Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d334fd-8aed-4fd2-891c-7e453293c3ca/1/Q-JR0ruG60n9-6yutUjGj_qouBw.roa
File: Q-JR0ruG60n9-6yutUjGj_qouBw.roa (raw, json)
Hash identifier: gQIxSIgXSKRzjXw0lrl305KAVbo+iV0i8BY+eVww4b4=
Subject key identifier: 43:E2:51:D2:BB:86:EB:49:FD:FB:AC:AE:B5:48:C6:8F:FA:A8:B8:1C
Certificate issuer: /CN=e0aaf8efa1f5aec6dd963c62cf53ada2551adb2a
Certificate serial: 01857082AEF74D94BD0AAA0D1FD12895CAF2
Authority key identifier: E0:AA:F8:EF:A1:F5:AE:C6:DD:96:3C:62:CF:53:AD:A2:55:1A:DB:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Kr476H1rsbdljxiz1OtolUa2yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d334fd-8aed-4fd2-891c-7e453293c3ca/1/Q-JR0ruG60n9-6yutUjGj_qouBw.roa
Signing time: Mon 02 Jan 2023 03:24:50 +0000
ROA not before: Mon 02 Jan 2023 03:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213021
IP address blocks: 2001:67c:1104::/48 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:ae:f7:4d:94:bd:0a:aa:0d:1f:d1:28:95:ca:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0aaf8efa1f5aec6dd963c62cf53ada2551adb2a
Validity
Not Before: Jan 2 03:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43e251d2bb86eb49fdfbacaeb548c68ffaa8b81c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:f1:7f:c6:31:bc:37:f5:a2:3d:1c:68:40:
8c:8c:29:e3:d2:a2:06:ce:72:2e:45:24:8a:30:87:
ac:af:96:03:9d:28:5f:5a:af:2e:a5:a6:b5:63:d2:
1a:07:62:47:b5:48:fe:3f:98:32:0f:c1:b6:01:6e:
36:3a:7b:84:f5:ea:91:83:fb:38:02:29:3c:bc:0c:
3c:d5:f3:15:0a:df:b8:43:4b:0a:21:76:db:cc:5c:
cf:bd:c2:7f:75:e7:e4:f9:97:86:3c:fc:e8:16:df:
aa:27:25:a2:29:af:f4:4d:7a:e4:2d:ae:81:83:db:
1f:03:3e:26:5e:4e:3e:91:b2:ce:f9:21:b4:fe:89:
0d:73:60:d3:47:95:43:71:3c:86:e8:41:d0:56:13:
14:dd:29:57:7b:1f:3c:42:90:89:27:b1:d8:96:bb:
6b:97:b5:34:41:52:8a:65:20:75:74:bc:51:0d:2c:
58:2e:4b:95:c7:48:f8:bc:e0:38:69:8e:e8:4d:f4:
d5:80:27:5c:19:d6:d4:5b:77:21:a3:27:f8:59:49:
07:f3:82:41:0c:65:11:0b:4f:c7:79:c5:c7:1c:66:
57:80:9f:9d:77:e8:27:b7:e8:ed:1c:c8:66:23:5b:
90:8a:4f:97:ae:f1:47:c1:e1:81:2f:20:a5:11:5f:
4b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E2:51:D2:BB:86:EB:49:FD:FB:AC:AE:B5:48:C6:8F:FA:A8:B8:1C
X509v3 Authority Key Identifier:
keyid:E0:AA:F8:EF:A1:F5:AE:C6:DD:96:3C:62:CF:53:AD:A2:55:1A:DB:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Kr476H1rsbdljxiz1OtolUa2yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d334fd-8aed-4fd2-891c-7e453293c3ca/1/Q-JR0ruG60n9-6yutUjGj_qouBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d334fd-8aed-4fd2-891c-7e453293c3ca/1/4Kr476H1rsbdljxiz1OtolUa2yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1104::/48
