Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qz_DmGy9IAKXRI9f4REmBeW1T9Q.roa
File: qz_DmGy9IAKXRI9f4REmBeW1T9Q.roa (raw, json)
Hash identifier: AyfH+v4itEz/GELogPNr7gp6yMRLDbtAVMRnMQ0R1Zk=
Subject key identifier: AB:3F:C3:98:6C:BD:20:02:97:44:8F:5F:E1:11:26:05:E5:B5:4F:D4
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C59DC8D2B12DBBB99DA90AC01AECD
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qz_DmGy9IAKXRI9f4REmBeW1T9Q.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34590
IP address blocks: 2a02:2698:1c00::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:59:dc:8d:2b:12:db:bb:99:da:90:ac:01:ae:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab3fc3986cbd200297448f5fe1112605e5b54fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3b:3d:d3:d6:d1:57:ae:1c:06:6b:97:fc:44:
db:c9:c4:f1:61:01:fe:a4:63:96:a0:c9:98:d5:54:
63:56:10:94:23:89:f2:78:05:d4:87:f2:a2:65:9e:
30:71:0c:a9:16:4a:6d:8c:78:33:b0:5f:02:9f:08:
03:97:0a:90:60:93:0a:b8:8c:40:48:7d:63:23:99:
fc:34:49:a3:8d:73:42:43:58:c4:4e:aa:3b:55:7c:
9d:96:5a:da:20:5a:c7:91:05:4d:b6:dc:ba:0c:7b:
b2:f0:f0:b9:26:03:5e:44:09:2b:63:48:b9:e9:81:
76:59:62:81:70:77:e3:4f:ee:a3:5b:2f:cc:f0:d8:
85:d9:a2:2f:80:55:01:64:9d:4a:ce:18:88:ce:d7:
51:6b:39:d1:b1:79:6f:60:0c:4b:2e:9f:55:85:36:
cf:84:fd:5d:44:8d:da:bd:a1:71:68:0a:93:21:3c:
45:5a:d2:40:e0:4d:1a:ad:35:2a:a9:a7:f6:46:4e:
60:8d:87:fa:25:30:5e:41:4b:ef:a5:3d:50:f5:23:
24:a6:08:45:62:e7:19:5e:63:65:fb:e7:7f:95:22:
fb:22:03:91:74:ca:26:a2:66:89:71:54:5d:48:74:
40:ca:2e:d4:90:aa:ed:fa:29:5a:05:6a:a0:d0:21:
95:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3F:C3:98:6C:BD:20:02:97:44:8F:5F:E1:11:26:05:E5:B5:4F:D4
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/qz_DmGy9IAKXRI9f4REmBeW1T9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:1c00::/38
Signature Algorithm: sha256WithRSAEncryption
c3:52:b7:14:07:53:8c:ec:1b:8f:a3:b7:d4:03:47:e2:4d:35:
45:3e:3a:1c:a1:e5:e5:09:35:ce:8d:a6:3b:6b:28:1f:76:36:
32:50:fb:f8:33:d1:d6:0b:45:eb:51:c6:4b:ef:d1:e8:8e:52:
20:0b:71:9a:21:56:62:c4:83:1c:01:7a:b6:2a:6e:d9:ae:07:
06:98:c4:69:0e:28:db:5c:0c:32:37:18:09:74:bf:aa:03:56:
64:c1:d2:12:96:3d:5b:d0:5a:77:dc:94:70:02:e4:27:8a:11:
50:78:27:64:f0:91:03:2f:ec:df:bc:7a:74:49:22:5c:35:f1:
40:77:d1:be:c2:26:d7:d9:c5:7e:1c:58:b8:fd:8f:ed:4d:15:
40:73:ed:f5:51:29:c6:e5:25:cf:4c:6d:57:b4:4c:7c:5a:55:
3e:bf:e0:79:ae:42:b2:a9:29:37:94:bf:5f:4a:69:4d:f3:5a:
c7:9d:df:fb:35:18:18:f2:58:58:9d:99:e4:a8:67:61:80:d5:
96:90:ef:b0:6e:f9:c0:4d:f6:10:b6:dd:01:cd:5d:fa:33:08:
a3:fa:af:0c:e6:d3:65:b0:ca:6a:58:92:28:ea:df:88:7d:c4:
fe:fc:cd:58:69:f5:e9:cb:19:ed:86:a0:21:a0:e4:44:8a:d2:
91:0e:12:98
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjFncjSsS27uZ2pCsAa7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNmYzM5ODZjYmQyMDAyOTc0NDhmNWZlMTExMjYwNWU1YjU0ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjs909bRV64cBmuX/ETbycTxYQH+
pGOWoMmY1VRjVhCUI4nyeAXUh/KiZZ4wcQypFkptjHgzsF8CnwgDlwqQYJMKuIxA
SH1jI5n8NEmjjXNCQ1jETqo7VXydllraIFrHkQVNtty6DHuy8PC5JgNeRAkrY0i5
6YF2WWKBcHfjT+6jWy/M8NiF2aIvgFUBZJ1KzhiIztdRaznRsXlvYAxLLp9VhTbP
hP1dRI3avaFxaAqTITxFWtJA4E0arTUqqaf2Rk5gjYf6JTBeQUvvpT1Q9SMkpghF
YucZXmNl++d/lSL7IgORdMomomaJcVRdSHRAyi7UkKrt+ilaBWqg0CGVCQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKs/w5hsvSACl0SPX+ERJgXltU/UMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvcXpfRG1HeTlJQUtYUkk5ZjRSRW1CZVcxVDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmBww
DQYJKoZIhvcNAQELBQADggEBAMNStxQHU4zsG4+jt9QDR+JNNUU+Ohyh5eUJNc6N
pjtrKB92NjJQ+/gz0dYLRetRxkvv0eiOUiALcZohVmLEgxwBerYqbtmuBwaYxGkO
KNtcDDI3GAl0v6oDVmTB0hKWPVvQWnfclHAC5CeKEVB4J2TwkQMv7N+8enRJIlw1
8UB30b7CJtfZxX4cWLj9j+1NFUBz7fVRKcblJc9MbVe0THxaVT6/4HmuQrKpKTeU
v19KaU3zWsed3/s1GBjyWFidmeSoZ2GA1ZaQ77Bu+cBN9hC23QHNXfozCKP6rwzm
02WwympYkijq34h9xP78zVhp9enLGe2GoCGg5ESK0pEOEpg=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:29 2025 by rpki-client