Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/QkQP_fe9Qbaw_h7Gyszbo7ypS-0.roa
File: QkQP_fe9Qbaw_h7Gyszbo7ypS-0.roa (raw, json)
Hash identifier: RFUIAsDNjezppynlHDg3Yb1GDBSbUKtltRoi+VjSqN8=
Subject key identifier: 42:44:0F:FD:F7:BD:41:B6:B0:FE:1E:C6:CA:CC:DB:A3:BC:A9:4B:ED
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 019420D6534EF7EF76C10C54712B239C1F8C
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/QkQP_fe9Qbaw_h7Gyszbo7ypS-0.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63473
IP address blocks: 2a00:1a28:1157::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:53:4e:f7:ef:76:c1:0c:54:71:2b:23:9c:1f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42440ffdf7bd41b6b0fe1ec6caccdba3bca94bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4d:a9:30:a3:1b:25:13:a0:05:43:3f:b7:c1:
a4:c9:55:2f:91:1d:39:ce:1a:15:8c:66:4f:c9:5e:
81:3b:9d:ae:c9:eb:bc:bc:18:b9:5c:39:1b:9f:f0:
ce:91:18:d4:90:9e:0d:e1:4b:04:8c:4a:d6:e0:ea:
96:b4:8d:57:c7:1e:e3:94:0f:64:fd:87:13:a2:4a:
0c:da:e3:25:41:d9:9e:93:a5:b0:ac:16:6d:86:0d:
70:9d:a0:13:c3:89:8e:c1:49:08:7a:3b:e7:ab:c8:
a9:ef:5b:e8:8f:9b:77:4e:27:3c:db:6f:b7:88:58:
4b:be:b3:38:59:32:bb:e3:06:71:d6:4d:e0:ac:eb:
3f:1c:39:2b:c8:03:c4:ba:2c:52:87:a5:e3:e9:51:
0c:49:56:c8:7f:3a:b5:62:6b:d0:30:eb:82:42:77:
37:92:f4:d5:05:b8:37:16:47:be:9c:9e:e5:91:67:
f1:20:83:5c:4e:fd:e1:bc:81:90:81:ad:32:ac:33:
8f:14:56:c5:78:1d:77:ce:89:58:61:d6:3e:13:6a:
5f:8c:f4:24:4b:0e:b8:b7:4e:a9:72:9e:a2:7f:96:
a9:d4:91:c9:80:e3:4f:aa:ec:80:36:ec:27:cd:c0:
15:26:65:5d:73:db:90:76:cb:a7:3b:9f:0f:a2:d3:
c0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:44:0F:FD:F7:BD:41:B6:B0:FE:1E:C6:CA:CC:DB:A3:BC:A9:4B:ED
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/QkQP_fe9Qbaw_h7Gyszbo7ypS-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1a28:1157::/48
Signature Algorithm: sha256WithRSAEncryption
18:e4:19:ee:84:94:6a:11:30:6c:cd:2f:4b:0d:fd:c7:6f:f5:
a5:b1:5c:d4:ad:54:e9:9a:e5:8f:09:86:5f:f4:24:07:76:0f:
22:f4:8c:14:00:45:f8:5e:f1:00:ac:75:34:e0:13:f6:e3:8e:
a7:fa:b0:d9:fe:b4:de:38:e6:42:79:da:f0:7a:9b:0f:a3:23:
8f:52:7b:9a:92:c8:fa:dd:6c:87:e6:d5:56:b9:97:f9:e2:ac:
98:a3:db:fc:86:df:bf:80:ce:c5:06:c5:46:fc:8a:55:de:e6:
b8:2c:b4:b0:f0:a8:ad:2e:92:89:cf:0b:1b:a6:0e:f9:1f:76:
43:49:ac:e9:e4:69:38:74:f8:86:94:5c:75:80:38:ae:92:3b:
a8:10:99:48:8c:09:6d:4b:93:41:17:12:9d:bb:a6:4a:21:89:
e4:e9:33:33:ae:dc:24:2b:52:5a:8a:3e:eb:4c:fc:40:ab:1c:
70:f3:b0:72:f5:73:1a:d6:4f:6e:71:70:07:11:77:72:cc:1b:
8a:84:bd:3c:a8:b1:a3:f3:0d:52:a6:0a:88:8c:8d:0a:bd:83:
b4:fe:c8:62:8f:12:e0:16:5c:04:3f:f8:a4:01:38:72:94:11:
eb:92:ad:31:73:97:3e:28:e9:ca:b9:75:f9:03:e9:ba:f9:46:
71:e7:77:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1lNO9+92wQxUcSsjnB+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ0MGZmZGY3YmQ0MWI2YjBmZTFlYzZjYWNjZGJhM2JjYTk0YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr02pMKMbJROgBUM/t8GkyVUvkR05
zhoVjGZPyV6BO52uyeu8vBi5XDkbn/DOkRjUkJ4N4UsEjErW4OqWtI1Xxx7jlA9k
/YcTokoM2uMlQdmek6WwrBZthg1wnaATw4mOwUkIejvnq8ip71voj5t3Tic822+3
iFhLvrM4WTK74wZx1k3grOs/HDkryAPEuixSh6Xj6VEMSVbIfzq1YmvQMOuCQnc3
kvTVBbg3Fke+nJ7lkWfxIINcTv3hvIGQga0yrDOPFFbFeB13zolYYdY+E2pfjPQk
Sw64t06pcp6if5ap1JHJgONPquyANuwnzcAVJmVdc9uQdsunO58PotPAiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEJED/33vUG2sP4exsrM26O8qUvtMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvUWtRUF9mZTlRYmF3X2g3R3lzemJvN3lwUy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAaKBFX
MA0GCSqGSIb3DQEBCwUAA4IBAQAY5BnuhJRqETBszS9LDf3Hb/WlsVzUrVTpmuWP
CYZf9CQHdg8i9IwUAEX4XvEArHU04BP2446n+rDZ/rTeOOZCedrwepsPoyOPUnua
ksj63WyH5tVWuZf54qyYo9v8ht+/gM7FBsVG/IpV3ua4LLSw8KitLpKJzwsbpg75
H3ZDSazp5Gk4dPiGlFx1gDiukjuoEJlIjAltS5NBFxKdu6ZKIYnk6TMzrtwkK1Ja
ij7rTPxAqxxw87By9XMa1k9ucXAHEXdyzBuKhL08qLGj8w1SpgqIjI0KvYO0/shi
jxLgFlwEP/ikAThylBHrkq0xc5c+KOnKuXX5A+m6+UZx53cF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:56 2025 by rpki-client