Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Q5ryu5UgOXWoGFWpO89T39vkiD8.roa
File: Q5ryu5UgOXWoGFWpO89T39vkiD8.roa (raw, json)
Hash identifier: +n6ErlNvkkmatJ0+AJz3GzCB2a5WlGOhSOjCzGfh9Dc=
Subject key identifier: 43:9A:F2:BB:95:20:39:75:A8:18:55:A9:3B:CF:53:DF:DB:E4:88:3F
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B5612548B9F1F1AEE99ABA82E7F00F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Q5ryu5UgOXWoGFWpO89T39vkiD8.roa
Signing time: Thu 02 Jan 2025 15:49:45 +0000
ROA not before: Thu 02 Jan 2025 15:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a09:6284::/32 maxlen: 32
2a09:e5c0::/32 maxlen: 32
2a09:e5c1::/32 maxlen: 32
2a09:e5c2::/32 maxlen: 32
2a09:e5c3::/32 maxlen: 32
2a09:e5c4::/32 maxlen: 32
2a09:e5c5::/32 maxlen: 32
2a09:e5c6::/32 maxlen: 32
2a0e:b140::/29 maxlen: 29
2a10:4103::/32 maxlen: 32
2a10:4104::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
2a13:93c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:61:25:48:b9:f1:f1:ae:e9:9a:ba:82:e7:f0:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=439af2bb95203975a81855a93bcf53dfdbe4883f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cc:f9:48:ee:f9:42:54:91:72:6b:d5:71:0b:
c9:67:fd:2d:69:f9:fa:5c:b2:69:38:a5:df:d3:12:
b3:9f:e9:6f:9d:b5:f5:90:70:52:b6:24:db:5d:38:
53:56:33:44:57:eb:ac:0e:70:34:85:bb:a6:f7:9f:
b0:cd:06:9e:4b:57:5a:67:5c:41:30:5f:b3:38:5f:
e0:65:5d:0e:ae:00:56:d8:61:5e:99:91:fb:97:a2:
69:c7:f2:75:d6:45:75:ec:71:be:65:3a:01:0a:f6:
3b:74:9e:03:0e:36:7e:f8:94:d3:d3:3b:8a:c3:5e:
c7:f0:73:8f:46:72:cb:ae:d0:8e:c2:51:cc:23:34:
bd:73:a3:30:9d:72:dc:5e:e1:53:fc:b8:ce:b9:a9:
da:4f:63:dd:c3:19:e6:09:4b:c2:71:86:91:20:21:
ff:21:f8:3c:6e:71:9d:ae:8b:31:32:c5:dd:74:58:
9e:be:cc:a4:88:28:d2:15:98:05:32:eb:16:86:24:
42:80:68:ca:9d:79:95:56:38:a5:18:f0:06:a6:13:
fb:3f:38:95:d8:fd:17:15:5e:a4:34:f5:22:9e:7c:
88:bc:50:3a:53:18:31:7d:0a:a2:e1:81:91:fe:b2:
6c:51:51:8d:ca:b0:11:75:17:a3:8a:10:f9:9e:da:
70:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9A:F2:BB:95:20:39:75:A8:18:55:A9:3B:CF:53:DF:DB:E4:88:3F
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Q5ryu5UgOXWoGFWpO89T39vkiD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6284::/32
2a09:e5c0::-2a09:e5c6:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:b140::/29
2a10:4103::-2a10:4104:ffff:ffff:ffff:ffff:ffff:ffff
2a11:4b46::/31
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a346::/32
2a13:93c0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:c7:6f:49:e8:6b:fb:75:30:56:e9:22:ac:f6:e9:d6:08:aa:
ce:13:c0:7d:55:8f:08:1c:4e:99:df:83:0c:1e:da:3f:aa:56:
6b:aa:4b:c6:3c:ff:c6:19:c7:50:b9:35:7c:42:83:4a:e7:67:
07:0c:c6:bb:01:2a:f9:a0:38:8e:f5:40:02:90:bd:65:e7:26:
77:35:5f:0b:cd:4d:23:1e:13:95:2d:9a:1f:7b:bb:d5:cc:29:
6d:6b:47:f1:b5:e6:de:65:56:61:3b:93:ff:bd:12:56:dd:27:
0e:4e:46:36:04:a3:1c:ab:fc:0b:ea:fd:4c:48:12:21:b3:9b:
e9:2a:0c:1d:05:2b:b3:cb:98:ae:2f:3f:d4:a3:0d:c4:71:a0:
a4:5d:71:47:3a:00:51:75:47:69:6c:54:71:a7:b7:3e:c9:5c:
57:e0:a4:d2:05:9d:eb:9a:b6:ac:a5:e9:a7:da:b5:17:2e:12:
ad:3a:1b:1d:e7:bc:41:72:08:2d:79:8a:46:64:12:79:87:9d:
c2:bf:c3:ef:58:91:e3:9d:9c:6b:e9:32:83:73:f4:e7:39:d3:
80:96:d7:de:52:6f:cf:85:94:1a:1d:98:fe:d3:76:ed:00:e9:
bb:ba:1b:5c:dd:01:71:80:b2:2f:77:c3:59:76:96:bb:c5:1b:
ba:db:42:32
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZQntWElSLnx8a7pmrqC5/APMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzlhZjJiYjk1MjAzOTc1YTgxODU1YTkzYmNmNTNkZmRiZTQ4ODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sz5SO75QlSRcmvVcQvJZ/0tafn6
XLJpOKXf0xKzn+lvnbX1kHBStiTbXThTVjNEV+usDnA0hbum95+wzQaeS1daZ1xB
MF+zOF/gZV0OrgBW2GFemZH7l6Jpx/J11kV17HG+ZToBCvY7dJ4DDjZ++JTT0zuK
w17H8HOPRnLLrtCOwlHMIzS9c6MwnXLcXuFT/LjOuanaT2PdwxnmCUvCcYaRICH/
Ifg8bnGdrosxMsXddFievsykiCjSFZgFMusWhiRCgGjKnXmVVjilGPAGphP7PziV
2P0XFV6kNPUinnyIvFA6UxgxfQqi4YGR/rJsUVGNyrARdRejihD5ntpwAwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFEOa8ruVIDl1qBhVqTvPU9/b5Ig/MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvUTVyeXU1VWdPWFdvR0ZXcE84OVQzOXZraUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAAjBTAwUAKglihDAO
AwUGKgnlwAMFACoJ5cYDBQMqDrFAMA4DBQAqEEEDAwUAKhBBBAMFASoRS0YwDgMF
ACoSo0MDBQAqEqNEAwUAKhKjRgMFACoTk8AwDQYJKoZIhvcNAQELBQADggEBAJ3H
b0noa/t1MFbpIqz26dYIqs4TwH1VjwgcTpnfgwwe2j+qVmuqS8Y8/8YZx1C5NXxC
g0rnZwcMxrsBKvmgOI71QAKQvWXnJnc1XwvNTSMeE5Utmh97u9XMKW1rR/G15t5l
VmE7k/+9ElbdJw5ORjYEoxyr/Avq/UxIEiGzm+kqDB0FK7PLmK4vP9SjDcRxoKRd
cUc6AFF1R2lsVHGntz7JXFfgpNIFneuatqyl6afatRcuEq06Gx3nvEFyCC15ikZk
EnmHncK/w+9YkeOdnGvpMoNz9Oc504CW195Sb8+FlBodmP7Tdu0A6bu6G1zdAXGA
si93w1l2lrvFG7rbQjI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:07 2025 by rpki-client