Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/1f3497-dcbb-4970-a901-72fa0c680db3/1/Q--KHql7ULYPUJ2Gz-J_5Jup_U0.roa
File: Q--KHql7ULYPUJ2Gz-J_5Jup_U0.roa (raw, json)
Hash identifier: lZNAzvOEp7TKm8KVsp70/1fU0TDKITbm7bvczeTQKGA=
Subject key identifier: 43:EF:8A:1E:A9:7B:50:B6:0F:50:9D:86:CF:E2:7F:E4:9B:A9:FD:4D
Certificate issuer: /CN=e566f962bc8fc409f927e6351218db7a5f3d5551
Certificate serial: 01856DB875362099B1C096FBF7ABA96E2909
Authority key identifier: E5:66:F9:62:BC:8F:C4:09:F9:27:E6:35:12:18:DB:7A:5F:3D:55:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Wb5YryPxAn5J-Y1Ehjbel89VVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/1f3497-dcbb-4970-a901-72fa0c680db3/1/Q--KHql7ULYPUJ2Gz-J_5Jup_U0.roa
Signing time: Sun 01 Jan 2023 14:24:43 +0000
ROA not before: Sun 01 Jan 2023 14:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 46.253.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:75:36:20:99:b1:c0:96:fb:f7:ab:a9:6e:29:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e566f962bc8fc409f927e6351218db7a5f3d5551
Validity
Not Before: Jan 1 14:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43ef8a1ea97b50b60f509d86cfe27fe49ba9fd4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e9:fe:45:d2:2a:77:6e:ce:29:fa:15:2f:4e:
2d:83:56:51:2e:8a:fe:50:5b:0b:2f:c9:db:f9:4a:
67:08:6e:e8:76:bf:3f:34:b7:e6:cb:f7:5b:ce:2e:
61:86:88:18:78:f5:83:56:67:cb:87:1e:e7:09:a9:
93:29:9f:3d:32:d0:9b:a3:06:e0:3e:d0:86:b3:6d:
92:64:31:43:42:24:c1:59:45:c6:bd:40:af:77:48:
68:83:ff:68:43:32:dc:37:0c:7c:7d:8f:c5:5a:5e:
c9:7d:d0:72:6a:b5:c0:1c:01:e1:f3:f2:2e:95:5a:
d4:22:8d:49:ed:a4:a4:9b:93:aa:52:48:eb:f7:29:
67:36:69:1c:ff:47:0a:70:cf:bf:28:0a:29:76:cc:
c6:d8:45:c1:a8:16:fb:c6:72:88:a3:b5:2a:ff:e8:
fd:0d:79:89:a5:68:0a:f4:0a:f1:b9:d6:79:4e:8f:
ad:79:5d:a7:a1:c3:a1:ee:4e:a9:fc:9d:7f:5b:e2:
9f:05:a3:75:5c:81:01:7c:e5:31:00:ed:d1:8d:d2:
0d:b0:f0:d2:a2:83:a7:ea:bc:38:58:1e:f9:16:2e:
b9:a1:d5:83:ec:7d:fa:b1:e3:26:06:8b:da:c8:4b:
e5:0e:bb:9c:65:14:71:cb:41:12:7f:a4:e5:52:ce:
2b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EF:8A:1E:A9:7B:50:B6:0F:50:9D:86:CF:E2:7F:E4:9B:A9:FD:4D
X509v3 Authority Key Identifier:
keyid:E5:66:F9:62:BC:8F:C4:09:F9:27:E6:35:12:18:DB:7A:5F:3D:55:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Wb5YryPxAn5J-Y1Ehjbel89VVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1f3497-dcbb-4970-a901-72fa0c680db3/1/Q--KHql7ULYPUJ2Gz-J_5Jup_U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/1f3497-dcbb-4970-a901-72fa0c680db3/1/5Wb5YryPxAn5J-Y1Ehjbel89VVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.136.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:cb:0f:69:6b:28:40:94:3b:49:96:cb:47:de:7a:a6:60:d0:
