Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/70f358-ba41-452f-8640-81dfdbd64c01/1/QkIjqDLFaJgakqWmUb9WDx5VCHo.roa
File: QkIjqDLFaJgakqWmUb9WDx5VCHo.roa (raw, json)
Hash identifier: /JRGPf0Cu0a60W+vF1scF4K33kTcMtcWTO67dEVNOXI=
Subject key identifier: 42:42:23:A8:32:C5:68:98:1A:92:A5:A6:51:BF:56:0F:1E:55:08:7A
Certificate issuer: /CN=7ba513f38cceef4bc6332099a2d4fa08c25a8403
Certificate serial: 018486AC35FD978828659AD7F5D024404CAD
Authority key identifier: 7B:A5:13:F3:8C:CE:EF:4B:C6:33:20:99:A2:D4:FA:08:C2:5A:84:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6UT84zO70vGMyCZotT6CMJahAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/70f358-ba41-452f-8640-81dfdbd64c01/1/QkIjqDLFaJgakqWmUb9WDx5VCHo.roa
Signing time: Thu 17 Nov 2022 17:39:03 +0000
ROA not before: Thu 17 Nov 2022 17:39:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a11:eb40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:ac:35:fd:97:88:28:65:9a:d7:f5:d0:24:40:4c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba513f38cceef4bc6332099a2d4fa08c25a8403
Validity
Not Before: Nov 17 17:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=424223a832c568981a92a5a651bf560f1e55087a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5c:d5:46:5a:59:b8:4d:a6:69:bc:e9:94:c2:
72:45:35:1b:68:c1:0b:8c:71:7a:2a:26:3b:14:b5:
12:4e:b7:a3:5e:c1:41:1a:25:dd:21:f5:27:fc:85:
bf:d6:0b:ed:74:ba:03:bc:8a:47:7f:f2:0c:3a:ed:
e9:63:b7:28:69:7b:e4:74:98:d9:5b:bf:83:8f:81:
7d:00:3a:ae:ed:47:59:5f:34:f0:19:2e:1d:f9:50:
20:2d:5e:f6:f6:68:19:e0:4f:77:9d:c4:71:a3:80:
3a:69:0b:8b:47:7a:1a:e3:33:8a:52:fc:90:3d:36:
29:d2:6f:e6:d5:87:45:4e:b2:40:dc:c9:08:7d:c8:
55:50:f8:df:24:e7:a6:97:73:92:b1:0c:5b:1b:bc:
96:d4:5a:1b:6f:7e:e5:13:60:5b:b7:23:53:1d:b2:
be:e9:8b:77:28:7a:7f:5f:e4:38:2b:3a:72:cf:ad:
7a:c6:7a:a7:9c:5f:49:22:f8:7e:9e:58:0a:c5:05:
3d:26:b6:c8:99:32:91:40:b4:9d:2f:a1:65:82:e1:
af:f4:44:85:d5:56:22:70:d0:53:8a:00:5a:76:9e:
38:fc:09:db:26:e2:d2:9c:c5:7f:ef:85:dc:8f:8e:
37:1c:ea:56:fa:fe:fb:56:fa:c7:14:e2:9c:fb:15:
0e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:42:23:A8:32:C5:68:98:1A:92:A5:A6:51:BF:56:0F:1E:55:08:7A
X509v3 Authority Key Identifier:
keyid:7B:A5:13:F3:8C:CE:EF:4B:C6:33:20:99:A2:D4:FA:08:C2:5A:84:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6UT84zO70vGMyCZotT6CMJahAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/70f358-ba41-452f-8640-81dfdbd64c01/1/QkIjqDLFaJgakqWmUb9WDx5VCHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/70f358-ba41-452f-8640-81dfdbd64c01/1/e6UT84zO70vGMyCZotT6CMJahAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:eb40::/29
