Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/qRD7ujzJORaie3rLE2YnokYZ17U.roa
File: qRD7ujzJORaie3rLE2YnokYZ17U.roa (raw, json)
Hash identifier: S1UJWxv+rwUU/ObCl8nZivjHpfQGYiacpAIE0ZGhjrQ=
Subject key identifier: A9:10:FB:BA:3C:C9:39:16:A2:7B:7A:CB:13:66:27:A2:46:19:D7:B5
Certificate issuer: /CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Certificate serial: 019427B61390EA90E2BF7A255B10D29609E3
Authority key identifier: A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/qRD7ujzJORaie3rLE2YnokYZ17U.roa
Signing time: Thu 02 Jan 2025 15:50:31 +0000
ROA not before: Thu 02 Jan 2025 15:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12437
IP address blocks: 212.101.192.0/19 maxlen: 24
2a06:7880::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:13:90:ea:90:e2:bf:7a:25:5b:10:d2:96:09:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Validity
Not Before: Jan 2 15:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a910fbba3cc93916a27b7acb136627a24619d7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ef:ca:48:d3:2b:64:d8:5a:2a:49:c3:b3:bb:
be:65:65:ab:83:8d:89:ae:a4:b7:d5:d4:74:0a:d0:
68:30:0a:96:7d:24:72:69:af:6a:8e:2f:a7:68:98:
fc:a2:13:db:37:c2:07:5f:8f:3a:8f:b8:ba:d8:ef:
e7:0b:d5:c9:cf:0c:fc:b2:fd:1b:a4:29:e1:3a:c5:
8c:1d:94:cc:77:36:41:d6:3f:6a:40:6e:82:3b:a9:
7d:aa:1c:52:b1:16:6c:64:bc:3a:1d:88:e8:d2:49:
27:9c:48:2a:a1:1f:19:18:20:72:e1:17:45:e6:c0:
cd:38:64:64:d5:25:15:00:0c:f5:c1:60:4a:6a:7f:
25:ff:e2:14:e3:a8:bf:8d:25:1f:46:8a:84:be:ab:
33:07:25:29:3e:28:fe:34:ea:80:cd:33:22:91:6f:
fd:ce:d2:80:9a:71:c2:aa:91:f5:ba:a1:99:3f:72:
e1:96:5f:9a:0b:29:4b:b2:9a:ab:0e:bc:a5:25:c8:
81:73:f8:ce:8d:9d:b9:90:9f:5c:f4:47:ca:b9:3e:
aa:a0:09:a4:8f:76:98:33:95:c7:10:18:02:c2:d7:
cf:25:c2:3f:d8:5d:43:fb:8e:4a:6b:bc:fe:49:72:
45:f3:42:42:03:b6:f8:c6:06:aa:23:1e:72:6a:cd:
47:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:10:FB:BA:3C:C9:39:16:A2:7B:7A:CB:13:66:27:A2:46:19:D7:B5
X509v3 Authority Key Identifier:
keyid:A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/qRD7ujzJORaie3rLE2YnokYZ17U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p67mdiDZwK5j0pV4XJ2VbwY8IcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.101.192.0/19
IPv6:
2a06:7880::/29
Signature Algorithm: sha256WithRSAEncryption
06:90:18:db:fe:1f:6b:57:27:2c:12:5a:73:33:63:42:9b:92:
77:67:b0:48:51:f6:b6:b7:0e:fd:1e:e7:e8:d7:c4:ce:ae:44:
