Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qefYaH6NqjZ9ubyauM_nFy1Vi68.roa
File: qefYaH6NqjZ9ubyauM_nFy1Vi68.roa (raw, json)
Hash identifier: dQgIiMzt8wU7EFH+vsOwiv8y8qb5qRWAFciMP6H1TLs=
Subject key identifier: A9:E7:D8:68:7E:8D:AA:36:7D:B9:BC:9A:B8:CF:E7:17:2D:55:8B:AF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428248152727AC615F536E42C98B0A976
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qefYaH6NqjZ9ubyauM_nFy1Vi68.roa
Signing time: Thu 02 Jan 2025 17:51:08 +0000
ROA not before: Thu 02 Jan 2025 17:51:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47748
IP address blocks: 2a00:1728:19::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:81:52:72:7a:c6:15:f5:36:e4:2c:98:b0:a9:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9e7d8687e8daa367db9bc9ab8cfe7172d558baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:af:26:ee:dd:87:0d:06:31:af:61:fe:e1:
07:b5:cc:df:bd:ec:80:62:9f:3f:81:43:eb:f1:9f:
0a:12:8d:9f:a2:ab:c2:88:71:5e:eb:e0:f3:23:f9:
a4:ab:0d:0e:a5:d5:96:63:e0:d2:e5:76:65:d3:46:
1a:77:bf:8e:e5:11:4b:38:10:48:e8:a3:5d:dd:b0:
1d:c8:aa:c0:b8:d9:5d:49:cf:7c:c5:db:c0:08:42:
30:76:78:97:65:1d:3a:e3:a6:f6:01:bd:fe:59:af:
a3:f8:36:67:24:67:2c:8c:ae:66:6c:ce:1b:f7:39:
8a:a0:c6:7f:88:13:c6:6e:7e:31:b4:28:fc:22:d5:
4b:ca:29:05:10:e3:bd:5e:87:d7:c4:8b:e6:f3:1b:
73:16:97:fd:85:7b:ca:62:c5:9c:bc:8c:c3:a6:e4:
52:52:55:4e:b4:a7:20:77:fd:51:d1:11:c7:91:ff:
00:83:6d:64:af:56:50:a1:88:a8:5c:95:68:4b:24:
27:65:30:1c:20:71:a2:11:00:d1:3a:3d:28:03:4a:
3c:b9:69:4d:86:1f:98:9f:e0:37:4f:9f:17:3c:e3:
53:f9:1e:5c:54:2c:12:9f:e1:18:ba:21:d6:e7:fc:
f6:3a:a3:8e:28:1e:d6:83:bd:d5:d0:39:52:0f:f1:
94:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E7:D8:68:7E:8D:AA:36:7D:B9:BC:9A:B8:CF:E7:17:2D:55:8B:AF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qefYaH6NqjZ9ubyauM_nFy1Vi68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1728:19::/48
Signature Algorithm: sha256WithRSAEncryption
6a:b2:3b:9c:9d:fd:8b:39:e1:7a:05:23:d6:14:73:f2:b5:63:
b8:b1:c5:6e:eb:c3:33:e9:cd:31:f8:0e:78:27:fe:21:41:53:
9c:b5:c8:41:6d:c1:67:5c:ba:76:57:70:93:64:04:86:ba:b1:
ba:42:67:44:07:df:dc:c4:82:6f:15:eb:19:a8:11:a0:06:36:
31:94:57:68:02:c4:59:d8:b1:7f:7e:e2:9e:80:4b:b8:1f:64:
1c:07:8e:0a:6e:75:1c:86:ee:6f:5c:56:13:fd:14:ac:f3:17:
87:77:16:91:64:bb:7c:d1:41:39:8e:f1:5f:70:ac:b4:ae:5c:
5c:aa:4c:e7:0e:f2:b3:c6:b3:a2:ea:bc:a5:e0:20:2f:99:73:
b0:ae:e8:0f:a0:55:b8:0c:a6:08:ad:ba:de:d3:ed:48:6f:e2:
f5:b1:f8:08:34:08:a9:a2:2a:cb:72:e0:d5:a0:8d:be:53:fe:
a9:d1:3f:f2:c8:d4:c0:cf:e6:8e:ed:7e:48:2a:f5:c7:bd:96:
86:52:97:8c:d7:55:99:6f:26:00:1b:15:51:37:b7:76:0f:28:
73:ad:22:5f:f0:85:ec:72:cb:ab:44:db:47:e2:da:a8:89:72:
13:64:6a:ea:7f:a8:54:48:84:71:05:6f:e7:5d:48:4c:96:6f:
4f:eb:0b:22
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJIFScnrGFfU25CyYsKl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU3ZDg2ODdlOGRhYTM2N2RiOWJjOWFiOGNmZTcxNzJkNTU4YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK2vJu7dhw0GMa9h/uEHtczfveyA
Yp8/gUPr8Z8KEo2foqvCiHFe6+DzI/mkqw0OpdWWY+DS5XZl00Yad7+O5RFLOBBI
6KNd3bAdyKrAuNldSc98xdvACEIwdniXZR0646b2Ab3+Wa+j+DZnJGcsjK5mbM4b
9zmKoMZ/iBPGbn4xtCj8ItVLyikFEOO9XofXxIvm8xtzFpf9hXvKYsWcvIzDpuRS
UlVOtKcgd/1R0RHHkf8Ag21kr1ZQoYioXJVoSyQnZTAcIHGiEQDROj0oA0o8uWlN
hh+Yn+A3T58XPONT+R5cVCwSn+EYuiHW5/z2OqOOKB7Wg73V0DlSD/GU/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKnn2Gh+jao2fbm8mrjP5xctVYuvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcWVmWWFINk5xalo5dWJ5YXVNX25GeTFWaTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAXKAAZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBqsjucnf2LOeF6BSPWFHPytWO4scVu68Mz6c0x
+A54J/4hQVOctchBbcFnXLp2V3CTZASGurG6QmdEB9/cxIJvFesZqBGgBjYxlFdo
AsRZ2LF/fuKegEu4H2QcB44KbnUchu5vXFYT/RSs8xeHdxaRZLt80UE5jvFfcKy0
rlxcqkznDvKzxrOi6ryl4CAvmXOwrugPoFW4DKYIrbre0+1Ib+L1sfgINAipoirL
cuDVoI2+U/6p0T/yyNTAz+aO7X5IKvXHvZaGUpeM11WZbyYAGxVRN7d2DyhzrSJf
8IXscsurRNtH4tqoiXITZGrqf6hUSIRxBW/nXUhMlm9P6wsi
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:10 2025 by rpki-client