Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/q-ihxTx20OUAnVHNFFcYB5dSVFg.roa
File: q-ihxTx20OUAnVHNFFcYB5dSVFg.roa (raw, json)
Hash identifier: E2e3aiYkFxz102ztqUxfhjzNFXG410Fy4awppSQ4du4=
Subject key identifier: AB:E8:A1:C5:3C:76:D0:E5:00:9D:51:CD:14:57:18:07:97:52:54:58
Certificate issuer: /CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Certificate serial: 019422FB92FDA1E85488B2481C1A9249D91A
Authority key identifier: B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/q-ihxTx20OUAnVHNFFcYB5dSVFg.roa
Signing time: Wed 01 Jan 2025 17:48:20 +0000
ROA not before: Wed 01 Jan 2025 17:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25365
IP address blocks: 2a00:7880:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:92:fd:a1:e8:54:88:b2:48:1c:1a:92:49:d9:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Validity
Not Before: Jan 1 17:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abe8a1c53c76d0e5009d51cd1457180797525458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d1:fe:78:09:c7:88:05:80:79:1a:87:22:b0:
71:66:bc:57:ef:4b:a4:f0:11:cc:60:ec:6b:2a:c1:
f6:e2:bd:46:72:dd:02:17:b2:f3:07:b1:89:96:2d:
80:d2:7e:cd:67:f0:cb:12:e9:09:86:e9:d6:14:c8:
20:3c:3d:2b:c3:5d:4a:3c:90:50:41:06:df:97:42:
58:bb:af:c5:05:1c:33:fd:23:7e:ff:6b:fc:cb:fd:
6c:ba:52:89:36:69:8a:33:b8:88:da:bf:52:f9:98:
c0:74:d1:c9:2f:90:b4:d7:bc:b7:43:5a:1b:1f:c1:
9f:25:2e:3f:b1:09:0a:7e:a3:35:c0:cb:63:0c:95:
e0:d5:86:2b:8c:4b:07:42:9d:44:39:dc:32:69:4c:
87:30:cc:e9:63:58:0c:ff:6f:73:80:8c:d6:a0:cf:
05:45:54:81:77:92:8f:52:7a:40:e4:be:a4:45:eb:
bb:4a:4f:a8:a0:76:98:2f:2c:4a:fb:66:38:54:0e:
ee:4f:5b:e0:e5:16:08:64:ae:a2:d0:a7:58:d0:29:
95:e2:05:7b:48:55:c7:e2:a6:73:65:b0:64:28:ca:
ac:c3:e0:e0:c3:77:68:3e:ae:04:a9:78:7b:03:91:
7d:ab:0e:4a:a2:cb:df:63:dd:46:61:c0:95:eb:4d:
f8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E8:A1:C5:3C:76:D0:E5:00:9D:51:CD:14:57:18:07:97:52:54:58
X509v3 Authority Key Identifier:
keyid:B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/q-ihxTx20OUAnVHNFFcYB5dSVFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:7880:10::/48
Signature Algorithm: sha256WithRSAEncryption
4c:be:81:5b:ab:a6:4a:84:85:15:28:e0:b5:3d:1b:cb:75:01:
f4:f7:52:c9:21:b9:25:5f:7b:06:31:fa:83:e0:08:33:3b:48:
da:b7:b0:8e:b7:ff:3e:ab:92:a1:15:21:e3:34:f1:d8:78:91:
d1:a0:fa:60:9a:28:6c:2f:74:51:63:e5:8b:ed:e5:e8:69:85:
e3:d7:60:02:00:24:c8:c0:b6:b1:0d:a0:e4:d3:5b:5e:c7:21:
d9:ba:b5:cd:f3:a5:31:66:16:34:bc:f1:dc:2a:e5:0d:d8:89:
66:32:8f:08:5d:b8:09:bc:70:c5:f1:b6:c5:82:d0:17:cc:31:
e3:54:cd:73:bc:3c:db:50:b6:20:f2:bf:c2:5f:ed:ff:9a:fc:
f8:ac:8b:6c:bd:a0:aa:8b:1d:c3:08:dc:69:e2:e2:dc:38:2a:
6b:d5:10:0d:f0:43:e1:99:3a:1b:d4:61:14:5e:16:88:ee:c9:
1e:4f:8d:d6:8a:cc:1a:96:38:c2:e1:5a:7d:72:7b:23:61:80:
c6:d8:65:f2:76:bc:55:a3:5a:64:82:64:2d:5b:70:fa:b6:08:
cf:8c:06:f8:9f:31:68:ad:ad:c2:ba:d3:90:79:16:3b:c4:c0:
b6:19:40:26:6a:9a:67:0b:17:f6:b9:a0:89:f4:dc:85:4f:d0:
39:0b:56:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+5L9oehUiLJIHBqSSdkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ODYwMjhjOWZlYjZmMTQyYjNmZWNiNjQ2NjdmNDg4NzRi
YTljMzcwHhcNMjUwMTAxMTc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmU4YTFjNTNjNzZkMGU1MDA5ZDUxY2QxNDU3MTgwNzk3NTI1NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNH+eAnHiAWAeRqHIrBxZrxX70uk
8BHMYOxrKsH24r1Gct0CF7LzB7GJli2A0n7NZ/DLEukJhunWFMggPD0rw11KPJBQ
QQbfl0JYu6/FBRwz/SN+/2v8y/1sulKJNmmKM7iI2r9S+ZjAdNHJL5C017y3Q1ob
H8GfJS4/sQkKfqM1wMtjDJXg1YYrjEsHQp1EOdwyaUyHMMzpY1gM/29zgIzWoM8F
RVSBd5KPUnpA5L6kReu7Sk+ooHaYLyxK+2Y4VA7uT1vg5RYIZK6i0KdY0CmV4gV7
SFXH4qZzZbBkKMqsw+Dgw3doPq4EqXh7A5F9qw5KosvfY91GYcCV60348wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKvoocU8dtDlAJ1RzRRXGAeXUlRYMB8GA1UdIwQY
MBaAFLmGAoyf628UKz/stkZn9Ih0upw3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYt
M2E0NDY4YzRkZmRmLzEvcS1paHhUeDIwT1VBblZITkZGY1lCNWRTVkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYtM2E0NDY4YzRkZmRm
LzEvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgB4gAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBMvoFbq6ZKhIUVKOC1PRvLdQH091LJIbklX3sG
MfqD4AgzO0jat7COt/8+q5KhFSHjNPHYeJHRoPpgmihsL3RRY+WL7eXoaYXj12AC
ACTIwLaxDaDk01texyHZurXN86UxZhY0vPHcKuUN2IlmMo8IXbgJvHDF8bbFgtAX
zDHjVM1zvDzbULYg8r/CX+3/mvz4rItsvaCqix3DCNxp4uLcOCpr1RAN8EPhmTob
1GEUXhaI7skeT43WiswaljjC4Vp9cnsjYYDG2GXydrxVo1pkgmQtW3D6tgjPjAb4
nzFora3CutOQeRY7xMC2GUAmappnCxf2uaCJ9NyFT9A5C1bS
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:35 2025 by rpki-client