Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/quWdxrPuW3nLIt3qE8-gDIVrs3o.roa
File: quWdxrPuW3nLIt3qE8-gDIVrs3o.roa (raw, json)
Hash identifier: 8MD3PBrhJHpweiRoV/33OPLCFLNEIVEO/UVKMx6AJ/k=
Subject key identifier: AA:E5:9D:C6:B3:EE:5B:79:CB:22:DD:EA:13:CF:A0:0C:85:6B:B3:7A
Certificate issuer: /CN=cbc07a8aae53c641e4c5b82449dd390b08c1cd9e
Certificate serial: 01857102F7298F8B92CD8A564DFB520B3A77
Authority key identifier: CB:C0:7A:8A:AE:53:C6:41:E4:C5:B8:24:49:DD:39:0B:08:C1:CD:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y8B6iq5TxkHkxbgkSd05CwjBzZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/quWdxrPuW3nLIt3qE8-gDIVrs3o.roa
Signing time: Mon 02 Jan 2023 05:44:57 +0000
ROA not before: Mon 02 Jan 2023 05:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2a01:81e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:f7:29:8f:8b:92:cd:8a:56:4d:fb:52:0b:3a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbc07a8aae53c641e4c5b82449dd390b08c1cd9e
Validity
Not Before: Jan 2 05:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aae59dc6b3ee5b79cb22ddea13cfa00c856bb37a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:38:a5:8f:ec:7d:bf:b5:6d:c5:a1:d2:ab:28:
18:43:29:e3:09:bf:97:9f:ec:8e:6f:b3:13:41:7e:
d2:4d:eb:40:36:aa:1d:89:ea:79:94:b1:39:24:bf:
4f:b6:d5:bb:f3:6d:94:9c:bc:d7:12:7b:cd:fc:78:
ea:20:d3:31:98:9c:ad:34:4d:e6:0e:04:a8:fd:02:
f4:21:68:87:89:27:2d:53:4f:5f:c3:04:77:ea:01:
fe:5e:f5:e6:fd:21:42:9a:5a:e3:97:a6:8f:a8:9d:
55:a9:85:e5:29:a4:91:0c:be:24:f5:70:48:79:8b:
59:67:3e:0a:f5:bf:df:6c:a7:88:78:5e:de:08:9a:
2b:34:d5:91:bb:4f:d0:01:8f:1c:72:ed:f6:12:72:
34:8c:20:db:02:df:6a:cb:bd:23:b2:df:a9:43:23:
4b:e6:a1:03:5b:50:f3:33:e5:12:77:34:9f:1f:39:
fe:3d:9f:56:80:fa:0a:ae:66:b6:7b:a0:f5:2b:c2:
e4:11:df:b6:93:75:53:30:fb:a7:73:c1:08:db:74:
49:7c:ff:79:98:eb:0e:a8:22:f8:3a:cf:8f:0f:0e:
c2:1e:b9:3b:fe:24:fd:8e:2c:7b:3f:a7:16:35:4e:
a6:32:80:47:86:8b:a7:17:b9:2e:fb:fe:61:9a:0a:
c5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E5:9D:C6:B3:EE:5B:79:CB:22:DD:EA:13:CF:A0:0C:85:6B:B3:7A
X509v3 Authority Key Identifier:
keyid:CB:C0:7A:8A:AE:53:C6:41:E4:C5:B8:24:49:DD:39:0B:08:C1:CD:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8B6iq5TxkHkxbgkSd05CwjBzZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/quWdxrPuW3nLIt3qE8-gDIVrs3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/y8B6iq5TxkHkxbgkSd05CwjBzZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:81e0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:22:8c:10:6b:ff:14:74:26:23:5c:b1:fe:05:49:0a:97:c4:
