Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/qFCMzr1aTyDncgEMfMKtHZlAIvA.roa
File: qFCMzr1aTyDncgEMfMKtHZlAIvA.roa (raw, json)
Hash identifier: bllSYNros8BQdNxuVkEMmquNQHhaai0eIqAVCUsUK7M=
Subject key identifier: A8:50:8C:CE:BD:5A:4F:20:E7:72:01:0C:7C:C2:AD:1D:99:40:22:F0
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 019423D6AD0656BA5CFE741381F892B2BAE5
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/qFCMzr1aTyDncgEMfMKtHZlAIvA.roa
Signing time: Wed 01 Jan 2025 21:47:39 +0000
ROA not before: Wed 01 Jan 2025 21:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214171
IP address blocks: 45.144.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ad:06:56:ba:5c:fe:74:13:81:f8:92:b2:ba:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Jan 1 21:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8508ccebd5a4f20e772010c7cc2ad1d994022f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:30:b0:9d:f6:3d:5e:00:8c:4f:04:18:5d:
a9:34:4c:65:4f:87:86:9d:f8:41:82:d3:fe:5e:3f:
e1:c9:5c:c7:dd:0c:bd:39:b7:0e:6a:da:94:97:2c:
46:34:a5:7f:97:76:b0:fe:f7:25:f0:f3:b3:c3:06:
fd:58:7d:96:23:c5:70:ab:c0:d7:c3:0f:12:a2:6d:
36:6d:c7:e7:17:c3:a6:af:c8:db:56:46:8c:f8:1e:
72:0e:c2:77:2c:9d:12:44:dc:12:a2:f6:44:64:6d:
0f:88:ff:f2:ac:5f:8b:8f:a3:9d:f5:b5:60:b1:a9:
ad:73:77:24:1c:77:77:10:1f:27:13:73:de:64:0f:
c3:31:9c:13:a5:10:b7:f3:af:c8:c3:f4:5e:05:58:
e5:75:6e:d7:61:12:df:9a:b7:5a:be:e9:18:0a:c2:
53:c1:a9:6e:29:32:a7:c8:8d:03:c1:78:8b:70:12:
cf:f1:46:a2:77:a9:2f:c5:25:2c:97:59:78:89:b9:
b4:68:9a:8c:c3:30:99:47:c7:b1:98:64:09:bc:d3:
35:ec:31:b6:97:6a:c6:9c:7d:b7:95:37:23:aa:36:
ef:1b:4e:74:c6:3b:90:a5:f0:c7:85:d2:e3:1a:56:
ff:db:09:dc:5b:50:83:6b:95:9b:f8:2d:3b:2c:7b:
5f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:50:8C:CE:BD:5A:4F:20:E7:72:01:0C:7C:C2:AD:1D:99:40:22:F0
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/qFCMzr1aTyDncgEMfMKtHZlAIvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.19.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:b1:9c:33:d1:44:b6:97:d9:f7:21:a6:27:72:3e:97:fa:de:
be:1e:5d:94:19:0a:64:79:f6:03:30:5d:31:09:b5:82:0e:0e:
1c:74:8e:ad:3e:37:fc:5f:4b:be:2d:44:3e:98:d7:3f:f1:9b:
a3:59:36:ae:93:cb:9c:27:17:ad:85:0a:c3:40:0a:0e:bc:91:
9a:26:a3:0a:15:9f:49:4e:0c:6d:65:13:89:ea:e4:bc:7e:4f:
4d:d4:13:a5:25:9d:51:e8:cf:b1:fa:0b:e8:3e:54:a5:d4:53:
ae:41:ef:b0:3c:7a:42:06:13:d5:6e:a0:5a:5b:ee:14:21:bd:
4d:71:4b:b9:be:7a:22:43:69:25:5b:f3:3f:24:ec:31:9c:e6:
45:ea:3e:e6:7a:5c:6e:9b:3a:ae:08:1c:d4:67:3b:17:a5:a9:
21:3e:07:c0:2d:7e:c6:2f:25:04:dd:de:6d:9d:f4:34:1d:79:
8c:eb:25:d9:40:8a:eb:58:25:d3:b5:27:f8:5a:06:7e:3a:55:
63:21:10:b1:61:7d:89:46:1b:4f:f2:03:86:f6:54:88:f0:40:
40:c8:b7:ca:fd:27:0f:5a:eb:42:5a:88:f6:76:5f:9f:70:61:
07:37:5c:cb:3d:bc:f9:15:e4:47:50:4b:f6:18:7a:83:cf:f5:
34:fc:6a:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1q0GVrpc/nQTgfiSsrrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjUwMTAxMjE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODUwOGNjZWJkNWE0ZjIwZTc3MjAxMGM3Y2MyYWQxZDk5NDAyMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqkwsJ32PV4AjE8EGF2pNExlT4eG
nfhBgtP+Xj/hyVzH3Qy9ObcOatqUlyxGNKV/l3aw/vcl8POzwwb9WH2WI8Vwq8DX
ww8Som02bcfnF8Omr8jbVkaM+B5yDsJ3LJ0SRNwSovZEZG0PiP/yrF+Lj6Od9bVg
samtc3ckHHd3EB8nE3PeZA/DMZwTpRC386/Iw/ReBVjldW7XYRLfmrdavukYCsJT
waluKTKnyI0DwXiLcBLP8Uaid6kvxSUsl1l4ibm0aJqMwzCZR8exmGQJvNM17DG2
l2rGnH23lTcjqjbvG050xjuQpfDHhdLjGlb/2wncW1CDa5Wb+C07LHtfcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhQjM69Wk8g53IBDHzCrR2ZQCLwMB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvcUZDTXpyMWFUeURuY2dFTWZNS3RIWmxBSXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZATMA0G
CSqGSIb3DQEBCwUAA4IBAQCtsZwz0US2l9n3IaYncj6X+t6+Hl2UGQpkefYDMF0x
CbWCDg4cdI6tPjf8X0u+LUQ+mNc/8ZujWTauk8ucJxethQrDQAoOvJGaJqMKFZ9J
TgxtZROJ6uS8fk9N1BOlJZ1R6M+x+gvoPlSl1FOuQe+wPHpCBhPVbqBaW+4UIb1N
cUu5vnoiQ2klW/M/JOwxnOZF6j7melxumzquCBzUZzsXpakhPgfALX7GLyUE3d5t
nfQ0HXmM6yXZQIrrWCXTtSf4WgZ+OlVjIRCxYX2JRhtP8gOG9lSI8EBAyLfK/ScP
WutCWoj2dl+fcGEHN1zLPbz5FeRHUEv2GHqDz/U0/Gp+
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:59:50 2025 by rpki-client