Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/qq4fM1ObQGyaLMmavbeC_4huAhs.roa
File: qq4fM1ObQGyaLMmavbeC_4huAhs.roa (raw, json)
Hash identifier: uj3kwNGwI3ye+3/FlFrfR0c/PIhlj04gSoV4ikzeXw8=
Subject key identifier: AA:AE:1F:33:53:9B:40:6C:9A:2C:C9:9A:BD:B7:82:FF:88:6E:02:1B
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019427B42A783BFC275A0701912EBC64539A
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/qq4fM1ObQGyaLMmavbeC_4huAhs.roa
Signing time: Thu 02 Jan 2025 15:48:26 +0000
ROA not before: Thu 02 Jan 2025 15:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202085
IP address blocks: 213.252.210.0/23 maxlen: 24
213.252.211.0/24 maxlen: 24
213.252.212.0/22 maxlen: 22
213.252.216.0/22 maxlen: 22
213.252.221.0/24 maxlen: 24
213.252.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:2a:78:3b:fc:27:5a:07:01:91:2e:bc:64:53:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 15:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aaae1f33539b406c9a2cc99abdb782ff886e021b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:01:10:91:ad:49:3a:82:e7:8e:be:69:c6:0d:
c5:ad:47:85:85:8d:93:e0:6c:a9:44:e8:22:2d:61:
9f:5e:15:40:31:48:c9:d1:1a:bd:80:87:d2:ba:ef:
f5:89:40:d9:c5:15:b2:a6:d4:95:fb:1f:db:39:59:
14:13:ae:75:f6:3d:a0:52:15:b7:93:a1:27:b9:a8:
ab:6d:6d:f0:2a:61:18:1f:73:f0:c8:a7:83:80:10:
e3:db:02:77:57:9c:f8:2c:09:c7:ff:99:c0:4d:8e:
09:3d:15:80:f8:c6:ba:57:1b:34:91:84:25:d3:ce:
c8:f8:22:b8:95:be:bd:d6:a5:74:36:3d:cc:a3:62:
f0:d6:b4:b7:b4:a1:fb:b9:0e:c4:87:08:e9:09:4f:
a3:07:5b:31:8a:bf:24:44:ae:02:ad:65:4d:da:74:
ed:2f:a4:60:11:1e:fa:64:0e:54:73:24:6c:40:4e:
2b:01:10:d1:13:3b:b6:4e:ba:69:92:72:a9:7e:77:
c2:32:31:5e:6e:7b:16:a4:bd:3e:e2:09:5d:fa:33:
4f:7e:e5:ed:4f:5d:8b:85:d8:60:88:62:fa:8f:6c:
44:4f:42:c6:c0:0c:fc:f9:c2:23:c0:36:01:b4:32:
2c:04:95:ef:06:e1:76:c8:49:61:95:61:8a:67:05:
7c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:AE:1F:33:53:9B:40:6C:9A:2C:C9:9A:BD:B7:82:FF:88:6E:02:1B
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/qq4fM1ObQGyaLMmavbeC_4huAhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.252.210.0-213.252.219.255
213.252.221.0-213.252.222.255
Signature Algorithm: sha256WithRSAEncryption
54:a7:c2:67:65:63:ea:59:f2:0b:8d:bc:6e:8a:43:bd:dd:a8:
60:c9:eb:fa:f5:e9:3b:bd:6d:5d:46:65:d4:2e:fa:8b:5e:ad:
56:28:70:9c:f4:9b:57:ba:65:97:3c:51:2a:be:06:ce:51:63:
ac:83:6d:69:8a:e7:93:ea:35:bc:55:ea:97:6a:de:98:5a:63:
c7:23:a6:49:5d:09:71:54:14:00:cd:36:a7:b3:6f:95:e8:d3:
c1:d6:63:98:2b:f2:a3:c1:aa:31:5d:2d:44:1d:9f:6b:97:22:
d9:db:8f:4f:78:c3:f9:7b:ee:13:db:2e:0a:11:93:6b:4a:5b:
b2:e4:8d:64:f6:ea:7c:14:fa:0d:8f:c9:cd:ee:b4:65:78:e2:
41:87:03:a5:f2:99:1e:8f:1a:3d:58:17:a0:c7:51:2a:a1:3b:
04:ed:d5:fe:c6:57:8a:d4:e3:28:98:00:7f:e7:fe:84:f6:d0:
8c:7d:cb:3a:f6:99:04:1d:12:ba:33:cc:38:93:ac:1d:d9:60:
b6:55:b3:79:3c:01:2c:a7:1e:43:f9:60:77:a9:fe:23:84:e4:
37:8b:a5:e5:f6:9a:e1:00:a3:0a:5c:98:03:30:22:93:f6:f5:
bc:51:2c:53:75:5d:83:57:ab:74:df:7b:8f:26:d6:47:78:d2:
20:f3:9b:79
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQntCp4O/wnWgcBkS68ZFOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTAyMTU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWFlMWYzMzUzOWI0MDZjOWEyY2M5OWFiZGI3ODJmZjg4NmUwMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQEQka1JOoLnjr5pxg3FrUeFhY2T
4GypROgiLWGfXhVAMUjJ0Rq9gIfSuu/1iUDZxRWyptSV+x/bOVkUE6519j2gUhW3
k6EnuairbW3wKmEYH3PwyKeDgBDj2wJ3V5z4LAnH/5nATY4JPRWA+Ma6Vxs0kYQl
087I+CK4lb691qV0Nj3Mo2Lw1rS3tKH7uQ7EhwjpCU+jB1sxir8kRK4CrWVN2nTt
L6RgER76ZA5UcyRsQE4rARDREzu2TrppknKpfnfCMjFebnsWpL0+4gld+jNPfuXt
T12LhdhgiGL6j2xET0LGwAz8+cIjwDYBtDIsBJXvBuF2yElhlWGKZwV8GQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKquHzNTm0BsmizJmr23gv+IbgIbMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvcXE0Zk0xT2JRR3lhTE1tYXZiZUNfNGh1QWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAHV/NID
BALV/NgwDAMEANX83QMEANX83jANBgkqhkiG9w0BAQsFAAOCAQEAVKfCZ2Vj6lny
C428bopDvd2oYMnr+vXpO71tXUZl1C76i16tVihwnPSbV7pllzxRKr4GzlFjrINt
aYrnk+o1vFXql2remFpjxyOmSV0JcVQUAM02p7NvlejTwdZjmCvyo8GqMV0tRB2f
a5ci2duPT3jD+XvuE9suChGTa0pbsuSNZPbqfBT6DY/Jze60ZXjiQYcDpfKZHo8a
PVgXoMdRKqE7BO3V/sZXitTjKJgAf+f+hPbQjH3LOvaZBB0SujPMOJOsHdlgtlWz
eTwBLKceQ/lgd6n+I4TkN4ul5faa4QCjClyYAzAik/b1vFEsU3Vdg1erdN97jybW
R3jSIPObeQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:01 2025 by rpki-client