Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/qoKING8LOUliqm_EPi7hMcuvFCE.roa
File: qoKING8LOUliqm_EPi7hMcuvFCE.roa (raw, json)
Hash identifier: 2DIbzoBlPqvX6X6H+KZMj8Ugg/FShiQHvw+LRdtArgY=
Subject key identifier: AA:82:88:34:6F:0B:39:49:62:AA:6F:C4:3E:2E:E1:31:CB:AF:14:21
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 01942748505FC090829DB7240CB84507CD9B
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/qoKING8LOUliqm_EPi7hMcuvFCE.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50349
IP address blocks: 217.11.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:50:5f:c0:90:82:9d:b7:24:0c:b8:45:07:cd:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa8288346f0b394962aa6fc43e2ee131cbaf1421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f2:e7:13:28:29:57:88:50:1f:70:4c:f3:1a:
9b:ba:c0:e7:2a:09:4f:ef:5c:26:f3:28:ea:8f:ec:
ff:f5:d1:7f:bc:fe:36:db:8c:8f:46:f2:1f:2a:ec:
8f:64:5d:d5:32:6f:77:f6:69:f7:05:68:b1:bf:66:
99:3c:01:4c:fa:c6:98:41:51:b7:c1:2f:ff:03:5d:
7f:41:48:e0:a5:63:92:be:cd:22:fc:66:fe:57:cd:
fc:87:5b:97:1b:b6:46:bc:c7:c7:b2:a5:c7:1f:5a:
7d:99:f8:3f:ab:06:c1:ac:dc:1a:b3:53:d3:b0:07:
65:27:d8:f8:77:77:b6:66:de:53:b7:3e:64:af:2b:
77:6a:bc:e6:bd:85:c9:ed:79:a7:1b:f9:36:3d:00:
c7:d6:97:49:9d:be:46:82:60:de:dd:78:ee:02:d2:
1d:f2:f7:da:f9:99:2e:82:c7:82:45:92:44:b3:9b:
37:ea:91:82:b2:5c:1e:e3:5a:c9:2e:9e:ac:f4:61:
75:67:2b:40:a3:b6:b0:f5:c3:21:0b:d6:4d:f7:c3:
1c:d7:ea:50:6a:00:f0:42:73:2a:84:e7:82:80:eb:
f9:ae:44:4e:bd:b5:4a:31:0b:d0:4b:49:23:08:2e:
3a:5b:52:8a:b9:e6:8d:cb:29:62:62:c1:ed:72:ea:
e4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:82:88:34:6F:0B:39:49:62:AA:6F:C4:3E:2E:E1:31:CB:AF:14:21
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/qoKING8LOUliqm_EPi7hMcuvFCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.128.0/22
Signature Algorithm: sha256WithRSAEncryption
00:c5:f6:36:c5:e0:85:95:48:3c:b7:91:27:79:9b:45:13:35:
32:66:14:7e:c1:49:d2:a7:0e:ab:c8:a6:42:be:e3:05:5f:d3:
be:69:6c:c7:82:c7:59:d6:83:08:dc:d5:fa:ee:be:fa:ad:a7:
6b:4b:5a:38:dc:e5:e3:5d:d2:ad:8b:a2:a2:1a:d3:73:20:af:
1d:9d:86:34:02:21:5a:e0:09:c8:43:bd:da:3c:50:f6:2f:72:
fb:68:18:2f:6f:fe:56:34:bc:1a:ed:9f:f8:79:ec:ea:b7:97:
4e:ca:86:f4:3e:f2:ca:67:17:0f:04:cd:b9:17:85:cd:0e:a7:
cc:8e:f9:b9:22:b0:a8:17:f6:ed:26:84:8d:b9:45:a3:90:3d:
40:3c:3c:e2:d7:84:aa:63:41:d4:ba:b0:ed:3b:51:82:cc:72:
80:a7:d3:45:9c:4c:81:9e:47:2a:52:b6:00:a2:11:ff:44:47:
98:b0:b0:b6:0d:48:32:4c:ec:db:12:30:9e:a4:4e:85:2d:01:
cf:41:8b:97:84:37:82:d9:19:aa:31:5e:30:28:c9:a0:93:df:
b5:a7:3b:2a:63:b5:b5:09:c8:6b:d4:0c:26:f6:e0:d0:eb:da:
ad:d0:3d:40:b8:06:0d:db:5b:92:20:9f:88:b2:2f:16:a4:33:
9d:af:1f:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFBfwJCCnbckDLhFB82bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGExMjMxZDFjMjdhNzU0ZTQ2ZWYxMGU5MmE3MzBhZTE1
ZDBmNTUwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTgyODgzNDZmMGIzOTQ5NjJhYTZmYzQzZTJlZTEzMWNiYWYxNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPLnEygpV4hQH3BM8xqbusDnKglP
71wm8yjqj+z/9dF/vP4224yPRvIfKuyPZF3VMm939mn3BWixv2aZPAFM+saYQVG3
wS//A11/QUjgpWOSvs0i/Gb+V838h1uXG7ZGvMfHsqXHH1p9mfg/qwbBrNwas1PT
sAdlJ9j4d3e2Zt5Ttz5kryt3arzmvYXJ7XmnG/k2PQDH1pdJnb5GgmDe3XjuAtId
8vfa+ZkugseCRZJEs5s36pGCslwe41rJLp6s9GF1ZytAo7aw9cMhC9ZN98Mc1+pQ
agDwQnMqhOeCgOv5rkROvbVKMQvQS0kjCC46W1KKueaNyyliYsHtcurkwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqCiDRvCzlJYqpvxD4u4THLrxQhMB8GA1UdIwQY
MBaAFHAKEjHRwnp1TkbvEOkqcwrhXQ9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgt
YWI3OWEzNzg5ZjhmLzEvcW9LSU5HOExPVWxpcW1fRVBpN2hNY3V2RkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgtYWI3OWEzNzg5Zjhm
LzEvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2QuAMA0G
CSqGSIb3DQEBCwUAA4IBAQAAxfY2xeCFlUg8t5EneZtFEzUyZhR+wUnSpw6ryKZC
vuMFX9O+aWzHgsdZ1oMI3NX67r76radrS1o43OXjXdKti6KiGtNzIK8dnYY0AiFa
4AnIQ73aPFD2L3L7aBgvb/5WNLwa7Z/4eezqt5dOyob0PvLKZxcPBM25F4XNDqfM
jvm5IrCoF/btJoSNuUWjkD1APDzi14SqY0HUurDtO1GCzHKAp9NFnEyBnkcqUrYA
ohH/REeYsLC2DUgyTOzbEjCepE6FLQHPQYuXhDeC2RmqMV4wKMmgk9+1pzsqY7W1
Cchr1Awm9uDQ69qt0D1AuAYN21uSIJ+Isi8WpDOdrx/M
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:52 2025 by rpki-client