Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QH0AHR1rFk7baTZd_NGHHxPmhyk.roa
File: QH0AHR1rFk7baTZd_NGHHxPmhyk.roa (raw, json)
Hash identifier: DuIF1W2w1lvu1sjMWqzM0fKA1ZHhg2DIpDB3ygNaER8=
Subject key identifier: 40:7D:00:1D:1D:6B:16:4E:DB:69:36:5D:FC:D1:87:1F:13:E6:87:29
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 019457848C6FE7AC9F2B1872466E8F4A50EB
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QH0AHR1rFk7baTZd_NGHHxPmhyk.roa
Signing time: Sat 11 Jan 2025 22:38:11 +0000
ROA not before: Sat 11 Jan 2025 22:38:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214967
IP address blocks: 2a13:9306::/31 maxlen: 31
2a13:da00::/29 maxlen: 29
2a13:e400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:57:84:8c:6f:e7:ac:9f:2b:18:72:46:6e:8f:4a:50:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 11 22:38:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=407d001d1d6b164edb69365dfcd1871f13e68729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:dc:99:58:d5:65:90:aa:3c:ff:89:57:af:08:
0a:8b:f9:64:0b:e8:37:bf:b7:c5:08:3a:6f:ea:69:
7c:71:02:68:9a:9e:3b:96:42:92:59:9c:75:30:d1:
3a:a8:10:d2:96:d2:82:1f:0e:fd:49:30:50:c3:ec:
22:f9:ba:79:d6:1c:14:55:a8:95:03:7d:80:6e:d8:
2b:4f:2a:9a:cb:60:4e:98:57:ca:49:07:99:e3:38:
0d:12:60:c2:bf:91:b9:17:22:1d:d8:90:2a:3e:13:
ce:29:77:05:b0:81:fe:56:41:08:d8:e7:88:d7:d7:
d5:96:56:d7:76:f8:bc:86:55:5d:fa:20:67:e6:29:
12:a5:9f:ab:cd:a7:85:2c:da:c2:79:ec:76:6e:8d:
91:f1:5d:c7:46:e3:b1:0f:a0:63:6b:27:f8:5b:28:
b2:9e:8d:f5:4c:b7:dd:5b:e3:ad:be:34:ed:49:f3:
8f:b0:60:92:e6:d4:b4:fb:5e:de:90:02:03:e6:8b:
85:c5:54:c4:fc:29:e7:4a:72:bf:98:19:78:f5:40:
1c:24:92:61:52:bf:d8:af:6f:c7:fd:8a:da:2d:14:
cc:7e:4f:1b:ce:ee:37:28:40:4a:61:8e:c9:09:9f:
cd:7c:dd:77:ee:f8:6f:e4:03:a2:04:b4:65:81:c6:
a9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7D:00:1D:1D:6B:16:4E:DB:69:36:5D:FC:D1:87:1F:13:E6:87:29
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/QH0AHR1rFk7baTZd_NGHHxPmhyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9306::/31
2a13:da00::/29
2a13:e400::/29
Signature Algorithm: sha256WithRSAEncryption
c7:4c:31:53:bf:ee:72:b6:d6:74:2c:c8:f4:bf:53:82:c4:38:
00:d9:bf:37:ea:1a:9c:5e:d3:ce:85:cc:9c:1a:db:30:fe:25:
c4:70:64:57:08:17:11:a1:d1:fe:47:25:ef:07:29:a9:5c:0c:
e1:25:a4:b5:4b:a0:24:3c:98:3c:52:b1:2e:be:0a:b9:db:81:
50:cf:fe:44:83:4b:06:f0:02:0d:31:61:2f:23:c1:66:e1:fe:
78:92:17:e6:22:09:9e:03:70:d9:51:6c:91:c4:09:b3:da:26:
43:c2:50:b0:82:25:e7:09:ad:e4:55:00:23:6d:23:7e:ca:32:
18:45:86:55:88:6e:53:0c:c9:71:1a:6e:c7:7f:fa:07:6d:e8:
f2:02:31:95:c0:7a:5d:00:71:1a:b3:54:4b:ca:14:bb:71:2b:
62:f5:9e:64:e0:28:49:3c:5b:6c:20:cb:86:6d:5f:86:31:5a:
4e:10:1b:2b:8c:4c:ff:bd:68:be:5e:bb:e4:c6:80:03:16:26:
05:d4:89:e1:da:37:65:e9:d2:43:61:33:10:f7:50:1b:fa:03:
a8:c1:1f:32:f7:48:7d:2e:ed:6e:f4:1a:02:ff:1f:03:6b:00:
91:81:44:ea:d8:a4:df:d7:2b:5f:41:bc:22:a5:11:ac:7d:eb:
36:13:f5:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZRXhIxv56yfKxhyRm6PSlDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTExMjIzODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdkMDAxZDFkNmIxNjRlZGI2OTM2NWRmY2QxODcxZjEzZTY4NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NyZWNVlkKo8/4lXrwgKi/lkC+g3
v7fFCDpv6ml8cQJomp47lkKSWZx1MNE6qBDSltKCHw79STBQw+wi+bp51hwUVaiV
A32AbtgrTyqay2BOmFfKSQeZ4zgNEmDCv5G5FyId2JAqPhPOKXcFsIH+VkEI2OeI
19fVllbXdvi8hlVd+iBn5ikSpZ+rzaeFLNrCeex2bo2R8V3HRuOxD6Bjayf4Wyiy
no31TLfdW+OtvjTtSfOPsGCS5tS0+17ekAID5ouFxVTE/CnnSnK/mBl49UAcJJJh
Ur/Yr2/H/YraLRTMfk8bzu43KEBKYY7JCZ/NfN137vhv5AOiBLRlgcapvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEB9AB0daxZO22k2XfzRhx8T5ocpMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvUUgwQUhSMXJGazdiYVRaZF9OR0hIeFBtaHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUBKhOTBgMF
AyoT2gADBQMqE+QAMA0GCSqGSIb3DQEBCwUAA4IBAQDHTDFTv+5yttZ0LMj0v1OC
xDgA2b836hqcXtPOhcycGtsw/iXEcGRXCBcRodH+RyXvBympXAzhJaS1S6AkPJg8
UrEuvgq524FQz/5Eg0sG8AINMWEvI8Fm4f54khfmIgmeA3DZUWyRxAmz2iZDwlCw
giXnCa3kVQAjbSN+yjIYRYZViG5TDMlxGm7Hf/oHbejyAjGVwHpdAHEas1RLyhS7
cSti9Z5k4ChJPFtsIMuGbV+GMVpOEBsrjEz/vWi+XrvkxoADFiYF1Inh2jdl6dJD
YTMQ91Ab+gOowR8y90h9Lu1u9BoC/x8DawCRgUTq2KTf1ytfQbwipRGsfes2E/V4
-----END CERTIFICATE-----
Generated at Tue Jan 21 15:02:32 2025 by rpki-client on console.sobornost.net