Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/6QZXrPa3sBN80OwKH97Qmpz11-w.roa
File: 6QZXrPa3sBN80OwKH97Qmpz11-w.roa (raw, json)
Hash identifier: UdHrwly/eXNnDWvZzXVWVnCJ0eO0DldyC6uMO4NJQeg=
Subject key identifier: E9:06:57:AC:F6:B7:B0:13:7C:D0:EC:0A:1F:DE:D0:9A:9C:F5:D7:EC
Certificate issuer: /CN=31cb00d2f84401810c3200b52fa388e93651ddf3
Certificate serial: 019420D66594E64A07000E6979872E0B48EC
Authority key identifier: 31:CB:00:D2:F8:44:01:81:0C:32:00:B5:2F:A3:88:E9:36:51:DD:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/McsA0vhEAYEMMgC1L6OI6TZR3fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/6QZXrPa3sBN80OwKH97Qmpz11-w.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44419
IP address blocks: 188.127.128.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:65:94:e6:4a:07:00:0e:69:79:87:2e:0b:48:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31cb00d2f84401810c3200b52fa388e93651ddf3
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e90657acf6b7b0137cd0ec0a1fded09a9cf5d7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1f:cf:47:73:d6:46:08:83:a4:7c:af:44:34:
9c:e0:19:99:b5:87:52:4f:c5:81:01:26:f2:9b:00:
7a:b1:a4:58:58:50:d0:1c:ff:e0:2f:e0:6f:15:46:
cf:d8:cf:9a:ed:92:e4:9d:ad:dd:be:ff:46:37:4c:
8b:a4:7d:ef:d2:18:1c:02:b3:bc:95:2b:f1:69:b9:
76:8b:d7:66:af:d8:eb:a0:18:39:61:10:7b:4a:6d:
a5:f6:52:c3:12:8f:b1:0f:f9:e7:d7:62:02:8f:dc:
10:55:29:b3:50:db:cf:53:5a:f5:d0:4f:11:1e:e5:
a3:28:09:e3:39:71:2d:e0:bf:f3:c2:2b:49:08:e7:
d2:c8:27:6b:66:4a:d9:60:5d:3d:2b:c5:d9:9d:f6:
44:3c:36:ed:d0:27:46:1a:0b:cb:bd:08:4f:a7:87:
93:5d:0e:e8:06:7a:ef:ce:c6:6f:9c:2b:3c:8b:2b:
46:66:91:7d:d5:db:f6:a1:ac:50:e6:d1:7d:45:2d:
41:6d:ef:24:3e:ce:03:40:79:1e:e4:73:b3:49:64:
d9:e8:4e:5d:3d:03:8b:00:ae:d3:2e:4a:45:6f:1f:
76:55:fe:30:c4:b4:98:25:3e:b6:d3:6b:61:15:c2:
f8:39:e0:1e:1c:05:fd:84:2a:15:16:84:86:57:12:
04:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:06:57:AC:F6:B7:B0:13:7C:D0:EC:0A:1F:DE:D0:9A:9C:F5:D7:EC
X509v3 Authority Key Identifier:
keyid:31:CB:00:D2:F8:44:01:81:0C:32:00:B5:2F:A3:88:E9:36:51:DD:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/McsA0vhEAYEMMgC1L6OI6TZR3fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/6QZXrPa3sBN80OwKH97Qmpz11-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ee9519-ff61-4679-9015-80e427596b5d/1/McsA0vhEAYEMMgC1L6OI6TZR3fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.127.128.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:88:e3:07:a5:76:9f:21:26:11:8d:a4:8c:4c:fd:1d:df:ab:
