Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qMs7YE7PdHxXdf6CBw1sEvcakGg.roa
File: qMs7YE7PdHxXdf6CBw1sEvcakGg.roa (raw, json)
Hash identifier: qkLIJ1IfC12zCrPLZAT1u+J14R48uhxr6EnVUzcZs8Q=
Subject key identifier: A8:CB:3B:60:4E:CF:74:7C:57:75:FE:82:07:0D:6C:12:F7:1A:90:68
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2F947234DB36C1199DE1DF28E9F7C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qMs7YE7PdHxXdf6CBw1sEvcakGg.roa
Signing time: Thu 02 Jan 2025 01:48:16 +0000
ROA not before: Thu 02 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201574
IP address blocks: 159.148.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:f9:47:23:4d:b3:6c:11:99:de:1d:f2:8e:9f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8cb3b604ecf747c5775fe82070d6c12f71a9068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:02:30:e8:61:3a:7c:8e:9d:7a:c3:17:06:50:
a0:32:2a:32:bc:f7:9f:27:d3:54:ee:54:9e:10:c7:
56:76:2d:53:2e:e4:8c:5c:51:1d:98:54:b2:7d:9b:
4b:bb:d5:3d:d5:10:27:93:d9:58:0c:e8:cc:84:6c:
b4:21:8c:6d:cb:0f:f5:58:be:76:56:6d:60:8b:d9:
a7:19:c7:eb:69:fa:a0:00:ae:c5:b8:f0:92:f3:2a:
1e:16:59:39:b3:59:fa:10:c4:90:77:61:ab:27:b0:
55:0e:f4:13:e7:d2:16:c8:e2:4c:3f:1f:d8:2d:40:
02:71:05:ad:b0:7c:76:fa:16:04:65:b8:9c:9f:d8:
5f:93:0a:f2:cf:c2:59:dd:b6:b7:2e:80:5c:c6:42:
33:40:34:2c:db:01:24:e8:c3:07:e6:71:d8:4b:27:
e5:a2:86:5d:10:7f:90:53:ef:87:36:bd:9e:62:88:
0a:ae:49:f0:f0:55:7d:21:b0:df:bc:d6:28:c7:6d:
2b:9a:25:7e:2a:6e:94:81:cf:ef:08:ea:61:3e:34:
7f:f5:f1:5e:a2:15:03:60:f2:7e:0c:ed:ce:25:99:
d7:7a:23:01:8b:88:aa:83:1d:6e:28:f9:62:0a:a8:
f0:8b:c7:12:b2:24:83:2c:24:63:13:f6:b0:ec:ba:
92:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CB:3B:60:4E:CF:74:7C:57:75:FE:82:07:0D:6C:12:F7:1A:90:68
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qMs7YE7PdHxXdf6CBw1sEvcakGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.197.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:8a:81:91:28:28:83:6e:56:e1:8a:6d:11:bc:65:2c:f9:47:
0b:e7:93:b5:26:32:dd:53:ba:5b:17:3d:40:dc:82:4c:83:c4:
57:4e:12:e9:c0:c0:cc:1d:3b:72:92:82:4a:0b:d8:40:b0:e2:
c8:82:5d:13:05:b4:98:5c:68:df:a7:62:23:b4:41:f6:e5:71:
b3:06:39:7c:19:24:65:18:f4:96:c6:f2:e0:eb:94:b7:57:d2:
17:d6:e7:e0:7a:c5:9a:5d:6d:39:86:84:70:d3:f3:8b:e6:e9:
c4:a9:05:71:5c:e3:66:53:9f:75:dd:ef:ee:1c:e0:86:a6:4d:
c0:48:8f:12:b4:aa:ad:6e:a7:0a:0f:03:48:1e:68:ae:91:7b:
ef:c0:dc:d9:e1:0c:dc:e3:e9:5d:65:0e:73:7e:f8:59:c1:00:
7f:90:1c:6c:3c:2c:a8:60:b1:95:f8:a0:6b:63:19:4f:a0:5d:
76:ef:8e:9c:bc:3f:2f:90:47:e7:48:a3:13:cd:61:d8:1a:0f:
21:01:f7:22:35:6d:e5:7d:bc:95:54:03:c0:e1:77:c8:37:77:
39:ba:28:0b:6c:97:e1:45:e9:bf:96:d6:e1:56:a7:f0:34:0c:
28:a0:21:b1:37:94:94:6b:fe:50:62:f4:de:9d:f4:86:b0:2a:
f8:e9:d8:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksvlHI02zbBGZ3h3yjp98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNiM2I2MDRlY2Y3NDdjNTc3NWZlODIwNzBkNmMxMmY3MWE5MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAIw6GE6fI6desMXBlCgMioyvPef
J9NU7lSeEMdWdi1TLuSMXFEdmFSyfZtLu9U91RAnk9lYDOjMhGy0IYxtyw/1WL52
Vm1gi9mnGcfrafqgAK7FuPCS8yoeFlk5s1n6EMSQd2GrJ7BVDvQT59IWyOJMPx/Y
LUACcQWtsHx2+hYEZbicn9hfkwryz8JZ3ba3LoBcxkIzQDQs2wEk6MMH5nHYSyfl
ooZdEH+QU++HNr2eYogKrknw8FV9IbDfvNYox20rmiV+Km6Ugc/vCOphPjR/9fFe
ohUDYPJ+DO3OJZnXeiMBi4iqgx1uKPliCqjwi8cSsiSDLCRjE/aw7LqSYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjLO2BOz3R8V3X+ggcNbBL3GpBoMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvcU1zN1lFN1BkSHhYZGY2Q0J3MXNFdmNha0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5TFMA0G
CSqGSIb3DQEBCwUAA4IBAQA+ioGRKCiDblbhim0RvGUs+UcL55O1JjLdU7pbFz1A
3IJMg8RXThLpwMDMHTtykoJKC9hAsOLIgl0TBbSYXGjfp2IjtEH25XGzBjl8GSRl
GPSWxvLg65S3V9IX1ufgesWaXW05hoRw0/OL5unEqQVxXONmU5913e/uHOCGpk3A
SI8StKqtbqcKDwNIHmiukXvvwNzZ4Qzc4+ldZQ5zfvhZwQB/kBxsPCyoYLGV+KBr
YxlPoF12746cvD8vkEfnSKMTzWHYGg8hAfciNW3lfbyVVAPA4XfIN3c5uigLbJfh
Rem/ltbhVqfwNAwooCGxN5SUa/5QYvTenfSGsCr46djQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:58 2025 by rpki-client