpE_8.roa
File: HUjG5wlXIs_S_8BTLmPoqHtpE_8.roa (raw, json)
Hash identifier: n0+Gv3Td1KV66vO7s/EA+fLLoF/hxd3hZyfSfNcw3NA=
Subject key identifier: 1D:48:C6:E7:09:57:22:CF:D2:FF:C0:53:2E:63:E8:A8:7B:69:13:FF
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 0194214430CC2EE127B0F16F16217B2DF48C
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/HUjG5wlXIs_S_8BTLmPoqHtpE_8.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5411
IP address blocks: 2a03:9b80:4000::/34 maxlen: 34
2a03:9b80:4000::/35 maxlen: 35
2a03:9b80:6000::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:30:cc:2e:e1:27:b0:f1:6f:16:21:7b:2d:f4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d48c6e7095722cfd2ffc0532e63e8a87b6913ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3e:3a:d4:86:06:4f:3e:ea:ae:01:aa:33:08:
80:24:7a:81:0c:e1:53:57:75:9f:5b:c8:16:f3:a1:
c2:65:dd:a8:44:e2:42:7f:a5:7a:32:72:2c:86:37:
a9:d5:a2:7e:0e:2a:03:71:72:ca:1d:4e:3e:c6:4d:
7e:9b:9b:9b:65:61:4e:17:d7:1c:42:37:e4:65:56:
d6:fe:35:bd:99:7e:6f:c2:b3:5d:8f:99:37:cb:19:
49:66:85:39:cf:dc:9e:c0:ad:3d:e0:b8:68:0b:44:
fd:c9:3a:48:b8:09:ef:46:8e:de:49:3c:23:dd:80:
c2:f0:66:40:45:45:39:99:9f:f6:ef:ac:75:2e:4e:
4f:67:49:49:df:f2:34:35:48:8d:67:86:c7:f0:86:
91:07:dc:af:44:09:4f:52:ea:44:36:19:77:f0:68:
a8:bb:84:86:5d:dd:b4:59:6f:f9:da:ae:1d:16:7d:
83:89:7e:8f:9a:95:62:2b:91:5e:ce:b0:a5:60:e1:
13:a2:6d:4d:8b:bf:23:95:b8:1e:87:f1:88:ee:fb:
b2:34:c8:bb:0c:63:de:c0:21:4d:7f:96:c1:ee:43:
8a:07:c6:9d:a0:e5:68:17:69:1c:5d:d2:4e:90:36:
9c:3f:86:67:55:46:65:f0:f1:5e:d3:a5:c4:4e:e9:
1b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:48:C6:E7:09:57:22:CF:D2:FF:C0:53:2E:63:E8:A8:7B:69:13:FF
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/HUjG5wlXIs_S_8BTLmPoqHtpE_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9b80:4000::/34
Signature Algorithm: sha256WithRSAEncryption
42:08:3a:4e:52:c3:c5:07:4a:57:8b:78:bf:3c:5c:0e:f8:77:
38:6e:7d:d1:41:03:da:ea:62:ae:51:7b:6e:63:6a:94:50:7b:
cc:7a:03:97:4e:01:3e:4f:ba:62:c3:3d:56:c4:4e:f1:d3:e2:
82:a0:ea:6c:87:65:0c:71:f2:24:f2:c4:54:83:c6:55:0d:70:
e7:0f:92:1a:2b:5c:77:d8:fe:74:9e:68:9d:43:81:46:25:51:
0d:36:b5:db:c4:7a:63:12:99:94:f2:64:9c:fb:37:d3:3f:64:
cc:42:97:43:7c:f9:4f:9d:4c:46:c0:c3:96:d4:9e:14:03:9e:
62:33:c5:b4:80:cc:08:64:6e:60:f9:04:86:57:ca:f0:b7:47:
26:d3:d5:eb:1d:66:92:98:b1:cc:5e:3f:ca:d7:67:f3:7f:18:
a9:ea:0d:09:56:2b:94:7b:34:61:cb:d2:8b:f4:69:43:e8:17:
a6:cb:36:19:f9:4c:b1:bb:71:f4:9d:c5:0d:77:1b:f0:59:a3:
6c:de:05:66:15:26:c4:06:cf:9f:46:69:d6:23:6d:17:a1:f4:
c1:66:e6:07:a5:c5:05:f3:8c:cf:2e:df:86:1f:23:54:9d:b1:
4c:18:f6:0b:c5:52:6c:a5:d3:b5:e4:48:2d:78:27:e8:cd:3f:
9c:5a:2b:fb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhRDDMLuEnsPFvFiF7LfSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ4YzZlNzA5NTcyMmNmZDJmZmMwNTMyZTYzZThhODdiNjkxM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyj461IYGTz7qrgGqMwiAJHqBDOFT
V3WfW8gW86HCZd2oROJCf6V6MnIshjep1aJ+DioDcXLKHU4+xk1+m5ubZWFOF9cc
QjfkZVbW/jW9mX5vwrNdj5k3yxlJZoU5z9yewK094LhoC0T9yTpIuAnvRo7eSTwj
3YDC8GZARUU5mZ/276x1Lk5PZ0lJ3/I0NUiNZ4bH8IaRB9yvRAlPUupENhl38Gio
u4SGXd20WW/52q4dFn2DiX6PmpViK5FezrClYOETom1Ni78jlbgeh/GI7vuyNMi7
DGPewCFNf5bB7kOKB8adoOVoF2kcXdJOkDacP4ZnVUZl8PFe06XETukbGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFB1IxucJVyLP0v/AUy5j6Kh7aRP/MB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvSFVqRzV3bFhJc19TXzhCVExtUG9xSHRwRV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgObgEAw
DQYJKoZIhvcNAQELBQADggEBAEIIOk5Sw8UHSleLeL88XA74dzhufdFBA9rqYq5R
e25japRQe8x6A5dOAT5PumLDPVbETvHT4oKg6myHZQxx8iTyxFSDxlUNcOcPkhor
XHfY/nSeaJ1DgUYlUQ02tdvEemMSmZTyZJz7N9M/ZMxCl0N8+U+dTEbAw5bUnhQD
nmIzxbSAzAhkbmD5BIZXyvC3RybT1esdZpKYscxeP8rXZ/N/GKnqDQlWK5R7NGHL
0ov0aUPoF6bLNhn5TLG7cfSdxQ13G/BZo2zeBWYVJsQGz59GadYjbReh9MFm5gel
xQXzjM8u34YfI1SdsUwY9gvFUmyl07XkSC14J+jNP5xaK/s=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net