Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/Q-k4eP71XDc11_L4_l_xUnKRF5E.roa
File: Q-k4eP71XDc11_L4_l_xUnKRF5E.roa (raw, json)
Hash identifier: LRoS7+b3eCmFJlD9TdL/ZA7RouROtd2Rd2SIPOdtZjI=
Subject key identifier: 43:E9:38:78:FE:F5:5C:37:35:D7:F2:F8:FE:5F:F1:52:72:91:17:91
Certificate issuer: /CN=9f69bdf9bbd2a4597e26ce20bfe138624cad33dc
Certificate serial: 0195AE13D3CB7B039FEDED61C952AEC4138F
Authority key identifier: 9F:69:BD:F9:BB:D2:A4:59:7E:26:CE:20:BF:E1:38:62:4C:AD:33:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/Q-k4eP71XDc11_L4_l_xUnKRF5E.roa
Signing time: Wed 19 Mar 2025 11:04:49 +0000
ROA not before: Wed 19 Mar 2025 11:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12337
IP address blocks: 212.29.11.0/24 maxlen: 24
212.29.12.0/24 maxlen: 24
212.29.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:13:d3:cb:7b:03:9f:ed:ed:61:c9:52:ae:c4:13:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f69bdf9bbd2a4597e26ce20bfe138624cad33dc
Validity
Not Before: Mar 19 11:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43e93878fef55c3735d7f2f8fe5ff15272911791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:25:db:df:73:43:c9:72:bf:d4:ec:b4:1f:0c:
1a:12:e5:bd:c7:1c:00:0b:4f:44:ec:bb:49:90:7b:
08:1b:eb:f3:e9:cf:15:2b:33:00:62:d0:3a:35:a9:
f3:94:eb:cf:e2:17:9c:d6:3d:33:1f:61:c4:62:a8:
54:26:12:03:a2:e6:36:d9:6f:0f:67:15:98:01:df:
20:29:da:2d:b0:e3:ef:d1:9b:91:af:a2:85:e8:99:
fb:63:f2:d3:a8:ea:79:df:09:8a:df:b8:c2:8c:6e:
6e:34:04:a3:b1:b1:a7:5f:2f:e5:a6:e1:e1:09:1b:
90:37:95:44:13:72:73:70:b8:23:ea:0c:2e:f7:e3:
8c:07:e5:e9:12:3c:eb:37:ec:95:77:65:82:f9:6e:
33:f7:97:04:57:a7:39:76:70:0c:fa:7a:82:fc:54:
6e:60:2b:73:f2:11:3e:ac:3b:0e:7f:44:c5:a7:d9:
b4:70:5c:56:c4:c9:c4:34:f4:fe:62:69:f5:59:ec:
ac:ec:58:0d:c4:67:0f:d1:86:ba:d8:d2:56:11:ce:
ab:79:24:6a:88:27:14:6b:f2:a2:b8:06:c6:be:eb:
24:8d:71:b5:25:f7:ec:e0:38:a1:53:27:c5:43:aa:
6d:b0:43:8e:2a:14:ce:40:6d:42:9d:ce:fa:82:79:
c8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E9:38:78:FE:F5:5C:37:35:D7:F2:F8:FE:5F:F1:52:72:91:17:91
X509v3 Authority Key Identifier:
keyid:9F:69:BD:F9:BB:D2:A4:59:7E:26:CE:20:BF:E1:38:62:4C:AD:33:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/Q-k4eP71XDc11_L4_l_xUnKRF5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/n2m9-bvSpFl-Js4gv-E4YkytM9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.29.11.0-212.29.13.255
Signature Algorithm: sha256WithRSAEncryption
10:ec:0c:a2:8b:09:80:6b:81:11:e2:bb:f8:47:ce:39:46:44:
