Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/cQgNKWK-mfm6f4cfHvy3mXBeUkc.roa
File: cQgNKWK-mfm6f4cfHvy3mXBeUkc.roa (raw, json)
Hash identifier: Eznu0WnXIaaF/obgJMif142Kzoju4lKJjzxlXuNlG4c=
Subject key identifier: 71:08:0D:29:62:BE:99:F9:BA:7F:87:1F:1E:FC:B7:99:70:5E:52:47
Certificate issuer: /CN=6a8b5a374f146d7b6a6dc7d316e8ebb12deea670
Certificate serial: 01958B147A9D32FC02351076C09E409EAC16
Authority key identifier: 6A:8B:5A:37:4F:14:6D:7B:6A:6D:C7:D3:16:E8:EB:B1:2D:EE:A6:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aotaN08UbXtqbcfTFujrsS3upnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/cQgNKWK-mfm6f4cfHvy3mXBeUkc.roa
Signing time: Wed 12 Mar 2025 15:58:49 +0000
ROA not before: Wed 12 Mar 2025 15:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149428
IP address blocks: 2a0c:34c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:14:7a:9d:32:fc:02:35:10:76:c0:9e:40:9e:ac:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8b5a374f146d7b6a6dc7d316e8ebb12deea670
Validity
Not Before: Mar 12 15:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71080d2962be99f9ba7f871f1efcb799705e5247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:85:5c:87:d0:13:be:95:c6:7e:15:cb:2e:66:
1b:e0:5d:bb:d9:57:56:50:c2:77:cc:4b:8e:66:b1:
a1:91:8e:97:da:43:f6:ba:d8:50:dd:d7:e9:3d:23:
a1:8c:54:0e:7a:89:ce:79:e2:81:0e:8c:70:02:34:
3f:d8:db:b3:5b:07:ab:49:a6:58:35:d5:7c:9d:a0:
71:95:3b:ce:36:2b:3c:d7:dd:f0:42:3f:97:69:d4:
d4:0b:d3:7e:ca:4b:20:1d:83:97:d1:70:b6:2f:9e:
38:e6:35:2e:00:35:bf:5b:75:ed:ce:93:2b:67:12:
7c:93:16:e5:a1:1e:01:ec:ff:86:29:2e:65:21:4b:
71:0b:95:22:42:bb:88:0f:12:12:58:16:cf:77:d1:
0f:e7:c3:6c:6b:a2:e1:2b:39:24:e8:aa:5d:6b:cf:
78:e8:2a:44:71:6e:26:c7:5d:84:9e:21:51:d1:36:
90:35:69:49:8f:3a:bd:19:55:c3:72:25:21:0f:c3:
2a:de:b5:9e:e5:3f:c8:cb:13:c7:56:ca:98:51:2c:
0a:4c:f3:84:7a:dc:6b:8d:75:97:aa:a2:4d:de:67:
f3:1c:47:48:74:a7:01:a9:2c:3e:38:86:6f:d4:3f:
e6:3f:1c:57:f7:50:0d:43:8d:7e:1d:f0:37:a2:e7:
e0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:08:0D:29:62:BE:99:F9:BA:7F:87:1F:1E:FC:B7:99:70:5E:52:47
X509v3 Authority Key Identifier:
keyid:6A:8B:5A:37:4F:14:6D:7B:6A:6D:C7:D3:16:E8:EB:B1:2D:EE:A6:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aotaN08UbXtqbcfTFujrsS3upnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/cQgNKWK-mfm6f4cfHvy3mXBeUkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f6c862-af8b-43f3-98ad-44241fec1a9f/1/aotaN08UbXtqbcfTFujrsS3upnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:02:cb:b8:26:ea:8f:c9:c5:64:e2:34:b8:be:0a:43:0a:36:
