Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/qSALXGZS-mStlLpg8jjf75z_AxA.roa
File: qSALXGZS-mStlLpg8jjf75z_AxA.roa (raw, json)
Hash identifier: JTmyN1Wglwwaiz8Y4z1qxOyBmB8F9ra5LEBRhnN+ctY=
Subject key identifier: A9:20:0B:5C:66:52:FA:64:AD:94:BA:60:F2:38:DF:EF:9C:FF:03:10
Certificate issuer: /CN=d6c480bac972607fdab605593a84b8364c6ab1b0
Certificate serial: 019420685C55F908E9DFD18ADB97AEBA628A
Authority key identifier: D6:C4:80:BA:C9:72:60:7F:DA:B6:05:59:3A:84:B8:36:4C:6A:B1:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sSAuslyYH_atgVZOoS4NkxqsbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/qSALXGZS-mStlLpg8jjf75z_AxA.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64449
IP address blocks: 2001:678:1d4::/48 maxlen: 48
2001:67c:d08::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5c:55:f9:08:e9:df:d1:8a:db:97:ae:ba:62:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c480bac972607fdab605593a84b8364c6ab1b0
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9200b5c6652fa64ad94ba60f238dfef9cff0310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:29:87:ac:12:9e:31:33:ac:45:c1:83:86:
c0:a3:4e:77:68:73:4a:e8:94:64:47:ac:24:1f:f8:
4e:ab:0e:7b:83:b0:7b:79:2a:4e:c6:7b:c4:ce:06:
97:94:32:9f:5d:1f:ab:67:ac:34:34:bc:6d:92:dc:
e6:4d:92:c4:c7:03:40:86:48:ee:fc:da:c8:aa:d0:
ad:2c:83:88:95:62:f5:4e:10:08:d0:1e:3a:90:a2:
67:d5:7d:68:a8:76:dc:ad:0e:f4:08:3e:21:ce:d4:
22:5c:9f:61:39:75:61:17:fe:24:0d:9f:32:e9:4c:
27:06:21:19:84:ef:12:3f:f8:52:06:d0:eb:d5:52:
0f:e2:59:7b:ce:94:a5:04:6d:7f:8f:f5:5e:d0:24:
e3:da:24:39:dc:b1:83:f2:cb:c9:fc:4f:a3:3c:e2:
7a:d8:8b:7e:a2:03:8a:7f:45:37:ba:cd:c1:63:fb:
05:d3:4a:68:54:09:4d:cb:8c:e6:92:49:3a:42:9c:
a6:86:6f:97:56:3e:10:7d:cf:97:40:dd:5a:07:d0:
0f:4a:0c:da:45:bc:0c:09:18:dc:f8:60:53:3c:42:
0e:6d:bb:14:5e:7f:d9:aa:61:56:42:ec:d2:14:4a:
ef:c4:79:3b:9a:b1:03:64:05:36:64:06:31:c9:ad:
76:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:20:0B:5C:66:52:FA:64:AD:94:BA:60:F2:38:DF:EF:9C:FF:03:10
X509v3 Authority Key Identifier:
keyid:D6:C4:80:BA:C9:72:60:7F:DA:B6:05:59:3A:84:B8:36:4C:6A:B1:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sSAuslyYH_atgVZOoS4NkxqsbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/qSALXGZS-mStlLpg8jjf75z_AxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8918fa-f4ab-4b19-9453-97c73be93bcd/1/1sSAuslyYH_atgVZOoS4NkxqsbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1d4::/48
2001:67c:d08::/48
Signature Algorithm: sha256WithRSAEncryption
