Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/Cqi9MsSVylVgRz1KeyUZv2mogKc.roa
File: Cqi9MsSVylVgRz1KeyUZv2mogKc.roa (raw, json)
Hash identifier: wTz5rtRV/G48EQ4GEu+tZpuufFGVFjV5E+3mkldGSwY=
Subject key identifier: 0A:A8:BD:32:C4:95:CA:55:60:47:3D:4A:7B:25:19:BF:69:A8:80:A7
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 0FBF27DA
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/Cqi9MsSVylVgRz1KeyUZv2mogKc.roa
Signing time: Sat 01 Jan 2022 09:57:06 +0000
ROA not before: Sat 01 Jan 2022 09:57:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203531
IP address blocks: 2a05:b0c6:1000::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 264185818 (0xfbf27da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 09:57:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0aa8bd32c495ca5560473d4a7b2519bf69a880a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:71:3a:3a:24:b9:99:d1:e8:5b:c2:43:a5:97:
d2:a8:49:ee:87:19:e5:ca:d9:e0:9e:62:ac:be:c6:
d1:ff:06:c2:2d:41:86:4b:6d:85:58:05:df:e7:c6:
63:5d:25:e6:ce:a5:9d:5c:41:b6:68:ca:2e:7d:d0:
be:a6:77:68:07:28:3e:da:95:64:4d:dc:db:54:4e:
d1:d9:73:e2:94:04:b8:ea:25:de:53:50:15:e1:cc:
13:fc:57:86:d4:6a:74:a7:12:bf:a5:a4:0d:ea:d9:
ea:fe:cb:ba:99:5f:a3:87:e2:ca:fc:4a:40:20:4b:
5f:a7:fd:85:ef:62:fd:f5:41:0b:e4:96:38:0a:c4:
57:92:2a:68:61:43:e0:46:2a:8e:7c:99:f8:9f:49:
a5:2b:7f:aa:a9:6d:51:08:7c:6a:84:95:90:31:63:
47:e4:30:a0:63:3e:5d:8f:69:24:81:15:6d:bc:fc:
60:7d:48:c4:09:4f:23:b0:da:f5:b9:b3:f5:42:c7:
02:b7:7e:bd:6a:80:1c:75:d7:4a:97:cd:44:5e:08:
13:d5:b3:0f:c3:f8:13:57:c3:26:1e:b7:5f:0a:84:
58:09:c7:95:7e:04:0f:1e:f6:6e:83:59:20:ab:16:
db:8f:fd:59:70:0b:96:10:6e:8d:50:62:dd:6d:a0:
d2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A8:BD:32:C4:95:CA:55:60:47:3D:4A:7B:25:19:BF:69:A8:80:A7
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/Cqi9MsSVylVgRz1KeyUZv2mogKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:1000::/44
Signature Algorithm: sha256WithRSAEncryption
91:ad:fa:8a:c8:13:ad:19:16:f3:d1:b4:0b:f4:b8:2c:1f:77:
04:ad:b5:5f:a4:ba:f9:25:9d:98:14:54:eb:6c:74:4c:e0:c8:
bc:3e:b5:69:c8:b6:9b:61:ad:5c:f8:7d:c2:a7:e9:76:9d:df:
e8:aa:5b:c9:ae:24:1c:00:10:ec:5a:e9:4b:43:b9:c2:d0:46:
16:a3:89:2e:bf:cc:64:3c:ca:d8:2a:f1:92:aa:10:5c:79:be:
29:6a:ca:fd:9b:66:76:21:a7:94:21:bb:3a:b4:d8:08:b0:dc:
4a:9f:40:60:c1:e4:5c:11:40:9e:b9:3a:20:74:fa:47:37:c3:
69:32:06:9d:41:35:c4:5c:e1:c5:91:c9:f9:16:6e:4c:68:c8:
d4:cf:af:c7:33:39:e7:d7:1c:3b:b4:c0:72:99:79:f3:6e:5c:
24:65:d0:f5:f7:e6:05:af:48:1f:0b:56:b2:48:94:e8:fc:a3:
d2:94:ab:d5:a5:31:02:91:87:6c:93:1a:02:77:ac:24:f1:27:
50:6e:9c:06:f8:17:1f:bd:0c:98:9f:89:02:f7:0a:96:2b:29:
fa:cd:de:0d:d5:ac:6b:10:7f:7d:8c:7a:4d:43:3c:b7:5a:97:
05:b6:ff:7d:75:d8:46:4d:05:c6:a2:2b:d2:62:6f:d2:37:53:
8f:68:8a:d6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIED78n2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjI4MzQ4ZTkwNTQ5NzNkN2E1ZjgxOTNiZDRlNWM0NGY2NzM5OWUxMB4XDTIyMDEw
MTA5NTcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFhOGJkMzJjNDk1
Y2E1NTYwNDczZDRhN2IyNTE5YmY2OWE4ODBhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhxOjokuZnR6FvCQ6WX0qhJ7ocZ5crZ4J5irL7G0f8Gwi1B
hktthVgF3+fGY10l5s6lnVxBtmjKLn3QvqZ3aAcoPtqVZE3c21RO0dlz4pQEuOol
3lNQFeHME/xXhtRqdKcSv6WkDerZ6v7Luplfo4fiyvxKQCBLX6f9he9i/fVBC+SW
OArEV5IqaGFD4EYqjnyZ+J9JpSt/qqltUQh8aoSVkDFjR+QwoGM+XY9pJIEVbbz8
YH1IxAlPI7Da9bmz9ULHArd+vWqAHHXXSpfNRF4IE9WzD8P4E1fDJh63XwqEWAnH
lX4EDx72boNZIKsW24/9WXALlhBujVBi3W2g0gcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQKqL0yxJXKVWBHPUp7JRm/aaiApzAfBgNVHSMEGDAWgBTCKDSOkFSXPXpf
gZO9TlxE9nOZ4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dpZzBqcEJVbHoxNlg0R1R2VTVjUlBaem1lRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZjE2Nzk0LTkxYWQtNDk4NC05YzZjLWU4OGZmZjgyZDU1My8x
L0NxaTlNc1NWeWxWZ1J6MUtleVVadjJtb2dLYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZjE2Nzk0LTkxYWQtNDk4NC05YzZjLWU4OGZmZjgyZDU1My8xL3dpZzBqcEJVbHox
Nlg0R1R2VTVjUlBaem1lRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoFsMYQADANBgkqhkiG9w0BAQsF
AAOCAQEAka36isgTrRkW89G0C/S4LB93BK21X6S6+SWdmBRU62x0TODIvD61aci2
m2GtXPh9wqfpdp3f6Kpbya4kHAAQ7FrpS0O5wtBGFqOJLr/MZDzK2CrxkqoQXHm+
KWrK/ZtmdiGnlCG7OrTYCLDcSp9AYMHkXBFAnrk6IHT6RzfDaTIGnUE1xFzhxZHJ
+RZuTGjI1M+vxzM559ccO7TAcpl5825cJGXQ9ffmBa9IHwtWskiU6Pyj0pSr1aUx
ApGHbJMaAnesJPEnUG6cBvgXH70MmJ+JAvcKlisp+s3eDdWsaxB/fYx6TUM8t1qX
Bbb/fXXYRk0FxqIr0mJv0jdTj2iK1g==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:46:08 2025 by rpki-client