e4:fe:4a:15:70:57:16:90:08:7e:9b:32:7a:ef:f5:9e:77:a6:
2f:9c:48:7b:e8:9a:29:4b:45:af:b3:31:ef:01:a0:e4:2f:78:
23:86:7a:ab:d8:47:d5:eb:8f:38:fc:5a:a7:6a:42:67:61:2d:
d7:4a:2f:3d:53:ba:bd:94:ed:cf:dc:d4:c3:74:c7:9e:d7:54:
c4:f7:01:a5:41:4d:cc:33:36:37:56:43:8f:7b:b4:18:bd:6f:
96:60:d9:92:48:d3:fc:7f:83:52:ed:7c:a7:80:35:d4:ed:9e:
91:9d:ea:e8:42:9a:02:23:af:52:41:cc:ab:f8:0e:f6:bc:36:
3e:fd:eb:b7:32:0e:0b:fc:50:9b:82:a2:6d:67:94:c9:9f:4f:
12:ef:89:c7:4b:f4:79:4c:51:8c:0d:f1:8b:d5:5a:12:92:1c:
f3:0e:fe:7c:ad:bd:cd:b6:b1:9a:68:52:c7:9d:60:bd:af:27:
b5:76:23:f4:f3:49:89:c6:f6:ed:c0:06:b0:aa:a1:5d:c2:29:
f7:a0:c8:b7:da:6f:0c:62:83:3b:3b:73:dd:f9:d6:11:ae:0b:
4f:66:77:92:10:0b:30:b5:79:99:14:f3:c3:a2:b3:7d:b3:1a:
5b:d9:c4:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuHU2IJmxwJb796upbikJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjZmOTYyYmM4ZmM0MDlmOTI3ZTYzNTEyMThkYjdhNWYz
ZDU1NTEwHhcNMjMwMTAxMTQyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2VmOGExZWE5N2I1MGI2MGY1MDlkODZjZmUyN2ZlNDliYTlmZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApen+RdIqd27OKfoVL04tg1ZRLor+
UFsLL8nb+UpnCG7odr8/NLfmy/dbzi5hhogYePWDVmfLhx7nCamTKZ89MtCbowbg
PtCGs22SZDFDQiTBWUXGvUCvd0hog/9oQzLcNwx8fY/FWl7JfdByarXAHAHh8/Iu
lVrUIo1J7aSkm5OqUkjr9ylnNmkc/0cKcM+/KAopdszG2EXBqBb7xnKIo7Uq/+j9
DXmJpWgK9ArxudZ5To+teV2nocOh7k6p/J1/W+KfBaN1XIEBfOUxAO3RjdINsPDS
ooOn6rw4WB75Fi65odWD7H36seMmBovayEvlDrucZRRxy0ESf6TlUs4rXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPvih6pe1C2D1Cdhs/if+Sbqf1NMB8GA1UdIwQY
MBaAFOVm+WK8j8QJ+SfmNRIY23pfPVVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdiNVlyeVB4QW41Si1ZMUVoamJlbDg5VlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8xZjM0OTctZGNiYi00OTcwLWE5MDEt
NzJmYTBjNjgwZGIzLzEvUS0tS0hxbDdVTFlQVUoyR3otSl81SnVwX1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8xZjM0OTctZGNiYi00OTcwLWE5MDEtNzJmYTBjNjgwZGIz
LzEvNVdiNVlyeVB4QW41Si1ZMUVoamJlbDg5VlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALv2IMA0G
CSqGSIb3DQEBCwUAA4IBAQA7yw9payhAlDtJlstH3nqmYNDk/koVcFcWkAh+mzJ6
7/Wed6YvnEh76JopS0WvszHvAaDkL3gjhnqr2EfV6484/FqnakJnYS3XSi89U7q9
lO3P3NTDdMee11TE9wGlQU3MMzY3VkOPe7QYvW+WYNmSSNP8f4NS7XyngDXU7Z6R
neroQpoCI69SQcyr+A72vDY+/eu3Mg4L/FCbgqJtZ5TJn08S74nHS/R5TFGMDfGL
1VoSkhzzDv58rb3NtrGaaFLHnWC9rye1diP080mJxvbtwAawqqFdwin3oMi32m8M
YoM7O3Pd+dYRrgtPZneSEAswtXmZFPPDorN9sxpb2cSb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:21 2025 by rpki-client