Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/QBe6vAE6rYSA8KCQoO7i8f2keWY.roa
File: QBe6vAE6rYSA8KCQoO7i8f2keWY.roa (raw, json)
Hash identifier: /ZgtoN8+dacZMoQUvXB0j9wPVe+O1WRxUSH58QMyIv8=
Subject key identifier: 40:17:BA:BC:01:3A:AD:84:80:F0:A0:90:A0:EE:E2:F1:FD:A4:79:66
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 0194258F616C7AF34670EBC2D1AC9C7DD12F
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/QBe6vAE6rYSA8KCQoO7i8f2keWY.roa
Signing time: Thu 02 Jan 2025 05:49:01 +0000
ROA not before: Thu 02 Jan 2025 05:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 212.30.36.0/24 maxlen: 24
212.30.37.0/24 maxlen: 24
212.30.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:61:6c:7a:f3:46:70:eb:c2:d1:ac:9c:7d:d1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 2 05:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4017babc013aad8480f0a090a0eee2f1fda47966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:69:9c:0f:c0:87:cc:cb:99:b3:d9:e0:53:dd:
4e:8a:a9:22:30:4f:97:0c:b0:af:01:c3:1b:e9:5c:
2e:c1:83:2e:e7:4c:33:17:c7:fc:91:95:2f:51:96:
3e:4b:1c:3f:fc:cc:ec:f3:43:0f:25:d9:85:2b:f4:
b3:7a:9a:bd:81:08:a3:ef:e8:fa:ff:69:c6:39:f5:
49:2e:a6:7e:af:a3:26:ea:5d:1b:ed:1d:33:e3:4c:
f3:2f:7a:d0:bd:d7:46:3d:3e:ae:2e:19:a6:06:25:
60:0e:07:7b:05:95:74:b7:c3:d2:73:b1:bd:44:9b:
dd:99:2b:d9:62:39:8f:30:1f:94:e8:a9:fb:a9:e2:
8a:e7:75:c6:9c:aa:c1:0b:bc:36:ce:61:c7:01:81:
90:85:35:6d:63:df:3c:b4:3c:9a:e7:26:08:7e:df:
06:57:09:d0:43:9b:42:ba:4d:fd:a0:8f:73:6d:12:
5a:1b:3b:59:4a:5a:00:74:a8:d0:4b:cb:b2:5f:9d:
0a:17:11:37:df:f3:fd:85:ce:a6:ec:78:d4:dd:12:
04:2f:e4:86:48:ea:4c:f1:5c:17:ad:3a:9f:ce:cb:
2b:8a:f1:32:f1:dc:3a:dc:e6:2a:1e:6c:be:13:75:
88:c3:eb:3b:37:37:03:70:25:29:9c:a0:1a:5f:15:
e2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:17:BA:BC:01:3A:AD:84:80:F0:A0:90:A0:EE:E2:F1:FD:A4:79:66
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/QBe6vAE6rYSA8KCQoO7i8f2keWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.36.0/23
212.30.63.0/24
Signature Algorithm: sha256WithRSAEncryption
25:fe:d7:43:15:1b:f5:04:e4:d5:da:09:22:21:f9:71:08:40:
d6:a2:d2:dc:bb:4a:4c:6f:9f:07:50:26:90:e3:3c:c4:f0:16:
23:00:8d:ad:24:eb:42:12:68:1e:5a:09:75:60:33:d8:cc:be:
28:97:de:de:53:d9:e0:18:91:23:71:9f:ca:81:34:a3:bf:ff:
83:6d:a8:26:63:b3:80:be:76:3b:ab:d7:7d:16:f9:c7:8a:7d:
50:4f:70:15:9c:4b:a1:af:b5:94:97:7c:7b:2a:fa:17:3e:92:
42:31:6b:ad:22:58:23:b5:a4:bb:1c:ef:62:cf:8c:5f:a4:ca:
9e:78:20:5f:ed:1e:6d:15:53:01:d7:ca:d8:bb:8b:7b:77:3c:
7d:b2:71:b5:4b:b1:84:32:9b:67:ea:44:fc:cc:98:c8:9a:04:
45:c9:55:68:2c:5f:d7:43:a5:bd:da:a5:0f:8e:d9:87:45:33:
76:f5:63:17:5e:01:bf:1b:1f:67:b0:77:34:37:c4:b6:83:2b:
03:e3:88:69:94:cb:d1:72:c6:30:ae:62:64:c5:1b:da:e6:85:
b8:9a:d8:eb:68:46:f5:ab:94:37:11:4a:4f:2a:2d:d8:c8:29:
b6:5c:e1:63:36:4e:89:c2:cd:f8:b4:b4:ed:42:54:ce:48:73:
86:bc:76:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj2FsevNGcOvC0aycfdEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjUwMTAyMDU0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDE3YmFiYzAxM2FhZDg0ODBmMGEwOTBhMGVlZTJmMWZkYTQ3OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmmcD8CHzMuZs9ngU91OiqkiME+X
DLCvAcMb6VwuwYMu50wzF8f8kZUvUZY+Sxw//Mzs80MPJdmFK/Szepq9gQij7+j6
/2nGOfVJLqZ+r6Mm6l0b7R0z40zzL3rQvddGPT6uLhmmBiVgDgd7BZV0t8PSc7G9
RJvdmSvZYjmPMB+U6Kn7qeKK53XGnKrBC7w2zmHHAYGQhTVtY988tDya5yYIft8G
VwnQQ5tCuk39oI9zbRJaGztZSloAdKjQS8uyX50KFxE33/P9hc6m7HjU3RIEL+SG
SOpM8VwXrTqfzssrivEy8dw63OYqHmy+E3WIw+s7NzcDcCUpnKAaXxXibQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEAXurwBOq2EgPCgkKDu4vH9pHlmMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvUUJlNnZBRTZyWVNBOEtDUW9PN2k4ZjJrZVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1B4kAwQA
1B4/MA0GCSqGSIb3DQEBCwUAA4IBAQAl/tdDFRv1BOTV2gkiIflxCEDWotLcu0pM
b58HUCaQ4zzE8BYjAI2tJOtCEmgeWgl1YDPYzL4ol97eU9ngGJEjcZ/KgTSjv/+D
bagmY7OAvnY7q9d9FvnHin1QT3AVnEuhr7WUl3x7KvoXPpJCMWutIlgjtaS7HO9i
z4xfpMqeeCBf7R5tFVMB18rYu4t7dzx9snG1S7GEMptn6kT8zJjImgRFyVVoLF/X
Q6W92qUPjtmHRTN29WMXXgG/Gx9nsHc0N8S2gysD44hplMvRcsYwrmJkxRva5oW4
mtjraEb1q5Q3EUpPKi3YyCm2XOFjNk6Jws34tLTtQlTOSHOGvHaD
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:33:49 2025 by rpki-client