d1:60:be:93:2b:65:82:e0:db:77:64:8a:c3:1e:d0:03:b5:82:
44:80:ce:5d:d9:de:60:59:b0:75:3b:3e:4e:69:96:c9:4c:8e:
67:86:13:94:77:2c:67:b4:b7:bd:6a:8f:f5:6b:9f:9f:4c:68:
f2:44:f6:c5:88:8e:e6:52:8e:bb:5e:da:4a:e7:ae:0a:7a:5c:
3a:d1:15:61:20:ba:d7:18:c7:a9:97:da:ba:fd:69:b5:68:6e:
ee:b6:c3:23:cb:4f:57:80:61:5f:c6:ba:0f:30:d0:15:86:c1:
96:f1:b6:04:2e:97:9f:ad:af:4e:1a:51:e3:98:4b:9f:f3:4e:
1d:96:67:43:00:57:20:bf:9d:0d:03:40:c7:ce:4e:5b:18:c5:
32:26:bc:d2:66:17:79:52:07:4c:7c:f5:9f:63:6c:6b:27:e8:
2e:e8:bf:17:e0:7d:48:2b:3a:17:e8:18:21:2c:02:a6:0d:95:
58:81:da:6e:42:8d:d3:c2:83:3b:9e:e3:0f:cd:82:8b:25:1e:
98:58:fc:1e:04:f2:22:d3:2b:85:55:f8:b8:05:21:80:68:9c:
3e:48:01:b1:0d:57:d8:e8:87:67:a2:00:75:22:92:65:3e:c5:
43:10:05:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWLFHqdMvwCNRB2wJ5AnqwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGI1YTM3NGYxNDZkN2I2YTZkYzdkMzE2ZThlYmIxMmRl
ZWE2NzAwHhcNMjUwMzEyMTU1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA4MGQyOTYyYmU5OWY5YmE3Zjg3MWYxZWZjYjc5OTcwNWU1MjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oVch9ATvpXGfhXLLmYb4F272VdW
UMJ3zEuOZrGhkY6X2kP2uthQ3dfpPSOhjFQOeonOeeKBDoxwAjQ/2NuzWwerSaZY
NdV8naBxlTvONis8193wQj+XadTUC9N+yksgHYOX0XC2L5445jUuADW/W3XtzpMr
ZxJ8kxbloR4B7P+GKS5lIUtxC5UiQruIDxISWBbPd9EP58Nsa6LhKzkk6Kpda894
6CpEcW4mx12EniFR0TaQNWlJjzq9GVXDciUhD8Mq3rWe5T/IyxPHVsqYUSwKTPOE
etxrjXWXqqJN3mfzHEdIdKcBqSw+OIZv1D/mPxxX91ANQ41+HfA3oufgJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHEIDSlivpn5un+HHx78t5lwXlJHMB8GA1UdIwQY
MBaAFGqLWjdPFG17am3H0xbo67Et7qZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW90YU4wOFViWHRxYmNmVEZ1anJzUzN1cG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mNmM4NjItYWY4Yi00M2YzLTk4YWQt
NDQyNDFmZWMxYTlmLzEvY1FnTktXSy1tZm02ZjRjZkh2eTNtWEJlVWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mNmM4NjItYWY4Yi00M2YzLTk4YWQtNDQyNDFmZWMxYTlm
LzEvYW90YU4wOFViWHRxYmNmVEZ1anJzUzN1cG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgw0wDAN
BgkqhkiG9w0BAQsFAAOCAQEAXwLLuCbqj8nFZOI0uL4KQwo20WC+kytlguDbd2SK
wx7QA7WCRIDOXdneYFmwdTs+TmmWyUyOZ4YTlHcsZ7S3vWqP9Wufn0xo8kT2xYiO
5lKOu17aSueuCnpcOtEVYSC61xjHqZfauv1ptWhu7rbDI8tPV4BhX8a6DzDQFYbB
lvG2BC6Xn62vThpR45hLn/NOHZZnQwBXIL+dDQNAx85OWxjFMia80mYXeVIHTHz1
n2NsayfoLui/F+B9SCs6F+gYISwCpg2VWIHabkKN08KDO57jD82CiyUemFj8HgTy
ItMrhVX4uAUhgGicPkgBsQ1X2OiHZ6IAdSKSZT7FQxAFIQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:13:31 2025 by rpki-client