Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/QnP3rjSXAya4q111ORTc4fWOKy4.roa
File: QnP3rjSXAya4q111ORTc4fWOKy4.roa (raw, json)
Hash identifier: rjVxk7JBDVCRVwFh1RMiJlF4usn4gdiKDrFhNu7yCVQ=
Subject key identifier: 42:73:F7:AE:34:97:03:26:B8:AB:5D:75:39:14:DC:E1:F5:8E:2B:2E
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B56C468F357F42A47EB896175AB1FA
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/QnP3rjSXAya4q111ORTc4fWOKy4.roa
Signing time: Thu 02 Jan 2025 15:49:48 +0000
ROA not before: Thu 02 Jan 2025 15:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203493
IP address blocks: 2a09:6280:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:6c:46:8f:35:7f:42:a4:7e:b8:96:17:5a:b1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4273f7ae34970326b8ab5d753914dce1f58e2b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:30:e8:c3:ba:13:67:13:d5:bd:10:ed:ff:8e:
14:97:57:06:f1:dc:83:c8:22:8a:bf:f3:dc:51:c3:
a2:5e:7e:97:95:41:e8:18:5a:df:bc:89:1d:3e:3e:
d0:60:e7:7b:ae:51:1c:a0:36:0f:59:e1:f2:39:93:
71:f3:b5:07:74:ba:3d:4e:1d:97:27:32:29:51:29:
49:32:b8:81:c8:86:93:f6:ab:9f:83:ec:de:4b:27:
40:95:1e:b1:55:b8:27:bc:8b:d5:eb:5e:63:97:2f:
29:9f:c7:ef:ee:eb:3f:cc:8b:49:ee:15:53:20:ff:
a6:c5:da:44:a3:73:2a:58:db:51:33:bd:23:4b:5f:
6d:6c:5b:3b:a5:ea:6d:7a:f9:f8:31:92:98:2a:9d:
6a:60:60:03:13:06:d8:29:80:40:ed:ee:5b:bb:c1:
df:61:72:1f:6e:67:24:71:db:63:b5:d5:34:74:4c:
bb:47:99:63:69:69:d6:fa:b8:b2:0b:74:6e:16:d1:
ce:4b:97:68:cf:9b:44:c5:95:b0:51:22:97:92:db:
89:e9:c4:6a:78:a7:0e:e9:6b:ca:88:88:30:5c:79:
4f:86:13:a3:46:62:7c:91:f9:36:d5:cf:7b:7a:83:
2a:0c:76:38:79:e1:1a:5e:4e:a1:96:22:b3:31:6b:
c9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:73:F7:AE:34:97:03:26:B8:AB:5D:75:39:14:DC:E1:F5:8E:2B:2E
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/QnP3rjSXAya4q111ORTc4fWOKy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6280:3::/48
Signature Algorithm: sha256WithRSAEncryption
52:4a:22:08:6b:a6:22:5d:e5:4d:12:d8:cd:3a:0b:cd:ac:03:
14:ac:fa:1b:b1:a7:ab:a0:88:54:47:e9:7a:43:82:eb:31:f1:
41:c9:f8:c4:18:e8:e7:14:d1:56:11:51:5d:9d:62:dc:9d:e2:
1b:aa:89:36:e4:7a:f7:65:5f:e8:d1:ee:55:30:86:35:a6:40:
90:55:6d:7f:df:74:d3:28:b0:99:09:ab:06:3d:d8:6d:80:1c:
f7:8a:50:2b:20:81:1b:3a:8f:6d:2c:bf:89:00:ab:2a:c8:28:
61:90:8f:47:64:39:d6:79:1f:28:e1:17:7f:af:cf:1c:a4:05:
50:32:c9:d4:7c:01:e9:9e:ab:a0:c1:a1:4b:68:b0:fb:f4:3f:
6d:32:d5:12:cf:f6:c1:47:be:91:d2:2a:b5:79:7f:e9:42:82:
bb:e8:15:96:be:f0:e0:0e:5e:11:5a:64:63:f3:dc:15:61:e8:
c7:90:af:16:e8:bf:0d:ef:00:2a:15:8d:27:e2:36:d6:75:8c:
30:18:94:48:5f:20:3b:0e:47:16:d4:25:d4:21:b0:58:12:43:
26:f9:bf:fa:98:a4:2a:d6:bd:f0:89:1d:af:f4:9f:50:42:44:
f3:d6:c7:f2:fb:e7:06:9b:04:30:c0:d8:92:b8:ae:c7:2a:0a:
5c:d9:f0:22
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntWxGjzV/QqR+uJYXWrH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjczZjdhZTM0OTcwMzI2YjhhYjVkNzUzOTE0ZGNlMWY1OGUyYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTDow7oTZxPVvRDt/44Ul1cG8dyD
yCKKv/PcUcOiXn6XlUHoGFrfvIkdPj7QYOd7rlEcoDYPWeHyOZNx87UHdLo9Th2X
JzIpUSlJMriByIaT9qufg+zeSydAlR6xVbgnvIvV615jly8pn8fv7us/zItJ7hVT
IP+mxdpEo3MqWNtRM70jS19tbFs7peptevn4MZKYKp1qYGADEwbYKYBA7e5bu8Hf
YXIfbmckcdtjtdU0dEy7R5ljaWnW+riyC3RuFtHOS5doz5tExZWwUSKXktuJ6cRq
eKcO6WvKiIgwXHlPhhOjRmJ8kfk21c97eoMqDHY4eeEaXk6hliKzMWvJuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEJz9640lwMmuKtddTkU3OH1jisuMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvUW5QM3JqU1hBeWE0cTExMU9SVGM0ZldPS3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgligAAD
MA0GCSqGSIb3DQEBCwUAA4IBAQBSSiIIa6YiXeVNEtjNOgvNrAMUrPobsaeroIhU
R+l6Q4LrMfFByfjEGOjnFNFWEVFdnWLcneIbqok25Hr3ZV/o0e5VMIY1pkCQVW1/
33TTKLCZCasGPdhtgBz3ilArIIEbOo9tLL+JAKsqyChhkI9HZDnWeR8o4Rd/r88c
pAVQMsnUfAHpnqugwaFLaLD79D9tMtUSz/bBR76R0iq1eX/pQoK76BWWvvDgDl4R
WmRj89wVYejHkK8W6L8N7wAqFY0n4jbWdYwwGJRIXyA7DkcW1CXUIbBYEkMm+b/6
mKQq1r3wiR2v9J9QQkTz1sfy++cGmwQwwNiSuK7HKgpc2fAi
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:37 2025 by rpki-client