Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/QKYFwfEUtIsE2zwk360KHQOdATU.roa
File: QKYFwfEUtIsE2zwk360KHQOdATU.roa (raw, json)
Hash identifier: J7RPiiX3svZf1ggdl8vvm2b4xvCEOydrVgV6jBu1CtA=
Subject key identifier: 40:A6:05:C1:F1:14:B4:8B:04:DB:3C:24:DF:AD:0A:1D:03:9D:01:35
Certificate issuer: /CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Certificate serial: 01953D4F9DC94B183BAE5316B4CD9F30E8EB
Authority key identifier: 8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/QKYFwfEUtIsE2zwk360KHQOdATU.roa
Signing time: Tue 25 Feb 2025 13:33:02 +0000
ROA not before: Tue 25 Feb 2025 13:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 45.139.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:4f:9d:c9:4b:18:3b:ae:53:16:b4:cd:9f:30:e8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Validity
Not Before: Feb 25 13:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40a605c1f114b48b04db3c24dfad0a1d039d0135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:ca:72:f9:4d:9d:d8:1e:73:bd:ca:ab:00:
8e:7d:07:55:95:1b:f3:2f:1e:2b:2e:e1:0d:23:d8:
6f:0a:9f:2e:26:52:25:09:51:d0:13:66:42:c6:35:
6d:c3:a9:93:79:de:9f:bc:9b:ed:d9:42:ff:44:30:
70:1f:cc:25:a6:d1:40:9e:e6:84:f1:aa:1f:2f:95:
3a:be:c8:24:de:32:ff:1c:bd:42:a7:fb:8c:96:5d:
73:5e:72:1f:3e:9b:89:0a:af:ae:93:e1:26:4b:dd:
0d:57:37:d3:a3:8d:3b:1b:54:89:e0:90:49:d3:55:
de:8c:81:85:e0:ca:5e:58:ea:36:15:d7:ba:e8:ac:
bd:3b:b5:40:cd:93:fe:44:78:94:a6:35:93:24:67:
57:5b:b6:18:d3:38:f3:f1:0a:ef:8d:37:b6:a3:2d:
f9:f9:27:43:6d:e8:e8:a3:50:cf:68:3e:9e:40:84:
6e:55:ce:6d:7b:3b:70:08:67:d8:c1:88:9a:76:d1:
e3:47:af:01:cf:b6:f1:fc:43:1a:ec:35:2b:22:08:
de:6d:67:c3:ce:57:f8:80:51:ea:83:42:20:4b:6f:
b3:3e:97:67:5e:ad:08:50:5b:e3:10:01:72:fd:4f:
69:f7:e5:31:0d:d6:41:ec:63:32:37:6d:ee:b8:49:
ed:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A6:05:C1:F1:14:B4:8B:04:DB:3C:24:DF:AD:0A:1D:03:9D:01:35
X509v3 Authority Key Identifier:
keyid:8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/QKYFwfEUtIsE2zwk360KHQOdATU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.211.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:d1:3c:af:5f:2a:16:8f:05:66:ba:91:10:ac:37:da:f0:b4:
58:a9:5b:9f:ce:a5:4b:07:92:75:65:28:2f:c4:c3:47:5f:e5:
9f:73:db:36:b6:12:77:be:26:75:be:be:44:d0:9c:a5:7f:2f:
a7:88:d9:f7:b1:39:ad:d6:8b:fe:00:35:06:db:42:7e:bd:4b:
6b:9a:0a:32:64:7c:a2:7e:64:23:cc:b4:29:c5:15:f7:c2:40:
56:47:0a:f4:12:b3:a5:45:b8:f1:9e:cf:df:db:6b:78:c8:ec:
32:c2:af:5e:ad:47:ab:9c:0a:4c:67:7d:31:e7:99:2a:2a:f5:
d3:9d:5d:a7:5b:6b:bd:ab:90:de:73:57:5f:eb:be:b1:c8:4d:
ac:1d:77:d0:64:a3:99:d9:5e:d6:ed:89:a3:43:5d:4d:23:52:
e1:98:20:e4:3a:fa:88:1d:12:0b:d1:1e:c3:f4:b9:9b:a3:9e:
a2:b8:8a:76:59:1d:c8:a7:83:63:8b:3e:53:89:98:5f:76:ea:
2a:79:7f:94:33:52:7e:46:d5:22:75:96:aa:af:6d:fa:bc:d4:
f7:b4:1e:ac:54:d4:c1:23:44:3f:ca:8d:b9:d2:d7:3a:db:1b:
ca:0e:af:19:3b:36:b3:eb:14:a2:74:4e:b0:98:fa:04:ba:ee:
1b:8e:65:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU9T53JSxg7rlMWtM2fMOjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlM2YxNjYzOTk2YmUxNzA3NjExZmRjZTFkZGVhODkyMGRk
Mzk4YTMwHhcNMjUwMjI1MTMzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE2MDVjMWYxMTRiNDhiMDRkYjNjMjRkZmFkMGExZDAzOWQwMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw/KcvlNndgec73KqwCOfQdVlRvz
Lx4rLuENI9hvCp8uJlIlCVHQE2ZCxjVtw6mTed6fvJvt2UL/RDBwH8wlptFAnuaE
8aofL5U6vsgk3jL/HL1Cp/uMll1zXnIfPpuJCq+uk+EmS90NVzfTo407G1SJ4JBJ
01XejIGF4MpeWOo2Fde66Ky9O7VAzZP+RHiUpjWTJGdXW7YY0zjz8QrvjTe2oy35
+SdDbejoo1DPaD6eQIRuVc5teztwCGfYwYiadtHjR68Bz7bx/EMa7DUrIgjebWfD
zlf4gFHqg0IgS2+zPpdnXq0IUFvjEAFy/U9p9+UxDdZB7GMyN23uuEntAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECmBcHxFLSLBNs8JN+tCh0DnQE1MB8GA1UdIwQY
MBaAFI4/FmOZa+FwdhH9zh3eqJIN05ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzkt
YzhmOWJlN2QxOWRmLzEvUUtZRndmRVV0SXNFMnp3azM2MEtIUU9kQVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzktYzhmOWJlN2QxOWRm
LzEvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYvTMA0G
CSqGSIb3DQEBCwUAA4IBAQCd0TyvXyoWjwVmupEQrDfa8LRYqVufzqVLB5J1ZSgv
xMNHX+Wfc9s2thJ3viZ1vr5E0Jylfy+niNn3sTmt1ov+ADUG20J+vUtrmgoyZHyi
fmQjzLQpxRX3wkBWRwr0ErOlRbjxns/f22t4yOwywq9erUernApMZ30x55kqKvXT
nV2nW2u9q5Dec1df676xyE2sHXfQZKOZ2V7W7YmjQ11NI1LhmCDkOvqIHRIL0R7D
9Lmbo56iuIp2WR3Ip4Njiz5TiZhfduoqeX+UM1J+RtUidZaqr236vNT3tB6sVNTB
I0Q/yo250tc62xvKDq8ZOzaz6xSidE6wmPoEuu4bjmXU
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:03:18 2025 by rpki-client