Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qLa_3610fzBY1eU8HClRmCRT7To.roa
File: qLa_3610fzBY1eU8HClRmCRT7To.roa (raw, json)
Hash identifier: HVcemRAxro8XXNA3hFBQgQaF8CjGwSvBNv1QHJjDQ0I=
Subject key identifier: A8:B6:BF:DF:AD:74:7F:30:58:D5:E5:3C:1C:29:51:98:24:53:ED:3A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2FF8A672FC5C78697561F416162F4
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qLa_3610fzBY1eU8HClRmCRT7To.roa
Signing time: Thu 02 Jan 2025 01:48:18 +0000
ROA not before: Thu 02 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 159.148.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ff:8a:67:2f:c5:c7:86:97:56:1f:41:61:62:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8b6bfdfad747f3058d5e53c1c2951982453ed3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:94:fd:ed:fb:80:43:e2:c7:07:3f:a2:b7:11:
0f:84:66:37:e0:81:9a:1b:a3:9a:03:66:96:fd:77:
13:53:55:3c:6c:0a:5d:00:57:59:9b:a2:fb:d4:6e:
03:c1:b7:0d:a4:de:0c:2a:bf:98:72:3c:85:f7:40:
52:e7:b9:fc:67:63:c2:ed:d9:f6:c2:56:3a:af:6d:
4c:51:43:f3:8c:62:08:9f:94:44:b3:52:ab:b9:7c:
bb:3e:77:81:17:4a:ea:c4:e3:c1:b7:ab:2c:39:4b:
98:27:4b:66:0f:52:ff:48:21:ca:2f:9d:57:30:6b:
35:73:46:23:80:1d:10:4b:e4:6a:1e:03:8a:68:3e:
5f:8b:4e:b3:f2:4a:15:c8:94:70:69:92:dd:24:64:
3f:4d:15:6f:2b:f0:e1:20:0a:0a:ae:09:ce:26:22:
f1:6a:16:4e:7f:ec:11:0e:77:28:53:b7:85:da:c7:
3c:2e:ee:fa:98:ce:a3:e4:cd:29:31:1a:ff:81:fc:
e6:b1:cc:58:88:da:7a:87:cf:ce:89:61:09:b5:07:
58:c9:94:52:8c:8e:a7:2c:af:74:c1:0a:42:88:40:
23:c6:f2:f4:d5:39:e6:df:45:fe:9a:95:80:c9:b4:
90:ef:8f:25:b0:89:c6:c7:53:eb:76:18:63:38:72:
6f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B6:BF:DF:AD:74:7F:30:58:D5:E5:3C:1C:29:51:98:24:53:ED:3A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qLa_3610fzBY1eU8HClRmCRT7To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.58.0/24
Signature Algorithm: sha256WithRSAEncryption
70:87:d7:7b:15:d4:5c:a3:b3:af:17:8c:db:85:a5:4a:ce:28:
2f:ec:c7:ab:f3:b9:9e:0b:81:25:1c:f3:66:3a:58:f2:5b:13:
e1:0d:c3:bd:6d:c8:2d:f0:ac:99:75:47:7e:39:0b:6c:4d:73:
45:79:2a:fa:20:ad:42:58:3f:94:65:a5:f8:56:9d:d4:84:e8:
92:39:ab:c3:3b:95:14:83:d6:9d:f5:75:ab:61:06:58:32:03:
e0:06:1d:3a:64:32:c3:79:d4:4b:ca:83:ee:c6:c4:60:0e:09:
20:87:b9:8d:2c:d7:59:43:80:25:c5:18:e8:52:7d:b0:1c:b2:
46:9f:fb:62:45:cf:da:d4:f2:73:84:76:d4:d8:e2:4d:bf:8b:
1d:12:0c:da:d8:ef:57:f4:28:18:a4:48:91:e0:50:9e:d2:d0:
b4:e6:9b:a0:1a:21:fb:df:1a:52:be:db:14:d0:89:da:8c:3c:
d9:17:9d:73:91:27:e2:33:ea:f2:86:41:f3:c0:e3:49:0d:f5:
23:ad:27:09:f0:45:92:9c:ff:f9:33:47:b5:08:5a:a1:e0:83:
e4:72:27:c4:61:7d:7c:23:30:16:3e:a9:95:fe:8c:2b:65:89:
48:83:83:9e:5d:a6:5a:ef:e8:f1:76:50:f7:9d:e4:95:7c:60:
e3:d7:4a:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksv+KZy/Fx4aXVh9BYWL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGI2YmZkZmFkNzQ3ZjMwNThkNWU1M2MxYzI5NTE5ODI0NTNlZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35T97fuAQ+LHBz+itxEPhGY34IGa
G6OaA2aW/XcTU1U8bApdAFdZm6L71G4DwbcNpN4MKr+YcjyF90BS57n8Z2PC7dn2
wlY6r21MUUPzjGIIn5REs1KruXy7PneBF0rqxOPBt6ssOUuYJ0tmD1L/SCHKL51X
MGs1c0YjgB0QS+RqHgOKaD5fi06z8koVyJRwaZLdJGQ/TRVvK/DhIAoKrgnOJiLx
ahZOf+wRDncoU7eF2sc8Lu76mM6j5M0pMRr/gfzmscxYiNp6h8/OiWEJtQdYyZRS
jI6nLK90wQpCiEAjxvL01Tnm30X+mpWAybSQ748lsInGx1PrdhhjOHJv+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKi2v9+tdH8wWNXlPBwpUZgkU+06MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvcUxhXzM2MTBmekJZMWVVOEhDbFJtQ1JUN1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5Q6MA0G
CSqGSIb3DQEBCwUAA4IBAQBwh9d7FdRco7OvF4zbhaVKzigv7Mer87meC4ElHPNm
OljyWxPhDcO9bcgt8KyZdUd+OQtsTXNFeSr6IK1CWD+UZaX4Vp3UhOiSOavDO5UU
g9ad9XWrYQZYMgPgBh06ZDLDedRLyoPuxsRgDgkgh7mNLNdZQ4AlxRjoUn2wHLJG
n/tiRc/a1PJzhHbU2OJNv4sdEgza2O9X9CgYpEiR4FCe0tC05pugGiH73xpSvtsU
0InajDzZF51zkSfiM+ryhkHzwONJDfUjrScJ8EWSnP/5M0e1CFqh4IPkcifEYX18
IzAWPqmV/owrZYlIg4OeXaZa7+jxdlD3neSVfGDj10oE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:52 2025 by rpki-client