Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/Q2LTA1GKdHj7d0i_1GvyqSIwjxQ.roa
File: Q2LTA1GKdHj7d0i_1GvyqSIwjxQ.roa (raw, json)
Hash identifier: xu02NdCI991FR8WiB+pSZuZa9Qgpw7qq1Oeg+OkFXG4=
Subject key identifier: 43:62:D3:03:51:8A:74:78:FB:77:48:BF:D4:6B:F2:A9:22:30:8F:14
Certificate issuer: /CN=ba515836af300f7c71f71dd18b9c3f51c252bb94
Certificate serial: 019424B3D183EFD53415A5808335AA0EB4A3
Authority key identifier: BA:51:58:36:AF:30:0F:7C:71:F7:1D:D1:8B:9C:3F:51:C2:52:BB:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ulFYNq8wD3xx9x3Ri5w_UcJSu5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/Q2LTA1GKdHj7d0i_1GvyqSIwjxQ.roa
Signing time: Thu 02 Jan 2025 01:49:11 +0000
ROA not before: Thu 02 Jan 2025 01:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 62.68.75.0/24 maxlen: 24
2a12:edc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d1:83:ef:d5:34:15:a5:80:83:35:aa:0e:b4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba515836af300f7c71f71dd18b9c3f51c252bb94
Validity
Not Before: Jan 2 01:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4362d303518a7478fb7748bfd46bf2a922308f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:32:83:ce:08:4f:c0:2d:c3:d9:3f:f8:a0:ac:
97:12:bc:fe:96:21:e9:a3:9c:bd:ee:d3:60:f3:2b:
0c:14:66:b7:fd:b1:73:ab:09:e6:0c:3e:58:c8:3d:
d5:73:94:35:cf:0d:0d:35:5a:4e:97:a6:93:71:d5:
b1:ff:b7:1b:34:0b:e3:ea:c7:f7:11:79:cc:61:e4:
9f:50:48:ae:9f:03:65:df:5e:bf:bd:1d:e1:21:d7:
a5:f7:08:b5:79:77:e4:14:41:a0:64:51:38:69:13:
ab:06:a4:da:68:f9:cf:84:a0:ee:82:ca:ad:80:a5:
4c:00:7b:f4:6f:af:f6:aa:e4:89:d7:a8:45:73:32:
c4:39:f2:da:fa:99:5c:c2:25:e0:8b:30:0c:e1:f9:
14:94:89:7b:c8:83:bc:7e:e4:7d:9e:82:25:23:42:
76:50:67:77:ec:81:19:98:70:29:90:4a:e1:a7:e6:
74:9b:2c:ec:d9:54:2a:7c:6d:7a:6c:ce:90:bb:f6:
ae:f2:81:1c:f3:a5:d3:4d:1a:2a:82:a5:6d:c3:37:
14:06:70:fd:e4:aa:ca:da:93:ba:0f:a3:4e:43:1e:
31:c1:d5:00:8a:67:d3:d0:88:26:69:a3:9f:e7:d2:
50:1c:9e:dc:51:4e:ad:f4:9f:0a:91:d8:f7:0f:af:
6c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:62:D3:03:51:8A:74:78:FB:77:48:BF:D4:6B:F2:A9:22:30:8F:14
X509v3 Authority Key Identifier:
keyid:BA:51:58:36:AF:30:0F:7C:71:F7:1D:D1:8B:9C:3F:51:C2:52:BB:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulFYNq8wD3xx9x3Ri5w_UcJSu5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/Q2LTA1GKdHj7d0i_1GvyqSIwjxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/3f9087-572a-4c6c-80be-bc913466d43d/1/ulFYNq8wD3xx9x3Ri5w_UcJSu5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.75.0/24
IPv6:
