Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/gQAL5mtIlkDebLX0Q19ITNgV5t0.roa
File: gQAL5mtIlkDebLX0Q19ITNgV5t0.roa (raw, json)
Hash identifier: iv5oSaXUPTvaIBGuBsUsWni41VCoBvCYpu2eymwF960=
Subject key identifier: 81:00:0B:E6:6B:48:96:40:DE:6C:B5:F4:43:5F:48:4C:D8:15:E6:DD
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B24279F7FD8372EE18EFABF98DFD4C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/gQAL5mtIlkDebLX0Q19ITNgV5t0.roa
Signing time: Wed 01 Jan 2025 11:48:38 +0000
ROA not before: Wed 01 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198231
IP address blocks: 2a0f:5ec0::/29 maxlen: 32
2a0f:7fc0::/29 maxlen: 32
2a0f:edc0::/29 maxlen: 32
2a0f:fb40::/29 maxlen: 32
2a11:6600::/29 maxlen: 32
2a11:6c00::/29 maxlen: 32
2a11:d400::/29 maxlen: 32
2a11:f080::/29 maxlen: 32
2a12:3c80::/29 maxlen: 32
2a12:e4c0::/29 maxlen: 32
2a13:3a80::/29 maxlen: 32
2a13:3e80::/29 maxlen: 32
2a13:4680::/29 maxlen: 32
2a13:64c0::/29 maxlen: 32
2a13:6540::/29 maxlen: 32
2a13:6840::/29 maxlen: 32
2a13:68c0::/29 maxlen: 32
2a13:69c0::/29 maxlen: 32
2a13:6a40::/29 maxlen: 32
2a13:6ac0::/29 maxlen: 32
2a13:6bc0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:42:79:f7:fd:83:72:ee:18:ef:ab:f9:8d:fd:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81000be66b489640de6cb5f4435f484cd815e6dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b9:d9:e2:02:78:da:96:5b:73:72:2a:ca:44:
66:70:9f:0f:52:87:a4:03:ff:de:a5:f4:08:61:e8:
81:66:1a:75:5a:e0:94:eb:ea:62:db:5c:96:c4:aa:
13:fc:69:cb:71:61:95:d3:d3:a2:ca:6c:c8:67:54:
3a:0d:e1:d4:24:8d:2c:de:05:0f:8a:88:4c:7d:92:
27:79:b8:a0:5c:f0:d8:74:ca:75:4f:b2:c3:93:4f:
57:97:3f:d3:4f:89:d2:bd:15:46:3e:22:af:01:14:
e6:c8:90:3d:2c:f5:4b:6b:c7:fa:b7:b4:24:19:35:
c1:b6:96:3a:db:c8:89:94:66:23:db:ba:17:66:9a:
81:19:54:c0:f0:ba:23:f9:7a:0e:2e:c5:06:f1:a3:
29:5d:5e:8e:e4:e2:bc:ad:93:b3:68:6a:e0:66:a9:
4f:bc:3b:15:77:d7:d2:fc:0d:8e:1a:94:25:9d:62:
3d:98:f2:a3:1c:3a:e1:b8:9c:ac:e5:8a:60:c3:5a:
bf:e9:d4:ce:cd:8d:07:90:5e:a1:ed:52:c3:4e:c8:
55:56:99:1c:d1:aa:36:c6:6f:87:18:31:0d:b7:54:
ab:30:89:53:4f:b3:19:61:61:6a:e5:f0:c4:1c:94:
6d:9b:f2:e8:75:28:fa:c6:b1:f6:cd:c1:06:5f:a4:
4f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:00:0B:E6:6B:48:96:40:DE:6C:B5:F4:43:5F:48:4C:D8:15:E6:DD
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/gQAL5mtIlkDebLX0Q19ITNgV5t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a0f:fb40::/29
