Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/Q--DTNqLVHNOeaPyHtBXqGcbW1E.roa
File: Q--DTNqLVHNOeaPyHtBXqGcbW1E.roa (raw, json)
Hash identifier: SDBJCpcb05bD25AZuEkv4WEh9Sz4g8KvABAB/w4rEKY=
Subject key identifier: 43:EF:83:4C:DA:8B:54:73:4E:79:A3:F2:1E:D0:57:A8:67:1B:5B:51
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067E8E61A6914E109EFD650C3111E44
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/Q--DTNqLVHNOeaPyHtBXqGcbW1E.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200949
IP address blocks: 2a12:3fc2:e500::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e8:e6:1a:69:14:e1:09:ef:d6:50:c3:11:1e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43ef834cda8b54734e79a3f21ed057a8671b5b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:35:13:de:12:c9:ba:f8:37:7c:1f:29:2c:57:
1f:5d:8d:7f:ad:7e:68:e1:f3:fd:82:3c:8e:65:7f:
80:c7:69:1b:55:a1:92:48:08:4c:40:a4:2e:58:3f:
97:d7:e0:74:72:41:ad:e3:c5:03:5e:c6:5d:5a:b5:
79:81:70:42:87:1e:4b:b3:1b:27:85:7d:f2:95:49:
39:4c:d4:eb:75:ac:31:1d:f6:c7:4d:cd:95:37:15:
6b:23:c3:19:25:0d:c0:97:f2:d4:e1:8f:a5:cc:8e:
d6:8a:05:f6:5c:62:8c:d2:5f:7e:5f:5d:1c:a9:fd:
38:8c:b9:07:5e:a5:a5:06:d7:ff:bd:85:57:d4:e9:
a9:01:39:28:34:26:cf:2f:35:96:85:eb:ad:5a:44:
ee:71:ef:29:16:c8:db:1e:13:3d:39:cb:2c:66:d3:
01:aa:8a:4c:dc:b2:44:25:67:c9:49:8a:b7:86:d3:
5c:01:8b:22:ef:45:b0:33:25:5c:50:d7:ec:d6:57:
21:07:3f:6f:66:1e:c0:1c:e0:be:72:b9:c6:06:13:
40:86:91:46:81:af:b8:c4:eb:37:1b:3e:d5:d6:9f:
82:ff:d5:60:49:bd:cf:35:d0:49:01:43:ca:4d:49:
1f:c4:47:8f:4b:1d:6a:9c:a9:e1:34:c1:41:d9:24:
91:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EF:83:4C:DA:8B:54:73:4E:79:A3:F2:1E:D0:57:A8:67:1B:5B:51
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/Q--DTNqLVHNOeaPyHtBXqGcbW1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e500::/40
Signature Algorithm: sha256WithRSAEncryption
03:f8:41:f8:70:d2:75:85:27:98:10:b9:ef:aa:14:2b:9d:90:
d4:4d:2c:e4:93:f8:2a:0c:1a:4a:aa:6e:ec:ae:65:2f:8d:44:
e7:93:ef:ba:86:5c:94:5b:5f:a4:19:b1:48:f4:88:00:fb:14:
d3:88:9a:41:9c:e8:fd:6b:47:fc:a4:1a:58:fe:2f:c8:e5:40:
54:d6:42:51:c7:4c:60:4c:b1:95:e3:e8:f0:75:31:00:04:86:
67:2a:03:3a:c6:96:0d:73:f7:0f:be:7d:5d:54:54:ef:76:ba:
eb:12:8a:06:ab:e1:21:c5:79:34:88:2e:1f:01:55:58:c0:b3:
14:c4:00:51:5f:7b:58:97:d2:53:6f:39:18:71:0b:b1:60:12:
45:2c:6e:ee:a5:7a:ca:03:9a:ed:7c:fe:02:9a:01:58:51:6d:
c5:46:18:0f:76:e0:28:1a:05:73:c5:a9:b2:2b:e8:99:b7:79:
69:0c:0f:29:5f:86:30:a0:49:f0:f1:d7:3a:df:ff:b6:d0:2b:
97:98:33:61:20:46:48:55:95:81:b7:2b:a5:30:23:5e:8c:50:
bf:26:3f:a2:1f:1d:bf:70:db:f6:52:35:b1:40:04:dc:2f:33:
2b:8b:d8:c4:56:ff:cd:6c:7e:0f:0c:fb:64:f3:69:7a:35:23:
63:0c:ed:51
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQgZ+jmGmkU4Qnv1lDDER5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2VmODM0Y2RhOGI1NDczNGU3OWEzZjIxZWQwNTdhODY3MWI1YjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DUT3hLJuvg3fB8pLFcfXY1/rX5o
4fP9gjyOZX+Ax2kbVaGSSAhMQKQuWD+X1+B0ckGt48UDXsZdWrV5gXBChx5Lsxsn
hX3ylUk5TNTrdawxHfbHTc2VNxVrI8MZJQ3Al/LU4Y+lzI7WigX2XGKM0l9+X10c
qf04jLkHXqWlBtf/vYVX1OmpATkoNCbPLzWWheutWkTuce8pFsjbHhM9OcssZtMB
qopM3LJEJWfJSYq3htNcAYsi70WwMyVcUNfs1lchBz9vZh7AHOC+crnGBhNAhpFG
ga+4xOs3Gz7V1p+C/9VgSb3PNdBJAUPKTUkfxEePSx1qnKnhNMFB2SSRRQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEPvg0zai1RzTnmj8h7QV6hnG1tRMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvUS0tRFROcUxWSE5PZWFQeUh0QlhxR2NiVzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wuUw
DQYJKoZIhvcNAQELBQADggEBAAP4Qfhw0nWFJ5gQue+qFCudkNRNLOST+CoMGkqq
buyuZS+NROeT77qGXJRbX6QZsUj0iAD7FNOImkGc6P1rR/ykGlj+L8jlQFTWQlHH
TGBMsZXj6PB1MQAEhmcqAzrGlg1z9w++fV1UVO92uusSigar4SHFeTSILh8BVVjA
sxTEAFFfe1iX0lNvORhxC7FgEkUsbu6lesoDmu18/gKaAVhRbcVGGA924CgaBXPF
qbIr6Jm3eWkMDylfhjCgSfDx1zrf/7bQK5eYM2EgRkhVlYG3K6UwI16MUL8mP6If
Hb9w2/ZSNbFABNwvMyuL2MRW/81sfg8M+2TzaXo1I2MM7VE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:06 2025 by rpki-client