42:8c:27:06:bb:0d:5e:1c:5a:b3:3f:d5:b3:d3:7e:fc:26:9a:
50:33:87:97:0c:93:10:88:f4:60:00:58:32:56:a4:d6:a7:71:
b6:48:4f:ad:f9:f2:92:e1:4f:a3:cc:3c:6f:8a:a9:cb:11:71:
49:63:1a:4e:26:cc:71:bc:a6:1c:8a:1c:33:b3:58:07:08:4a:
fe:f8:24:15:51:17:83:46:73:e0:f7:61:68:66:61:36:84:85:
3f:7f:7a:52:70:64:2d:68:48:53:22:83:ae:3c:ac:6d:66:68:
28:5b:ad:de:74:ef:8c:d6:58:b5:60:80:66:6c:f2:59:5a:e6:
32:9a:df:0c:d0:24:92:66:0f:e4:78:59:d9:71:33:43:8e:c1:
72:69:3d:37:0e:ba:8b:f0:22:c7:20:fe:29:76:0e:b3:1a:b8:
fa:9b:b9:39:ed:c1:dd:5f:a3:28:8a:aa:72:5f:12:e9:d3:04:
b6:dc:0e:d7:9f:64:05:d9:f0:b2:4c:67:6d:11:3c:31:cb:af:
38:ac:2c:0e:3c:6b:ea:17:b4:27:81:01:0d:88:5b:f4:91:8a:
31:fd:45:76:29:97:fd:65:84:13:82:3d:9e:c1:9b:e7:d9:ae:
e7:7a:a2:ed:2e:f9:b3:fc:4f:c9:8b:93:df:57:6c:06:5d:d7:
21:1e:05:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaFxV+Qjp39GK25euumKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzQ4MGJhYzk3MjYwN2ZkYWI2MDU1OTNhODRiODM2NGM2
YWIxYjAwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIwMGI1YzY2NTJmYTY0YWQ5NGJhNjBmMjM4ZGZlZjljZmYwMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr48ph6wSnjEzrEXBg4bAo053aHNK
6JRkR6wkH/hOqw57g7B7eSpOxnvEzgaXlDKfXR+rZ6w0NLxtktzmTZLExwNAhkju
/NrIqtCtLIOIlWL1ThAI0B46kKJn1X1oqHbcrQ70CD4hztQiXJ9hOXVhF/4kDZ8y
6UwnBiEZhO8SP/hSBtDr1VIP4ll7zpSlBG1/j/Ve0CTj2iQ53LGD8svJ/E+jPOJ6
2It+ogOKf0U3us3BY/sF00poVAlNy4zmkkk6Qpymhm+XVj4Qfc+XQN1aB9APSgza
RbwMCRjc+GBTPEIObbsUXn/ZqmFWQuzSFErvxHk7mrEDZAU2ZAYxya12XwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKkgC1xmUvpkrZS6YPI43++c/wMQMB8GA1UdIwQY
MBaAFNbEgLrJcmB/2rYFWTqEuDZMarGwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNTQXVzbHlZSF9hdGdWWk9vUzROa3hxc2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy84OTE4ZmEtZjRhYi00YjE5LTk0NTMt
OTdjNzNiZTkzYmNkLzEvcVNBTFhHWlMtbVN0bExwZzhqamY3NXpfQXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy84OTE4ZmEtZjRhYi00YjE5LTk0NTMtOTdjNzNiZTkzYmNk
LzEvMXNTQXVzbHlZSF9hdGdWWk9vUzROa3hxc2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAHU
AwcAIAEGfA0IMA0GCSqGSIb3DQEBCwUAA4IBAQBCjCcGuw1eHFqzP9Wz0378JppQ
M4eXDJMQiPRgAFgyVqTWp3G2SE+t+fKS4U+jzDxviqnLEXFJYxpOJsxxvKYcihwz
s1gHCEr++CQVUReDRnPg92FoZmE2hIU/f3pScGQtaEhTIoOuPKxtZmgoW63edO+M
1li1YIBmbPJZWuYymt8M0CSSZg/keFnZcTNDjsFyaT03DrqL8CLHIP4pdg6zGrj6
m7k57cHdX6MoiqpyXxLp0wS23A7Xn2QF2fCyTGdtETwxy684rCwOPGvqF7QngQEN
iFv0kYox/UV2KZf9ZYQTgj2ewZvn2a7neqLtLvmz/E/Ji5PfV2wGXdchHgXK
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:53:35 2025 by rpki-client