Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/QG257JukL1NALD1Lw_3KAIaBzqM.roa
File: QG257JukL1NALD1Lw_3KAIaBzqM.roa (raw, json)
Hash identifier: L3AIgFUbRuSmjAC0ZLk7CNdxvjC85nhtfwTENybmavE=
Subject key identifier: 40:6D:B9:EC:9B:A4:2F:53:40:2C:3D:4B:C3:FD:CA:00:86:81:CE:A3
Certificate issuer: /CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Certificate serial: 0181DAD0785D2ACEBF710DBCD357D377758F
Authority key identifier: D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/QG257JukL1NALD1Lw_3KAIaBzqM.roa
Signing time: Thu 07 Jul 2022 22:38:24 +0000
ROA not before: Thu 07 Jul 2022 22:38:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 701
IP address blocks: 2a0a:cd40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:d0:78:5d:2a:ce:bf:71:0d:bc:d3:57:d3:77:75:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Validity
Not Before: Jul 7 22:38:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=406db9ec9ba42f53402c3d4bc3fdca008681cea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2c:98:cb:e2:f4:e0:54:4d:c9:67:0e:7b:33:
61:55:82:79:0b:3a:da:50:9d:19:9f:90:46:0e:33:
e9:be:fd:28:be:14:c5:6f:d8:ef:69:85:9b:84:34:
1d:d1:93:7d:63:e1:bb:6d:0d:09:b6:59:73:e0:c0:
9d:ce:e4:0c:a4:74:4e:21:07:9a:14:e5:08:c7:5e:
d3:67:7b:63:92:a2:a1:45:b8:a2:a2:92:44:82:26:
48:99:65:a7:c6:08:ea:17:42:38:7d:78:83:a0:f7:
b8:0a:9f:f8:d0:7f:27:99:eb:3d:ea:0e:64:ff:73:
96:84:fa:8c:e9:13:18:41:c0:eb:3e:29:4b:b1:da:
8d:14:e9:34:36:b7:fa:21:f0:83:6c:e5:d3:8f:2e:
b0:d4:81:cf:86:ab:16:8e:2a:9f:4b:39:9f:d0:23:
24:fc:77:f0:85:a2:be:20:5d:d8:66:48:f1:ea:41:
52:22:9e:47:eb:f3:0b:f1:7a:9f:c3:a0:53:c4:d4:
01:da:6a:f9:73:69:d4:2d:ab:c5:19:07:38:bd:c9:
a0:f0:d8:83:94:e1:3e:c5:ef:e0:cc:76:29:d5:4c:
36:ac:db:d5:89:e9:37:c9:3c:e3:3e:7e:4a:53:60:
8b:aa:1a:c9:59:04:02:12:b3:28:63:75:0e:f5:44:
94:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6D:B9:EC:9B:A4:2F:53:40:2C:3D:4B:C3:FD:CA:00:86:81:CE:A3
X509v3 Authority Key Identifier:
keyid:D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/QG257JukL1NALD1Lw_3KAIaBzqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/0D_r_VN-Mgy77CtOImd7muZvYE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
00:ea:6e:64:80:47:72:48:8f:30:31:c6:a5:c9:6b:3a:3f:70:
6f:e5:95:7d:bf:0e:06:0f:ae:7a:fc:a0:67:85:71:ec:7f:55:
4f:b8:6c:50:f7:dc:af:a6:66:ef:e6:fe:08:41:0d:ad:85:c7:
49:f8:24:9f:ac:74:da:74:e0:c9:57:83:b7:c6:db:2c:d8:86:
e9:a9:a0:6f:3f:a1:5d:6f:f8:59:71:b5:61:2f:e1:73:63:82:
ed:65:a1:f5:64:dd:70:82:2a:9f:31:80:59:7d:a4:c6:bb:8f:
e6:8a:ff:c5:79:fb:01:3a:90:19:ee:f2:2d:23:a4:90:39:d0:
26:2c:53:14:0f:4f:b9:53:bf:0f:da:40:61:a6:5a:5c:91:be:
41:46:3a:19:ec:f6:ca:9c:9a:03:d7:11:1d:3e:4d:d4:d6:63:
b3:34:ad:27:b0:14:d7:3a:b7:a1:46:e8:8b:11:7a:d5:17:70:
7c:5f:22:8d:ab:2e:89:f6:db:bb:89:75:13:8e:07:3b:79:4f:
ee:1a:7b:f8:43:84:2c:6e:a4:cd:22:3a:bc:4f:49:74:e9:41:
7c:9b:7e:f8:45:2b:da:6f:ab:f6:9d:a3:52:71:58:3f:c9:66:
b2:bb:08:2e:9f:d9:9c:2f:5b:b6:c4:49:21:f9:d7:33:11:2e:
d0:d3:fb:4e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYHa0HhdKs6/cQ2801fTd3WPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwM2ZlYmZkNTM3ZTMyMGNiYmVjMmI0ZTIyNjc3YjlhZTY2
ZjYwNGUwHhcNMjIwNzA3MjIzODI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZkYjllYzliYTQyZjUzNDAyYzNkNGJjM2ZkY2EwMDg2ODFjZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiyYy+L04FRNyWcOezNhVYJ5Czra
UJ0Zn5BGDjPpvv0ovhTFb9jvaYWbhDQd0ZN9Y+G7bQ0Jtllz4MCdzuQMpHROIQea
FOUIx17TZ3tjkqKhRbiiopJEgiZImWWnxgjqF0I4fXiDoPe4Cp/40H8nmes96g5k
/3OWhPqM6RMYQcDrPilLsdqNFOk0Nrf6IfCDbOXTjy6w1IHPhqsWjiqfSzmf0CMk
/HfwhaK+IF3YZkjx6kFSIp5H6/ML8Xqfw6BTxNQB2mr5c2nULavFGQc4vcmg8NiD
lOE+xe/gzHYp1Uw2rNvViek3yTzjPn5KU2CLqhrJWQQCErMoY3UO9USUAQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEBtueybpC9TQCw9S8P9ygCGgc6jMB8GA1UdIwQY
MBaAFNA/6/1TfjIMu+wrTiJne5rmb2BOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2It
MjgxZmFkZTI4MzRiLzEvUUcyNTdKdWtMMU5BTEQxTHdfM0tBSWFCenFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2ItMjgxZmFkZTI4MzRi
LzEvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgrNQDAN
BgkqhkiG9w0BAQsFAAOCAQEAAOpuZIBHckiPMDHGpclrOj9wb+WVfb8OBg+uevyg
Z4Vx7H9VT7hsUPfcr6Zm7+b+CEENrYXHSfgkn6x02nTgyVeDt8bbLNiG6amgbz+h
XW/4WXG1YS/hc2OC7WWh9WTdcIIqnzGAWX2kxruP5or/xXn7ATqQGe7yLSOkkDnQ
JixTFA9PuVO/D9pAYaZaXJG+QUY6Gez2ypyaA9cRHT5N1NZjszStJ7AU1zq3oUbo
ixF61RdwfF8ijasuifbbu4l1E44HO3lP7hp7+EOELG6kzSI6vE9JdOlBfJt++EUr
2m+r9p2jUnFYP8lmsrsILp/ZnC9btsRJIfnXMxEu0NP7Tg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:35:03 2025 by rpki-client