2a11:6600::/29
2a11:6c00::/29
2a11:d400::/29
2a11:f080::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
47:b0:fc:87:a4:5f:10:73:b5:fa:cf:7c:49:2f:f8:88:d4:73:
93:43:96:57:44:98:de:ef:ee:60:d9:65:c7:b9:5c:96:12:25:
78:5e:49:5d:65:bd:8d:28:61:3c:91:33:54:15:af:51:74:cb:
b0:e3:1a:45:e6:29:35:df:08:53:60:de:85:ed:ba:cf:78:0b:
0e:7e:4a:83:5b:06:ce:db:dc:bb:e9:37:97:3c:72:4a:0a:c5:
eb:be:eb:97:3b:8a:b9:cb:88:fa:3a:33:38:13:13:80:d3:70:
70:14:e7:88:30:1d:82:87:72:f6:5b:ac:8a:f8:65:63:6d:30:
e8:d7:89:9d:cd:41:56:dc:60:1e:c7:ba:57:49:98:a9:94:ec:
4e:97:4b:74:d3:2a:96:53:7f:32:5c:68:26:b3:04:94:8e:26:
8a:8a:90:dc:ad:a9:85:cd:ab:8f:b0:6e:84:d2:15:a8:11:d7:
a6:61:10:f9:f8:05:d3:58:8f:6a:16:eb:b0:87:63:c7:c9:66:
a6:66:7f:cd:9c:41:88:c3:1c:d5:2d:7e:e9:8d:bf:bd:53:9e:
05:5e:9d:ac:ae:3c:08:c5:56:c4:a4:6f:97:4c:d1:73:cb:06:
5c:db:89:1c:69:9b:6a:22:9d:da:1f:91:21:9b:4a:f6:6f:81:
d8:20:11:90
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZQhskJ59/2Dcu4Y76v5jf1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTAwMGJlNjZiNDg5NjQwZGU2Y2I1ZjQ0MzVmNDg0Y2Q4MTVlNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7nZ4gJ42pZbc3IqykRmcJ8PUoek
A//epfQIYeiBZhp1WuCU6+pi21yWxKoT/GnLcWGV09OiymzIZ1Q6DeHUJI0s3gUP
iohMfZInebigXPDYdMp1T7LDk09Xlz/TT4nSvRVGPiKvARTmyJA9LPVLa8f6t7Qk
GTXBtpY628iJlGYj27oXZpqBGVTA8Loj+XoOLsUG8aMpXV6O5OK8rZOzaGrgZqlP
vDsVd9fS/A2OGpQlnWI9mPKjHDrhuJys5Ypgw1q/6dTOzY0HkF6h7VLDTshVVpkc
0ao2xm+HGDENt1SrMIlTT7MZYWFq5fDEHJRtm/LodSj6xrH2zcEGX6RPAQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFIEAC+ZrSJZA3my19ENfSEzYFebdMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZ1FBTDVtdElsa0RlYkxYMFExOUlUTmdWNXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAIwgZMDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqD/tAAwUDKhFmAAMFAyoRbAADBQMqEdQAAwUD
KhHwgAMFAyoSPIADBQMqEuTAAwUDKhM6gAMFAyoTPoADBQMqE0aAAwUDKhNkwAMF
AyoTZUADBQMqE2hAAwUDKhNowAMFAyoTacADBQMqE2pAAwUDKhNqwAMFAyoTa8Aw
DQYJKoZIhvcNAQELBQADggEBAEew/IekXxBztfrPfEkv+IjUc5NDlldEmN7v7mDZ
Zce5XJYSJXheSV1lvY0oYTyRM1QVr1F0y7DjGkXmKTXfCFNg3oXtus94Cw5+SoNb
Bs7b3LvpN5c8ckoKxeu+65c7irnLiPo6MzgTE4DTcHAU54gwHYKHcvZbrIr4ZWNt
MOjXiZ3NQVbcYB7HuldJmKmU7E6XS3TTKpZTfzJcaCazBJSOJoqKkNytqYXNq4+w
boTSFagR16ZhEPn4BdNYj2oW67CHY8fJZqZmf82cQYjDHNUtfumNv71TngVenayu
PAjFVsSkb5dM0XPLBlzbiRxpm2oindofkSGbSvZvgdggEZA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:52 2025 by rpki-client