Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qQZAylrFohJCNMVqT9wpah0B_xY.roa
File: qQZAylrFohJCNMVqT9wpah0B_xY.roa (raw, json)
Hash identifier: mY6x+M4DfAno4yl0zXzp3pUddMAgAnJWCQ1vhooHV+0=
Subject key identifier: A9:06:40:CA:5A:C5:A2:12:42:34:C5:6A:4F:DC:29:6A:1D:01:FF:16
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220401473FB0602F1F671DBEF26337E
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qQZAylrFohJCNMVqT9wpah0B_xY.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211869
IP address blocks: 2a0e:8f02:2150::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:40:14:73:fb:06:02:f1:f6:71:db:ef:26:33:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a90640ca5ac5a2124234c56a4fdc296a1d01ff16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:12:2e:2e:76:73:b4:dc:3e:29:46:21:6d:45:
af:94:9a:a2:fb:5a:1f:e1:57:38:bf:5e:0b:da:5e:
db:9d:3a:f7:90:28:6d:1d:ef:50:70:91:a3:ab:2c:
52:96:ee:57:a9:f2:c1:49:b6:90:49:f1:ee:24:f8:
c2:bc:e3:8d:e8:ae:4f:74:8a:16:f1:8b:1d:04:82:
fa:86:66:f9:d1:53:e5:26:0c:b1:01:f6:b8:b4:5f:
15:40:69:49:4e:6a:df:32:2d:e3:53:97:d3:59:59:
f5:68:86:00:44:80:45:ec:14:ca:de:63:df:59:99:
14:8e:8c:48:bf:ef:97:a5:38:cf:ba:5d:8e:4d:88:
b4:0e:39:90:c2:83:ac:ed:d6:33:47:04:b7:00:8a:
77:49:fc:44:f5:ba:ff:28:d0:38:9e:f6:8d:e8:98:
7b:58:68:ea:01:31:a5:1a:0f:47:6b:9d:99:53:2a:
c3:72:32:dd:ef:42:c0:9a:5a:35:b4:8d:29:37:1a:
8a:16:23:7a:88:c5:04:25:79:04:4a:2a:5e:6d:d6:
c4:9d:27:a7:0a:95:ca:8d:b9:cf:28:d8:ff:a9:25:
c4:2e:88:a2:09:c8:d3:5c:84:f7:36:3e:d5:af:b6:
af:72:71:cf:57:41:b0:cb:3d:76:b7:37:2a:66:1a:
e3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:40:CA:5A:C5:A2:12:42:34:C5:6A:4F:DC:29:6A:1D:01:FF:16
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qQZAylrFohJCNMVqT9wpah0B_xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2150::/44
Signature Algorithm: sha256WithRSAEncryption
38:7d:37:1f:97:bd:88:5b:1e:4b:63:16:5e:31:97:14:8f:af:
b1:ec:c9:09:97:e2:a0:3f:e0:e9:5d:50:6a:8d:6d:1e:c8:80:
76:41:c5:17:e8:d9:f4:ec:c4:98:14:4b:d7:dc:f2:aa:7a:5c:
6e:e2:a2:9d:d8:11:50:b0:3c:ca:80:fc:15:b6:c3:de:63:c7:
24:18:f5:1f:1f:0f:51:12:74:6b:1c:66:88:82:ab:29:08:0f:
ac:f2:e6:4a:8c:e3:e7:3a:ea:b5:cd:70:07:ee:26:3f:07:65:
d4:32:06:97:d1:c4:a6:59:ad:d7:a8:03:b4:fa:c5:5f:1c:b1:
1f:6a:02:e2:34:fd:e8:0c:81:a0:09:5b:61:47:b6:6e:b5:96:
25:fd:e4:e5:e2:ee:15:8b:af:f3:12:e9:81:ba:fd:d2:e5:81:
60:63:ca:ab:cd:57:e5:9e:1c:b7:4b:a3:8a:00:8a:67:bc:32:
04:ae:47:b4:8e:d2:10:10:f4:1f:42:d3:b3:67:6b:96:af:55:
2f:83:65:8a:81:58:61:b9:2e:a5:52:39:1c:fc:77:18:1f:62:
98:41:f9:d4:37:f6:88:ec:7a:db:8f:c6:23:7c:41:7e:64:34:
80:6b:f4:e2:72:cb:0e:de:aa:10:3e:61:53:0d:a9:61:30:e3:
74:d8:b4:06
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIEAUc/sGAvH2cdvvJjN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA2NDBjYTVhYzVhMjEyNDIzNGM1NmE0ZmRjMjk2YTFkMDFmZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RIuLnZztNw+KUYhbUWvlJqi+1of
4Vc4v14L2l7bnTr3kChtHe9QcJGjqyxSlu5XqfLBSbaQSfHuJPjCvOON6K5PdIoW
8YsdBIL6hmb50VPlJgyxAfa4tF8VQGlJTmrfMi3jU5fTWVn1aIYARIBF7BTK3mPf
WZkUjoxIv++XpTjPul2OTYi0DjmQwoOs7dYzRwS3AIp3SfxE9br/KNA4nvaN6Jh7
WGjqATGlGg9Ha52ZUyrDcjLd70LAmlo1tI0pNxqKFiN6iMUEJXkESipebdbEnSen
CpXKjbnPKNj/qSXELoiiCcjTXIT3Nj7Vr7avcnHPV0Gwyz12tzcqZhrjLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKkGQMpaxaISQjTFak/cKWodAf8WMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvcVFaQXlsckZvaEpDTk1WcVQ5d3BhaDBCX3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA4fTcfl72IWx5LYxZeMZcUj6+x7MkJl+KgP+Dp
XVBqjW0eyIB2QcUX6Nn07MSYFEvX3PKqelxu4qKd2BFQsDzKgPwVtsPeY8ckGPUf
Hw9REnRrHGaIgqspCA+s8uZKjOPnOuq1zXAH7iY/B2XUMgaX0cSmWa3XqAO0+sVf
HLEfagLiNP3oDIGgCVthR7ZutZYl/eTl4u4Vi6/zEumBuv3S5YFgY8qrzVflnhy3
S6OKAIpnvDIErke0jtIQEPQfQtOzZ2uWr1Uvg2WKgVhhuS6lUjkc/HcYH2KYQfnU
N/aI7Hrbj8YjfEF+ZDSAa/TicssO3qoQPmFTDalhMON02LQG
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:18:19 2025 by rpki-client