Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/qcI0xgzGH7hMBr0NX1qxJT5Yq20.roa
File: qcI0xgzGH7hMBr0NX1qxJT5Yq20.roa (raw, json)
Hash identifier: NMb9DDG1I4uoDnTSNrOwSazV1iEG7Jn5atQjCvyrEBk=
Subject key identifier: A9:C2:34:C6:0C:C6:1F:B8:4C:06:BD:0D:5F:5A:B1:25:3E:58:AB:6D
Certificate issuer: /CN=1ebe3e521407f597f255f3fb4e0b569c32083552
Certificate serial: 01942521672FBC1B84A218EC117FFE7FE3FF
Authority key identifier: 1E:BE:3E:52:14:07:F5:97:F2:55:F3:FB:4E:0B:56:9C:32:08:35:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/qcI0xgzGH7hMBr0NX1qxJT5Yq20.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43728
IP address blocks: 78.31.0.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:67:2f:bc:1b:84:a2:18:ec:11:7f:fe:7f:e3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ebe3e521407f597f255f3fb4e0b569c32083552
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9c234c60cc61fb84c06bd0d5f5ab1253e58ab6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:75:74:48:f6:65:f8:6e:92:5b:a0:32:cf:34:
ed:e2:6c:2c:05:25:75:21:52:a1:d3:23:bf:d3:66:
5f:01:4e:05:05:0e:eb:f9:d6:97:f7:9c:8c:68:78:
0a:63:4c:40:ba:cd:f4:d0:bb:3b:c3:64:aa:0f:e7:
5d:a9:49:9b:37:68:3d:63:99:52:cb:45:e5:6b:06:
53:e4:d9:25:63:8f:be:33:25:61:4c:7b:fb:7e:00:
0e:c6:53:76:36:99:04:36:99:98:c0:e6:b2:73:43:
6e:58:c6:e2:3a:00:f1:02:62:52:df:e1:58:8b:b1:
8b:3c:92:01:43:69:2a:94:3b:54:f3:7c:81:97:c1:
04:68:b4:2d:e4:0b:13:49:6e:62:e2:6a:fa:1d:ef:
18:19:96:67:78:83:0f:ca:15:f6:9e:46:35:16:d1:
60:a9:91:27:f2:99:ea:8b:46:9e:06:88:74:10:33:
45:ec:20:37:1c:e6:74:5c:0a:d6:43:95:ac:42:14:
f7:e3:86:6f:18:fe:8d:36:75:8d:61:d5:e6:dd:19:
f9:12:9c:2b:17:80:0e:d6:17:1a:4c:7f:77:ee:e4:
a9:7a:f0:b3:10:a0:6f:0a:47:c5:9c:79:b5:74:a2:
2e:bf:36:3c:13:44:7b:64:70:17:4e:69:21:58:56:
1f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C2:34:C6:0C:C6:1F:B8:4C:06:BD:0D:5F:5A:B1:25:3E:58:AB:6D
X509v3 Authority Key Identifier:
keyid:1E:BE:3E:52:14:07:F5:97:F2:55:F3:FB:4E:0B:56:9C:32:08:35:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/qcI0xgzGH7hMBr0NX1qxJT5Yq20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.0.0/21
Signature Algorithm: sha256WithRSAEncryption
60:99:6a:27:cd:6f:69:19:42:a4:a1:17:c9:05:a2:6a:a8:29:
a0:1b:0b:ec:14:09:27:22:04:01:9b:ba:5d:5a:17:8f:f4:cb:
44:31:26:c6:a4:d1:7c:49:04:71:06:63:60:3f:fb:1d:0c:ae:
