Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/qPvF3VaWT-5NRPtMx5lYW6GFkhw.roa
File: qPvF3VaWT-5NRPtMx5lYW6GFkhw.roa (raw, json)
Hash identifier: 36kmlK3taGSxnqgckoFa68Ei00yzIhy+/R3FtBMxTPo=
Subject key identifier: A8:FB:C5:DD:56:96:4F:EE:4D:44:FB:4C:C7:99:58:5B:A1:85:92:1C
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAA2063A898F63C62EE2CF3F5064FE
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/qPvF3VaWT-5NRPtMx5lYW6GFkhw.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198044
IP address blocks: 46.243.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a2:06:3a:89:8f:63:c6:2e:e2:cf:3f:50:64:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8fbc5dd56964fee4d44fb4cc799585ba185921c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4c:1d:0c:92:bf:a9:8b:0e:84:61:a2:4a:36:
0c:cb:a8:c8:8a:e4:b5:22:9d:89:be:c4:63:5e:cc:
d2:cc:f5:75:9f:54:d8:73:50:18:e0:78:cb:cc:c3:
cf:95:c8:5d:da:7d:58:a7:23:d7:f0:d9:7b:d2:13:
05:ac:63:01:b6:6d:70:60:d1:38:03:c4:3c:46:f4:
c2:58:c4:e3:eb:d8:b2:df:57:c0:b5:53:2c:10:a1:
3c:1f:9a:70:54:83:4a:d4:e6:24:21:c0:6e:b6:16:
21:90:a0:59:1c:4e:ea:23:52:32:ee:c8:1f:0d:4c:
46:68:61:27:12:56:7c:10:28:07:3f:27:be:b3:c5:
af:a8:b6:ce:4a:8b:b9:11:3a:df:4f:d5:5d:e7:0a:
2e:2d:36:95:3b:54:33:7b:6c:30:d5:64:d6:2e:e9:
16:9f:a0:e7:51:62:cc:2e:42:c4:2d:0a:f0:83:3f:
7e:0b:ca:70:30:c6:23:7b:f0:fc:f5:9a:80:48:9e:
17:16:4f:5f:de:d2:10:fd:d4:fb:d1:f4:f8:a3:a3:
c5:13:a1:67:55:2b:a1:38:52:e8:e3:49:13:85:8b:
45:87:7d:f3:87:38:07:73:ba:22:51:8c:6d:1e:f6:
67:23:e0:27:70:54:b1:9c:70:9f:f4:c9:6d:8e:fd:
10:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FB:C5:DD:56:96:4F:EE:4D:44:FB:4C:C7:99:58:5B:A1:85:92:1C
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/qPvF3VaWT-5NRPtMx5lYW6GFkhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.253.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:00:59:49:04:c2:52:a2:94:71:49:dc:76:d8:c0:9d:9f:cf:
b9:df:24:bd:08:76:b9:21:48:9d:c7:e0:13:76:b8:b8:ef:be:
ad:cd:62:9f:5a:57:08:bc:60:4c:ad:0c:32:5b:6c:4c:39:6f:
7e:98:2a:f8:29:b5:ce:00:ae:90:2d:16:2b:26:02:12:b9:11:
27:5c:84:13:d7:d8:2f:de:a7:0c:2d:4e:7b:23:90:0b:ae:82:
46:7b:ca:fa:4e:62:8c:6e:67:ac:da:59:f9:43:cf:4b:bb:76:
76:5a:0b:04:ff:73:35:65:08:57:a2:4a:a1:44:96:10:31:41:
54:c4:5a:1e:23:a3:58:80:01:44:5f:cd:9e:74:e3:ff:70:50:
42:82:e2:5a:02:56:61:b2:1b:e2:0d:28:67:12:73:17:1f:21:
6d:84:63:01:c5:2f:78:93:02:8d:22:cc:87:26:c6:42:4a:1d:
63:d5:e9:51:2f:50:ae:ec:8e:3c:1a:39:c1:8c:95:a1:11:16:
f4:95:79:ee:64:10:cd:fb:0a:2a:84:ce:95:4b:00:4b:f2:ab:
30:c7:43:5f:44:a8:15:d9:2a:b8:77:78:e1:99:8c:16:8b:12:
f2:90:0d:2e:e8:56:d8:ab:a0:a1:a8:d3:e4:ba:f6:e8:23:3f:
f4:20:c9:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qIGOomPY8Yu4s8/UGT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGZiYzVkZDU2OTY0ZmVlNGQ0NGZiNGNjNzk5NTg1YmExODU5MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEwdDJK/qYsOhGGiSjYMy6jIiuS1
Ip2JvsRjXszSzPV1n1TYc1AY4HjLzMPPlchd2n1YpyPX8Nl70hMFrGMBtm1wYNE4
A8Q8RvTCWMTj69iy31fAtVMsEKE8H5pwVINK1OYkIcButhYhkKBZHE7qI1Iy7sgf
DUxGaGEnElZ8ECgHPye+s8WvqLbOSou5ETrfT9Vd5wouLTaVO1Qze2ww1WTWLukW
n6DnUWLMLkLELQrwgz9+C8pwMMYje/D89ZqASJ4XFk9f3tIQ/dT70fT4o6PFE6Fn
VSuhOFLo40kThYtFh33zhzgHc7oiUYxtHvZnI+AncFSxnHCf9Mltjv0Q+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKj7xd1Wlk/uTUT7TMeZWFuhhZIcMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvcVB2RjNWYVdULTVOUlB0TXg1bFlXNkdGa2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvP9MA0G
CSqGSIb3DQEBCwUAA4IBAQDMAFlJBMJSopRxSdx22MCdn8+53yS9CHa5IUidx+AT
dri4776tzWKfWlcIvGBMrQwyW2xMOW9+mCr4KbXOAK6QLRYrJgISuREnXIQT19gv
3qcMLU57I5ALroJGe8r6TmKMbmes2ln5Q89Lu3Z2WgsE/3M1ZQhXokqhRJYQMUFU
xFoeI6NYgAFEX82edOP/cFBCguJaAlZhshviDShnEnMXHyFthGMBxS94kwKNIsyH
JsZCSh1j1elRL1Cu7I48GjnBjJWhERb0lXnuZBDN+woqhM6VSwBL8qswx0NfRKgV
2Sq4d3jhmYwWixLykA0u6FbYq6ChqNPkuvboIz/0IMkc
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:53 2025 by rpki-client