Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/Q574KhjrEs6Pk6gAXnqSNd3H6nI.roa
File: Q574KhjrEs6Pk6gAXnqSNd3H6nI.roa (raw, json)
Hash identifier: kSb7ulKLzVahH8lyruqngzFvVZ+7jFtvgRmAP+c/YDI=
Subject key identifier: 43:9E:F8:2A:18:EB:12:CE:8F:93:A8:00:5E:7A:92:35:DD:C7:EA:72
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 019421B2426F0630CB4EF59D84CE0EA7BA6E
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/Q574KhjrEs6Pk6gAXnqSNd3H6nI.roa
Signing time: Wed 01 Jan 2025 11:48:38 +0000
ROA not before: Wed 01 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44331
IP address blocks: 2a07:2486:fe0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:42:6f:06:30:cb:4e:f5:9d:84:ce:0e:a7:ba:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Jan 1 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=439ef82a18eb12ce8f93a8005e7a9235ddc7ea72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:84:bf:02:2f:3d:ab:a9:a9:87:3f:bb:e8:9b:
98:5e:fb:a0:db:17:00:eb:1f:1c:1f:0a:b8:6e:5f:
22:0d:0d:b2:14:98:53:6f:9c:53:58:72:06:55:87:
34:f5:ff:75:b6:88:71:e0:87:a0:cd:b4:e3:85:a7:
42:ef:b4:a9:9b:9e:81:e1:19:0c:9a:2f:cd:a2:8f:
c1:90:f4:32:6d:99:58:be:d9:b3:e6:f0:85:91:0e:
1b:56:66:f2:5a:e6:9f:97:b5:76:cf:9c:30:51:d0:
15:6f:6c:71:26:27:df:af:a3:94:20:a5:ed:71:2e:
af:ad:8b:49:3c:0e:87:27:7b:50:e6:cd:0d:7c:10:
93:50:a6:ce:ae:bb:aa:d7:42:01:8c:98:e5:e6:a6:
d0:a6:b0:cf:3f:af:9b:41:ea:dc:8a:a5:67:52:ac:
7e:bb:ae:65:33:a4:b8:45:48:02:77:47:ee:85:9a:
9b:09:29:b3:8c:97:cd:50:20:a2:55:51:ba:d6:7b:
81:76:55:e9:7f:45:c1:d5:66:9c:9c:11:d0:bc:aa:
68:6c:e4:b1:a1:9e:5c:81:73:1b:93:d8:3f:fa:f1:
b5:21:aa:96:90:7d:1b:04:ba:d4:6c:06:17:91:c5:
f4:33:8e:a7:5e:9c:79:8d:ad:c5:d4:bc:f3:0a:a1:
bc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9E:F8:2A:18:EB:12:CE:8F:93:A8:00:5E:7A:92:35:DD:C7:EA:72
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/Q574KhjrEs6Pk6gAXnqSNd3H6nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486:fe0::/44
Signature Algorithm: sha256WithRSAEncryption
15:84:3f:c2:6c:40:50:36:b1:4c:78:c2:db:0d:d5:dd:89:70:
40:42:7a:47:57:d4:43:e3:3b:ef:26:e6:9f:c4:b6:e2:e4:33:
01:be:f6:43:4c:c7:f6:fc:0a:66:44:1a:4c:29:16:f1:85:a6:
6c:d8:02:d2:33:90:d6:89:9e:8a:7c:3a:b0:47:80:6b:3f:6a:
a3:9b:14:0b:c3:62:e8:4c:f3:86:f0:1b:f0:2c:d0:ff:41:89:
8d:c7:1c:75:61:5d:1d:04:d2:75:e8:51:ac:bc:1c:19:b1:ba:
6c:3b:5f:a7:08:df:2f:29:b6:ae:3a:32:3c:6b:b9:d2:d9:b7:
69:dd:b4:9e:b2:ca:cf:b3:a2:cd:bb:31:30:ff:a0:c5:bb:43:
82:04:86:1f:6b:8c:38:e8:8f:a5:38:8f:a1:0c:8d:74:29:02:
55:0a:02:77:6d:2d:c5:b5:f2:3d:9d:44:78:aa:a4:66:84:61:
39:42:fb:b0:95:9e:76:cf:ab:7b:85:32:b8:9e:57:8f:0e:18:
69:27:89:be:e3:f4:5c:a0:5a:b4:42:b4:8f:43:65:de:85:fd:
c5:8f:62:16:d6:68:a8:71:78:0a:70:53:ef:27:9d:be:60:88:
38:41:f6:3a:8b:25:9a:76:9c:0e:a1:8b:3b:02:74:cc:cf:39:
f8:4e:aa:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhskJvBjDLTvWdhM4Op7puMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjUwMTAxMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzllZjgyYTE4ZWIxMmNlOGY5M2E4MDA1ZTdhOTIzNWRkYzdlYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIS/Ai89q6mphz+76JuYXvug2xcA
6x8cHwq4bl8iDQ2yFJhTb5xTWHIGVYc09f91tohx4IegzbTjhadC77Spm56B4RkM
mi/Noo/BkPQybZlYvtmz5vCFkQ4bVmbyWuafl7V2z5wwUdAVb2xxJiffr6OUIKXt
cS6vrYtJPA6HJ3tQ5s0NfBCTUKbOrruq10IBjJjl5qbQprDPP6+bQerciqVnUqx+
u65lM6S4RUgCd0fuhZqbCSmzjJfNUCCiVVG61nuBdlXpf0XB1WacnBHQvKpobOSx
oZ5cgXMbk9g/+vG1IaqWkH0bBLrUbAYXkcX0M46nXpx5ja3F1LzzCqG8awIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEOe+CoY6xLOj5OoAF56kjXdx+pyMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvUTU3NEtoanJFczZQazZnQVhucVNOZDNINm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgckhg/g
MA0GCSqGSIb3DQEBCwUAA4IBAQAVhD/CbEBQNrFMeMLbDdXdiXBAQnpHV9RD4zvv
JuafxLbi5DMBvvZDTMf2/ApmRBpMKRbxhaZs2ALSM5DWiZ6KfDqwR4BrP2qjmxQL
w2LoTPOG8BvwLND/QYmNxxx1YV0dBNJ16FGsvBwZsbpsO1+nCN8vKbauOjI8a7nS
2bdp3bSessrPs6LNuzEw/6DFu0OCBIYfa4w46I+lOI+hDI10KQJVCgJ3bS3FtfI9
nUR4qqRmhGE5QvuwlZ52z6t7hTK4nlePDhhpJ4m+4/RcoFq0QrSPQ2Xehf3Fj2IW
1miocXgKcFPvJ52+YIg4QfY6iyWadpwOoYs7AnTMzzn4TqpC
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:34:24 2025 by rpki-client