b1:bb:69:0a:13:09:dc:af:99:88:da:62:80:be:99:b0:47:a2:
61:19:08:49:83:1a:86:42:1b:5c:d2:c5:40:32:2b:7e:11:64:
93:9e:b3:47:72:fc:6e:4b:8c:f2:3d:8f:e4:95:10:e3:88:f5:
b8:a7:89:c4:93:f0:6f:1c:d2:7e:0e:42:90:8e:13:c9:a4:22:
81:b7:f5:91:e4:b0:42:ee:82:eb:79:fc:a4:f0:95:df:73:1f:
37:60:44:75:10:b8:84:f4:d3:bc:a9:54:f7:8b:a8:80:6d:bc:
37:e5:4d:bf:20:ca:ab:3e:5f:1d:7b:c6:da:cd:36:13:f9:ed:
72:dc:67:1b:de:50:bf:c3:34:aa:8d:cc:b7:e9:46:6e:00:c4:
a7:e6:d1:31:cc:13:93:66:5a:4b:1d:73:c6:2a:c2:4b:fd:e2:
da:f4:f4:0d:fa:7d:a8:05:bf:fd:2c:90:82:7e:21:cf:83:69:
62:1c:b9:d7:c1:18:28:b6:a4:7e:8f:fd:40:41:01:69:2f:86:
b4:73:67:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIWcvvBuEohjsEX/+f+P/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYmUzZTUyMTQwN2Y1OTdmMjU1ZjNmYjRlMGI1NjljMzIw
ODM1NTIwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWMyMzRjNjBjYzYxZmI4NGMwNmJkMGQ1ZjVhYjEyNTNlNThhYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXV0SPZl+G6SW6AyzzTt4mwsBSV1
IVKh0yO/02ZfAU4FBQ7r+daX95yMaHgKY0xAus300Ls7w2SqD+ddqUmbN2g9Y5lS
y0XlawZT5NklY4++MyVhTHv7fgAOxlN2NpkENpmYwOayc0NuWMbiOgDxAmJS3+FY
i7GLPJIBQ2kqlDtU83yBl8EEaLQt5AsTSW5i4mr6He8YGZZneIMPyhX2nkY1FtFg
qZEn8pnqi0aeBoh0EDNF7CA3HOZ0XArWQ5WsQhT344ZvGP6NNnWNYdXm3Rn5Epwr
F4AO1hcaTH937uSpevCzEKBvCkfFnHm1dKIuvzY8E0R7ZHAXTmkhWFYfnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnCNMYMxh+4TAa9DV9asSU+WKttMB8GA1UdIwQY
MBaAFB6+PlIUB/WX8lXz+04LVpwyCDVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHI0LVVoUUg5WmZ5VmZQN1RndFduRElJTlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xMjRhYzgtZmE5My00YzIzLWJkNjIt
NWI0YWZmN2E2Mzk4LzEvcWNJMHhnekdIN2hNQnIwTlgxcXhKVDVZcTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xMjRhYzgtZmE5My00YzIzLWJkNjItNWI0YWZmN2E2Mzk4
LzEvSHI0LVVoUUg5WmZ5VmZQN1RndFduRElJTlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTh8AMA0G
CSqGSIb3DQEBCwUAA4IBAQBgmWonzW9pGUKkoRfJBaJqqCmgGwvsFAknIgQBm7pd
WheP9MtEMSbGpNF8SQRxBmNgP/sdDK6xu2kKEwncr5mI2mKAvpmwR6JhGQhJgxqG
Qhtc0sVAMit+EWSTnrNHcvxuS4zyPY/klRDjiPW4p4nEk/BvHNJ+DkKQjhPJpCKB
t/WR5LBC7oLrefyk8JXfcx83YER1ELiE9NO8qVT3i6iAbbw35U2/IMqrPl8de8ba
zTYT+e1y3Gcb3lC/wzSqjcy36UZuAMSn5tExzBOTZlpLHXPGKsJL/eLa9PQN+n2o
Bb/9LJCCfiHPg2liHLnXwRgotqR+j/1AQQFpL4a0c2em
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:44:04 2025 by rpki-client