c6:25:8b:b7:39:3e:80:2c:d8:e8:05:9f:85:53:a2:07:0e:7d:
7d:db:0b:0d:05:4c:31:8e:f8:8c:30:7f:a2:78:39:e1:1d:e5:
27:fa:2f:88:cc:d5:02:48:e8:08:2e:87:f6:ed:55:d8:f1:a8:
b0:91:3b:f7:88:71:df:31:99:5b:94:fd:e0:89:3c:4e:cf:c7:
77:84:4c:3e:9d:fa:8a:de:ad:d0:87:09:5d:b8:02:ec:71:07:
6c:b6:21:34:4d:58:1a:18:01:ba:ff:5e:db:a6:22:85:e0:fc:
1f:50:50:df:f7:ba:9f:b6:0e:59:f3:2c:47:87:65:e1:eb:9c:
7a:f8:79:1c:f3:99:ff:fb:0e:5b:5e:c8:04:a0:f7:6f:45:17:
83:44:d2:52:e3:77:ac:a0:b9:7b:3c:b5:82:b9:9f:2d:6c:75:
f7:83:c5:26:14:b2:f2:d3:45:47:9b:15:39:bb:a7:ef:0a:2c:
13:e1:59:21:5c:1a:e3:25:c6:6a:a8:49:18:29:b8:d3:af:23:
f9:34:39:94:36:b4:17:64:8a:3c:3a:c2:c6:e8:61:2e:3c:ba:
61:55:26:71:ac:86:ec:b5:d3:bf:41:cc:0c:6c:31:9b:5f:d3:
93:74:4e:c6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZWuE9PLewOf7e1hyVKuxBOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjliZGY5YmJkMmE0NTk3ZTI2Y2UyMGJmZTEzODYyNGNh
ZDMzZGMwHhcNMjUwMzE5MTEwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2U5Mzg3OGZlZjU1YzM3MzVkN2YyZjhmZTVmZjE1MjcyOTExNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CXb33NDyXK/1Oy0HwwaEuW9xxwA
C09E7LtJkHsIG+vz6c8VKzMAYtA6NanzlOvP4hec1j0zH2HEYqhUJhIDouY22W8P
ZxWYAd8gKdotsOPv0ZuRr6KF6Jn7Y/LTqOp53wmK37jCjG5uNASjsbGnXy/lpuHh
CRuQN5VEE3JzcLgj6gwu9+OMB+XpEjzrN+yVd2WC+W4z95cEV6c5dnAM+nqC/FRu
YCtz8hE+rDsOf0TFp9m0cFxWxMnENPT+Ymn1Weys7FgNxGcP0Ya62NJWEc6reSRq
iCcUa/KiuAbGvuskjXG1Jffs4DihUyfFQ6ptsEOOKhTOQG1Cnc76gnnIIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEPpOHj+9Vw3Ndfy+P5f8VJykReRMB8GA1UdIwQY
MBaAFJ9pvfm70qRZfibOIL/hOGJMrTPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJtOS1idlNwRmwtSnM0Z3YtRTRZa3l0TTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jZGJkMGEtNjhlYy00ODdkLThmZWEt
NjE5MjgxMzgwYmMyLzEvUS1rNGVQNzFYRGMxMV9MNF9sX3hVbktSRjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jZGJkMGEtNjhlYy00ODdkLThmZWEtNjE5MjgxMzgwYmMy
LzEvbjJtOS1idlNwRmwtSnM0Z3YtRTRZa3l0TTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADUHQsD
BAHUHQwwDQYJKoZIhvcNAQELBQADggEBABDsDKKLCYBrgRHiu/hHzjlGRMYli7c5
PoAs2OgFn4VTogcOfX3bCw0FTDGO+Iwwf6J4OeEd5Sf6L4jM1QJI6Aguh/btVdjx
qLCRO/eIcd8xmVuU/eCJPE7Px3eETD6d+orerdCHCV24AuxxB2y2ITRNWBoYAbr/
XtumIoXg/B9QUN/3up+2DlnzLEeHZeHrnHr4eRzzmf/7DlteyASg929FF4NE0lLj
d6yguXs8tYK5ny1sdfeDxSYUsvLTRUebFTm7p+8KLBPhWSFcGuMlxmqoSRgpuNOv
I/k0OZQ2tBdkijw6wsboYS48umFVJnGshuy1079BzAxsMZtf05N0TsY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:19:34 2025 by rpki-client