Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Q7A84Re88TEGuWZsIYTnNdLRtqQ.roa
File: Q7A84Re88TEGuWZsIYTnNdLRtqQ.roa (raw, json)
Hash identifier: 62XanU5j/TVPu9hICaR497zqHzXQbEaOUBFnOheHiVs=
Subject key identifier: 43:B0:3C:E1:17:BC:F1:31:06:B9:66:6C:21:84:E7:35:D2:D1:B6:A4
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCE0290071294AD30FC3FFAEB3FC08
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Q7A84Re88TEGuWZsIYTnNdLRtqQ.roa
Signing time: Thu 02 Jan 2025 07:48:36 +0000
ROA not before: Thu 02 Jan 2025 07:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31715
IP address blocks: 149.126.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:e0:29:00:71:29:4a:d3:0f:c3:ff:ae:b3:fc:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43b03ce117bcf13106b9666c2184e735d2d1b6a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a6:c1:34:43:7a:35:06:b8:76:19:56:84:0e:
9c:be:d8:5f:21:68:44:26:fb:7b:e2:4e:3b:f0:46:
80:a6:3b:26:e2:58:f5:31:28:c8:99:a2:4a:82:04:
48:ad:68:c4:e9:62:db:86:a4:f0:1e:7c:16:57:9f:
a5:a5:17:e0:b2:2e:17:0e:b1:a3:e2:5a:34:bd:22:
84:3d:1d:44:af:30:78:7b:08:85:44:d7:84:3a:f1:
83:e6:5c:5a:96:43:88:28:06:a2:73:f3:3d:fa:31:
10:7c:cd:a0:9b:9c:81:65:52:b9:27:c5:bc:b7:48:
6e:11:43:54:43:26:36:f7:d5:95:1b:2d:10:a2:58:
21:68:e1:af:64:eb:d7:2d:1a:0d:0c:1e:bb:c2:a0:
70:03:44:d4:74:d8:27:fe:f3:67:dc:10:6b:e1:a5:
0a:50:04:a2:e8:bb:71:7a:22:b9:05:ad:83:a4:91:
a4:6c:cb:65:3b:41:b2:6f:34:09:f5:8a:64:10:04:
f2:35:28:39:be:0f:a8:c9:47:f0:1f:ab:18:60:23:
89:5b:1b:8d:60:e1:74:b5:b0:92:dd:1b:24:6c:cc:
73:bc:79:e2:12:bf:2d:43:38:f7:c0:00:e6:b6:b3:
4c:16:18:bb:dd:3d:a1:0d:fe:e7:27:39:31:91:b4:
4a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B0:3C:E1:17:BC:F1:31:06:B9:66:6C:21:84:E7:35:D2:D1:B6:A4
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Q7A84Re88TEGuWZsIYTnNdLRtqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.126.13.0/24
Signature Algorithm: sha256WithRSAEncryption
81:75:dc:67:d7:05:28:02:6d:6f:92:82:4a:42:f1:07:57:71:
8b:e7:f0:58:b6:49:1a:00:0b:ee:5b:fd:a0:e5:63:86:f8:4c:
22:09:77:6b:fe:5a:cb:0c:d9:d9:ac:11:3c:79:8a:4f:23:49:
a7:40:1a:fc:3d:5c:0f:2a:97:3f:ae:9b:4e:53:12:db:8f:e2:
5a:3e:59:ba:63:af:d4:5e:ad:73:06:c7:0c:fd:78:d4:b3:47:
42:b7:7e:f8:15:f4:d6:2d:c6:e8:96:be:51:14:17:1e:52:28:
85:bd:10:57:9c:e1:4a:b8:e9:8e:22:5f:c7:76:3a:dc:0a:96:
7f:0b:e1:82:61:cc:5a:15:3b:aa:88:10:30:77:18:19:68:15:
a6:1d:d1:75:e6:1d:20:d6:21:9b:6b:70:bf:e4:3e:fe:2a:4f:
2f:de:b8:90:65:2c:5c:9b:12:bb:22:e8:aa:a2:b5:50:7e:41:
f5:5b:64:87:33:15:c2:ca:1d:2d:dd:80:b3:91:25:50:d6:cf:
9d:f2:df:a5:31:82:56:98:82:c9:c2:b7:6b:8b:74:09:b2:68:
44:91:0f:d1:a3:e1:c9:61:70:be:a5:fa:ad:87:c3:25:c4:3c:
9f:47:cd:e9:f9:66:65:8e:ff:0f:7b:6e:27:94:8a:73:14:01:
3a:bf:50:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/OApAHEpStMPw/+us/wIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2IwM2NlMTE3YmNmMTMxMDZiOTY2NmMyMTg0ZTczNWQyZDFiNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqbBNEN6NQa4dhlWhA6cvthfIWhE
Jvt74k478EaApjsm4lj1MSjImaJKggRIrWjE6WLbhqTwHnwWV5+lpRfgsi4XDrGj
4lo0vSKEPR1ErzB4ewiFRNeEOvGD5lxalkOIKAaic/M9+jEQfM2gm5yBZVK5J8W8
t0huEUNUQyY299WVGy0QolghaOGvZOvXLRoNDB67wqBwA0TUdNgn/vNn3BBr4aUK
UASi6LtxeiK5Ba2DpJGkbMtlO0GybzQJ9YpkEATyNSg5vg+oyUfwH6sYYCOJWxuN
YOF0tbCS3RskbMxzvHniEr8tQzj3wADmtrNMFhi73T2hDf7nJzkxkbRKywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOwPOEXvPExBrlmbCGE5zXS0bakMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvUTdBODRSZTg4VEVHdVdac0lZVG5OZExSdHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlX4NMA0G
CSqGSIb3DQEBCwUAA4IBAQCBddxn1wUoAm1vkoJKQvEHV3GL5/BYtkkaAAvuW/2g
5WOG+EwiCXdr/lrLDNnZrBE8eYpPI0mnQBr8PVwPKpc/rptOUxLbj+JaPlm6Y6/U
Xq1zBscM/XjUs0dCt374FfTWLcbolr5RFBceUiiFvRBXnOFKuOmOIl/HdjrcCpZ/
C+GCYcxaFTuqiBAwdxgZaBWmHdF15h0g1iGba3C/5D7+Kk8v3riQZSxcmxK7Iuiq
orVQfkH1W2SHMxXCyh0t3YCzkSVQ1s+d8t+lMYJWmILJwrdri3QJsmhEkQ/Ro+HJ
YXC+pfqth8MlxDyfR83p+WZljv8Pe24nlIpzFAE6v1C5
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:40:40 2025 by rpki-client