Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/5QMHmJgfqvSExR78QZoDl1UWmsA.roa
File: 5QMHmJgfqvSExR78QZoDl1UWmsA.roa (raw, json)
Hash identifier: Dbmsjz6HJzMNQXjckNup+UFifmkcVaFAdGg2/Xlr06g=
Subject key identifier: E5:03:07:98:98:1F:AA:F4:84:C5:1E:FC:41:9A:03:97:55:16:9A:C0
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 019427475C579D313A76399450D29F4FEFA3
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/5QMHmJgfqvSExR78QZoDl1UWmsA.roa
Signing time: Thu 02 Jan 2025 13:49:35 +0000
ROA not before: Thu 02 Jan 2025 13:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 2a10:1fc0:9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:5c:57:9d:31:3a:76:39:94:50:d2:9f:4f:ef:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jan 2 13:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5030798981faaf484c51efc419a039755169ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:59:94:b5:31:57:f3:00:6a:0d:07:0a:d2:68:
b4:d4:e7:32:9d:a4:90:68:66:c9:66:df:2d:cc:22:
81:60:1a:b1:2d:d6:5b:b8:9e:32:0a:55:73:96:b8:
ab:8e:53:95:de:1d:3d:85:97:8c:a7:8a:8b:32:3c:
23:b8:3f:1f:9c:e6:ee:9f:d2:9e:05:b7:1b:5e:72:
2a:69:61:8e:6a:c5:dc:a7:d9:98:82:56:6f:6d:f5:
a3:84:60:7e:df:96:dd:0b:77:e4:e7:78:b0:e9:a1:
c0:b5:c7:a3:7d:81:35:74:9f:66:ef:0e:40:c1:9b:
1a:7b:af:52:bc:45:55:a4:1c:37:64:fb:59:de:e0:
a7:23:4c:1a:18:07:4d:c6:12:9b:5a:a9:25:2d:5c:
2d:2a:b4:aa:1c:fd:ac:36:e3:5f:86:7b:bb:53:31:
dd:0e:cb:88:5c:b7:f4:4f:d7:40:92:76:b2:07:88:
ab:ea:01:80:21:f9:d2:4c:32:a5:f5:f2:ca:1c:e5:
46:6c:86:01:93:55:f2:5a:31:55:e0:4e:0e:47:28:
85:c2:2a:a6:67:93:7b:88:cc:b1:d7:f8:33:00:09:
3a:23:78:b4:2b:60:03:71:e6:82:10:67:d2:85:e7:
a9:2b:42:df:2f:3c:df:42:91:20:fc:c3:23:00:ae:
63:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:03:07:98:98:1F:AA:F4:84:C5:1E:FC:41:9A:03:97:55:16:9A:C0
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/5QMHmJgfqvSExR78QZoDl1UWmsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:1fc0:9::/48
Signature Algorithm: sha256WithRSAEncryption
7b:5c:a3:de:a8:9d:c4:99:a0:c6:09:e9:d1:1f:49:c3:cd:ee:
72:f0:db:0c:67:7c:08:16:af:23:d4:90:99:ac:5e:01:18:58:
08:b4:d2:eb:77:80:21:51:29:4f:0f:35:70:41:68:ea:2f:18:
94:99:eb:0f:f7:cb:ff:8f:52:6f:9e:f9:a9:9c:98:93:33:39:
be:d9:6a:ed:25:de:a4:6b:5a:de:51:49:c7:de:c4:c8:8f:1c:
8c:15:99:98:77:b6:e9:b8:3c:3d:06:56:4e:84:cd:27:34:ad:
4d:f3:f3:67:94:ef:cc:78:b0:d7:1c:5b:81:f5:a3:99:fe:e4:
7c:84:6b:c7:6e:6c:6a:e5:d7:68:83:ce:4e:a2:94:32:f0:bb:
c7:d9:a8:5b:10:d1:f9:e3:ed:81:b9:78:71:ed:24:7d:4b:99:
57:5a:5f:7c:47:b3:9e:0a:16:23:b1:a1:53:58:7e:94:23:5a:
be:b2:f8:69:c5:e9:b9:f7:cf:36:61:a3:f0:f0:bf:c3:41:01:
cb:10:6e:32:9a:fc:b2:ed:c9:89:e6:ba:ca:0a:32:3f:25:be:
fe:e5:60:5a:16:90:e1:d0:1b:5b:7b:ef:29:89:25:ab:65:4d:
86:83:15:00:d6:85:ef:09:f8:dc:e9:58:d9:ad:33:f0:d6:92:
78:52:26:e5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR1xXnTE6djmUUNKfT++jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjUwMTAyMTM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTAzMDc5ODk4MWZhYWY0ODRjNTFlZmM0MTlhMDM5NzU1MTY5YWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVmUtTFX8wBqDQcK0mi01OcynaSQ
aGbJZt8tzCKBYBqxLdZbuJ4yClVzlrirjlOV3h09hZeMp4qLMjwjuD8fnObun9Ke
BbcbXnIqaWGOasXcp9mYglZvbfWjhGB+35bdC3fk53iw6aHAtcejfYE1dJ9m7w5A
wZsae69SvEVVpBw3ZPtZ3uCnI0waGAdNxhKbWqklLVwtKrSqHP2sNuNfhnu7UzHd
DsuIXLf0T9dAknayB4ir6gGAIfnSTDKl9fLKHOVGbIYBk1XyWjFV4E4ORyiFwiqm
Z5N7iMyx1/gzAAk6I3i0K2ADceaCEGfSheepK0LfLzzfQpEg/MMjAK5jiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOUDB5iYH6r0hMUe/EGaA5dVFprAMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvNVFNSG1KZ2ZxdlNFeFI3OFFab0RsMVVXbXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAfwAAJ
MA0GCSqGSIb3DQEBCwUAA4IBAQB7XKPeqJ3EmaDGCenRH0nDze5y8NsMZ3wIFq8j
1JCZrF4BGFgItNLrd4AhUSlPDzVwQWjqLxiUmesP98v/j1JvnvmpnJiTMzm+2Wrt
Jd6ka1reUUnH3sTIjxyMFZmYd7bpuDw9BlZOhM0nNK1N8/NnlO/MeLDXHFuB9aOZ
/uR8hGvHbmxq5ddog85OopQy8LvH2ahbENH54+2BuXhx7SR9S5lXWl98R7OeChYj
saFTWH6UI1q+svhpxem59882YaPw8L/DQQHLEG4ymvyy7cmJ5rrKCjI/Jb7+5WBa
FpDh0Btbe+8piSWrZU2GgxUA1oXvCfjc6VjZrTPw1pJ4Uibl
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:39:12 2025 by rpki-client