Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qY5lnAszlKXTmVmPis-UWkLzNVI.roa
File: qY5lnAszlKXTmVmPis-UWkLzNVI.roa (raw, json)
Hash identifier: O8fq2dLqTezcxFCX+BBMfWoQKAF5vAa1TJC3fqZZSos=
Subject key identifier: A9:8E:65:9C:0B:33:94:A5:D3:99:59:8F:8A:CF:94:5A:42:F3:35:52
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422205097F7BAE849181844B0F2F79EFE
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qY5lnAszlKXTmVmPis-UWkLzNVI.roa
Signing time: Wed 01 Jan 2025 13:48:50 +0000
ROA not before: Wed 01 Jan 2025 13:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214999
IP address blocks: 2a0e:8f02:f06d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:50:97:f7:ba:e8:49:18:18:44:b0:f2:f7:9e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a98e659c0b3394a5d399598f8acf945a42f33552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f5:5f:d6:f9:82:9b:87:91:37:29:a0:17:e8:
07:ec:dc:70:55:5f:05:72:b2:89:ae:19:bb:cc:46:
73:05:a8:ff:3d:23:06:4a:1f:60:1d:65:63:a2:54:
01:13:92:cd:fb:90:92:d5:fe:64:bf:78:24:8a:fa:
cf:fb:8b:d5:d8:a0:21:b7:f3:45:ff:79:d4:81:1f:
3e:89:12:70:33:23:97:59:a3:d2:5f:34:93:b8:f4:
7c:63:7d:a1:4c:1f:48:7c:f5:0e:32:90:7c:c7:a5:
90:56:e3:32:7b:91:d0:7a:3e:50:45:f6:fd:de:9f:
05:a7:3d:70:b8:17:4f:04:3a:9d:78:56:4c:a4:8f:
7d:da:ce:53:4b:ba:90:cd:99:0a:36:20:5d:c5:d0:
2a:80:93:05:28:b9:0d:d5:57:c8:57:83:90:5b:d2:
f7:a9:62:69:ce:a4:f1:3e:e8:9a:0c:e0:10:23:04:
6c:bf:47:ff:17:23:6c:44:46:55:5b:c3:ca:2b:06:
63:48:38:39:9c:80:43:9c:7e:cb:bb:4c:af:0f:23:
98:77:75:9e:05:42:fe:ef:9b:bb:a6:f7:1a:9a:a9:
23:ad:c4:53:70:ee:84:2d:dc:21:0b:80:33:b0:2b:
5a:c7:d8:6f:d1:00:5f:2c:63:2a:a6:1a:af:8e:59:
7c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8E:65:9C:0B:33:94:A5:D3:99:59:8F:8A:CF:94:5A:42:F3:35:52
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/qY5lnAszlKXTmVmPis-UWkLzNVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f06d::/48
Signature Algorithm: sha256WithRSAEncryption
80:89:01:fe:d5:c0:61:dd:a3:70:70:90:4c:bd:05:20:fc:5a:
c3:57:88:bf:ae:e7:84:06:f6:03:ac:e1:ff:30:2e:10:b4:0a:
de:91:06:71:8a:d1:3f:70:f9:cf:5d:ab:77:1a:d3:7d:c9:73:
bd:6c:7e:1f:31:e2:f4:89:34:b7:32:f8:1c:1e:ec:93:14:0d:
94:0e:b7:1f:9b:92:14:36:b6:eb:30:46:43:e4:7f:2e:05:e6:
5e:ec:16:34:b0:b8:d0:c2:00:2f:bb:a0:7d:8c:17:f4:65:12:
94:4f:31:5a:cb:29:79:31:c4:5c:6a:07:25:4e:c7:6a:82:9b:
eb:b9:20:d2:06:0b:32:ac:f7:17:ed:0a:45:33:af:0a:14:11:
7c:c7:8c:d5:84:3e:75:7f:d6:58:45:bf:e1:c2:65:2d:43:ac:
9a:3f:ca:a7:db:13:77:e9:b8:62:29:a2:5b:0c:53:83:b4:70:
1d:25:47:f3:8a:60:9c:d8:4b:df:4d:f3:c9:ff:fc:b9:b8:c5:
88:75:8b:c5:a1:5a:c7:72:f7:e0:e8:ce:30:e3:d1:e4:30:50:
a5:b2:73:ce:da:8a:00:3e:16:dd:c5:a4:16:e2:a0:3d:cf:a9:
c4:71:81:15:59:1b:0d:44:9c:00:35:b7:de:09:0a:21:96:44:
3d:e7:3f:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIFCX97roSRgYRLDy957+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThlNjU5YzBiMzM5NGE1ZDM5OTU5OGY4YWNmOTQ1YTQyZjMzNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/Vf1vmCm4eRNymgF+gH7NxwVV8F
crKJrhm7zEZzBaj/PSMGSh9gHWVjolQBE5LN+5CS1f5kv3gkivrP+4vV2KAht/NF
/3nUgR8+iRJwMyOXWaPSXzSTuPR8Y32hTB9IfPUOMpB8x6WQVuMye5HQej5QRfb9
3p8Fpz1wuBdPBDqdeFZMpI992s5TS7qQzZkKNiBdxdAqgJMFKLkN1VfIV4OQW9L3
qWJpzqTxPuiaDOAQIwRsv0f/FyNsREZVW8PKKwZjSDg5nIBDnH7Lu0yvDyOYd3We
BUL+75u7pvcamqkjrcRTcO6ELdwhC4AzsCtax9hv0QBfLGMqphqvjll8SwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKmOZZwLM5Sl05lZj4rPlFpC8zVSMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvcVk1bG5Bc3psS1hUbVZtUGlzLVVXa0x6TlZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBt
MA0GCSqGSIb3DQEBCwUAA4IBAQCAiQH+1cBh3aNwcJBMvQUg/FrDV4i/rueEBvYD
rOH/MC4QtArekQZxitE/cPnPXat3GtN9yXO9bH4fMeL0iTS3MvgcHuyTFA2UDrcf
m5IUNrbrMEZD5H8uBeZe7BY0sLjQwgAvu6B9jBf0ZRKUTzFayyl5McRcagclTsdq
gpvruSDSBgsyrPcX7QpFM68KFBF8x4zVhD51f9ZYRb/hwmUtQ6yaP8qn2xN36bhi
KaJbDFODtHAdJUfzimCc2EvfTfPJ//y5uMWIdYvFoVrHcvfg6M4w49HkMFClsnPO
2ooAPhbdxaQW4qA9z6nEcYEVWRsNRJwANbfeCQohlkQ95z+/
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:33 2025 by rpki-client