Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/Q-Q316aVXjaSDF_zXdBAZDqfQi8.roa
File: Q-Q316aVXjaSDF_zXdBAZDqfQi8.roa (raw, json)
Hash identifier: pbIGWJtvDyC8Gs/UzFer1NbNeCFqgi6grLGP2phHoj4=
Subject key identifier: 43:E4:37:D7:A6:95:5E:36:92:0C:5F:F3:5D:D0:40:64:3A:9F:42:2F
Certificate issuer: /CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Certificate serial: 019424B3F7B2138315E7BEC51F3346DF033A
Authority key identifier: 1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/Q-Q316aVXjaSDF_zXdBAZDqfQi8.roa
Signing time: Thu 02 Jan 2025 01:49:21 +0000
ROA not before: Thu 02 Jan 2025 01:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 185.252.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:f7:b2:13:83:15:e7:be:c5:1f:33:46:df:03:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa0a328c6fe0f1bca5e6599042dff59e513b25d
Validity
Not Before: Jan 2 01:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43e437d7a6955e36920c5ff35dd040643a9f422f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d2:6b:0e:08:a6:81:dd:14:eb:6f:ce:d7:a1:
79:82:54:f8:df:a0:83:bb:93:f7:04:3f:6e:5d:33:
3f:c9:c0:6c:5b:fe:9f:ed:cb:e9:9d:4a:8d:2d:56:
e6:5d:73:f4:52:25:dc:16:3a:30:7c:4b:a1:c3:79:
da:90:90:d9:e1:28:86:bd:d0:35:87:a0:3a:89:26:
e8:c5:20:e1:16:58:5a:9c:99:6c:f2:84:cc:e1:d3:
09:92:64:02:8b:aa:f4:20:1b:ee:cd:04:dd:13:45:
93:39:3e:98:ec:d0:67:79:69:40:a7:df:be:22:19:
b4:bf:8b:d8:ea:3f:09:e7:fb:72:74:a2:17:13:b8:
0f:a4:23:04:fd:92:42:9a:c3:8f:24:e8:be:61:5a:
f7:ec:7f:b6:80:10:e8:17:11:bd:78:3e:f3:f1:0f:
10:e4:c7:60:c4:f1:31:d6:a0:0b:b7:cc:63:56:54:
58:21:76:43:03:82:c3:ff:25:8a:be:44:31:96:07:
61:26:de:42:5f:a3:96:8a:fc:91:1e:6d:8e:ee:2d:
62:8e:35:3c:f9:52:7c:4a:28:c3:4b:a1:77:02:06:
cd:24:22:e9:e4:f5:be:ff:b8:59:24:4a:83:bf:cc:
23:73:cc:7b:ab:c2:0a:56:fb:1c:e1:a0:3b:63:3c:
ad:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E4:37:D7:A6:95:5E:36:92:0C:5F:F3:5D:D0:40:64:3A:9F:42:2F
X509v3 Authority Key Identifier:
keyid:1A:A0:A3:28:C6:FE:0F:1B:CA:5E:65:99:04:2D:FF:59:E5:13:B2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqCjKMb-DxvKXmWZBC3_WeUTsl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/Q-Q316aVXjaSDF_zXdBAZDqfQi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/344d24-2e11-466d-8ade-38e846148c78/1/GqCjKMb-DxvKXmWZBC3_WeUTsl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.7.0/24
Signature Algorithm: sha256WithRSAEncryption
