Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q43aqD98_gdR3EfiqGfW0w6rngQ.roa
File: Q43aqD98_gdR3EfiqGfW0w6rngQ.roa (raw, json)
Hash identifier: iTyyEQ1xj4llstnkirZdlTGr6Uq1zxEiMOQZ/AY6gIY=
Subject key identifier: 43:8D:DA:A8:3F:7C:FE:07:51:DC:47:E2:A8:67:D6:D3:0E:AB:9E:04
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194274857B07D06CA56D839D773C29CFE7B
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q43aqD98_gdR3EfiqGfW0w6rngQ.roa
Signing time: Thu 02 Jan 2025 13:50:40 +0000
ROA not before: Thu 02 Jan 2025 13:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 273829
IP address blocks: 185.229.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:57:b0:7d:06:ca:56:d8:39:d7:73:c2:9c:fe:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=438ddaa83f7cfe0751dc47e2a867d6d30eab9e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:22:73:95:59:98:1c:0e:60:3b:3d:ff:66:23:
c5:65:48:9d:74:03:ea:ae:1a:8d:ab:d1:07:4b:67:
0d:51:80:34:2d:c5:bb:72:4a:71:54:80:54:ab:7b:
ed:5d:f0:77:5c:f5:09:80:41:1c:36:c5:10:eb:28:
4b:c4:74:c2:cd:60:86:40:4c:84:4d:ed:f9:d4:81:
37:16:94:79:51:5d:b0:34:a9:d5:84:aa:a0:4e:f6:
49:3c:60:90:9a:32:39:98:83:7b:6d:d1:64:3e:46:
cc:d5:82:bf:aa:9e:af:b1:f3:1b:f0:39:e1:e8:5d:
ca:b4:56:d8:c3:2e:a9:3c:66:f0:00:fd:d6:05:85:
6c:33:f8:e6:a2:b6:5f:f2:d6:d0:c4:c3:a3:4e:79:
0b:9c:80:05:db:1e:06:b8:1a:7c:5e:f8:14:a3:b4:
ef:83:91:73:8e:8f:78:34:31:d7:3d:9f:82:07:c7:
97:6b:f3:60:e6:aa:fe:bc:53:02:a5:b7:70:7d:c4:
f2:1c:f1:cc:44:e4:ab:4b:33:ca:9a:b5:d3:b3:f3:
d3:b1:17:3b:fe:53:a2:4c:47:36:fc:57:5c:f0:96:
65:18:8f:0b:a0:2a:63:07:37:d2:0b:70:31:0f:89:
6b:f6:69:79:26:8a:5e:9e:7e:87:b7:18:37:86:e9:
93:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8D:DA:A8:3F:7C:FE:07:51:DC:47:E2:A8:67:D6:D3:0E:AB:9E:04
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q43aqD98_gdR3EfiqGfW0w6rngQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.216.0/24
Signature Algorithm: sha256WithRSAEncryption
21:3c:f2:fa:55:0b:a7:df:92:67:dc:9a:35:5b:c9:4b:4d:f4:
c3:6b:ce:92:81:ad:09:77:cd:8e:98:e2:55:bc:42:01:88:32:
be:03:47:1d:c8:19:1d:d0:d8:6b:92:0a:77:55:c3:d6:8c:ee:
48:ad:38:69:15:43:a9:e8:ca:40:8c:8a:a1:0d:cc:08:1c:67:
ae:21:d1:98:d9:5d:9c:15:00:40:57:62:88:1e:08:7a:ad:e7:
2e:ef:ff:6b:8b:b0:d8:a2:36:f1:1c:c8:54:8a:70:52:47:e4:
98:93:e5:d3:13:9e:a2:86:d9:9f:f8:19:fb:d3:96:83:f2:ac:
f1:87:78:95:0f:7b:de:7e:93:c7:52:39:85:cb:7c:10:55:5e:
5b:98:32:72:a3:3e:6b:03:96:e3:0b:c2:25:b8:2c:41:84:ba:
6a:0e:c8:d8:27:52:09:ad:df:0f:64:41:e9:91:9f:95:5f:0e:
91:c6:24:58:d4:05:15:b1:c9:e6:fd:51:02:65:e7:3a:5d:5b:
45:dc:d0:c3:f3:de:ab:99:c3:33:df:d9:ab:e0:01:2b:f4:a8:
b9:1f:0b:13:db:7d:44:af:36:e2:de:3d:09:60:ec:0a:b4:23:
bd:21:36:26:a4:a8:58:66:02:d1:45:03:b6:98:3e:48:bf:b6:
d9:8c:ce:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFewfQbKVtg513PCnP57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhkZGFhODNmN2NmZTA3NTFkYzQ3ZTJhODY3ZDZkMzBlYWI5ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CJzlVmYHA5gOz3/ZiPFZUiddAPq
rhqNq9EHS2cNUYA0LcW7ckpxVIBUq3vtXfB3XPUJgEEcNsUQ6yhLxHTCzWCGQEyE
Te351IE3FpR5UV2wNKnVhKqgTvZJPGCQmjI5mIN7bdFkPkbM1YK/qp6vsfMb8Dnh
6F3KtFbYwy6pPGbwAP3WBYVsM/jmorZf8tbQxMOjTnkLnIAF2x4GuBp8XvgUo7Tv
g5Fzjo94NDHXPZ+CB8eXa/Ng5qr+vFMCpbdwfcTyHPHMROSrSzPKmrXTs/PTsRc7
/lOiTEc2/Fdc8JZlGI8LoCpjBzfSC3AxD4lr9ml5Jopenn6Htxg3humT7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEON2qg/fP4HUdxH4qhn1tMOq54EMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvUTQzYXFEOThfZ2RSM0VmaXFHZlcwdzZybmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueXYMA0G
CSqGSIb3DQEBCwUAA4IBAQAhPPL6VQun35Jn3Jo1W8lLTfTDa86Sga0Jd82OmOJV
vEIBiDK+A0cdyBkd0Nhrkgp3VcPWjO5IrThpFUOp6MpAjIqhDcwIHGeuIdGY2V2c
FQBAV2KIHgh6recu7/9ri7DYojbxHMhUinBSR+SYk+XTE56ihtmf+Bn705aD8qzx
h3iVD3vefpPHUjmFy3wQVV5bmDJyoz5rA5bjC8IluCxBhLpqDsjYJ1IJrd8PZEHp
kZ+VXw6RxiRY1AUVscnm/VECZec6XVtF3NDD896rmcMz39mr4AEr9Ki5HwsT231E
rzbi3j0JYOwKtCO9ITYmpKhYZgLRRQO2mD5Iv7bZjM4b
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:59:41 2025 by rpki-client