Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QYSpxyLH4R10tx1rCeD-82f7GuQ.roa
File: QYSpxyLH4R10tx1rCeD-82f7GuQ.roa (raw, json)
Hash identifier: 3uLvscQrrgtOCBNrmNrT7znGLq8VGH87yRNe5tJWXs8=
Subject key identifier: 41:84:A9:C7:22:C7:E1:1D:74:B7:1D:6B:09:E0:FE:F3:67:FB:1A:E4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019145A45C5CAE4F1B6645E00DA513EBFAD2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QYSpxyLH4R10tx1rCeD-82f7GuQ.roa
Signing time: Mon 12 Aug 2024 08:11:24 +0000
ROA not before: Mon 12 Aug 2024 08:11:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:a4:5c:5c:ae:4f:1b:66:45:e0:0d:a5:13:eb:fa:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Aug 12 08:11:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4184a9c722c7e11d74b71d6b09e0fef367fb1ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ed:dd:c0:ab:c8:02:7f:17:ff:71:67:56:37:
4e:94:11:1d:9f:20:e8:2b:4d:ff:30:39:5c:e8:9d:
53:a5:54:b0:38:df:30:19:4e:3d:2b:4f:78:0b:d5:
f7:99:f8:84:fe:b9:0e:8b:14:cd:e1:4d:9d:af:c3:
91:81:31:a1:60:8b:8f:04:17:ba:cf:03:74:6a:1a:
2d:18:2f:5f:c9:f4:18:18:e7:f2:e3:e3:0c:9d:da:
a0:75:19:9f:2c:fc:a8:18:fe:95:1b:1c:91:ff:fb:
cd:d4:34:80:15:d2:45:86:74:0e:1e:f7:a2:63:1d:
9c:be:6d:2a:d1:5f:e3:f6:0f:43:55:f8:ab:b2:4d:
7c:f2:0f:e3:50:c3:5a:0a:10:9b:06:06:81:90:70:
2c:e9:30:a5:14:b8:47:32:f2:91:ea:b9:38:a3:58:
d0:2e:6e:40:84:da:f4:82:86:79:4a:cd:43:50:e6:
6b:c5:5c:c2:50:48:6d:d7:e2:c7:2c:04:53:95:4f:
6b:0d:d1:e4:81:8f:e8:93:1e:6d:f4:78:f6:8c:e4:
42:47:b2:79:9b:95:45:96:06:92:59:1b:6f:19:0e:
a0:02:94:ac:7d:bf:1f:1c:cb:49:17:51:e2:1f:75:
e8:06:9a:9a:65:b6:36:9d:20:1b:e9:98:c8:85:ff:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:84:A9:C7:22:C7:E1:1D:74:B7:1D:6B:09:E0:FE:F3:67:FB:1A:E4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/QYSpxyLH4R10tx1rCeD-82f7GuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
5a:b6:b1:5e:23:24:b3:90:72:c1:26:cb:c5:72:1f:72:ff:bc:
7d:1d:c9:36:00:1f:8e:13:c3:1d:8b:60:eb:c3:ad:ce:c9:a1:
fb:9d:d5:3c:ba:78:c0:1a:0a:d8:61:ca:6f:e0:39:75:f2:4a:
c8:a4:c6:f5:31:88:c5:0d:6c:7f:d1:81:a9:2e:74:85:ac:a8:
5e:0d:dd:20:77:88:7d:29:16:3b:3c:20:cc:6b:92:cb:9d:aa:
6b:47:2a:3a:f5:3d:d7:72:f3:37:bc:99:b8:f2:52:47:c9:b3:
d1:51:d3:0b:f1:d9:d5:35:fc:f4:80:20:71:80:1e:2c:6a:94:
5e:cc:f2:b2:53:4c:af:99:36:d1:c5:66:e8:5d:5c:77:5c:48:
fa:a5:25:1f:6b:47:25:08:ca:89:a4:0f:be:3a:ed:25:29:4f:
96:95:05:55:77:15:e2:49:ff:35:89:ca:d5:d6:13:86:30:b4:
f9:17:7e:6c:72:cc:00:b2:64:ad:7b:92:f3:2a:37:a1:0a:b4:
92:9a:2e:ff:90:43:b9:09:d5:c1:19:2c:97:33:09:26:a4:60:
e2:39:74:c4:0c:95:9f:83:f8:f1:b2:9b:e7:78:b8:0f:5c:37:
f2:45:61:5d:e2:04:8e:aa:c4:9b:0a:d6:b8:39:88:aa:6a:c5:
44:8f:b3:60
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZFFpFxcrk8bZkXgDaUT6/rSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwODEyMDgxMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTg0YTljNzIyYzdlMTFkNzRiNzFkNmIwOWUwZmVmMzY3ZmIxYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre3dwKvIAn8X/3FnVjdOlBEdnyDo
K03/MDlc6J1TpVSwON8wGU49K094C9X3mfiE/rkOixTN4U2dr8ORgTGhYIuPBBe6
zwN0ahotGC9fyfQYGOfy4+MMndqgdRmfLPyoGP6VGxyR//vN1DSAFdJFhnQOHvei
Yx2cvm0q0V/j9g9DVfirsk188g/jUMNaChCbBgaBkHAs6TClFLhHMvKR6rk4o1jQ
Lm5AhNr0goZ5Ss1DUOZrxVzCUEht1+LHLARTlU9rDdHkgY/okx5t9Hj2jORCR7J5
m5VFlgaSWRtvGQ6gApSsfb8fHMtJF1HiH3XoBpqaZbY2nSAb6ZjIhf+6pwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEGEqccix+EddLcdawng/vNn+xrkMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUVlTcHh5TEg0UjEwdHgxckNlRC04MmY3R3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAWraxXiMks5BywSbLxXIfcv+8
fR3JNgAfjhPDHYtg68Otzsmh+53VPLp4wBoK2GHKb+A5dfJKyKTG9TGIxQ1sf9GB
qS50hayoXg3dIHeIfSkWOzwgzGuSy52qa0cqOvU913LzN7yZuPJSR8mz0VHTC/HZ
1TX89IAgcYAeLGqUXszyslNMr5k20cVm6F1cd1xI+qUlH2tHJQjKiaQPvjrtJSlP
lpUFVXcV4kn/NYnK1dYThjC0+Rd+bHLMALJkrXuS8yo3oQq0kpou/5BDuQnVwRks
lzMJJqRg4jl0xAyVn4P48bKb53i4D1w38kVhXeIEjqrEmwrWuDmIqmrFRI+zYA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:01:55 2025 by rpki-client