Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/qrrQR7WuIleyYS2sO7I0VvjROUo.roa
File: qrrQR7WuIleyYS2sO7I0VvjROUo.roa (raw, json)
Hash identifier: 4JE74Aq/xmpPqZIRbZrMja/xvjU3RSpM11pAC7vf4sE=
Subject key identifier: AA:BA:D0:47:B5:AE:22:57:B2:61:2D:AC:3B:B2:34:56:F8:D1:39:4A
Certificate issuer: /CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Certificate serial: 019426D965E01BE2848F01ECEB221042659B
Authority key identifier: B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/qrrQR7WuIleyYS2sO7I0VvjROUo.roa
Signing time: Thu 02 Jan 2025 11:49:29 +0000
ROA not before: Thu 02 Jan 2025 11:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.136.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:65:e0:1b:e2:84:8f:01:ec:eb:22:10:42:65:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Validity
Not Before: Jan 2 11:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aabad047b5ae2257b2612dac3bb23456f8d1394a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:08:78:b1:56:4f:7a:4d:19:72:f7:b9:0b:08:
27:6f:65:09:7c:3b:8e:33:7e:22:a4:8e:aa:e8:23:
0c:4a:c5:54:11:72:b4:e4:08:f0:52:7e:dd:04:d7:
82:c4:23:f8:9c:1c:4f:5b:f1:91:07:ac:23:5c:95:
d6:bf:6f:c7:5e:5a:ac:17:a3:3e:c0:a9:3f:03:35:
ed:d9:08:64:bd:c3:4d:51:6b:de:88:11:0c:a2:ce:
56:5d:4e:ff:0d:3e:be:74:c2:83:69:2e:4f:1a:92:
43:5b:39:27:e6:ff:c4:35:98:17:e4:5d:52:9a:e2:
97:44:75:d8:b6:3e:e6:3f:3f:3a:b7:12:0c:e1:78:
ec:ce:83:1d:dd:93:22:af:8e:aa:9b:98:2c:e1:cf:
bd:9f:41:da:f6:df:f4:9e:72:8f:37:3c:39:88:2e:
3e:ce:a8:3a:cd:37:f2:08:d7:9c:8c:8b:5f:67:91:
82:ce:19:8a:e8:ea:4f:61:a7:b2:b9:d1:25:bd:6e:
2a:74:a9:66:b6:13:38:30:a8:be:fe:8c:e3:0c:a1:
1a:ca:9d:51:73:8d:65:cd:ff:bd:4d:34:f7:63:25:
28:1b:c5:8f:ce:d0:de:2c:2d:bb:49:a2:03:31:fe:
c7:9a:09:ca:69:99:84:a8:f2:21:59:bf:80:3f:04:
c8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BA:D0:47:B5:AE:22:57:B2:61:2D:AC:3B:B2:34:56:F8:D1:39:4A
X509v3 Authority Key Identifier:
keyid:B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/qrrQR7WuIleyYS2sO7I0VvjROUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/tfGesN1I4bJJJJCLtbaEjMFnhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.240.0/22
Signature Algorithm: sha256WithRSAEncryption
65:dd:e6:93:cc:ca:3b:f9:85:8d:5d:f3:f8:40:64:31:23:05:
2a:05:82:71:30:b2:a6:1e:b4:69:c9:1d:75:cf:07:1e:fc:e4:
9b:c4:e1:22:1d:85:45:88:df:80:14:77:df:bd:ca:2b:d2:bc:
5a:8a:e8:3d:29:bc:d6:02:df:4a:a5:fa:17:44:de:b9:54:6a:
46:c4:d5:dc:d9:d8:a8:29:e9:d3:87:99:27:5d:6f:ff:c2:eb:
b1:28:8c:32:ae:ed:b0:23:37:19:94:d0:ed:70:d6:bf:85:60:
43:97:17:75:8e:5d:71:87:c1:c2:db:b7:a7:66:0c:71:f0:99:
d8:e1:13:ba:8e:44:b0:1e:06:53:af:d6:fb:75:e0:eb:2a:1c:
be:a0:b7:a8:87:7b:6b:b8:33:b7:85:66:44:d1:24:3d:09:04:
47:2b:7e:a6:6e:74:fe:1a:92:b8:a8:b0:dc:c2:fa:70:90:df:
86:cb:6a:61:1b:91:4b:2a:3a:89:f3:91:62:d3:06:44:aa:fa:
88:9a:4b:82:2b:87:3f:34:c9:62:ab:9d:02:4c:e1:08:a4:d6:
a6:97:a9:cb:50:b7:b7:90:7d:4a:ad:ab:df:9e:85:5a:92:0d:
d3:64:6d:5f:86:c2:8b:13:13:f2:e6:6d:ef:bb:40:01:98:20:
1e:c8:a3:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2WXgG+KEjwHs6yIQQmWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZjE5ZWIwZGQ0OGUxYjI0OTI0OTA4YmI1YjY4NDhjYzE2
Nzg1NDYwHhcNMjUwMTAyMTE0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWJhZDA0N2I1YWUyMjU3YjI2MTJkYWMzYmIyMzQ1NmY4ZDEzOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Qh4sVZPek0Zcve5Cwgnb2UJfDuO
M34ipI6q6CMMSsVUEXK05AjwUn7dBNeCxCP4nBxPW/GRB6wjXJXWv2/HXlqsF6M+
wKk/AzXt2QhkvcNNUWveiBEMos5WXU7/DT6+dMKDaS5PGpJDWzkn5v/ENZgX5F1S
muKXRHXYtj7mPz86txIM4XjszoMd3ZMir46qm5gs4c+9n0Ha9t/0nnKPNzw5iC4+
zqg6zTfyCNecjItfZ5GCzhmK6OpPYaeyudElvW4qdKlmthM4MKi+/ozjDKEayp1R
c41lzf+9TTT3YyUoG8WPztDeLC27SaIDMf7HmgnKaZmEqPIhWb+APwTIBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKq60Ee1riJXsmEtrDuyNFb40TlKMB8GA1UdIwQY
MBaAFLXxnrDdSOGySSSQi7W2hIzBZ4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQt
MzVjNjZkN2M1MjYwLzEvcXJyUVI3V3VJbGV5WVMyc083STBWdmpST1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQtMzVjNjZkN2M1MjYw
LzEvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYjwMA0G
CSqGSIb3DQEBCwUAA4IBAQBl3eaTzMo7+YWNXfP4QGQxIwUqBYJxMLKmHrRpyR11
zwce/OSbxOEiHYVFiN+AFHffvcor0rxaiug9KbzWAt9KpfoXRN65VGpGxNXc2dio
KenTh5knXW//wuuxKIwyru2wIzcZlNDtcNa/hWBDlxd1jl1xh8HC27enZgxx8JnY
4RO6jkSwHgZTr9b7deDrKhy+oLeoh3truDO3hWZE0SQ9CQRHK36mbnT+GpK4qLDc
wvpwkN+Gy2phG5FLKjqJ85Fi0wZEqvqImkuCK4c/NMliq50CTOEIpNaml6nLULe3
kH1KravfnoVakg3TZG1fhsKLExPy5m3vu0ABmCAeyKO5
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:08:21 2025 by rpki-client