Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/QXugoeVgr-TGP6dpM9HUR9vrZ40.roa
File: QXugoeVgr-TGP6dpM9HUR9vrZ40.roa (raw, json)
Hash identifier: IrnQDVPE2ehNPW6mOneBQoNo5HAZRi1PkaUVzQIq730=
Subject key identifier: 41:7B:A0:A1:E5:60:AF:E4:C6:3F:A7:69:33:D1:D4:47:DB:EB:67:8D
Certificate issuer: /CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Certificate serial: 0184AECE5ED2D8C360968CFC415719D0EA78
Authority key identifier: 4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/QXugoeVgr-TGP6dpM9HUR9vrZ40.roa
Signing time: Fri 25 Nov 2022 12:41:10 +0000
ROA not before: Fri 25 Nov 2022 12:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57757
IP address blocks: 2a0e:4480::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:ce:5e:d2:d8:c3:60:96:8c:fc:41:57:19:d0:ea:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Validity
Not Before: Nov 25 12:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=417ba0a1e560afe4c63fa76933d1d447dbeb678d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:11:fd:f2:88:c3:76:03:f6:e1:c1:2e:06:3c:
76:62:2c:a7:b2:c3:d0:d3:1f:76:79:13:e4:25:20:
e9:85:07:25:43:2b:5c:33:9e:6d:67:31:e7:fb:9d:
89:c2:ff:81:c5:0d:1b:7f:a3:5e:69:b2:58:96:a3:
1f:28:ce:ae:7d:af:bb:13:1b:f2:bd:9d:5f:59:2b:
88:43:ba:73:09:56:4d:4e:a8:85:0c:54:2f:94:59:
b6:7d:8e:a1:2f:e5:f7:a1:df:19:29:bd:a1:a3:f2:
07:74:4b:63:79:2a:12:0b:9a:50:cf:99:3e:b7:40:
02:97:d0:e3:9b:ed:e5:fa:22:ac:db:bf:5e:6f:91:
ba:64:7f:f2:29:08:22:9c:70:b4:cc:8c:de:cd:c2:
9c:4c:05:fb:e4:04:a8:8c:5d:dc:77:b5:de:ec:41:
26:d9:8f:c5:81:70:9b:4d:b8:09:14:7d:f8:f9:35:
77:2d:08:80:17:e6:36:cb:29:76:90:f2:63:72:69:
1e:dc:c2:88:2d:a7:f6:80:09:df:fd:96:f4:1e:b3:
10:5f:23:41:c2:af:f2:5f:5b:a8:f1:b3:e9:f5:db:
89:ea:0e:70:2b:62:78:26:45:c1:dd:ac:0f:1d:03:
8a:b7:09:59:66:87:7e:ab:f4:e2:eb:84:59:2c:ea:
14:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7B:A0:A1:E5:60:AF:E4:C6:3F:A7:69:33:D1:D4:47:DB:EB:67:8D
X509v3 Authority Key Identifier:
keyid:4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/QXugoeVgr-TGP6dpM9HUR9vrZ40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/TATgEjGx24ILH11UKDSrBfaT_Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4480::/32
Signature Algorithm: sha256WithRSAEncryption
98:4d:55:f4:ff:93:7e:1c:c1:13:6c:16:32:ba:ff:92:a7:2f:
e4:a0:c4:60:ad:51:ca:49:b6:83:46:66:b2:46:37:93:e0:67:
b7:be:a4:19:68:8a:44:a4:43:28:86:c2:5f:c4:c5:86:64:b0:
24:82:1c:ad:30:7a:ca:a9:b3:2e:e9:a6:52:5d:eb:fc:5b:59:
2a:dc:da:96:e3:8b:7b:05:94:a2:d1:10:48:11:c0:19:4f:c5:
86:bf:9b:d1:0c:d7:9b:71:27:61:ab:21:b1:0b:b1:64:ed:94:
03:3b:5a:f4:ff:b8:69:c2:5b:47:87:00:91:f1:58:9d:55:f2:
e9:0b:98:57:90:e4:39:31:ce:ab:13:07:c9:7f:86:4a:16:57:
4b:4f:31:f6:03:fb:ab:02:24:be:16:a3:d3:07:97:67:62:dd:
4e:89:2a:4e:7f:52:68:c3:61:fa:65:26:02:29:ef:c8:55:1f:
b4:18:13:70:0c:4d:f0:be:43:c8:7b:6c:b7:fb:c0:09:75:cc:
78:9a:25:1b:2e:42:c5:a9:05:88:a5:2a:c0:5a:3f:2d:82:b6:
71:70:aa:e0:de:0f:0e:6b:dd:26:7c:a6:45:95:9c:bc:a2:1e:
ba:62:99:0b:aa:80:00:eb:9b:fe:7a:56:de:4f:6c:9d:97:b2:
e3:8c:5a:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSuzl7S2MNgloz8QVcZ0Op4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDRlMDEyMzFiMWRiODIwYjFmNWQ1NDI4MzRhYjA1ZjY5
M2ZkNzgwHhcNMjIxMTI1MTI0MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTdiYTBhMWU1NjBhZmU0YzYzZmE3NjkzM2QxZDQ0N2RiZWI2NzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBH98ojDdgP24cEuBjx2YiynssPQ
0x92eRPkJSDphQclQytcM55tZzHn+52Jwv+BxQ0bf6NeabJYlqMfKM6ufa+7Exvy
vZ1fWSuIQ7pzCVZNTqiFDFQvlFm2fY6hL+X3od8ZKb2ho/IHdEtjeSoSC5pQz5k+
t0ACl9Djm+3l+iKs279eb5G6ZH/yKQginHC0zIzezcKcTAX75ASojF3cd7Xe7EEm
2Y/FgXCbTbgJFH34+TV3LQiAF+Y2yyl2kPJjcmke3MKILaf2gAnf/Zb0HrMQXyNB
wq/yX1uo8bPp9duJ6g5wK2J4JkXB3awPHQOKtwlZZod+q/Ti64RZLOoUEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEF7oKHlYK/kxj+naTPR1Efb62eNMB8GA1UdIwQY
MBaAFEwE4BIxsduCCx9dVCg0qwX2k/14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFUZ0VqR3gyNElMSDExVUtEU3JCZmFUX1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iZTgxNDMtYTQwOC00OWFiLWExNDct
Y2RhMTE3ZmU4MzBkLzEvUVh1Z29lVmdyLVRHUDZkcE05SFVSOXZyWjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iZTgxNDMtYTQwOC00OWFiLWExNDctY2RhMTE3ZmU4MzBk
LzEvVEFUZ0VqR3gyNElMSDExVUtEU3JCZmFUX1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5EgDAN
BgkqhkiG9w0BAQsFAAOCAQEAmE1V9P+TfhzBE2wWMrr/kqcv5KDEYK1Rykm2g0Zm
skY3k+Bnt76kGWiKRKRDKIbCX8TFhmSwJIIcrTB6yqmzLummUl3r/FtZKtzaluOL
ewWUotEQSBHAGU/Fhr+b0QzXm3EnYashsQuxZO2UAzta9P+4acJbR4cAkfFYnVXy
6QuYV5DkOTHOqxMHyX+GShZXS08x9gP7qwIkvhaj0weXZ2LdTokqTn9SaMNh+mUm
AinvyFUftBgTcAxN8L5DyHtst/vACXXMeJolGy5CxakFiKUqwFo/LYK2cXCq4N4P
DmvdJnymRZWcvKIeumKZC6qAAOub/npW3k9snZey44xaAQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:22 2025 by rpki-client