Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/rq0QSGPYNrEzw6-22i_TjD_5ytM.roa
File: rq0QSGPYNrEzw6-22i_TjD_5ytM.roa (raw, json)
Hash identifier: GZherMDntzrMQ22JN8aWo0GpEMJ9AqPJdM6Y8aGsT1I=
Subject key identifier: AE:AD:10:48:63:D8:36:B1:33:C3:AF:B6:DA:2F:D3:8C:3F:F9:CA:D3
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 0194221FF3C4D2DF54B3871FB02CFEF86D07
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/rq0QSGPYNrEzw6-22i_TjD_5ytM.roa
Signing time: Wed 01 Jan 2025 13:48:26 +0000
ROA not before: Wed 01 Jan 2025 13:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212390
IP address blocks: 2a04:2b00:14dd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f3:c4:d2:df:54:b3:87:1f:b0:2c:fe:f8:6d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 13:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aead104863d836b133c3afb6da2fd38c3ff9cad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d8:f7:95:b7:41:2c:63:56:3e:92:ee:6b:c0:
ff:4a:bc:65:32:95:de:1e:f8:3b:61:3c:10:8e:fa:
90:d5:8e:4b:b7:a3:98:b5:f8:45:5c:9b:39:b5:11:
3f:32:af:7b:c8:78:48:9c:ec:6e:0d:7d:01:16:46:
c7:bb:5b:e9:4f:4a:93:d0:16:56:f6:74:42:9c:e6:
43:ac:3e:2c:b7:f2:7e:4f:a9:5f:2b:96:b3:c0:11:
3a:2b:eb:ea:6b:4b:9c:f3:a1:36:af:45:fd:a1:31:
c9:72:94:67:dc:31:63:5b:5f:8c:24:38:26:79:dd:
2a:92:3d:26:86:2f:66:71:e7:cf:57:73:b3:f4:e9:
80:c6:f1:58:32:23:ef:44:ea:62:41:aa:ff:b9:d2:
10:f7:62:f4:6a:ed:c0:f9:d4:ff:5b:49:ac:e3:52:
f8:f3:9e:45:2b:e1:d7:2f:f4:73:32:7a:01:b1:2c:
64:8f:04:b6:78:a8:1e:b1:88:4b:6e:bc:1c:8e:be:
97:51:fc:37:be:0b:1a:75:94:4e:31:22:81:51:19:
18:8b:08:d1:3d:ab:f5:a0:62:24:ca:88:45:44:09:
f2:71:09:87:4c:42:30:96:d8:50:2a:55:b9:58:29:
55:33:57:c2:a7:8c:35:b9:fc:22:5c:0e:39:86:57:
b5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AD:10:48:63:D8:36:B1:33:C3:AF:B6:DA:2F:D3:8C:3F:F9:CA:D3
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/rq0QSGPYNrEzw6-22i_TjD_5ytM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:14dd::/48
Signature Algorithm: sha256WithRSAEncryption
6c:57:00:79:e8:ce:06:51:bd:04:74:ab:d4:26:85:96:fc:49:
74:d6:d0:be:7c:de:24:b9:41:c2:0f:ac:72:27:9b:7f:0e:43:
01:f3:13:58:d5:70:b2:b4:d8:85:de:02:5d:de:6b:a5:f9:1e:
83:e4:62:da:c4:08:27:f8:b7:a1:56:12:6e:c7:3f:98:9c:67:
6a:2b:62:0b:f1:7d:43:a1:5a:3f:ba:cf:54:9b:47:07:42:a3:
8c:d2:fa:c8:1f:88:11:6e:89:99:7c:84:fa:99:ff:2f:19:7a:
11:69:a8:b8:9e:2d:25:10:28:37:e9:09:e0:ac:4f:1d:68:3e:
de:b9:5b:02:cd:a6:a2:6a:a4:ba:59:be:ff:19:9a:fa:65:de:
33:0e:38:b0:eb:9f:5e:95:3d:95:16:b8:ab:05:13:45:7e:05:
ba:ba:6b:72:18:f7:b7:ff:5c:12:ba:59:f4:46:7d:ec:ec:38:
23:00:a4:79:52:0b:95:9e:74:a6:43:29:81:07:eb:96:10:01:
70:3c:68:4f:05:1c:2a:95:60:fd:b8:ab:f9:20:b3:1e:35:d0:
0d:ec:7e:fe:dc:a0:51:57:c4:03:41:2a:28:f2:29:f1:de:cb:
a2:b7:36:4d:49:5f:c3:6d:68:75:d6:f6:b0:45:b4:1d:37:0a:
cb:cf:3e:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH/PE0t9Us4cfsCz++G0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjUwMTAxMTM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWFkMTA0ODYzZDgzNmIxMzNjM2FmYjZkYTJmZDM4YzNmZjljYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Nj3lbdBLGNWPpLua8D/SrxlMpXe
Hvg7YTwQjvqQ1Y5Lt6OYtfhFXJs5tRE/Mq97yHhInOxuDX0BFkbHu1vpT0qT0BZW
9nRCnOZDrD4st/J+T6lfK5azwBE6K+vqa0uc86E2r0X9oTHJcpRn3DFjW1+MJDgm
ed0qkj0mhi9mcefPV3Oz9OmAxvFYMiPvROpiQar/udIQ92L0au3A+dT/W0ms41L4
855FK+HXL/RzMnoBsSxkjwS2eKgesYhLbrwcjr6XUfw3vgsadZROMSKBURkYiwjR
Pav1oGIkyohFRAnycQmHTEIwlthQKlW5WClVM1fCp4w1ufwiXA45hle1UQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK6tEEhj2DaxM8Ovttov04w/+crTMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvcnEwUVNHUFlOckV6dzYtMjJpX1RqRF81eXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgQrABTd
MA0GCSqGSIb3DQEBCwUAA4IBAQBsVwB56M4GUb0EdKvUJoWW/El01tC+fN4kuUHC
D6xyJ5t/DkMB8xNY1XCytNiF3gJd3mul+R6D5GLaxAgn+LehVhJuxz+YnGdqK2IL
8X1DoVo/us9Um0cHQqOM0vrIH4gRbomZfIT6mf8vGXoRaai4ni0lECg36QngrE8d
aD7euVsCzaaiaqS6Wb7/GZr6Zd4zDjiw659elT2VFrirBRNFfgW6umtyGPe3/1wS
uln0Rn3s7DgjAKR5UguVnnSmQymBB+uWEAFwPGhPBRwqlWD9uKv5ILMeNdAN7H7+
3KBRV8QDQSoo8inx3suitzZNSV/DbWh11vawRbQdNwrLzz4u
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:12:16 2025 by rpki-client