Signature Algorithm: sha256WithRSAEncryption
4a:9b:14:33:bf:ab:c7:ad:3b:cb:ab:b1:5f:73:3c:78:9c:a1:
8c:91:f1:d4:37:b0:ea:e9:e7:4b:c2:8b:93:f2:a8:d0:9a:77:
22:d9:4d:85:ce:d7:fc:bd:23:38:46:c3:62:d4:1d:b8:cd:b8:
1f:ae:d6:90:24:90:c2:4a:9c:84:d0:53:06:84:ed:d9:0b:cd:
82:20:ad:21:c2:9b:29:1c:ed:05:2b:a0:e8:d8:d0:7b:56:dd:
a3:6a:ee:04:4c:18:77:45:ef:38:d4:b9:78:49:ca:7b:65:8c:
1c:6f:d1:2f:f8:1e:d4:50:d9:47:a2:2e:d4:87:02:5b:78:14:
4a:f3:ea:cb:67:37:87:a9:f6:df:08:3d:ef:90:32:a7:f7:8c:
36:17:97:52:77:78:31:da:d7:17:7f:d2:83:7f:08:cb:81:0d:
bd:2c:07:37:14:29:b3:c8:9a:44:45:09:95:ca:b7:b3:9c:c3:
88:f9:08:75:47:43:6e:fd:66:6a:c3:48:26:b1:b1:df:41:25:
79:a1:cb:bf:c5:94:31:a1:45:2e:1e:d8:c9:18:e8:73:20:ee:
46:15:d4:6a:23:a9:4e:f9:e0:e0:d6:2a:1b:cd:09:c9:c9:33:
5d:42:9d:10:f6:75:2b:2f:c1:80:cf:c4:4d:2c:f9:79:ad:27:
11:de:d9:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVwgq73TZS9CqoNH9EolcryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYWFmOGVmYTFmNWFlYzZkZDk2M2M2MmNmNTNhZGEyNTUx
YWRiMmEwHhcNMjMwMTAyMDMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2UyNTFkMmJiODZlYjQ5ZmRmYmFjYWViNTQ4YzY4ZmZhYThiODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlnxf8YxvDf1oj0caECMjCnj0qIG
znIuRSSKMIesr5YDnShfWq8upaa1Y9IaB2JHtUj+P5gyD8G2AW42OnuE9eqRg/s4
Aik8vAw81fMVCt+4Q0sKIXbbzFzPvcJ/defk+ZeGPPzoFt+qJyWiKa/0TXrkLa6B
g9sfAz4mXk4+kbLO+SG0/okNc2DTR5VDcTyG6EHQVhMU3SlXex88QpCJJ7HYlrtr
l7U0QVKKZSB1dLxRDSxYLkuVx0j4vOA4aY7oTfTVgCdcGdbUW3choyf4WUkH84JB
DGURC0/HecXHHGZXgJ+dd+gnt+jtHMhmI1uQik+XrvFHweGBLyClEV9LawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEPiUdK7hutJ/fusrrVIxo/6qLgcMB8GA1UdIwQY
MBaAFOCq+O+h9a7G3ZY8Ys9TraJVGtsqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtyNDc2SDFyc2JkbGp4aXoxT3RvbFVhMnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kMzM0ZmQtOGFlZC00ZmQyLTg5MWMt
N2U0NTMyOTNjM2NhLzEvUS1KUjBydUc2MG45LTZ5dXRVakdqX3FvdUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kMzM0ZmQtOGFlZC00ZmQyLTg5MWMtN2U0NTMyOTNjM2Nh
LzEvNEtyNDc2SDFyc2JkbGp4aXoxT3RvbFVhMnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBEE
MA0GCSqGSIb3DQEBCwUAA4IBAQBKmxQzv6vHrTvLq7Ffczx4nKGMkfHUN7Dq6edL
wouT8qjQmnci2U2Fztf8vSM4RsNi1B24zbgfrtaQJJDCSpyE0FMGhO3ZC82CIK0h
wpspHO0FK6Do2NB7Vt2jau4ETBh3Re841Ll4Scp7ZYwcb9Ev+B7UUNlHoi7UhwJb
eBRK8+rLZzeHqfbfCD3vkDKn94w2F5dSd3gx2tcXf9KDfwjLgQ29LAc3FCmzyJpE
RQmVyreznMOI+Qh1R0Nu/WZqw0gmsbHfQSV5ocu/xZQxoUUuHtjJGOhzIO5GFdRq
I6lO+eDg1iobzQnJyTNdQp0Q9nUrL8GAz8RNLPl5rScR3tmX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:04 2025 by rpki-client