Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/q8eST-ZG7B6M24bZ2pICQ4JG98g.roa
File: q8eST-ZG7B6M24bZ2pICQ4JG98g.roa (raw, json)
Hash identifier: OMOlcYNJZvEJSKKchshH1klaNxKOsSjpbrYgqgPNRlM=
Subject key identifier: AB:C7:92:4F:E6:46:EC:1E:8C:DB:86:D9:DA:92:02:43:82:46:F7:C8
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 0196E9F32D6E36DED43CB7223F7CE8ED47A8
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/q8eST-ZG7B6M24bZ2pICQ4JG98g.roa
Signing time: Mon 19 May 2025 19:09:10 +0000
ROA not before: Mon 19 May 2025 19:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0d:3045::/32 maxlen: 32
2a12:9507::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:f3:2d:6e:36:de:d4:3c:b7:22:3f:7c:e8:ed:47:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: May 19 19:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abc7924fe646ec1e8cdb86d9da9202438246f7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c8:df:e6:eb:c3:64:bc:30:08:76:ac:a8:7f:
a2:e3:3b:98:5f:4a:55:f7:9f:04:87:0a:63:7e:cf:
11:5e:8b:6f:d5:bc:e4:9c:f2:0b:d8:68:3d:62:7a:
af:9e:7d:07:75:11:dd:8d:3c:b5:5b:4c:f9:1b:05:
13:ce:67:9a:2e:a2:be:d9:fe:7f:91:70:71:de:d9:
97:c5:6f:f3:bc:dc:11:c2:b1:4f:dc:41:b6:3b:08:
1a:89:60:59:72:40:d0:a4:33:74:2c:9e:32:e6:3b:
08:ef:07:2b:17:a4:08:f9:54:0a:fd:2f:88:97:0c:
53:20:ca:03:84:2a:25:31:c8:41:e3:be:df:15:de:
25:aa:f4:60:b7:e1:05:06:94:21:29:00:31:d9:d9:
5e:3b:d1:6a:1a:0b:d2:83:8c:60:43:d2:97:41:59:
c7:13:d0:4f:74:28:3a:da:f5:14:5e:21:18:e5:0a:
52:5a:b7:64:99:ba:da:8b:9e:f5:19:2e:b4:94:3d:
94:80:3c:a2:0e:2d:15:d2:aa:da:39:29:29:2b:f3:
53:24:24:d9:33:fb:fb:e1:30:db:89:47:f8:9d:86:
e6:8b:49:b7:d9:2f:f6:34:90:79:74:82:c4:12:00:
1e:d9:cf:d6:86:73:b7:8d:bb:48:27:10:2a:48:5d:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C7:92:4F:E6:46:EC:1E:8C:DB:86:D9:DA:92:02:43:82:46:F7:C8
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/q8eST-ZG7B6M24bZ2pICQ4JG98g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3045::/32
2a12:9507::/32
Signature Algorithm: sha256WithRSAEncryption
49:8b:aa:c0:90:74:8e:30:3d:38:de:06:8e:33:f7:6a:a2:85:
c6:2b:5a:77:78:ea:af:4e:d1:3a:2b:06:fb:25:02:33:e1:5e:
07:9e:32:76:ea:c7:d9:d1:e6:ff:08:84:6c:f0:1b:da:29:ea:
a2:cf:40:4b:8d:97:b6:c0:23:a6:2b:bb:95:fa:48:15:e3:2d:
b6:c5:e5:2e:4a:61:1f:b7:53:04:9d:ed:7f:8d:50:94:bd:ad:
6c:59:90:88:40:d8:c1:02:d8:4a:82:50:f6:2d:e2:6e:93:2e:
b1:a8:b7:ad:ee:69:e0:0d:fd:77:5a:13:f0:d3:f5:58:35:e2:
84:96:fd:14:6c:3d:da:3d:98:05:12:26:75:65:a0:3d:89:32:
6d:00:08:13:09:d9:63:e2:ef:00:70:6d:4b:8c:dd:44:84:22:
02:95:45:47:e1:ea:cd:6f:29:10:b1:6d:97:05:78:d2:63:03:
bc:1f:0a:01:de:14:87:82:5e:a8:a5:17:fa:b1:8e:3f:1e:48:
64:4e:2e:11:6b:97:e4:79:11:1f:b2:bf:a5:ca:93:74:09:54:
67:01:b8:7b:a7:8a:3b:3e:ee:e6:bc:0f:11:7b:92:19:d9:70:
0d:a0:36:d7:4d:11:c6:f5:dc:c9:b2:b4:01:40:66:21:fe:93:
32:6c:19:bd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZbp8y1uNt7UPLciP3zo7UeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjUwNTE5MTkwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM3OTI0ZmU2NDZlYzFlOGNkYjg2ZDlkYTkyMDI0MzgyNDZmN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Mjf5uvDZLwwCHasqH+i4zuYX0pV
958Ehwpjfs8RXotv1bzknPIL2Gg9Ynqvnn0HdRHdjTy1W0z5GwUTzmeaLqK+2f5/
kXBx3tmXxW/zvNwRwrFP3EG2OwgaiWBZckDQpDN0LJ4y5jsI7wcrF6QI+VQK/S+I
lwxTIMoDhColMchB477fFd4lqvRgt+EFBpQhKQAx2dleO9FqGgvSg4xgQ9KXQVnH
E9BPdCg62vUUXiEY5QpSWrdkmbrai571GS60lD2UgDyiDi0V0qraOSkpK/NTJCTZ
M/v74TDbiUf4nYbmi0m32S/2NJB5dILEEgAe2c/WhnO3jbtIJxAqSF03YwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKvHkk/mRuwejNuG2dqSAkOCRvfIMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvcThlU1QtWkc3QjZNMjRiWjJwSUNRNEpHOThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg0wRQMF
ACoSlQcwDQYJKoZIhvcNAQELBQADggEBAEmLqsCQdI4wPTjeBo4z92qihcYrWnd4
6q9O0TorBvslAjPhXgeeMnbqx9nR5v8IhGzwG9op6qLPQEuNl7bAI6Yru5X6SBXj
LbbF5S5KYR+3UwSd7X+NUJS9rWxZkIhA2MEC2EqCUPYt4m6TLrGot63uaeAN/Xda
E/DT9Vg14oSW/RRsPdo9mAUSJnVloD2JMm0ACBMJ2WPi7wBwbUuM3USEIgKVRUfh
6s1vKRCxbZcFeNJjA7wfCgHeFIeCXqilF/qxjj8eSGROLhFrl+R5ER+yv6XKk3QJ
VGcBuHunijs+7ua8DxF7khnZcA2gNtdNEcb13MmytAFAZiH+kzJsGb0=
-----END CERTIFICATE-----
Generated at Tue Jun 17 18:05:36 2025 by rpki-client