Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/o_mq9tD71bp7H162kJZ4nzhNsfg.roa
File: o_mq9tD71bp7H162kJZ4nzhNsfg.roa (raw, json)
Hash identifier: 7numw6BadOUJh+JlIPeIHv1I50R8PgfZTHAP/JDM81E=
Subject key identifier: A3:F9:AA:F6:D0:FB:D5:BA:7B:1F:5E:B6:90:96:78:9F:38:4D:B1:F8
Certificate issuer: /CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
Certificate serial: 0194282836A183F4F4E783DE8E6EBEA56357
Authority key identifier: 15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/o_mq9tD71bp7H162kJZ4nzhNsfg.roa
Signing time: Thu 02 Jan 2025 17:55:11 +0000
ROA not before: Thu 02 Jan 2025 17:55:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 185.150.216.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:36:a1:83:f4:f4:e7:83:de:8e:6e:be:a5:63:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
Validity
Not Before: Jan 2 17:55:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3f9aaf6d0fbd5ba7b1f5eb69096789f384db1f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:2a:eb:54:ff:14:c6:f6:b2:a1:90:78:e7:
f5:ec:49:59:1d:c4:d8:6a:3c:16:fa:35:cd:40:23:
16:6c:8e:03:b9:26:c5:e8:67:33:6f:30:25:f3:17:
6d:ea:36:35:49:c0:ae:80:84:cb:ad:e9:64:7b:b5:
d5:e7:95:36:61:c6:4d:d5:d5:8f:79:b8:04:a5:94:
b4:56:ee:f3:dd:b9:fa:7d:2a:58:8f:17:58:0b:f5:
bc:4e:ce:4e:44:03:40:19:3a:9e:b6:8d:f5:ac:9c:
f4:4e:8f:73:0a:25:c2:3f:75:cd:dc:9a:54:7f:01:
39:ef:a4:b3:28:66:be:a6:f2:ef:37:1d:31:ee:0f:
7c:bd:3a:9a:4b:64:eb:d9:db:f8:16:ff:61:50:bf:
60:46:b3:88:a8:46:b7:b4:fb:e1:26:06:0a:ae:9e:
eb:7f:dc:3d:a4:e2:64:06:6f:fc:5f:a0:38:87:61:
5b:22:c9:fd:ef:b1:e9:d6:91:5b:8b:05:2c:49:04:
2a:2e:6c:42:f8:33:fc:93:e4:89:b4:33:fc:59:33:
96:02:db:c5:45:18:38:a4:7f:fb:23:55:20:04:df:
56:bc:b1:02:fa:fb:68:ed:d1:b0:c7:d3:6d:52:38:
53:ed:92:c4:0b:17:b6:ce:b1:02:5e:81:9f:90:62:
46:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F9:AA:F6:D0:FB:D5:BA:7B:1F:5E:B6:90:96:78:9F:38:4D:B1:F8
X509v3 Authority Key Identifier:
keyid:15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/o_mq9tD71bp7H162kJZ4nzhNsfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.216.0/22
Signature Algorithm: sha256WithRSAEncryption
06:eb:49:a9:af:ee:58:fa:9b:3c:1b:c2:b1:3c:16:04:06:b8:
90:c1:8e:2a:c0:db:bc:c5:99:16:ac:33:ea:88:28:06:8d:84:
a5:d7:b9:e7:73:5c:3b:d6:22:a4:e5:79:37:af:3b:81:48:20:
bd:ca:8d:6d:2d:a3:cf:99:67:41:eb:dc:ff:4f:4a:61:1a:17:
58:00:cb:e4:47:b2:12:1c:9b:b0:32:2c:a1:16:fa:b3:5e:c4:
23:75:3c:ae:06:59:f5:39:8e:fb:a2:d3:85:0d:89:9a:a6:0a:
e9:bf:6c:59:9a:bc:f3:65:12:72:b1:0d:ce:15:9e:61:07:2a:
e3:36:14:f0:3f:5e:02:79:99:78:a0:5b:10:0d:44:d4:47:ce:
a7:48:b1:31:c1:7c:ce:fc:b7:f6:83:21:fd:48:c6:bd:7d:8e:
4a:44:c4:07:d1:a1:04:06:11:70:8e:ba:63:9f:c3:fc:22:1f:
cd:13:04:82:fd:f0:ba:62:3c:a3:f4:43:e0:ec:c7:b4:6a:8e:
6b:2f:6a:63:f1:f5:83:6b:7c:df:9b:5b:90:04:d6:eb:53:53:
dc:e0:bd:73:83:43:a6:bb:ba:5e:54:8e:87:0f:fd:fe:b5:d3:
52:1d:0d:2f:95:83:48:67:59:24:d8:1e:86:49:6d:f3:31:72:
12:61:25:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoKDahg/T054Pejm6+pWNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZDFmZjZiZWM5ZmJjYjg5ZTk1MGEzYTAxZWYyZDY4NmYw
ZTdhMzEwHhcNMjUwMTAyMTc1NTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y5YWFmNmQwZmJkNWJhN2IxZjVlYjY5MDk2Nzg5ZjM4NGRiMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpcq61T/FMb2sqGQeOf17ElZHcTY
ajwW+jXNQCMWbI4DuSbF6GczbzAl8xdt6jY1ScCugITLrelke7XV55U2YcZN1dWP
ebgEpZS0Vu7z3bn6fSpYjxdYC/W8Ts5ORANAGTqeto31rJz0To9zCiXCP3XN3JpU
fwE576SzKGa+pvLvNx0x7g98vTqaS2Tr2dv4Fv9hUL9gRrOIqEa3tPvhJgYKrp7r
f9w9pOJkBm/8X6A4h2FbIsn977Hp1pFbiwUsSQQqLmxC+DP8k+SJtDP8WTOWAtvF
RRg4pH/7I1UgBN9WvLEC+vto7dGwx9NtUjhT7ZLECxe2zrECXoGfkGJG9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKP5qvbQ+9W6ex9etpCWeJ84TbH4MB8GA1UdIwQY
MBaAFBXR/2vsn7y4npUKOgHvLWhvDnoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjct
OTZiODY5MWY1MjYwLzEvb19tcTl0RDcxYnA3SDE2MmtKWjRuemhOc2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjctOTZiODY5MWY1MjYw
LzEvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZbYMA0G
CSqGSIb3DQEBCwUAA4IBAQAG60mpr+5Y+ps8G8KxPBYEBriQwY4qwNu8xZkWrDPq
iCgGjYSl17nnc1w71iKk5Xk3rzuBSCC9yo1tLaPPmWdB69z/T0phGhdYAMvkR7IS
HJuwMiyhFvqzXsQjdTyuBln1OY77otOFDYmapgrpv2xZmrzzZRJysQ3OFZ5hByrj
NhTwP14CeZl4oFsQDUTUR86nSLExwXzO/Lf2gyH9SMa9fY5KRMQH0aEEBhFwjrpj
n8P8Ih/NEwSC/fC6Yjyj9EPg7Me0ao5rL2pj8fWDa3zfm1uQBNbrU1Pc4L1zg0Om
u7peVI6HD/3+tdNSHQ0vlYNIZ1kk2B6GSW3zMXISYSWH
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:12:34 2025 by rpki-client