Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/cqv9wE6YQZchLlgsxhcbVRhtEeU.roa
File: cqv9wE6YQZchLlgsxhcbVRhtEeU.roa (raw, json)
Hash identifier: 3rCt4hA9/sZjApJdKGG7tO/q40UY1c+LBHUhHVGVeCU=
Subject key identifier: 72:AB:FD:C0:4E:98:41:97:21:2E:58:2C:C6:17:1B:55:18:6D:11:E5
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019532456234EFC2D072FC07A5D6ADBF0404
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/cqv9wE6YQZchLlgsxhcbVRhtEeU.roa
Signing time: Sun 23 Feb 2025 10:06:02 +0000
ROA not before: Sun 23 Feb 2025 10:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:32:45:62:34:ef:c2:d0:72:fc:07:a5:d6:ad:bf:04:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Feb 23 10:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72abfdc04e984197212e582cc6171b55186d11e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:a4:f2:87:4b:49:20:25:39:5b:55:84:ef:
d2:59:dd:02:3b:17:b2:a5:63:b6:d7:b4:f5:74:ae:
33:6b:11:e8:83:42:d5:0d:99:b6:c9:b3:dc:8d:46:
b3:a6:57:8b:c6:97:13:b8:f5:97:fb:fe:ce:67:cd:
96:67:f8:39:59:ef:b4:62:17:31:8a:ab:c4:8b:87:
76:d8:bb:69:c5:21:9b:cd:f6:12:67:4f:e8:e0:a2:
a6:51:5b:f7:75:da:f6:68:25:15:a8:b8:c8:b2:c4:
3b:15:a5:e4:9a:ca:1b:e8:a1:69:e8:81:61:2a:c5:
5b:06:fb:4b:53:e7:51:2e:60:26:3d:0f:9d:af:84:
53:8d:00:d3:be:f3:6e:b5:c9:8d:5c:77:7b:05:69:
5b:18:c2:2b:f6:fa:dc:c3:f4:90:6a:ec:11:8a:a0:
4d:d5:27:e0:8d:75:ee:5f:ae:b0:d4:27:37:e0:33:
a0:dc:72:80:9e:fe:e5:4b:49:76:ea:ac:fb:63:39:
2f:0d:c5:48:64:45:4f:f9:4c:7a:ed:a2:86:a0:f2:
c9:13:2a:25:bc:27:a4:4d:81:be:7b:36:54:71:cf:
7a:45:09:77:b2:da:8f:b9:be:0e:f8:7d:41:68:58:
4c:3b:f3:58:47:19:bd:f4:c2:42:40:29:be:41:bf:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:AB:FD:C0:4E:98:41:97:21:2E:58:2C:C6:17:1B:55:18:6D:11:E5
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/cqv9wE6YQZchLlgsxhcbVRhtEeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
78.143.253.0/24
194.33.150.0/24
Signature Algorithm: sha256WithRSAEncryption
80:eb:e2:f4:bf:b7:42:7d:0b:13:e9:8b:52:45:93:2c:29:bc:
0c:b7:93:da:f0:1c:88:d5:c7:75:af:54:ff:91:fe:8d:04:29:
ae:b4:3f:48:5f:f4:f1:44:46:8a:d5:15:c4:27:79:19:52:63:
ea:72:64:c3:df:39:00:b7:de:34:ff:60:81:ea:4b:74:cf:bd:
28:80:a1:df:ee:2c:d6:d5:d1:8d:bf:7e:ae:48:ed:49:5a:85:
d5:55:bf:67:84:cc:c6:ad:51:33:9e:42:00:6d:52:0d:8d:75:
08:35:fe:b8:60:25:1e:c5:1c:3d:9b:55:ee:8c:7b:e6:63:67:
a1:c6:28:89:20:57:10:4d:f1:7b:6d:65:47:40:07:a9:d3:78:
24:a3:75:bc:56:9d:c4:dc:79:0d:c0:32:96:cc:a1:8a:4d:a3:
8b:de:a0:92:7b:52:69:f5:99:f3:a6:21:e9:10:93:d3:3b:6f:
6c:ab:8b:5a:68:b2:d3:31:d4:81:e7:5e:64:fa:1f:50:50:54:
57:61:73:d1:ae:1b:cf:a8:87:12:6d:30:5a:81:51:e1:59:09:
52:2b:5b:b6:19:37:74:ea:d5:58:d1:ae:8c:4b:a7:ec:3f:20:
82:a9:ef:90:dc:08:92:5b:c9:c0:10:03:5d:49:04:e3:cc:7c:
21:86:11:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUyRWI078LQcvwHpdatvwQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwMjIzMTAwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmFiZmRjMDRlOTg0MTk3MjEyZTU4MmNjNjE3MWI1NTE4NmQxMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeGk8odLSSAlOVtVhO/SWd0COxey
pWO217T1dK4zaxHog0LVDZm2ybPcjUazpleLxpcTuPWX+/7OZ82WZ/g5We+0Yhcx
iqvEi4d22LtpxSGbzfYSZ0/o4KKmUVv3ddr2aCUVqLjIssQ7FaXkmsob6KFp6IFh
KsVbBvtLU+dRLmAmPQ+dr4RTjQDTvvNutcmNXHd7BWlbGMIr9vrcw/SQauwRiqBN
1SfgjXXuX66w1Cc34DOg3HKAnv7lS0l26qz7YzkvDcVIZEVP+Ux67aKGoPLJEyol
vCekTYG+ezZUcc96RQl3stqPub4O+H1BaFhMO/NYRxm99MJCQCm+Qb9HFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHKr/cBOmEGXIS5YLMYXG1UYbRHlMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvY3F2OXdFNllRWmNoTGxnc3hoY2JWUmh0RWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZCbAwQA
To/9AwQAwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQCA6+L0v7dCfQsT6YtSRZMsKbwM
t5Pa8ByI1cd1r1T/kf6NBCmutD9IX/TxREaK1RXEJ3kZUmPqcmTD3zkAt940/2CB
6kt0z70ogKHf7izW1dGNv36uSO1JWoXVVb9nhMzGrVEznkIAbVINjXUINf64YCUe
xRw9m1XujHvmY2ehxiiJIFcQTfF7bWVHQAep03gko3W8Vp3E3HkNwDKWzKGKTaOL
3qCSe1Jp9ZnzpiHpEJPTO29sq4taaLLTMdSB515k+h9QUFRXYXPRrhvPqIcSbTBa
gVHhWQlSK1u2GTd06tVY0a6MS6fsPyCCqe+Q3AiSW8nAEANdSQTjzHwhhhF6
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:26:12 2025 by rpki-client