Signature Algorithm: sha256WithRSAEncryption
70:5f:ae:0e:8f:a2:a2:65:f2:a7:d4:90:ea:54:86:8e:89:36:
e7:fb:a6:4c:e8:7a:00:73:fd:ed:87:9f:d1:da:cf:53:ae:87:
36:26:dc:b6:9e:07:4e:4d:77:6d:cc:7d:a3:68:b2:61:10:5d:
0c:ce:6b:73:37:4f:5a:15:dd:cb:f1:b2:24:a1:23:a7:8a:c3:
44:64:88:04:74:f8:db:93:e0:fe:69:cb:3a:6c:04:83:1d:5f:
16:91:ba:49:fd:3b:b8:56:5f:f3:e7:3c:22:ca:92:ce:33:a4:
4e:bf:56:1a:20:18:64:71:84:25:05:6e:60:55:7c:f2:a3:91:
27:91:94:c3:f6:e8:c1:7c:59:f3:03:80:6a:f1:4f:9b:c7:20:
7f:88:28:7b:8b:c1:9c:5f:db:31:f3:53:a8:c8:2d:34:e5:8d:
02:47:af:bd:d9:a8:27:fd:de:3f:c5:92:0b:f2:3c:37:59:30:
6e:53:66:81:19:4c:e4:e8:1c:a1:61:24:71:a6:72:67:4e:ee:
da:5b:1f:ec:6e:92:4f:00:1c:7d:65:ce:50:27:e5:02:af:d9:
05:fc:be:6e:24:15:31:3f:30:55:15:3e:cc:73:a6:9b:ef:65:
d3:ee:67:f7:6b:72:d0:de:6e:87:87:bc:3d:d3:0e:28:6b:24:
5a:c4:c8:be
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYSGrDX9l4goZZrX9dAkQEytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTUxM2YzOGNjZWVmNGJjNjMzMjA5OWEyZDRmYTA4YzI1
YTg0MDMwHhcNMjIxMTE3MTczOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQyMjNhODMyYzU2ODk4MWE5MmE1YTY1MWJmNTYwZjFlNTUwODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1zVRlpZuE2mabzplMJyRTUbaMEL
jHF6KiY7FLUSTrejXsFBGiXdIfUn/IW/1gvtdLoDvIpHf/IMOu3pY7coaXvkdJjZ
W7+Dj4F9ADqu7UdZXzTwGS4d+VAgLV729mgZ4E93ncRxo4A6aQuLR3oa4zOKUvyQ
PTYp0m/m1YdFTrJA3MkIfchVUPjfJOeml3OSsQxbG7yW1Fobb37lE2BbtyNTHbK+
6Yt3KHp/X+Q4Kzpyz616xnqnnF9JIvh+nlgKxQU9JrbImTKRQLSdL6FlguGv9ESF
1VYicNBTigBadp44/AnbJuLSnMV/74Xcj443HOpW+v77VvrHFOKc+xUOEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEJCI6gyxWiYGpKlplG/Vg8eVQh6MB8GA1UdIwQY
MBaAFHulE/OMzu9LxjMgmaLU+gjCWoQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZVVDg0ek83MHZHTXlDWm90VDZDTUphaEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MGYzNTgtYmE0MS00NTJmLTg2NDAt
ODFkZmRiZDY0YzAxLzEvUWtJanFETEZhSmdha3FXbVViOVdEeDVWQ0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MGYzNTgtYmE0MS00NTJmLTg2NDAtODFkZmRiZDY0YzAx
LzEvZTZVVDg0ek83MHZHTXlDWm90VDZDTUphaEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHrQDAN
BgkqhkiG9w0BAQsFAAOCAQEAcF+uDo+iomXyp9SQ6lSGjok25/umTOh6AHP97Yef
0drPU66HNibctp4HTk13bcx9o2iyYRBdDM5rczdPWhXdy/GyJKEjp4rDRGSIBHT4
25Pg/mnLOmwEgx1fFpG6Sf07uFZf8+c8IsqSzjOkTr9WGiAYZHGEJQVuYFV88qOR
J5GUw/bowXxZ8wOAavFPm8cgf4goe4vBnF/bMfNTqMgtNOWNAkevvdmoJ/3eP8WS
C/I8N1kwblNmgRlM5OgcoWEkcaZyZ07u2lsf7G6STwAcfWXOUCflAq/ZBfy+biQV
MT8wVRU+zHOmm+9l0+5n92ty0N5uh4e8PdMOKGskWsTIvg==
-----END CERTIFICATE-----
Generated at Wed May 14 17:41:01 2025 by rpki-client