Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Q69SnMbWM4KmMFt9cSQEqpQIzpA.roa
File: Q69SnMbWM4KmMFt9cSQEqpQIzpA.roa (raw, json)
Hash identifier: n3FG6SxUzuoMiIWgok3keYCbiWYTvye3Sz8nvsCjC+w=
Subject key identifier: 43:AF:52:9C:C6:D6:33:82:A6:30:5B:7D:71:24:04:AA:94:08:CE:90
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258ECFDBAF1A113186E2B6DDE7EB1898
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Q69SnMbWM4KmMFt9cSQEqpQIzpA.roa
Signing time: Thu 02 Jan 2025 05:48:23 +0000
ROA not before: Thu 02 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199684
IP address blocks: 2a0e:aa07:e070::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:cf:db:af:1a:11:31:86:e2:b6:dd:e7:eb:18:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43af529cc6d63382a6305b7d712404aa9408ce90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b3:60:97:d3:80:a5:85:fe:35:2d:10:21:03:
2a:25:92:1e:a8:2c:b3:64:63:dc:2e:fc:7e:69:2d:
14:68:5b:93:53:ae:88:ed:85:eb:b2:16:01:51:b5:
23:bc:8d:d0:4e:f9:ef:b8:d5:dd:87:6d:bf:1c:bc:
35:98:79:e0:f1:33:9c:4c:2a:5d:b8:fa:e9:87:ca:
58:8f:f4:b3:43:de:a6:59:95:a0:61:8f:db:e4:30:
ef:89:e6:f4:f5:ab:4c:a7:7d:a0:39:fb:55:0a:1c:
62:82:0b:05:04:b0:25:6a:2d:8d:da:d1:02:12:d0:
35:aa:4d:f5:60:62:20:d8:cb:86:4a:1f:af:1b:84:
0b:7e:84:c5:d6:55:e7:4f:a1:58:2f:ce:4c:5b:aa:
4b:31:e1:c3:a1:ab:96:2e:62:7a:c5:c8:01:e2:fe:
fe:b5:e0:77:ad:71:49:b7:c0:29:9f:bf:e6:2d:d3:
36:8f:50:39:de:a1:c9:fd:25:ed:af:c7:b7:0d:49:
5e:db:f8:51:bc:c1:9e:a8:a0:9a:da:d8:8d:c6:09:
dc:19:e0:5b:35:a0:56:b6:a6:2f:58:2f:f1:2a:9e:
0d:52:a5:ab:6e:e4:86:9b:81:8a:35:83:ac:3f:a0:
1a:4e:fa:f6:07:f8:bc:16:02:ee:7d:de:07:f0:d3:
a6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AF:52:9C:C6:D6:33:82:A6:30:5B:7D:71:24:04:AA:94:08:CE:90
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Q69SnMbWM4KmMFt9cSQEqpQIzpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e070::/44
Signature Algorithm: sha256WithRSAEncryption
1a:62:01:26:56:9e:e3:0f:ab:11:d5:c0:9d:02:a8:fa:f6:0c:
ce:de:89:73:ce:a0:ee:ba:ea:1d:4a:29:11:80:aa:cb:74:26:
6c:77:9e:fe:73:86:61:b9:19:aa:2b:3d:90:0d:0f:3d:74:6a:
f7:0b:00:6f:58:bf:14:35:db:98:99:42:68:3a:d8:48:75:4a:
74:e6:60:98:eb:e1:6e:35:f5:8e:42:dd:7f:8c:c7:94:53:53:
f7:cb:38:97:b7:43:a1:87:15:8a:1b:de:b1:94:56:2e:ef:78:
2e:07:91:f0:a8:99:7e:f9:bc:70:68:e6:6d:27:b3:dd:4e:fa:
b3:f4:dc:a1:7f:26:18:3c:a5:21:a3:b0:03:a9:b0:a4:8b:75:
f7:43:f4:39:86:a4:fa:c3:c0:b0:0a:bc:0e:3b:80:ab:c2:b1:
3a:68:93:fd:0f:9f:41:a9:7e:ce:81:45:76:4f:ea:c9:29:7f:
76:1e:e5:e2:71:72:c1:73:fc:39:c3:74:9c:53:c9:3a:72:dd:
5c:ac:50:49:ec:bf:99:ea:e0:04:8f:bc:52:56:ad:e4:90:6b:
8e:71:cf:df:1d:ff:f3:5f:68:5a:ff:11:71:d0:db:ca:5c:60:
d4:13:14:f5:48:5b:2d:86:e2:b2:01:d9:e0:bc:34:32:b8:c0:
da:d5:c0:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljs/brxoRMYbitt3n6xiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FmNTI5Y2M2ZDYzMzgyYTYzMDViN2Q3MTI0MDRhYTk0MDhjZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLNgl9OApYX+NS0QIQMqJZIeqCyz
ZGPcLvx+aS0UaFuTU66I7YXrshYBUbUjvI3QTvnvuNXdh22/HLw1mHng8TOcTCpd
uPrph8pYj/SzQ96mWZWgYY/b5DDvieb09atMp32gOftVChxiggsFBLAlai2N2tEC
EtA1qk31YGIg2MuGSh+vG4QLfoTF1lXnT6FYL85MW6pLMeHDoauWLmJ6xcgB4v7+
teB3rXFJt8Apn7/mLdM2j1A53qHJ/SXtr8e3DUle2/hRvMGeqKCa2tiNxgncGeBb
NaBWtqYvWC/xKp4NUqWrbuSGm4GKNYOsP6AaTvr2B/i8FgLufd4H8NOmYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEOvUpzG1jOCpjBbfXEkBKqUCM6QMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvUTY5U25NYldNNEttTUZ0OWNTUUVxcFFJenBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+Bw
MA0GCSqGSIb3DQEBCwUAA4IBAQAaYgEmVp7jD6sR1cCdAqj69gzO3olzzqDuuuod
SikRgKrLdCZsd57+c4ZhuRmqKz2QDQ89dGr3CwBvWL8UNduYmUJoOthIdUp05mCY
6+FuNfWOQt1/jMeUU1P3yziXt0OhhxWKG96xlFYu73guB5HwqJl++bxwaOZtJ7Pd
Tvqz9NyhfyYYPKUho7ADqbCki3X3Q/Q5hqT6w8CwCrwOO4CrwrE6aJP9D59BqX7O
gUV2T+rJKX92HuXicXLBc/w5w3ScU8k6ct1crFBJ7L+Z6uAEj7xSVq3kkGuOcc/f
Hf/zX2ha/xFx0NvKXGDUExT1SFsthuKyAdngvDQyuMDa1cAN
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:08:25 2025 by rpki-client