Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/qd6J6FEq-z6vXF1Stf4LaR1GjQ8.roa
File: qd6J6FEq-z6vXF1Stf4LaR1GjQ8.roa (raw, json)
Hash identifier: ZA2GB2DhqO1qM/usUHkSgv5ptn0EIVGaU0Ur0jJDWRI=
Subject key identifier: A9:DE:89:E8:51:2A:FB:3E:AF:5C:5D:52:B5:FE:0B:69:1D:46:8D:0F
Certificate issuer: /CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Certificate serial: 018E331394F0E310A18B01AB1D749756DBB5
Authority key identifier: AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/qd6J6FEq-z6vXF1Stf4LaR1GjQ8.roa
Signing time: Tue 12 Mar 2024 14:31:45 +0000
ROA not before: Tue 12 Mar 2024 14:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207582
IP address blocks: 185.135.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:13:94:f0:e3:10:a1:8b:01:ab:1d:74:97:56:db:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff4242c10e438537e169ab002bf6be81fa2a5ed
Validity
Not Before: Mar 12 14:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9de89e8512afb3eaf5c5d52b5fe0b691d468d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:59:7e:b0:18:02:dc:1d:27:fa:56:ce:5c:ec:
90:93:a1:68:d1:58:fe:9c:1e:f7:db:86:f0:2d:a6:
3b:6e:e6:87:64:c0:3d:5b:ce:b0:f0:c3:b6:74:12:
82:fa:61:f4:30:34:c8:88:2f:d7:40:71:30:2d:93:
d5:d3:bf:ae:45:38:f9:98:1d:80:55:04:a8:cb:39:
7e:fa:40:96:4a:bb:31:ee:be:2d:88:19:de:23:57:
d5:ee:d6:4e:54:9b:b4:3a:d2:e2:ca:c2:78:62:0a:
03:1e:3a:29:18:0f:17:c1:25:44:c8:70:f0:b8:b0:
21:81:d2:ad:94:24:98:57:dd:9d:56:61:2b:ac:89:
64:18:b9:33:88:a6:73:8e:49:2b:1d:ad:e0:13:07:
06:6d:c2:cb:d4:cf:e7:7c:3c:9d:2d:7e:f1:e8:02:
0a:eb:a5:57:5d:a2:a0:24:d9:c5:ea:6b:ff:86:44:
80:b8:ae:73:21:d3:77:9a:1f:c8:f4:e4:e9:84:1c:
ad:e5:32:a4:4e:db:22:9e:77:9f:82:eb:4e:22:6f:
76:b8:85:ea:4b:e6:b4:0e:08:84:1e:f9:da:24:87:
21:d5:1e:2d:b8:69:1f:99:7b:eb:6a:c5:b2:59:f7:
87:2c:b5:d8:7e:60:36:8c:21:40:9a:95:a7:29:70:
c1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DE:89:E8:51:2A:FB:3E:AF:5C:5D:52:B5:FE:0B:69:1D:46:8D:0F
X509v3 Authority Key Identifier:
keyid:AF:F4:24:2C:10:E4:38:53:7E:16:9A:B0:02:BF:6B:E8:1F:A2:A5:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_QkLBDkOFN-FpqwAr9r6B-ipe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/qd6J6FEq-z6vXF1Stf4LaR1GjQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b9a283-5c8d-4628-80bc-ee7ba0e9f7ca/1/r_QkLBDkOFN-FpqwAr9r6B-ipe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.223.0/24
