Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QqwmRwGaqZG6wih61IWa3vtTUOw.roa
File: QqwmRwGaqZG6wih61IWa3vtTUOw.roa (raw, json)
Hash identifier: l6KH6bUTyIBJVa/QmdPlBqK79iAxbHh5QTiR8epI+cY=
Subject key identifier: 42:AC:26:47:01:9A:A9:91:BA:C2:28:7A:D4:85:9A:DE:FB:53:50:EC
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C604A470832D1762249D8DB41F766
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QqwmRwGaqZG6wih61IWa3vtTUOw.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207862
IP address blocks: 2a12:bec0:420::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:60:4a:47:08:32:d1:76:22:49:d8:db:41:f7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42ac2647019aa991bac2287ad4859adefb5350ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:26:bb:43:02:51:a0:3e:bd:6d:58:24:be:84:
44:cf:45:d8:8b:25:9a:35:1d:8b:95:d1:e8:59:45:
ea:48:f1:78:c4:59:57:2d:dd:b9:d2:a7:20:00:0f:
1d:58:f9:e6:a8:b4:73:00:44:b3:27:1c:1c:43:40:
87:47:ab:d1:f2:e3:a6:0d:5b:fa:39:3f:2b:f4:75:
82:8e:bf:87:f6:49:be:c4:48:75:f3:36:eb:17:20:
3e:fe:d8:6f:00:19:ab:27:ef:9d:52:ce:56:61:58:
07:35:74:b9:6f:44:1d:73:36:28:e9:67:fc:89:d2:
f2:c5:ee:4e:7f:56:7a:ef:ee:b5:51:06:8f:dc:0c:
15:36:1f:2a:65:5e:c3:60:b5:63:1f:ec:80:38:98:
b3:0c:3f:73:fe:09:90:d2:b7:df:ac:8c:7e:b6:16:
44:73:6e:80:98:36:99:bc:ad:22:22:4d:21:3e:19:
8f:13:a8:5e:28:3f:53:02:de:4e:40:8f:52:57:4f:
77:d7:cb:d5:83:7f:6c:5a:5d:ed:01:9c:7b:0f:78:
85:22:ee:73:fe:17:46:d1:94:75:6d:bb:9d:30:0e:
fc:13:c3:73:99:f4:33:da:85:d0:05:87:08:80:b5:
11:02:59:61:28:64:02:20:56:16:e4:38:e3:36:fa:
5f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AC:26:47:01:9A:A9:91:BA:C2:28:7A:D4:85:9A:DE:FB:53:50:EC
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/QqwmRwGaqZG6wih61IWa3vtTUOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:420::/44
Signature Algorithm: sha256WithRSAEncryption
89:78:a2:e0:84:1b:02:16:ca:22:18:a4:38:68:d3:bb:03:9c:
b7:85:78:c9:48:89:e6:31:02:92:41:e2:e8:7e:8b:98:79:48:
17:a6:b2:a0:8f:3e:c4:49:93:a2:4a:06:fd:2d:45:b3:e1:79:
88:1c:dd:f5:b2:f7:b7:1a:9f:b2:e4:1a:76:e1:4a:cf:45:72:
e2:b1:10:1a:39:ce:1d:6d:4b:9b:a0:0b:46:11:8b:54:24:ae:
4b:18:14:ef:d7:96:32:da:b4:cf:f4:38:e5:e7:d0:66:92:08:
5c:ee:71:84:ad:a8:6b:6d:d4:eb:35:1d:02:0f:9e:09:6c:7c:
6d:f8:4f:15:cb:e5:df:74:5f:e6:50:63:17:7d:4d:7f:4a:c5:
44:79:cd:48:72:c3:2b:cd:a1:67:73:5c:e4:c1:87:65:2d:c6:
a3:70:d6:98:7b:ea:9d:07:f8:21:de:53:44:75:ce:b0:3e:e9:
bb:bd:c1:b4:fa:10:88:80:82:01:29:aa:e1:63:e5:7d:ce:82:
5f:8f:b0:a1:2b:4d:4d:a9:23:8a:d7:e3:12:f1:82:9e:ca:85:
06:27:a6:ac:13:6c:4e:48:c0:a7:bf:e1:e5:b3:63:4a:98:69:
ca:25:bf:63:da:65:74:c1:80:29:c6:33:30:cf:66:01:4c:40:
4e:2f:16:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjGBKRwgy0XYiSdjbQfdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmFjMjY0NzAxOWFhOTkxYmFjMjI4N2FkNDg1OWFkZWZiNTM1MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmya7QwJRoD69bVgkvoREz0XYiyWa
NR2LldHoWUXqSPF4xFlXLd250qcgAA8dWPnmqLRzAESzJxwcQ0CHR6vR8uOmDVv6
OT8r9HWCjr+H9km+xEh18zbrFyA+/thvABmrJ++dUs5WYVgHNXS5b0QdczYo6Wf8
idLyxe5Of1Z67+61UQaP3AwVNh8qZV7DYLVjH+yAOJizDD9z/gmQ0rffrIx+thZE
c26AmDaZvK0iIk0hPhmPE6heKD9TAt5OQI9SV09318vVg39sWl3tAZx7D3iFIu5z
/hdG0ZR1bbudMA78E8NzmfQz2oXQBYcIgLURAllhKGQCIFYW5DjjNvpfcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEKsJkcBmqmRusIoetSFmt77U1DsMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUXF3bVJ3R2FxWkc2d2loNjFJV2EzdnRUVU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAQg
MA0GCSqGSIb3DQEBCwUAA4IBAQCJeKLghBsCFsoiGKQ4aNO7A5y3hXjJSInmMQKS
QeLofouYeUgXprKgjz7ESZOiSgb9LUWz4XmIHN31sve3Gp+y5Bp24UrPRXLisRAa
Oc4dbUuboAtGEYtUJK5LGBTv15Yy2rTP9Djl59Bmkghc7nGErahrbdTrNR0CD54J
bHxt+E8Vy+XfdF/mUGMXfU1/SsVEec1IcsMrzaFnc1zkwYdlLcajcNaYe+qdB/gh
3lNEdc6wPum7vcG0+hCIgIIBKarhY+V9zoJfj7ChK01NqSOK1+MS8YKeyoUGJ6as
E2xOSMCnv+Hls2NKmGnKJb9j2mV0wYApxjMwz2YBTEBOLxbV
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:39:34 2025 by rpki-client