7a:ff:ac:e4:d9:8d:95:21:9b:0f:a9:e6:59:92:04:e2:78:d0:
87:ff:f4:ba:c5:65:3f:63:65:a7:1a:f1:0f:5e:9f:50:f1:c1:
a9:6d:5f:e4:8f:8f:7a:d0:d8:49:d6:98:69:74:ec:d2:12:0a:
78:c8:5d:1c:c8:39:88:ac:2f:72:89:a1:60:34:b5:44:94:65:
bb:9b:d0:04:04:f8:ec:87:84:92:c5:48:99:a1:3d:6e:18:8e:
e6:4a:39:dc:7c:d0:28:ce:75:74:1b:52:69:68:2a:46:3e:b7:
18:82:8a:33:e7:b3:c6:63:f0:4b:34:16:8a:af:f4:8f:dd:9b:
bf:cf:fc:56:b0:de:4f:51:88:d8:80:34:44:52:51:ca:fd:e0:
7b:03:90:90:72:12:28:c4:a0:bb:be:e3:14:96:df:09:fe:6e:
d3:0b:67:94:5c:17:c9:d8:6d:3e:0e:8b:80:20:5e:7e:e7:81:
32:67:b0:31:a6:74:27:66:49:10:40:66:9e:02:be:85:14:55:
a2:7a:cc:a5:a1:54:2d:f1:da:2d:86:e3:43:da:dd:0b:bd:ae:
bc:e6:8c:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnthOQ6pDiv3olWxDSlgnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YWVlNjc2MjBkOWMwYWU2M2QyOTU3ODVjOWQ5NTZmMDYz
YzIxYzMwHhcNMjUwMTAyMTU1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTEwZmJiYTNjYzkzOTE2YTI3YjdhY2IxMzY2MjdhMjQ2MTlkN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4u/KSNMrZNhaKknDs7u+ZWWrg42J
rqS31dR0CtBoMAqWfSRyaa9qji+naJj8ohPbN8IHX486j7i62O/nC9XJzwz8sv0b
pCnhOsWMHZTMdzZB1j9qQG6CO6l9qhxSsRZsZLw6HYjo0kknnEgqoR8ZGCBy4RdF
5sDNOGRk1SUVAAz1wWBKan8l/+IU46i/jSUfRoqEvqszByUpPij+NOqAzTMikW/9
ztKAmnHCqpH1uqGZP3Lhll+aCylLspqrDrylJciBc/jOjZ25kJ9c9EfKuT6qoAmk
j3aYM5XHEBgCwtfPJcI/2F1D+45Ka7z+SXJF80JCA7b4xgaqIx5yas1HkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKkQ+7o8yTkWont6yxNmJ6JGGde1MB8GA1UdIwQY
MBaAFKeu5nYg2cCuY9KVeFydlW8GPCHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDY3bWRpRFp3SzVqMHBWNFhKMlZid1k4SWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYmEyNWEtMGFiZC00NTUwLWJjYTQt
MGI3ZjE1YjUwOWNiLzEvcVJEN3VqekpPUmFpZTNyTEUyWW5va1laMTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYmEyNWEtMGFiZC00NTUwLWJjYTQtMGI3ZjE1YjUwOWNi
LzEvcDY3bWRpRFp3SzVqMHBWNFhKMlZid1k4SWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1GXAMA0E
AgACMAcDBQMqBniAMA0GCSqGSIb3DQEBCwUAA4IBAQAGkBjb/h9rVycsElpzM2NC
m5J3Z7BIUfa2tw79Hufo18TOrkR6/6zk2Y2VIZsPqeZZkgTieNCH//S6xWU/Y2Wn
GvEPXp9Q8cGpbV/kj4960NhJ1phpdOzSEgp4yF0cyDmIrC9yiaFgNLVElGW7m9AE
BPjsh4SSxUiZoT1uGI7mSjncfNAoznV0G1JpaCpGPrcYgooz57PGY/BLNBaKr/SP
3Zu/z/xWsN5PUYjYgDREUlHK/eB7A5CQchIoxKC7vuMUlt8J/m7TC2eUXBfJ2G0+
DouAIF5+54EyZ7AxpnQnZkkQQGaeAr6FFFWiesyloVQt8dothuND2t0Lva685owB
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:22 2025 by rpki-client