2a12:edc0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:d0:0b:b8:59:46:06:40:40:45:29:c3:ba:b9:4d:82:98:41:
bd:14:41:8c:7e:aa:79:05:93:a6:b0:fd:74:c0:71:ec:b5:57:
71:d4:13:d0:2d:f1:24:7b:ba:d7:82:59:c9:91:34:9b:a7:66:
da:c5:48:2e:57:88:3f:6c:be:21:02:e1:66:1c:07:ef:8e:08:
cb:f4:bb:55:73:21:3a:62:a5:ff:1a:65:e3:e8:3b:75:c3:00:
73:f6:b3:0d:76:6c:c2:80:ca:1f:89:19:08:e9:7e:e0:df:5d:
6c:d2:d4:91:55:70:e3:fd:43:15:0f:5d:70:1a:02:d9:16:d0:
8f:03:d3:15:c1:d7:5e:22:7e:e0:48:bf:4a:9f:ea:af:a6:45:
f6:63:4e:25:83:8d:e8:7f:60:a1:6d:66:aa:14:11:28:ea:73:
f0:65:08:5d:01:d1:43:97:02:74:59:f5:17:12:14:f1:5b:42:
78:d5:e7:a4:94:20:12:0c:f2:67:11:bd:11:7c:44:a6:fd:10:
f7:cf:f6:d5:9e:51:4c:c3:6a:62:04:7d:e0:1f:e4:f8:bb:03:
62:09:fe:16:91:ae:08:60:99:7e:ca:69:77:31:4d:c1:1c:2c:
1d:3c:04:40:8c:a2:46:c7:d9:ec:9b:04:1b:4c:fb:b6:0e:7c:
28:e8:83:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks9GD79U0FaWAgzWqDrSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNTE1ODM2YWYzMDBmN2M3MWY3MWRkMThiOWMzZjUxYzI1
MmJiOTQwHhcNMjUwMTAyMDE0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzYyZDMwMzUxOGE3NDc4ZmI3NzQ4YmZkNDZiZjJhOTIyMzA4ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzKDzghPwC3D2T/4oKyXErz+liHp
o5y97tNg8ysMFGa3/bFzqwnmDD5YyD3Vc5Q1zw0NNVpOl6aTcdWx/7cbNAvj6sf3
EXnMYeSfUEiunwNl316/vR3hIdel9wi1eXfkFEGgZFE4aROrBqTaaPnPhKDugsqt
gKVMAHv0b6/2quSJ16hFczLEOfLa+plcwiXgizAM4fkUlIl7yIO8fuR9noIlI0J2
UGd37IEZmHApkErhp+Z0myzs2VQqfG16bM6Qu/au8oEc86XTTRoqgqVtwzcUBnD9
5KrK2pO6D6NOQx4xwdUAimfT0IgmaaOf59JQHJ7cUU6t9J8Kkdj3D69sYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFENi0wNRinR4+3dIv9Rr8qkiMI8UMB8GA1UdIwQY
MBaAFLpRWDavMA98cfcd0YucP1HCUruUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWxGWU5xOHdEM3h4OXgzUmk1d19VY0pTdTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zZjkwODctNTcyYS00YzZjLTgwYmUt
YmM5MTM0NjZkNDNkLzEvUTJMVEExR0tkSGo3ZDBpXzFHdnlxU0l3anhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zZjkwODctNTcyYS00YzZjLTgwYmUtYmM5MTM0NjZkNDNk
LzEvdWxGWU5xOHdEM3h4OXgzUmk1d19VY0pTdTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPkRLMA0E
AgACMAcDBQMqEu3AMA0GCSqGSIb3DQEBCwUAA4IBAQBf0Au4WUYGQEBFKcO6uU2C
mEG9FEGMfqp5BZOmsP10wHHstVdx1BPQLfEke7rXglnJkTSbp2baxUguV4g/bL4h
AuFmHAfvjgjL9LtVcyE6YqX/GmXj6Dt1wwBz9rMNdmzCgMofiRkI6X7g311s0tSR
VXDj/UMVD11wGgLZFtCPA9MVwddeIn7gSL9Kn+qvpkX2Y04lg43of2ChbWaqFBEo
6nPwZQhdAdFDlwJ0WfUXEhTxW0J41eeklCASDPJnEb0RfESm/RD3z/bVnlFMw2pi
BH3gH+T4uwNiCf4Wka4IYJl+yml3MU3BHCwdPARAjKJGx9nsmwQbTPu2Dnwo6IPV
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:38 2025 by rpki-client