43:4a:3d:a4:54:03:fa:33:5f:cd:fa:0f:b3:ec:46:bf:f9:ae:
0b:99:eb:e9:dc:6f:48:6f:40:2d:92:3a:43:49:ff:c9:f4:3a:
06:c7:07:7d:f8:6b:90:74:15:06:15:23:12:4e:31:2f:a8:2c:
d9:12:90:3d:75:6f:e7:4b:92:2b:44:85:8b:b6:7b:32:28:99:
02:0b:eb:29:14:f8:f2:4b:ce:20:90:26:d5:cd:ff:88:53:2a:
71:e3:0e:89:c7:79:1e:36:ae:61:fb:9b:cb:b2:c5:65:96:2f:
94:a3:4b:77:c0:83:4b:a7:fa:28:c4:b8:f2:c0:0e:13:d3:bb:
75:ca:a7:17:48:34:44:1c:5e:47:09:2f:96:5e:ff:9b:cd:f1:
35:e8:f4:8c:ec:1f:c6:92:66:74:ba:d2:c3:c9:90:84:8f:ed:
32:89:2c:82:2c:46:54:20:60:89:bc:25:ae:7e:fd:01:b4:d2:
5d:b1:57:e2:5f:38:2d:02:9f:07:0c:47:a2:fc:dc:86:f6:44:
fd:6b:6c:8a:05:93:69:36:cc:04:e0:89:da:6d:de:4d:21:ba:
47:c9:2c:73:40:3b:0b:4a:20:05:cd:15:e0:8e:0d:57:ca:ef:
fb:71:a2:64:e7:4a:58:65:51:b7:b6:00:4b:8b:57:26:b4:b3:
0d:0a:27:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks/eyE4MV577FHzNG3wM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTBhMzI4YzZmZTBmMWJjYTVlNjU5OTA0MmRmZjU5ZTUx
M2IyNWQwHhcNMjUwMTAyMDE0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2U0MzdkN2E2OTU1ZTM2OTIwYzVmZjM1ZGQwNDA2NDNhOWY0MjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tJrDgimgd0U62/O16F5glT436CD
u5P3BD9uXTM/ycBsW/6f7cvpnUqNLVbmXXP0UiXcFjowfEuhw3nakJDZ4SiGvdA1
h6A6iSboxSDhFlhanJls8oTM4dMJkmQCi6r0IBvuzQTdE0WTOT6Y7NBneWlAp9++
Ihm0v4vY6j8J5/tydKIXE7gPpCME/ZJCmsOPJOi+YVr37H+2gBDoFxG9eD7z8Q8Q
5MdgxPEx1qALt8xjVlRYIXZDA4LD/yWKvkQxlgdhJt5CX6OWivyRHm2O7i1ijjU8
+VJ8SijDS6F3AgbNJCLp5PW+/7hZJEqDv8wjc8x7q8IKVvsc4aA7YzytRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPkN9emlV42kgxf813QQGQ6n0IvMB8GA1UdIwQY
MBaAFBqgoyjG/g8byl5lmQQt/1nlE7JdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUt
MzhlODQ2MTQ4Yzc4LzEvUS1RMzE2YVZYamFTREZfelhkQkFaRHFmUWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNDRkMjQtMmUxMS00NjZkLThhZGUtMzhlODQ2MTQ4Yzc4
LzEvR3FDaktNYi1EeHZLWG1XWkJDM19XZVVUc2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufwHMA0G
CSqGSIb3DQEBCwUAA4IBAQBDSj2kVAP6M1/N+g+z7Ea/+a4Lmevp3G9Ib0AtkjpD
Sf/J9DoGxwd9+GuQdBUGFSMSTjEvqCzZEpA9dW/nS5IrRIWLtnsyKJkCC+spFPjy
S84gkCbVzf+IUypx4w6Jx3keNq5h+5vLssVlli+Uo0t3wINLp/ooxLjywA4T07t1
yqcXSDREHF5HCS+WXv+bzfE16PSM7B/GkmZ0utLDyZCEj+0yiSyCLEZUIGCJvCWu
fv0BtNJdsVfiXzgtAp8HDEei/NyG9kT9a2yKBZNpNswE4Inabd5NIbpHySxzQDsL
SiAFzRXgjg1Xyu/7caJk50pYZVG3tgBLi1cmtLMNCieC
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:37:09 2025 by rpki-client