Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/QO1dpA-y1-LUvBA4TaN7GxjBwr4.roa
File: QO1dpA-y1-LUvBA4TaN7GxjBwr4.roa (raw, json)
Hash identifier: cp3jreCiqBzou6sBsNDacGELM5dfbDoLvJsHbqkg9XU=
Subject key identifier: 40:ED:5D:A4:0F:B2:D7:E2:D4:BC:10:38:4D:A3:7B:1B:18:C1:C2:BE
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369EA111DAE337B9946B8E1F0E910DD
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/QO1dpA-y1-LUvBA4TaN7GxjBwr4.roa
Signing time: Wed 01 Jan 2025 19:48:51 +0000
ROA not before: Wed 01 Jan 2025 19:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198100
IP address blocks: 2a0f:7803:ffb1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ea:11:1d:ae:33:7b:99:46:b8:e1:f0:e9:10:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40ed5da40fb2d7e2d4bc10384da37b1b18c1c2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:57:57:b0:ed:5c:d6:cb:d0:f0:a5:83:94:bc:
de:e4:e5:7a:61:fb:1a:9e:38:40:7d:b2:4a:4a:fc:
2a:01:16:b5:c0:1a:e0:8e:d7:28:7e:23:a2:5c:ef:
0d:13:8e:eb:38:ee:1e:46:ce:19:c5:16:c0:de:1a:
88:6c:a9:65:ab:3c:0a:fa:18:1e:95:96:23:65:79:
92:d6:c9:29:4f:26:a1:1d:f4:39:74:b0:80:2c:48:
0d:b5:a9:ee:b1:d3:d3:87:9a:84:f3:f7:ca:5e:9a:
17:fe:1d:3d:d8:9e:8d:e5:ae:71:53:85:2b:c7:ec:
59:d8:c6:4c:6c:e3:9f:13:af:58:1a:c7:0b:5c:da:
fd:12:9d:25:48:3e:b3:e7:00:96:30:a0:07:33:34:
25:e6:2e:4b:50:1e:55:c4:f4:e8:05:0c:9b:a4:e4:
80:5d:32:bf:a7:b5:63:d6:ac:42:0d:59:60:02:57:
b7:98:e2:06:56:68:89:b1:f8:35:e6:eb:fb:b3:25:
44:ab:64:84:2a:72:c1:46:c3:90:70:9b:7c:b1:30:
1b:01:bd:62:b5:ed:42:3e:9a:91:8a:f3:57:8e:66:
0a:d4:88:54:f1:54:99:10:6f:86:38:75:30:c4:bf:
ba:fd:f5:7d:ff:08:11:c0:36:be:46:60:87:4a:cd:
d9:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:5D:A4:0F:B2:D7:E2:D4:BC:10:38:4D:A3:7B:1B:18:C1:C2:BE
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/QO1dpA-y1-LUvBA4TaN7GxjBwr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:ffb1::/48
Signature Algorithm: sha256WithRSAEncryption
b8:46:95:79:e9:1a:d0:45:60:3e:bf:1c:dc:1c:6b:c7:14:fb:
a6:7a:f5:4e:3c:5f:43:67:59:fe:d9:70:6a:7c:a9:70:5f:a4:
16:6e:52:78:fc:d4:7b:43:1d:7c:36:94:96:17:b5:7f:af:36:
cc:68:a7:cc:af:d1:f4:2d:66:23:5a:e6:91:b2:62:80:c0:fa:
be:e7:77:fd:fd:dc:5d:1c:3e:24:d3:f1:de:67:19:ae:58:48:
23:77:1c:96:f7:42:29:1b:ad:eb:78:f7:52:42:f5:00:2c:d7:
1c:ce:31:80:ea:4a:8b:e5:e0:b7:7a:fa:6a:05:e5:64:a2:ce:
ac:98:cb:1b:92:3f:50:56:ba:37:fc:7e:c9:46:f1:19:3b:00:
b5:b6:ab:3e:80:cf:df:6b:73:1a:a7:a4:a9:39:f3:cb:b3:4b:
d1:e0:96:c5:6b:40:9e:66:37:14:5d:62:79:7b:b2:5f:c1:5d:
26:6c:46:e3:69:d2:35:19:79:29:7d:e3:10:35:9c:ea:f4:61:
f5:5a:33:36:e1:f1:cd:6e:b9:b3:b7:9e:bf:e6:43:f5:51:44:
36:61:51:e9:ec:36:b7:15:a9:b1:9a:5f:23:ab:36:50:60:85:
6c:c9:34:1b:db:13:0b:f3:77:8d:54:96:76:38:9e:e8:ad:a5:
31:ef:9b:9c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjaeoRHa4ze5lGuOHw6RDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVkNWRhNDBmYjJkN2UyZDRiYzEwMzg0ZGEzN2IxYjE4YzFjMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ldXsO1c1svQ8KWDlLze5OV6Yfsa
njhAfbJKSvwqARa1wBrgjtcofiOiXO8NE47rOO4eRs4ZxRbA3hqIbKllqzwK+hge
lZYjZXmS1skpTyahHfQ5dLCALEgNtanusdPTh5qE8/fKXpoX/h092J6N5a5xU4Ur
x+xZ2MZMbOOfE69YGscLXNr9Ep0lSD6z5wCWMKAHMzQl5i5LUB5VxPToBQybpOSA
XTK/p7Vj1qxCDVlgAle3mOIGVmiJsfg15uv7syVEq2SEKnLBRsOQcJt8sTAbAb1i
te1CPpqRivNXjmYK1IhU8VSZEG+GOHUwxL+6/fV9/wgRwDa+RmCHSs3Z2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEDtXaQPstfi1LwQOE2jexsYwcK+MB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvUU8xZHBBLXkxLUxVdkJBNFRhTjdHeGpCd3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg94A/+x
MA0GCSqGSIb3DQEBCwUAA4IBAQC4RpV56RrQRWA+vxzcHGvHFPumevVOPF9DZ1n+
2XBqfKlwX6QWblJ4/NR7Qx18NpSWF7V/rzbMaKfMr9H0LWYjWuaRsmKAwPq+53f9
/dxdHD4k0/HeZxmuWEgjdxyW90IpG63rePdSQvUALNcczjGA6kqL5eC3evpqBeVk
os6smMsbkj9QVro3/H7JRvEZOwC1tqs+gM/fa3Map6SpOfPLs0vR4JbFa0CeZjcU
XWJ5e7JfwV0mbEbjadI1GXkpfeMQNZzq9GH1WjM24fHNbrmzt56/5kP1UUQ2YVHp
7Da3Famxml8jqzZQYIVsyTQb2xML83eNVJZ2OJ7oraUx75uc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:31 2025 by rpki-client