Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/CQVMbxfKTdX1IPN-P67IJWSKIls.roa
File: CQVMbxfKTdX1IPN-P67IJWSKIls.roa (raw, json)
Hash identifier: GE4ADFIAWl/azLZT6PNxm+s/J43H6HcUO+9GWQM+71Y=
Subject key identifier: 09:05:4C:6F:17:CA:4D:D5:F5:20:F3:7E:3F:AE:C8:25:64:8A:22:5B
Certificate issuer: /CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Certificate serial: 019368F9AD07A5AEFA71D9FBD04F79B83FBB
Authority key identifier: 81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/CQVMbxfKTdX1IPN-P67IJWSKIls.roa
Signing time: Tue 26 Nov 2024 14:56:53 +0000
ROA not before: Tue 26 Nov 2024 14:56:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202831
IP address blocks: 2a00:4de0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:f9:ad:07:a5:ae:fa:71:d9:fb:d0:4f:79:b8:3f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Validity
Not Before: Nov 26 14:56:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09054c6f17ca4dd5f520f37e3faec825648a225b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:44:8b:b7:99:32:1e:96:49:2c:63:88:f8:
7f:0e:c6:12:fb:78:82:a8:04:25:ed:d4:1a:0f:8b:
aa:72:7e:4d:b4:45:96:98:49:d3:b9:88:cf:6f:27:
f3:2f:d6:de:da:98:65:2e:a7:09:62:39:ce:6c:f0:
df:1b:24:de:bd:1e:1e:b4:fc:bf:29:cd:14:96:d9:
c6:47:c4:c7:dc:b4:16:6a:99:8f:34:93:68:1b:5d:
94:14:4b:c2:e4:d1:17:2b:72:50:d0:d6:10:08:a4:
c7:a1:d6:76:ab:c0:11:39:7c:2a:c3:f8:6f:eb:6b:
2b:cc:61:de:d7:da:ce:d2:96:60:6a:10:47:37:03:
20:71:52:03:c9:7d:e1:45:ae:1b:64:15:f5:45:c5:
f5:aa:86:ab:b7:a0:23:26:ef:5e:3c:34:40:60:86:
9a:ca:7b:48:0c:79:b8:3e:18:97:2f:0e:48:d3:7c:
7d:6b:6c:c2:e5:ea:1f:9a:0c:2e:6f:89:b7:70:ab:
ba:b0:c1:f8:d3:f2:1b:31:cb:94:ed:ac:02:27:27:
9d:4b:33:14:98:02:bb:15:d6:30:db:48:7a:0b:d8:
b9:ed:72:d9:1f:1e:77:47:0d:32:92:ad:28:64:e2:
db:23:bf:c8:47:37:66:03:97:eb:4b:07:d8:81:d3:
4d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:05:4C:6F:17:CA:4D:D5:F5:20:F3:7E:3F:AE:C8:25:64:8A:22:5B
X509v3 Authority Key Identifier:
keyid:81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/CQVMbxfKTdX1IPN-P67IJWSKIls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/geNIePlrOZeqePTH-2le8NvG02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:4de0::/29
Signature Algorithm: sha256WithRSAEncryption
11:d8:c6:e7:78:73:87:08:1d:98:af:cc:1a:d0:44:34:20:e4:
ec:19:cf:f1:f1:16:01:72:a2:59:41:a4:ef:ea:9b:bf:e8:42:
d8:fd:ba:a9:bd:16:50:35:b8:52:66:af:17:a5:c9:56:02:80:
05:3e:9c:3f:54:12:4c:12:0d:04:83:b4:68:e6:0f:bb:c8:8a:
36:3e:a7:86:49:d3:f6:b9:1c:74:ad:39:70:47:dd:db:f9:86:
c3:91:73:b7:c7:09:2e:09:ff:5a:b3:43:ac:f6:ad:5a:3a:d1:
c6:21:7f:d6:28:4f:59:f3:eb:4d:11:08:77:d9:f1:16:65:5d:
93:31:24:0c:d2:8c:f7:57:27:86:c4:25:bb:df:26:6a:65:14:
aa:8f:d1:d7:9d:9f:42:c6:ef:1a:f7:25:30:20:53:b4:20:d8:
b2:3d:7b:e5:97:42:e2:35:c1:56:fa:7a:07:73:cd:35:a8:af:
52:d5:45:75:64:60:72:9c:78:f0:72:6b:f9:30:cd:d2:f9:d1:
d0:df:0c:1c:77:30:d7:59:87:59:b1:c9:d8:59:35:59:e9:5b:
06:71:ab:86:61:07:0c:6b:50:45:53:64:ae:ec:43:25:c1:9b:
aa:da:bf:36:e7:09:eb:12:0d:99:e1:76:57:90:d4:54:3d:3d:
10:6b:c4:c9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNo+a0Hpa76cdn70E95uD+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTM0ODc4Zjk2YjM5OTdhYTc4ZjRjN2ZiNjk1ZWYwZGJj
NmQzNjAwHhcNMjQxMTI2MTQ1NjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA1NGM2ZjE3Y2E0ZGQ1ZjUyMGYzN2UzZmFlYzgyNTY0OGEyMjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDdEi7eZMh6WSSxjiPh/DsYS+3iC
qAQl7dQaD4uqcn5NtEWWmEnTuYjPbyfzL9be2phlLqcJYjnObPDfGyTevR4etPy/
Kc0UltnGR8TH3LQWapmPNJNoG12UFEvC5NEXK3JQ0NYQCKTHodZ2q8AROXwqw/hv
62srzGHe19rO0pZgahBHNwMgcVIDyX3hRa4bZBX1RcX1qoart6AjJu9ePDRAYIaa
yntIDHm4PhiXLw5I03x9a2zC5eofmgwub4m3cKu6sMH40/IbMcuU7awCJyedSzMU
mAK7FdYw20h6C9i57XLZHx53Rw0ykq0oZOLbI7/IRzdmA5frSwfYgdNNxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAkFTG8Xyk3V9SDzfj+uyCVkiiJbMB8GA1UdIwQY
MBaAFIHjSHj5azmXqnj0x/tpXvDbxtNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAt
YjUzMjA0ZDkzYzMzLzEvQ1FWTWJ4ZktUZFgxSVBOLVA2N0lKV1NLSWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAtYjUzMjA0ZDkzYzMz
LzEvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgBN4DAN
BgkqhkiG9w0BAQsFAAOCAQEAEdjG53hzhwgdmK/MGtBENCDk7BnP8fEWAXKiWUGk
7+qbv+hC2P26qb0WUDW4UmavF6XJVgKABT6cP1QSTBINBIO0aOYPu8iKNj6nhknT
9rkcdK05cEfd2/mGw5Fzt8cJLgn/WrNDrPatWjrRxiF/1ihPWfPrTREId9nxFmVd
kzEkDNKM91cnhsQlu98mamUUqo/R152fQsbvGvclMCBTtCDYsj175ZdC4jXBVvp6
B3PNNaivUtVFdWRgcpx48HJr+TDN0vnR0N8MHHcw11mHWbHJ2Fk1WelbBnGrhmEH
DGtQRVNkruxDJcGbqtq/NucJ6xINmeF2V5DUVD09EGvEyQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:15:42 2025 by rpki-client