Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/Q4Ifd36mUgahlb8ER3M21CG4Et0.roa
File: Q4Ifd36mUgahlb8ER3M21CG4Et0.roa (raw, json)
Hash identifier: EkxK6XBw8YM5DjPD1olp887Tfc6rOgr2lDvuY8PUoEw=
Subject key identifier: 43:82:1F:77:7E:A6:52:06:A1:95:BF:04:47:73:36:D4:21:B8:12:DD
Certificate issuer: /CN=59a06c187953cfc8133b2beee5f01a15e45da078
Certificate serial: 0195EC55D0D6496F39A90BABBAB0B23F7AAE
Authority key identifier: 59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/Q4Ifd36mUgahlb8ER3M21CG4Et0.roa
Signing time: Mon 31 Mar 2025 13:13:21 +0000
ROA not before: Mon 31 Mar 2025 13:13:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a11:6740::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:55:d0:d6:49:6f:39:a9:0b:ab:ba:b0:b2:3f:7a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a06c187953cfc8133b2beee5f01a15e45da078
Validity
Not Before: Mar 31 13:13:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43821f777ea65206a195bf04477336d421b812dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c0:92:8b:88:fc:b8:89:9e:da:30:94:1a:6d:
36:0e:a7:80:11:ba:a0:aa:de:d1:26:f9:82:9d:f5:
ef:22:ad:71:21:e4:96:7f:ff:06:2a:a9:94:a5:7b:
2b:e7:a3:18:47:90:df:f0:b7:f5:bc:b7:79:4a:72:
96:02:57:be:20:3b:1c:f5:c6:49:b2:9b:73:fa:27:
3b:d0:1b:5d:d8:1c:31:6d:9d:99:20:f4:f6:ae:01:
3a:1b:d5:2c:af:54:44:83:69:de:fe:6f:12:22:ee:
65:e1:d0:a0:f4:3a:7e:b8:dd:d4:c5:b5:23:2a:10:
96:85:a5:07:1e:05:42:df:4d:d6:fe:db:b9:8f:aa:
6d:ba:60:45:6f:fb:7f:3c:ce:40:19:7b:28:8d:46:
f0:a9:d5:08:13:17:58:39:aa:9c:d8:63:29:63:ca:
2d:94:be:af:86:0e:77:f4:68:bd:4e:64:36:89:b1:
6f:55:7b:1e:f5:12:bb:f3:d8:63:6b:1d:70:b8:56:
ee:95:0d:fa:58:af:33:0a:08:98:9e:79:93:d4:04:
49:22:59:4e:79:88:58:49:08:1b:76:01:d6:70:6b:
e6:ab:a1:c8:2e:15:1a:b6:1e:8b:48:5f:5f:c1:49:
72:94:2f:a7:26:00:1b:b8:4d:5c:60:31:ef:4b:8f:
f6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:82:1F:77:7E:A6:52:06:A1:95:BF:04:47:73:36:D4:21:B8:12:DD
X509v3 Authority Key Identifier:
keyid:59:A0:6C:18:79:53:CF:C8:13:3B:2B:EE:E5:F0:1A:15:E4:5D:A0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WaBsGHlTz8gTOyvu5fAaFeRdoHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/Q4Ifd36mUgahlb8ER3M21CG4Et0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9170e3-e9b3-4d6d-8787-e46ea89bf849/1/WaBsGHlTz8gTOyvu5fAaFeRdoHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6740::/29
Signature Algorithm: sha256WithRSAEncryption
