Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/KQ7nGqqdl8DwDw35UdDbOJPZhfY.roa
File: KQ7nGqqdl8DwDw35UdDbOJPZhfY.roa (raw, json)
Hash identifier: 8pIf1gsysAeCO62ayw5k2bU+b1g8t0mrR6+zNCtTibQ=
Subject key identifier: 29:0E:E7:1A:AA:9D:97:C0:F0:0F:0D:F9:51:D0:DB:38:93:D9:85:F6
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01942747356D6C9BAB373DBA71B03DF88E9D
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/KQ7nGqqdl8DwDw35UdDbOJPZhfY.roa
Signing time: Thu 02 Jan 2025 13:49:25 +0000
ROA not before: Thu 02 Jan 2025 13:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51395
IP address blocks: 2a0b:7140:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:35:6d:6c:9b:ab:37:3d:ba:71:b0:3d:f8:8e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 13:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=290ee71aaa9d97c0f00f0df951d0db3893d985f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:50:0f:48:98:84:8e:83:3d:6c:c0:d2:30:c4:
64:e2:20:99:46:a5:79:1c:04:24:44:68:5e:f7:fd:
9e:22:f9:8d:7e:c4:22:14:7e:0f:1e:d5:55:3e:a5:
54:05:d5:66:07:1e:ea:f4:be:13:d0:55:4b:82:af:
44:52:fe:36:1e:dc:94:7f:05:13:d7:ea:05:9f:d0:
95:46:e7:aa:13:8a:bf:79:5a:48:f7:e1:f7:11:41:
be:40:9c:91:dc:d7:e0:b1:37:23:2d:12:47:31:8b:
51:61:5a:be:c5:a5:70:62:85:31:ce:2f:49:27:ed:
1c:4b:dd:9f:b0:37:69:47:33:df:3e:08:3e:87:4b:
7a:6d:97:3d:12:7a:a0:6e:86:84:fa:e1:e0:51:9a:
5f:ca:84:b1:10:a8:a5:25:a3:f0:0d:25:7a:a3:de:
7c:40:42:46:3e:de:44:4d:6f:56:55:1c:a7:37:28:
d8:4f:38:51:e6:73:a4:b3:5b:65:6e:55:9f:cc:e4:
15:e2:2e:98:c0:5c:a5:97:37:11:66:8b:42:54:d5:
24:3d:14:30:c1:9d:55:26:2b:10:48:43:61:f3:3b:
2e:09:a7:47:68:e8:95:b9:37:24:8b:41:9d:09:97:
cb:ea:60:56:29:14:df:0f:92:00:6d:a2:a7:a5:5a:
2b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0E:E7:1A:AA:9D:97:C0:F0:0F:0D:F9:51:D0:DB:38:93:D9:85:F6
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/KQ7nGqqdl8DwDw35UdDbOJPZhfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:7140:4::/48
Signature Algorithm: sha256WithRSAEncryption
46:de:07:c0:e7:35:c6:4e:82:43:e7:29:53:68:dc:bd:b6:54:
9d:d7:3a:4f:e9:5f:39:51:c9:9a:e9:3d:70:7b:25:7e:1d:ac:
36:5c:12:3f:39:97:7c:ed:a9:12:51:4e:d0:c7:9a:9f:a8:60:
35:53:8e:15:91:b5:27:28:65:14:e7:35:ba:63:e0:b3:94:c3:
34:9b:30:10:80:7d:73:39:21:8a:25:c6:d2:99:44:f0:4b:00:
93:b6:87:d5:2a:d4:3b:d6:bd:87:42:81:85:1a:5c:59:33:db:
4c:74:eb:d8:43:49:a9:c6:07:8d:e6:66:f9:92:3a:95:65:a1:
a3:93:38:53:fd:76:38:a7:c6:31:31:7f:91:80:4a:3f:9e:8f:
cf:cb:7c:5d:6a:1f:6b:b8:5d:05:02:58:82:5d:50:88:02:d3:
8a:4a:3a:f0:8c:43:c9:ee:8f:00:dd:ae:5f:30:1b:b7:bd:33:
ca:84:1c:51:d8:d3:d0:75:c3:97:de:8d:3f:76:aa:6a:ca:7d:
78:a4:2e:53:70:fc:0e:17:5a:c2:f0:93:97:ac:89:88:fe:aa:
44:f2:94:98:04:c9:0b:12:27:2a:ea:00:34:8c:5a:e0:c3:be:
36:72:01:d7:e8:60:6a:66:c9:b6:45:fa:81:dc:bc:d7:72:73:
61:7f:7b:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRzVtbJurNz26cbA9+I6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjUwMTAyMTM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBlZTcxYWFhOWQ5N2MwZjAwZjBkZjk1MWQwZGIzODkzZDk4NWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+1APSJiEjoM9bMDSMMRk4iCZRqV5
HAQkRGhe9/2eIvmNfsQiFH4PHtVVPqVUBdVmBx7q9L4T0FVLgq9EUv42HtyUfwUT
1+oFn9CVRueqE4q/eVpI9+H3EUG+QJyR3NfgsTcjLRJHMYtRYVq+xaVwYoUxzi9J
J+0cS92fsDdpRzPfPgg+h0t6bZc9EnqgboaE+uHgUZpfyoSxEKilJaPwDSV6o958
QEJGPt5ETW9WVRynNyjYTzhR5nOks1tlblWfzOQV4i6YwFyllzcRZotCVNUkPRQw
wZ1VJisQSENh8zsuCadHaOiVuTcki0GdCZfL6mBWKRTfD5IAbaKnpVorSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCkO5xqqnZfA8A8N+VHQ2ziT2YX2MB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvS1E3bkdxcWRsOER3RHczNVVkRGJPSlBaaGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgtxQAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBG3gfA5zXGToJD5ylTaNy9tlSd1zpP6V85Ucma
6T1weyV+Haw2XBI/OZd87akSUU7Qx5qfqGA1U44VkbUnKGUU5zW6Y+CzlMM0mzAQ
gH1zOSGKJcbSmUTwSwCTtofVKtQ71r2HQoGFGlxZM9tMdOvYQ0mpxgeN5mb5kjqV
ZaGjkzhT/XY4p8YxMX+RgEo/no/Py3xdah9ruF0FAliCXVCIAtOKSjrwjEPJ7o8A
3a5fMBu3vTPKhBxR2NPQdcOX3o0/dqpqyn14pC5TcPwOF1rC8JOXrImI/qpE8pSY
BMkLEicq6gA0jFrgw742cgHX6GBqZsm2RfqB3LzXcnNhf3tu
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:59:58 2025 by rpki-client