Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/QbZjSv4xV1QIelVl1fHRXPXo-KY.roa
File: QbZjSv4xV1QIelVl1fHRXPXo-KY.roa (raw, json)
Hash identifier: nZ8Pn0ydQCeXXExV5rYMDz5OqoHrLBQ2oK8QMtT/S9Y=
Subject key identifier: 41:B6:63:4A:FE:31:57:54:08:7A:55:65:D5:F1:D1:5C:F5:E8:F8:A6
Certificate issuer: /CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3
Certificate serial: 0194214389E236B1ADD98D3DF8C8D0EABD80
Authority key identifier: 6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/QbZjSv4xV1QIelVl1fHRXPXo-KY.roa
Signing time: Wed 01 Jan 2025 09:47:41 +0000
ROA not before: Wed 01 Jan 2025 09:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206740
IP address blocks: 2001:678:2b9::/48 maxlen: 48
2001:678:2c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:89:e2:36:b1:ad:d9:8d:3d:f8:c8:d0:ea:bd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3
Validity
Not Before: Jan 1 09:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41b6634afe315754087a5565d5f1d15cf5e8f8a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b8:39:d0:59:5d:9c:b1:11:1d:87:4a:59:1c:
21:9a:0d:00:a0:83:f3:b0:19:06:28:9c:3f:a8:13:
eb:cd:1b:e1:48:48:fd:78:6a:f2:fa:45:6e:92:a3:
be:e1:2d:21:92:2c:8a:99:22:cf:6e:7f:e2:14:6a:
c0:2b:54:eb:ae:10:4f:ab:67:b6:66:38:2a:fa:7d:
47:67:b3:b5:a9:87:43:71:72:d2:fc:8a:83:f3:c9:
14:f5:6d:09:71:b1:76:3f:3d:8b:9f:77:7c:21:3b:
40:9d:85:79:12:35:03:fb:4f:95:7c:3e:1f:3f:8e:
d4:02:c1:f3:d2:4f:39:a7:92:92:cf:69:7f:85:7e:
95:f8:58:89:8b:c4:1e:3b:49:52:7d:0b:b5:38:eb:
fd:7c:40:da:a9:89:c7:28:0d:0e:c5:51:53:be:71:
17:1d:89:80:c0:f3:d5:fd:23:31:a8:5a:df:98:a5:
5b:5e:b7:ce:90:52:33:0e:3a:94:09:9b:92:35:d9:
c7:61:e7:2e:b5:d2:f1:68:f7:03:33:74:4a:bb:43:
d8:d0:20:f5:38:6d:62:51:ae:0f:c9:c7:45:5c:22:
73:45:00:31:40:8a:d1:a5:ac:88:97:8a:b8:e1:a0:
da:f5:3b:b6:94:f0:5d:f7:60:be:77:3c:9a:da:49:
00:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B6:63:4A:FE:31:57:54:08:7A:55:65:D5:F1:D1:5C:F5:E8:F8:A6
X509v3 Authority Key Identifier:
keyid:6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/QbZjSv4xV1QIelVl1fHRXPXo-KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/bywMZra0YSyJSYAPCSkcr6OGX9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:2b9::/48
2001:678:2c0::/48
Signature Algorithm: sha256WithRSAEncryption
0a:8f:f0:27:5d:26:40:38:b7:c5:a2:2f:d1:2e:cc:b5:71:81:
c2:56:1e:b8:6b:ae:7b:3a:f6:2a:f5:46:45:46:f1:96:88:3c:
