Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/Q718Z9XRXwbb8eAv-JSYxNy8m3E.roa
File: Q718Z9XRXwbb8eAv-JSYxNy8m3E.roa (raw, json)
Hash identifier: QwKiyK2H3mBEUzLEautBF28TXwWRoI+nh+WAF8i9ayk=
Subject key identifier: 43:BD:7C:67:D5:D1:5F:06:DB:F1:E0:2F:F8:94:98:C4:DC:BC:9B:71
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 01942068415BC60461F7ED7036D339708DBE
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/Q718Z9XRXwbb8eAv-JSYxNy8m3E.roa
Signing time: Wed 01 Jan 2025 05:48:10 +0000
ROA not before: Wed 01 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210266
IP address blocks: 2a00:8860:700::/40 maxlen: 64
2a00:8861:700::/40 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:41:5b:c6:04:61:f7:ed:70:36:d3:39:70:8d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43bd7c67d5d15f06dbf1e02ff89498c4dcbc9b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4c:df:be:7f:aa:00:b9:be:4d:7d:8f:3a:48:
18:80:4d:20:ab:d0:17:93:3d:4b:54:02:98:da:c8:
3e:6f:30:7b:47:d9:75:fb:34:04:47:fb:54:b1:af:
78:32:4a:ff:45:32:be:92:c6:fc:21:72:47:fa:b5:
5d:65:22:9d:3f:d8:90:c4:ce:2e:bb:71:6f:bc:bd:
bd:b9:3a:b4:16:50:ba:b1:90:b0:23:f6:42:fe:39:
fb:dd:67:b1:66:3a:06:da:43:27:8e:00:ba:46:0a:
68:3b:91:22:45:c2:5d:73:c9:78:49:cf:ad:e7:93:
79:77:34:6e:d5:49:99:cc:af:d1:7e:34:4a:50:91:
2d:7a:b2:a2:d5:57:24:0a:cd:f2:fe:62:f6:cc:e1:
35:b7:17:44:2e:63:dc:d9:6a:33:7d:77:bc:ed:f6:
0a:74:81:f2:27:2e:cd:61:ed:0c:07:58:d3:aa:c6:
2d:62:8b:aa:22:13:24:16:cf:04:9b:b5:7f:23:ac:
c8:3a:4e:9d:18:58:2c:42:0c:2d:2f:ac:65:19:f7:
30:97:74:7d:ee:f7:40:66:45:ac:cd:c1:e7:8d:65:
5b:c4:bc:81:c0:dd:19:91:2a:da:17:b7:27:7a:c2:
3b:43:9e:05:c8:2b:4b:ee:56:04:9b:88:a7:94:ab:
8f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BD:7C:67:D5:D1:5F:06:DB:F1:E0:2F:F8:94:98:C4:DC:BC:9B:71
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/Q718Z9XRXwbb8eAv-JSYxNy8m3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:700::/40
2a00:8861:700::/40
Signature Algorithm: sha256WithRSAEncryption
45:cc:99:a2:8d:f8:18:0c:9c:6b:d6:1c:a1:85:71:df:41:b3:
38:4b:41:b8:5b:86:c9:77:cf:ce:a3:a7:f1:0a:4b:f6:51:d7:
bb:f8:60:2e:f7:c3:18:71:51:f5:07:b3:82:20:ad:ce:82:2e:
97:2a:f0:6e:5f:97:08:97:90:7a:e6:e4:ec:89:99:48:a3:e5:
df:4a:c9:d7:86:8f:98:0b:cb:72:0f:3d:ca:58:ae:69:e1:c6:
95:78:52:7c:81:bc:04:f9:77:da:ee:6d:dd:9d:ab:6d:af:f2:
bb:6c:df:77:96:ba:25:cd:00:a1:0d:9d:73:8a:00:ea:b6:72:
8c:e7:2e:36:d0:6a:34:68:40:ee:8e:bd:5c:af:7b:25:c5:f5:
f4:3e:67:ac:d0:00:4a:99:10:b2:f2:ad:bc:18:97:c0:d0:54:
66:7f:77:d3:37:2d:97:f1:df:bb:55:2f:a1:d2:c6:71:38:85:
ba:3a:7c:dd:39:7e:f0:df:54:c3:ac:08:ce:67:ca:1a:a2:9c:
ea:bd:26:7b:5c:19:fa:5e:79:c7:52:e8:3e:de:66:60:19:a8:
1a:8b:ae:99:de:28:d1:45:37:27:a3:2f:54:62:cf:a7:a8:10:
4d:02:11:6d:8a:f9:80:bc:5c:4b:88:c8:ef:40:ba:f8:d5:a9:
d0:d3:32:3b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQgaEFbxgRh9+1wNtM5cI2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JkN2M2N2Q1ZDE1ZjA2ZGJmMWUwMmZmODk0OThjNGRjYmM5YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEzfvn+qALm+TX2POkgYgE0gq9AX
kz1LVAKY2sg+bzB7R9l1+zQER/tUsa94Mkr/RTK+ksb8IXJH+rVdZSKdP9iQxM4u
u3FvvL29uTq0FlC6sZCwI/ZC/jn73WexZjoG2kMnjgC6RgpoO5EiRcJdc8l4Sc+t
55N5dzRu1UmZzK/RfjRKUJEterKi1VckCs3y/mL2zOE1txdELmPc2WozfXe87fYK
dIHyJy7NYe0MB1jTqsYtYouqIhMkFs8Em7V/I6zIOk6dGFgsQgwtL6xlGfcwl3R9
7vdAZkWszcHnjWVbxLyBwN0ZkSraF7cnesI7Q54FyCtL7lYEm4inlKuPiQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEO9fGfV0V8G2/HgL/iUmMTcvJtxMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvUTcxOFo5WFJYd2JiOGVBdi1KU1l4Tnk4bTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAcD
BgAqAIhhBzANBgkqhkiG9w0BAQsFAAOCAQEARcyZoo34GAyca9YcoYVx30GzOEtB
uFuGyXfPzqOn8QpL9lHXu/hgLvfDGHFR9QezgiCtzoIulyrwbl+XCJeQeubk7ImZ
SKPl30rJ14aPmAvLcg89yliuaeHGlXhSfIG8BPl32u5t3Z2rba/yu2zfd5a6Jc0A
oQ2dc4oA6rZyjOcuNtBqNGhA7o69XK97JcX19D5nrNAASpkQsvKtvBiXwNBUZn93
0zctl/Hfu1UvodLGcTiFujp83Tl+8N9Uw6wIzmfKGqKc6r0me1wZ+l55x1LoPt5m
YBmoGouumd4o0UU3J6MvVGLPp6gQTQIRbYr5gLxcS4jI70C6+NWp0NMyOw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:30:25 2025 by rpki-client