88:a4:5b:37:07:1b:f6:54:12:61:1f:6d:25:08:90:4e:00:34:
31:c0:55:71:70:de:15:f7:99:0e:7a:67:c1:3e:ee:b5:c4:0a:
e6:ff:42:a5:b7:d4:b5:54:21:4e:22:42:fb:f0:de:29:b8:26:
23:b6:78:43:80:d5:a9:6f:db:02:1e:16:b6:19:5e:61:b1:29:
14:d2:2b:17:ad:04:53:0f:81:95:8a:3b:59:e9:e1:f3:79:02:
95:71:4e:68:97:51:d2:57:c8:ef:26:79:40:8c:85:50:c0:9c:
6d:27:08:86:fa:85:56:60:c8:59:a8:6f:b4:be:ad:41:1b:d9:
df:5e:cf:1e:33:f9:a1:64:fb:fe:21:f2:ad:64:a7:2e:98:17:
a0:d1:cf:20:01:4e:73:d5:eb:11:7a:c5:ae:a1:5c:d8:67:97:
09:c1:68:a4:28:e4:78:ab:8a:e5:96:c2:cc:a8:55:e7:cf:c1:
ad:39:ba:9c:75:4b:6d:7a:08:45:6c:a2:31:e6:82:6c:ca:2a:
10:85:cb:41:9c:4d:d0:fc:59:a6:d0:0d:9e:25:6c:24:48:36:
65:60:75:c1:96:fb:1e:1d:7d:54:95:69:1c:41:f9:89:fb:85:
3b:4f:e1:3c:af:2d:cf:f8:83:d5:25:17:15:ca:38:28:98:bf:
05:4e:07:7e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXsVdDWSW85qQururCyP3quMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTA2YzE4Nzk1M2NmYzgxMzNiMmJlZWU1ZjAxYTE1ZTQ1
ZGEwNzgwHhcNMjUwMzMxMTMxMzIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzgyMWY3NzdlYTY1MjA2YTE5NWJmMDQ0NzczMzZkNDIxYjgxMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MCSi4j8uIme2jCUGm02DqeAEbqg
qt7RJvmCnfXvIq1xIeSWf/8GKqmUpXsr56MYR5Df8Lf1vLd5SnKWAle+IDsc9cZJ
sptz+ic70Btd2BwxbZ2ZIPT2rgE6G9Usr1REg2ne/m8SIu5l4dCg9Dp+uN3UxbUj
KhCWhaUHHgVC303W/tu5j6ptumBFb/t/PM5AGXsojUbwqdUIExdYOaqc2GMpY8ot
lL6vhg539Gi9TmQ2ibFvVXse9RK789hjax1wuFbulQ36WK8zCgiYnnmT1ARJIllO
eYhYSQgbdgHWcGvmq6HILhUath6LSF9fwUlylC+nJgAbuE1cYDHvS4/2dQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEOCH3d+plIGoZW/BEdzNtQhuBLdMB8GA1UdIwQY
MBaAFFmgbBh5U8/IEzsr7uXwGhXkXaB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODct
ZTQ2ZWE4OWJmODQ5LzEvUTRJZmQzNm1VZ2FobGI4RVIzTTIxQ0c0RXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MTcwZTMtZTliMy00ZDZkLTg3ODctZTQ2ZWE4OWJmODQ5
LzEvV2FCc0dIbFR6OGdUT3l2dTVmQWFGZVJkb0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFnQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiKRbNwcb9lQSYR9tJQiQTgA0McBVcXDeFfeZDnpn
wT7utcQK5v9CpbfUtVQhTiJC+/DeKbgmI7Z4Q4DVqW/bAh4WthleYbEpFNIrF60E
Uw+BlYo7Wenh83kClXFOaJdR0lfI7yZ5QIyFUMCcbScIhvqFVmDIWahvtL6tQRvZ
317PHjP5oWT7/iHyrWSnLpgXoNHPIAFOc9XrEXrFrqFc2GeXCcFopCjkeKuK5ZbC
zKhV58/BrTm6nHVLbXoIRWyiMeaCbMoqEIXLQZxN0PxZptANniVsJEg2ZWB1wZb7
Hh19VJVpHEH5ifuFO0/hPK8tz/iD1SUXFco4KJi/BU4Hfg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:17:04 2025 by rpki-client