d5:25:fe:c2:89:7f:b3:c8:8a:09:c5:09:d1:13:66:8c:e4:9b:
81:d2:33:88:5b:52:5e:b7:f8:e5:8c:fb:55:54:47:ee:0e:d3:
73:a6:bf:ea:9e:27:9b:6f:52:2a:5b:82:fa:d8:64:35:87:17:
ab:36:c8:76:e7:73:1b:1b:7c:71:20:36:55:0a:5e:81:23:6d:
f7:18:cc:a1:65:8e:7c:54:96:f0:0f:c1:75:7d:93:f0:56:92:
45:c4:73:2f:26:98:28:13:87:37:7c:51:6d:69:2f:9f:59:bd:
5c:75:b3:7d:f8:64:60:30:41:70:54:57:72:e4:ab:34:08:4f:
e1:ac:54:ce:2a:10:2a:ae:e9:aa:3f:d7:aa:e3:37:ea:be:3c:
29:bc:ba:48:37:12:35:e5:95:84:78:ad:5a:ae:36:e2:e4:d9:
f6:9c:1f:1d:fe:df:dd:8c:48:c8:bd:1c:25:df:84:ed:55:0c:
0f:2f:2a:f3:4d:79:81:63:2b:7d:72:fd:80:61:6b:89:f7:c9:
68:01:32:b3:d0:ab:9f:33:4e:83:da:39:61:e0:68:ff:59:2b:
a2:84:84:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ4niNrGt2Y09+MjQ6r2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMmMwYzY2YjZiNDYxMmM4OTQ5ODAwZjA5MjkxY2FmYTM4
NjVmZDMwHhcNMjUwMTAxMDk0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWI2NjM0YWZlMzE1NzU0MDg3YTU1NjVkNWYxZDE1Y2Y1ZThmOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybg50FldnLERHYdKWRwhmg0AoIPz
sBkGKJw/qBPrzRvhSEj9eGry+kVukqO+4S0hkiyKmSLPbn/iFGrAK1TrrhBPq2e2
Zjgq+n1HZ7O1qYdDcXLS/IqD88kU9W0JcbF2Pz2Ln3d8ITtAnYV5EjUD+0+VfD4f
P47UAsHz0k85p5KSz2l/hX6V+FiJi8QeO0lSfQu1OOv9fEDaqYnHKA0OxVFTvnEX
HYmAwPPV/SMxqFrfmKVbXrfOkFIzDjqUCZuSNdnHYecutdLxaPcDM3RKu0PY0CD1
OG1iUa4PycdFXCJzRQAxQIrRpayIl4q44aDa9Tu2lPBd92C+dzya2kkA5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEG2Y0r+MVdUCHpVZdXx0Vz16PimMB8GA1UdIwQY
MBaAFG8sDGa2tGEsiUmADwkpHK+jhl/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnl3TVpyYTBZU3lKU1lBUENTa2NyNk9HWDlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDhhNzQtNjBiOC00MTBlLWFhMzUt
MzkyYTc1MjQ2NGIxLzEvUWJaalN2NHhWMVFJZWxWbDFmSFJYUFhvLUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDhhNzQtNjBiOC00MTBlLWFhMzUtMzkyYTc1MjQ2NGIx
LzEvYnl3TVpyYTBZU3lKU1lBUENTa2NyNk9HWDlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAK5
AwcAIAEGeALAMA0GCSqGSIb3DQEBCwUAA4IBAQAKj/AnXSZAOLfFoi/RLsy1cYHC
Vh64a657OvYq9UZFRvGWiDzVJf7CiX+zyIoJxQnRE2aM5JuB0jOIW1Jet/jljPtV
VEfuDtNzpr/qniebb1IqW4L62GQ1hxerNsh253MbG3xxIDZVCl6BI233GMyhZY58
VJbwD8F1fZPwVpJFxHMvJpgoE4c3fFFtaS+fWb1cdbN9+GRgMEFwVFdy5Ks0CE/h
rFTOKhAqrumqP9eq4zfqvjwpvLpINxI15ZWEeK1arjbi5Nn2nB8d/t/djEjIvRwl
34TtVQwPLyrzTXmBYyt9cv2AYWuJ98loATKz0KufM06D2jlh4Gj/WSuihIRn
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:45:51 2025 by rpki-client