5b:e1:5e:38:a4:34:ff:59:ed:5b:2d:78:61:20:da:4b:96:0d:
74:d4:98:0a:4c:f8:cf:06:5e:27:a4:b9:43:fb:93:9a:8f:bd:
85:82:83:b7:27:5a:30:2a:96:ac:b3:65:31:99:49:ab:7b:3d:
5c:4d:7d:75:e8:25:d7:b9:fa:6c:75:be:2f:eb:18:6c:48:d2:
bd:83:8b:d8:eb:8e:0f:b3:91:96:75:aa:8b:2e:c4:68:bd:bc:
1c:ee:bd:6a:51:11:ea:5a:a3:ff:3a:b2:c8:fd:15:91:46:0f:
c0:a8:53:15:c1:57:02:61:32:a5:7e:aa:cb:44:39:06:c7:37:
8a:e4:87:e2:38:26:4b:49:fe:b9:77:ce:27:d4:71:78:45:3c:
06:1b:72:08:67:a8:06:2f:58:4d:1f:19:bf:07:67:91:95:51:
88:29:08:b6:f3:41:d5:01:fb:25:97:11:40:66:0d:41:03:33:
1b:11:dd:5c:13:75:0c:63:86:e7:5c:f5:2b:94:e3:66:fe:49:
05:91:fe:2b:11:47:97:71:81:27:50:55:0d:38:a9:a4:12:b1:
b7:98:c9:e9:d5:dc:13:21:4d:d4:a8:68:48:41:14:5a:98:7c:
dd:c0:e0:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1mWU5koHAA5peYcuC0jsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxY2IwMGQyZjg0NDAxODEwYzMyMDBiNTJmYTM4OGU5MzY1
MWRkZjMwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTA2NTdhY2Y2YjdiMDEzN2NkMGVjMGExZmRlZDA5YTljZjVkN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1B/PR3PWRgiDpHyvRDSc4BmZtYdS
T8WBASbymwB6saRYWFDQHP/gL+BvFUbP2M+a7ZLkna3dvv9GN0yLpH3v0hgcArO8
lSvxabl2i9dmr9jroBg5YRB7Sm2l9lLDEo+xD/nn12ICj9wQVSmzUNvPU1r10E8R
HuWjKAnjOXEt4L/zwitJCOfSyCdrZkrZYF09K8XZnfZEPDbt0CdGGgvLvQhPp4eT
XQ7oBnrvzsZvnCs8iytGZpF91dv2oaxQ5tF9RS1Bbe8kPs4DQHke5HOzSWTZ6E5d
PQOLAK7TLkpFbx92Vf4wxLSYJT6202thFcL4OeAeHAX9hCoVFoSGVxIEBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOkGV6z2t7ATfNDsCh/e0Jqc9dfsMB8GA1UdIwQY
MBaAFDHLANL4RAGBDDIAtS+jiOk2Ud3zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWNzQTB2aEVBWUVNTWdDMUw2T0k2VFpSM2ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZTk1MTktZmY2MS00Njc5LTkwMTUt
ODBlNDI3NTk2YjVkLzEvNlFaWHJQYTNzQk44ME93S0g5N1FtcHoxMS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZTk1MTktZmY2MS00Njc5LTkwMTUtODBlNDI3NTk2YjVk
LzEvTWNzQTB2aEVBWUVNTWdDMUw2T0k2VFpSM2ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFvH+AMA0G
CSqGSIb3DQEBCwUAA4IBAQAeiOMHpXafISYRjaSMTP0d36tb4V44pDT/We1bLXhh
INpLlg101JgKTPjPBl4npLlD+5Oaj72FgoO3J1owKpass2UxmUmrez1cTX116CXX
ufpsdb4v6xhsSNK9g4vY644Ps5GWdaqLLsRovbwc7r1qURHqWqP/OrLI/RWRRg/A
qFMVwVcCYTKlfqrLRDkGxzeK5IfiOCZLSf65d84n1HF4RTwGG3IIZ6gGL1hNHxm/
B2eRlVGIKQi280HVAfsllxFAZg1BAzMbEd1cE3UMY4bnXPUrlONm/kkFkf4rEUeX
cYEnUFUNOKmkErG3mMnp1dwTIU3UqGhIQRRamHzdwOCM
-----END CERTIFICATE-----
Generated at Sat Apr 26 02:09:25 2025 by rpki-client