5b:ea:9a:26:46:4a:a9:a6:6b:0e:2b:a4:cf:0a:93:e3:1b:95:
93:0b:19:b2:7a:53:7c:d4:84:01:be:96:be:5a:6d:5a:5c:97:
0e:6b:7e:f4:7a:23:79:4e:bf:75:66:5e:2d:4a:27:13:ec:47:
25:95:20:83:9e:e6:f2:d6:e1:89:2f:6e:d0:39:49:07:86:cd:
98:92:4c:dd:47:26:23:a3:6a:ab:c5:5b:7b:3c:c3:14:0f:ed:
99:ba:81:ee:bc:3f:6f:47:ef:7d:c0:76:e4:ef:84:70:5c:0f:
3f:57:18:4d:17:fa:8b:ed:55:1e:7f:a3:18:56:5c:2d:67:04:
e2:04:02:4e:ce:7f:98:ab:18:52:e8:36:01:e8:49:db:0a:c7:
2a:6a:7e:ad:f0:e0:47:ad:f5:65:3b:49:52:86:2f:30:75:8d:
fc:86:eb:fd:b7:60:6e:be:bb:d0:d2:ad:2c:2e:07:81:a8:ad:
86:55:f5:41:69:e1:66:77:1f:85:f5:7e:e9:dd:27:7f:02:cf:
03:c2:8d:8c:f5:cb:b1:d8:61:c1:af:14:16:38:14:22:79:92:
27:4f:e2:50:c0:72:3f:85:aa:33:0e:5b:fe:9e:7a:da:47:f4:
17:4e:99:f9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxAvcpj4uSzYpWTftSCzp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzA3YThhYWU1M2M2NDFlNGM1YjgyNDQ5ZGQzOTBiMDhj
MWNkOWUwHhcNMjMwMTAyMDU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU1OWRjNmIzZWU1Yjc5Y2IyMmRkZWExM2NmYTAwYzg1NmJiMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDilj+x9v7VtxaHSqygYQynjCb+X
n+yOb7MTQX7STetANqodiep5lLE5JL9PttW7822UnLzXEnvN/HjqINMxmJytNE3m
DgSo/QL0IWiHiSctU09fwwR36gH+XvXm/SFCmlrjl6aPqJ1VqYXlKaSRDL4k9XBI
eYtZZz4K9b/fbKeIeF7eCJorNNWRu0/QAY8ccu32EnI0jCDbAt9qy70jst+pQyNL
5qEDW1DzM+USdzSfHzn+PZ9WgPoKrma2e6D1K8LkEd+2k3VTMPunc8EI23RJfP95
mOsOqCL4Os+PDw7CHrk7/iT9jix7P6cWNU6mMoBHhounF7ku+/5hmgrFVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKrlncaz7lt5yyLd6hPPoAyFa7N6MB8GA1UdIwQY
MBaAFMvAeoquU8ZB5MW4JEndOQsIwc2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThCNmlxNVR4a0hreGJna1NkMDVDd2pCelo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kODExMmEtNzg4Zi00ODA1LWIxZTct
YjcyMjY4NGM2YTIyLzEvcXVXZHhyUHVXM25MSXQzcUU4LWdESVZyczNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kODExMmEtNzg4Zi00ODA1LWIxZTctYjcyMjY4NGM2YTIy
LzEveThCNmlxNVR4a0hreGJna1NkMDVDd2pCelo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgGB4DAN
BgkqhkiG9w0BAQsFAAOCAQEAPyKMEGv/FHQmI1yx/gVJCpfEW+qaJkZKqaZrDiuk
zwqT4xuVkwsZsnpTfNSEAb6WvlptWlyXDmt+9HojeU6/dWZeLUonE+xHJZUgg57m
8tbhiS9u0DlJB4bNmJJM3UcmI6Nqq8VbezzDFA/tmbqB7rw/b0fvfcB25O+EcFwP
P1cYTRf6i+1VHn+jGFZcLWcE4gQCTs5/mKsYUug2AehJ2wrHKmp+rfDgR631ZTtJ
UoYvMHWN/Ibr/bdgbr670NKtLC4HgaithlX1QWnhZncfhfV+6d0nfwLPA8KNjPXL
sdhhwa8UFjgUInmSJ0/iUMByP4WqMw5b/p562kf0F06Z+Q==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:57:50 2025 by rpki-client