Signature Algorithm: sha256WithRSAEncryption
86:8d:36:0f:17:8f:83:b8:75:35:c0:95:20:15:a0:e7:8d:4f:
d8:a2:c8:59:75:99:a6:30:80:e4:b2:81:f7:60:81:e0:0b:be:
8f:09:5f:50:26:98:51:14:9e:9b:1b:ea:a7:1f:bc:81:b5:57:
47:2b:33:4d:2e:42:69:c5:e5:b8:9c:71:57:90:24:05:72:49:
c7:6b:41:fb:e6:1c:01:fc:5e:7d:31:2a:8e:d5:7a:b2:64:44:
7f:56:77:bb:14:01:98:db:58:af:db:10:72:62:9c:13:fe:f9:
3c:b8:8a:5f:1c:66:a4:b4:34:64:60:d2:7c:8c:f1:63:ef:7e:
f6:d4:20:d7:68:4a:e3:18:cd:ed:f6:ac:6b:a4:a5:ad:4d:50:
03:0d:6a:4d:cf:45:12:de:16:0c:83:e8:9a:4e:d4:3b:b4:f8:
5c:88:05:23:9e:5d:fa:b4:0e:fe:ea:aa:2f:ef:df:77:5c:89:
e5:77:42:b9:78:8f:74:90:7f:35:a5:b3:5e:9f:1b:ef:6b:bd:
98:1a:79:c9:9c:cb:93:ac:8c:9f:e4:52:93:e5:9f:80:4e:cc:
45:e0:49:13:7b:64:e6:ff:25:b7:45:69:86:32:b1:be:e0:28:
27:cf:2b:72:29:ad:41:b3:b4:0a:1e:d9:53:91:59:17:1b:66:
5b:2e:cf:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4zE5Tw4xChiwGrHXSXVtu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjQyNDJjMTBlNDM4NTM3ZTE2OWFiMDAyYmY2YmU4MWZh
MmE1ZWQwHhcNMjQwMzEyMTQzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRlODllODUxMmFmYjNlYWY1YzVkNTJiNWZlMGI2OTFkNDY4ZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFl+sBgC3B0n+lbOXOyQk6Fo0Vj+
nB7324bwLaY7buaHZMA9W86w8MO2dBKC+mH0MDTIiC/XQHEwLZPV07+uRTj5mB2A
VQSoyzl++kCWSrsx7r4tiBneI1fV7tZOVJu0OtLiysJ4YgoDHjopGA8XwSVEyHDw
uLAhgdKtlCSYV92dVmErrIlkGLkziKZzjkkrHa3gEwcGbcLL1M/nfDydLX7x6AIK
66VXXaKgJNnF6mv/hkSAuK5zIdN3mh/I9OTphByt5TKkTtsinnefgutOIm92uIXq
S+a0DgiEHvnaJIch1R4tuGkfmXvrasWyWfeHLLXYfmA2jCFAmpWnKXDBvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKneiehRKvs+r1xdUrX+C2kdRo0PMB8GA1UdIwQY
MBaAFK/0JCwQ5DhTfhaasAK/a+gfoqXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMt
ZWU3YmEwZTlmN2NhLzEvcWQ2SjZGRXEtejZ2WEYxU3RmNExhUjFHalE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iOWEyODMtNWM4ZC00NjI4LTgwYmMtZWU3YmEwZTlmN2Nh
LzEvcl9Ra0xCRGtPRk4tRnBxd0FyOXI2Qi1pcGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYffMA0G
CSqGSIb3DQEBCwUAA4IBAQCGjTYPF4+DuHU1wJUgFaDnjU/YoshZdZmmMIDksoH3
YIHgC76PCV9QJphRFJ6bG+qnH7yBtVdHKzNNLkJpxeW4nHFXkCQFcknHa0H75hwB
/F59MSqO1XqyZER/Vne7FAGY21iv2xByYpwT/vk8uIpfHGaktDRkYNJ8jPFj7372
1CDXaErjGM3t9qxrpKWtTVADDWpNz0US3hYMg+iaTtQ7tPhciAUjnl36tA7+6qov
7993XInld0K5eI90kH81pbNenxvva72YGnnJnMuTrIyf5FKT5Z+ATsxF4EkTe2Tm
/yW3RWmGMrG+4CgnzytyKa1Bs7QKHtlTkVkXG2ZbLs+d
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:32:29 2025 by rpki-client