Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QTAcbfkHigphbCykgMyuUxykxV8.roa
File: QTAcbfkHigphbCykgMyuUxykxV8.roa (raw, json)
Hash identifier: 7doyMNjlqsQdSza2/N9RxMRxVujb65Kn6W3+NIFmOug=
Subject key identifier: 41:30:1C:6D:F9:07:8A:0A:61:6C:2C:A4:80:CC:AE:53:1C:A4:C5:5F
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018E5D88CD7B9969657D650689432FB9651A
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QTAcbfkHigphbCykgMyuUxykxV8.roa
Signing time: Wed 20 Mar 2024 20:23:50 +0000
ROA not before: Wed 20 Mar 2024 20:23:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45027
IP address blocks: 2a0d:1ac7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5d:88:cd:7b:99:69:65:7d:65:06:89:43:2f:b9:65:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Mar 20 20:23:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41301c6df9078a0a616c2ca480ccae531ca4c55f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:da:4d:bf:df:d6:b7:46:0b:3a:e9:e5:1b:c7:
7f:a4:f2:43:4a:14:db:62:09:a7:0d:02:1f:cf:f8:
07:c6:db:84:5d:d5:1b:a9:56:2c:1f:2c:41:2b:c0:
cb:e4:30:b3:74:1a:51:25:47:55:3c:44:ea:2f:05:
ec:79:f4:a2:7c:db:43:c4:01:fa:c8:f5:30:52:b9:
e5:96:28:d9:9c:40:15:c1:4e:fa:54:ea:67:ef:33:
b7:fe:24:99:ae:2d:d4:07:91:54:02:74:b0:ee:5a:
91:5a:46:3f:96:25:c4:bd:c0:b9:b6:4e:94:d6:c1:
03:b7:e1:5a:42:16:93:db:18:99:50:86:cc:67:03:
95:b7:10:73:79:91:d7:dd:27:af:78:85:5f:72:27:
bb:36:30:af:b0:3f:73:63:6d:9a:34:25:58:54:03:
b3:7b:71:39:26:e7:7e:21:b3:a4:0b:15:5f:ef:20:
db:77:c6:57:cd:84:b2:8c:68:2d:57:0b:2c:c5:2b:
1c:ba:be:e2:02:14:cc:b6:8b:6a:2c:c4:d2:b6:5a:
e7:41:c3:fe:6a:7c:22:14:56:5d:82:00:de:2e:48:
15:28:02:56:30:6a:31:83:9e:bc:c0:1d:3c:5d:57:
2a:97:2f:72:b4:f9:09:ec:c1:c4:de:96:a3:2c:24:
a7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:30:1C:6D:F9:07:8A:0A:61:6C:2C:A4:80:CC:AE:53:1C:A4:C5:5F
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QTAcbfkHigphbCykgMyuUxykxV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1ac7::/32
Signature Algorithm: sha256WithRSAEncryption
67:e8:31:68:9a:a2:f8:ef:1e:e9:34:db:e6:66:4c:23:71:28:
28:de:97:03:9e:94:cf:d9:71:b3:92:f2:da:4e:52:72:b8:9a:
c4:31:ce:ac:93:99:d5:18:ca:0e:12:49:72:63:1a:6b:ed:53:
af:fd:12:a8:bf:6c:98:15:75:cd:6f:26:8f:c8:64:19:21:4d:
f3:a3:23:66:a2:67:c7:d3:6e:71:13:90:56:ae:e9:8b:b7:fb:
b6:c6:37:50:f8:9a:2b:e4:70:d2:8a:1b:5b:2e:08:b2:2c:3f:
49:4c:7b:18:df:7d:8f:4d:4f:6a:00:b2:7e:56:57:99:69:30:
b1:69:e6:46:6e:51:f8:18:db:2d:e2:25:b8:17:5f:11:6f:81:
02:ae:39:a7:c7:ca:5e:0a:87:70:60:1d:4d:05:bb:6b:21:ab:
ff:3b:ef:bb:b7:a3:d4:90:06:c6:c3:5a:e5:dc:a4:a9:b7:ef:
43:65:49:0c:ce:86:1a:47:ce:8e:82:03:85:e5:a6:ee:02:0b:
e4:50:55:87:04:80:71:c4:ec:a1:e0:0a:c2:bb:b8:8e:56:1f:
bf:91:a0:bd:d0:1d:02:e0:b2:50:44:4b:03:7a:44:f6:6f:e3:
ed:ca:2a:af:6e:8f:92:2b:19:b0:77:a1:33:a3:46:9f:2b:0b:
2b:4e:4c:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY5diM17mWllfWUGiUMvuWUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMzIwMjAyMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMwMWM2ZGY5MDc4YTBhNjE2YzJjYTQ4MGNjYWU1MzFjYTRjNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldpNv9/Wt0YLOunlG8d/pPJDShTb
YgmnDQIfz/gHxtuEXdUbqVYsHyxBK8DL5DCzdBpRJUdVPETqLwXsefSifNtDxAH6
yPUwUrnllijZnEAVwU76VOpn7zO3/iSZri3UB5FUAnSw7lqRWkY/liXEvcC5tk6U
1sEDt+FaQhaT2xiZUIbMZwOVtxBzeZHX3SeveIVfcie7NjCvsD9zY22aNCVYVAOz
e3E5Jud+IbOkCxVf7yDbd8ZXzYSyjGgtVwssxSscur7iAhTMtotqLMTStlrnQcP+
anwiFFZdggDeLkgVKAJWMGoxg568wB08XVcqly9ytPkJ7MHE3pajLCSn7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEEwHG35B4oKYWwspIDMrlMcpMVfMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvUVRBY2Jma0hpZ3BoYkN5a2dNeXVVeHlreFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg0axzAN
BgkqhkiG9w0BAQsFAAOCAQEAZ+gxaJqi+O8e6TTb5mZMI3EoKN6XA56Uz9lxs5Ly
2k5ScriaxDHOrJOZ1RjKDhJJcmMaa+1Tr/0SqL9smBV1zW8mj8hkGSFN86MjZqJn
x9NucROQVq7pi7f7tsY3UPiaK+Rw0oobWy4Isiw/SUx7GN99j01PagCyflZXmWkw
sWnmRm5R+BjbLeIluBdfEW+BAq45p8fKXgqHcGAdTQW7ayGr/zvvu7ej1JAGxsNa
5dykqbfvQ2VJDM6GGkfOjoIDheWm7gIL5FBVhwSAccTsoeAKwru4jlYfv5GgvdAd
AuCyUERLA3pE9m/j7coqr26PkisZsHehM6NGnysLK05M3w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:24 2025 by rpki-client