Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/hu7MJhEZrLZG2uvf4NCVIV-yl5M.roa
File: hu7MJhEZrLZG2uvf4NCVIV-yl5M.roa (raw, json)
Hash identifier: ovn33pyWO8koJqYvbUmNt0rUbJW529ZQ7bj5GMH+vmo=
Subject key identifier: 86:EE:CC:26:11:19:AC:B6:46:DA:EB:DF:E0:D0:95:21:5F:B2:97:93
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 0196E9F32DC1D5F300C8E38797848E8AAB0D
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/hu7MJhEZrLZG2uvf4NCVIV-yl5M.roa
Signing time: Mon 19 May 2025 19:09:10 +0000
ROA not before: Mon 19 May 2025 19:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:3043::/32 maxlen: 32
2a0e:4586::/32 maxlen: 32
2a11:9882::/32 maxlen: 32
2a12:9500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:f3:2d:c1:d5:f3:00:c8:e3:87:97:84:8e:8a:ab:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: May 19 19:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86eecc261119acb646daebdfe0d095215fb29793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:01:2a:0e:b2:96:fd:93:c4:bf:c1:a5:d3:b8:
a6:26:05:e5:71:f4:e6:56:a5:d3:40:20:b9:0c:a4:
76:1a:ea:30:ce:8d:40:8e:4c:ef:53:29:76:32:ad:
28:e5:aa:cf:d9:fc:e9:85:db:00:55:d9:00:1f:12:
cd:37:a0:b9:1b:ec:c5:68:fe:74:aa:5c:cc:6a:6a:
a5:99:0f:70:5f:02:c6:7c:30:1e:06:46:8f:59:a5:
cd:1f:a6:7e:57:19:be:d3:3f:52:92:32:bb:2e:05:
09:85:73:b3:89:80:79:af:f6:15:fb:87:13:3b:0e:
1e:d1:d9:0d:a4:0a:d7:0b:12:6a:99:2b:a7:4d:23:
f6:cf:ff:b5:e6:55:d5:b0:f1:af:8e:5f:f1:46:35:
ff:9f:d4:c4:40:b5:cd:a8:3e:8e:b5:f7:65:67:a9:
4a:76:e0:eb:98:41:90:43:50:2d:d9:e3:29:49:95:
e8:3e:0f:1a:96:45:0e:7a:08:ed:fb:97:d4:b7:e5:
a2:31:43:a6:f6:33:1e:53:c4:8a:61:fc:cb:9d:26:
18:90:df:a7:fd:59:15:fa:3e:9f:e7:d7:71:52:90:
9e:14:e2:df:2c:35:78:ea:90:db:08:e1:c9:4f:58:
36:31:92:1c:be:2d:09:18:83:37:26:67:da:3c:95:
2a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EE:CC:26:11:19:AC:B6:46:DA:EB:DF:E0:D0:95:21:5F:B2:97:93
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/hu7MJhEZrLZG2uvf4NCVIV-yl5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3043::/32
2a0e:4586::/32
2a11:9882::/32
2a12:9500::/32
Signature Algorithm: sha256WithRSAEncryption
4f:e4:f7:66:a0:59:b4:57:ce:58:63:ad:4b:00:84:d7:f9:24:
2d:0e:14:07:56:a3:ac:5c:9a:c2:e9:e2:f0:6e:e1:d2:ec:a7:
b4:4d:66:85:19:bc:a9:41:6d:82:b9:43:c2:4d:57:ad:90:58:
d8:eb:2d:0e:4b:4d:62:7d:4c:5b:bf:27:da:4f:b6:7f:e8:24:
84:ca:bf:d1:a2:86:3b:0c:3f:11:5f:89:66:9e:db:5a:e7:05:
98:e3:3b:b0:47:44:ce:e6:a6:ae:c9:98:d7:cc:93:f1:2e:38:
3b:5a:53:4a:11:27:ab:20:6c:50:0c:f9:a2:10:3e:cc:9c:da:
74:2b:b8:5e:af:34:80:22:44:95:62:07:6a:8a:41:2b:f3:ea:
25:87:0a:f4:1c:35:00:b0:bf:a0:78:8e:dd:89:c4:e7:99:ee:
1a:db:99:28:23:06:b0:da:01:a5:da:7b:2f:ed:1b:1e:81:38:
84:ae:ca:37:92:07:3d:99:80:62:f8:f6:5b:66:35:ca:00:51:
12:19:0c:99:1a:5e:6c:f6:74:38:41:1d:fd:36:16:b4:b1:10:
2b:32:dc:fc:a9:fc:f3:3b:c4:70:b4:2f:18:04:45:f3:03:11:
8a:c9:14:5e:ac:e7:3d:6e:b6:c7:68:2f:03:8e:25:cf:49:06:
22:ba:50:64
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZbp8y3B1fMAyOOHl4SOiqsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjUwNTE5MTkwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmVlY2MyNjExMTlhY2I2NDZkYWViZGZlMGQwOTUyMTVmYjI5NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgEqDrKW/ZPEv8Gl07imJgXlcfTm
VqXTQCC5DKR2Guowzo1AjkzvUyl2Mq0o5arP2fzphdsAVdkAHxLNN6C5G+zFaP50
qlzMamqlmQ9wXwLGfDAeBkaPWaXNH6Z+Vxm+0z9SkjK7LgUJhXOziYB5r/YV+4cT
Ow4e0dkNpArXCxJqmSunTSP2z/+15lXVsPGvjl/xRjX/n9TEQLXNqD6OtfdlZ6lK
duDrmEGQQ1At2eMpSZXoPg8alkUOegjt+5fUt+WiMUOm9jMeU8SKYfzLnSYYkN+n
/VkV+j6f59dxUpCeFOLfLDV46pDbCOHJT1g2MZIcvi0JGIM3JmfaPJUqDQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIbuzCYRGay2Rtrr3+DQlSFfspeTMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvaHU3TUpoRVpyTFpHMnV2ZjROQ1ZJVi15bDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKg0wQwMF
ACoORYYDBQAqEZiCAwUAKhKVADANBgkqhkiG9w0BAQsFAAOCAQEAT+T3ZqBZtFfO
WGOtSwCE1/kkLQ4UB1ajrFyawuni8G7h0uyntE1mhRm8qUFtgrlDwk1XrZBY2Ost
DktNYn1MW78n2k+2f+gkhMq/0aKGOww/EV+JZp7bWucFmOM7sEdEzuamrsmY18yT
8S44O1pTShEnqyBsUAz5ohA+zJzadCu4Xq80gCJElWIHaopBK/PqJYcK9Bw1ALC/
oHiO3YnE55nuGtuZKCMGsNoBpdp7L+0bHoE4hK7KN5IHPZmAYvj2W2Y1ygBREhkM
mRpebPZ0OEEd/TYWtLEQKzLc/Kn88zvEcLQvGARF8wMRiskUXqznPW62x2gvA44l
z0kGIrpQZA==
-----END CERTIFICATE-----
Generated at Fri Jun 20 18:51:41 2025 by rpki-client