Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/QlCwyQKF71fuohxKobdXyGZU--o.roa
File: QlCwyQKF71fuohxKobdXyGZU--o.roa (raw, json)
Hash identifier: N/eSkZcDwZffzOIdUdxhPBMt3dshG8LnVO3fiqCtOvc=
Subject key identifier: 42:50:B0:C9:02:85:EF:57:EE:A2:1C:4A:A1:B7:57:C8:66:54:FB:EA
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 019421445FF0F0BFDD01905952A97FE525F6
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/QlCwyQKF71fuohxKobdXyGZU--o.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215236
IP address blocks: 2a06:d1c1:80::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5f:f0:f0:bf:dd:01:90:59:52:a9:7f:e5:25:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4250b0c90285ef57eea21c4aa1b757c86654fbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:99:70:aa:13:ff:05:a4:a0:bf:4e:f1:22:f0:
08:20:f1:3c:ad:78:a0:b5:d7:e8:6b:e3:11:ff:fb:
e1:c2:9c:04:05:21:11:85:00:62:eb:26:1e:ed:f2:
09:8f:cb:e8:20:3a:ac:7d:9f:1c:bf:2b:13:5e:65:
ae:a2:ac:78:21:cf:63:26:c7:12:e4:7e:ec:0b:85:
7e:6b:82:bf:6f:46:f3:8b:ee:57:32:26:e6:67:c3:
31:d3:d9:0f:c3:4a:38:3e:3a:18:3b:21:a9:8f:f6:
d5:28:c0:d2:79:89:9b:7b:0d:0d:f4:1b:dd:b5:57:
f9:3d:34:01:67:ec:47:10:6c:81:89:ee:f0:b0:ac:
71:07:be:17:22:4f:d6:31:dc:2d:bf:d6:bd:c9:c4:
e4:08:ba:25:43:46:0d:0c:48:3a:b6:bd:19:95:b8:
6a:2f:f8:65:b2:b6:f9:a0:33:de:a0:7a:de:fe:86:
c4:46:63:86:60:e8:2b:ac:e3:71:c4:fa:02:8f:c5:
d0:3b:3e:20:22:ff:12:e5:16:7a:18:5d:1a:d4:33:
04:72:59:00:3d:82:76:34:a8:a9:70:8d:6d:63:06:
19:03:b5:fa:42:b4:83:bc:5f:b3:c0:f4:db:b9:62:
59:c7:55:e8:d1:0f:ae:34:37:4f:62:d4:98:3d:c1:
d8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:50:B0:C9:02:85:EF:57:EE:A2:1C:4A:A1:B7:57:C8:66:54:FB:EA
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/QlCwyQKF71fuohxKobdXyGZU--o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d1c1:80::/44
Signature Algorithm: sha256WithRSAEncryption
04:02:b0:0e:6f:dc:24:e8:50:79:1e:71:ce:a0:cb:89:64:30:
a7:0c:62:24:05:30:ae:2e:85:e3:c5:11:bd:0f:9d:b7:a0:be:
7a:6f:58:b1:b9:f4:85:00:da:4b:e4:be:22:8d:ae:0f:b1:cc:
91:c2:aa:46:6d:0b:18:62:a9:e7:be:65:b6:2a:23:39:60:70:
63:37:1f:02:be:fa:15:5e:22:ce:21:a2:c9:4f:7f:d4:a0:6d:
28:96:f6:ce:fb:22:b3:89:d8:60:66:04:ba:19:2f:b0:ce:a8:
89:ba:5b:2a:dc:6f:7e:1f:44:ad:a8:0b:94:a3:9b:56:c7:d8:
71:6b:cd:fb:bf:74:fc:9f:74:2b:61:38:7d:c8:8f:8a:d6:3b:
b7:40:16:ca:be:98:39:91:39:3e:2d:fb:56:96:3a:59:d6:fe:
44:6e:5b:c3:97:e8:e1:46:38:d5:28:9d:80:9d:e3:76:ff:e3:
99:a7:e6:cc:54:94:3f:b4:7f:bf:cb:63:26:db:d3:f2:87:20:
62:5d:52:2c:49:62:c3:49:2d:f1:91:62:64:94:21:cc:21:77:
c4:6a:6b:cd:23:5f:af:c2:58:40:88:e4:79:d1:4f:5b:f3:0a:
01:df:00:02:20:e6:0e:e5:d2:98:ab:0c:1c:07:d3:2f:46:e4:
a5:8e:9b:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRF/w8L/dAZBZUql/5SX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjUwYjBjOTAyODVlZjU3ZWVhMjFjNGFhMWI3NTdjODY2NTRmYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1plwqhP/BaSgv07xIvAIIPE8rXig
tdfoa+MR//vhwpwEBSERhQBi6yYe7fIJj8voIDqsfZ8cvysTXmWuoqx4Ic9jJscS
5H7sC4V+a4K/b0bzi+5XMibmZ8Mx09kPw0o4PjoYOyGpj/bVKMDSeYmbew0N9Bvd
tVf5PTQBZ+xHEGyBie7wsKxxB74XIk/WMdwtv9a9ycTkCLolQ0YNDEg6tr0Zlbhq
L/hlsrb5oDPeoHre/obERmOGYOgrrONxxPoCj8XQOz4gIv8S5RZ6GF0a1DMEclkA
PYJ2NKipcI1tYwYZA7X6QrSDvF+zwPTbuWJZx1Xo0Q+uNDdPYtSYPcHY9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEJQsMkChe9X7qIcSqG3V8hmVPvqMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvUWxDd3lRS0Y3MWZ1b2h4S29iZFh5R1pVLS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbRwQCA
MA0GCSqGSIb3DQEBCwUAA4IBAQAEArAOb9wk6FB5HnHOoMuJZDCnDGIkBTCuLoXj
xRG9D523oL56b1ixufSFANpL5L4ija4PscyRwqpGbQsYYqnnvmW2KiM5YHBjNx8C
vvoVXiLOIaLJT3/UoG0olvbO+yKzidhgZgS6GS+wzqiJulsq3G9+H0StqAuUo5tW
x9hxa837v3T8n3QrYTh9yI+K1ju3QBbKvpg5kTk+LftWljpZ1v5EblvDl+jhRjjV
KJ2AneN2/+OZp+bMVJQ/tH+/y2Mm29PyhyBiXVIsSWLDSS3xkWJklCHMIXfEamvN
I1+vwlhAiOR50U9b8woB3wACIOYO5dKYqwwcB9MvRuSljpvZ
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:38:42 2025 by rpki-client