Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/LQ0UyMo_r23ofQXV0yOGIa-qTpo.roa
File: LQ0UyMo_r23ofQXV0yOGIa-qTpo.roa (raw, json)
Hash identifier: X9yChjYALTQXRzmOEi06/C9TIxnvZMLcDXd49hI5SlU=
Subject key identifier: 2D:0D:14:C8:CA:3F:AF:6D:E8:7D:05:D5:D3:23:86:21:AF:AA:4E:9A
Certificate issuer: /CN=4142d3f9b31126e0850265715c9fc32174b557a4
Certificate serial: 01941FFA05A68E09EA2508E909B524AEF813
Authority key identifier: 41:42:D3:F9:B3:11:26:E0:85:02:65:71:5C:9F:C3:21:74:B5:57:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/LQ0UyMo_r23ofQXV0yOGIa-qTpo.roa
Signing time: Wed 01 Jan 2025 03:47:46 +0000
ROA not before: Wed 01 Jan 2025 03:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207617
IP address blocks: 45.159.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:05:a6:8e:09:ea:25:08:e9:09:b5:24:ae:f8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4142d3f9b31126e0850265715c9fc32174b557a4
Validity
Not Before: Jan 1 03:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d0d14c8ca3faf6de87d05d5d3238621afaa4e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fa:e8:77:43:7f:ff:f0:a8:6c:5c:1a:66:18:
c2:72:2d:51:d3:5e:e1:08:8e:aa:94:bf:95:fb:09:
e5:1c:3d:51:78:a0:14:ee:7f:bd:7b:fc:d2:56:f3:
28:1c:be:f2:c8:47:3e:d7:f5:b4:cd:5d:01:3c:52:
fa:0a:10:d8:56:84:da:51:50:18:56:f0:6d:88:48:
e2:a8:2b:a7:95:43:5d:9d:16:39:e5:1f:4b:1e:31:
c3:df:e0:1c:b5:a7:5c:09:4c:17:0d:9f:36:44:47:
04:d2:8d:14:db:4b:f8:d7:41:67:86:fc:d9:74:62:
c3:d9:4e:f2:a8:cc:b0:8b:89:da:80:f8:e9:2d:19:
d1:26:85:80:94:72:d3:9b:f0:0b:56:ed:de:09:99:
f8:3c:10:99:16:7d:1d:26:06:2a:51:97:c7:a8:df:
9e:42:50:42:43:86:1e:4c:d7:1e:e6:2a:3f:63:db:
11:29:ba:60:9b:b6:b9:78:36:dd:f6:ee:1f:30:d3:
29:79:33:4a:45:aa:a4:a6:5e:2c:fc:33:4b:ac:6c:
51:5b:47:2f:a6:07:8b:d8:89:97:56:c3:c4:cf:c7:
90:99:c2:e5:fe:01:f6:84:c0:fe:d8:40:dc:7d:dd:
e4:18:df:14:ec:9e:ee:42:d6:28:b3:d8:84:1a:de:
b7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:0D:14:C8:CA:3F:AF:6D:E8:7D:05:D5:D3:23:86:21:AF:AA:4E:9A
X509v3 Authority Key Identifier:
keyid:41:42:D3:F9:B3:11:26:E0:85:02:65:71:5C:9F:C3:21:74:B5:57:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/LQ0UyMo_r23ofQXV0yOGIa-qTpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ae1953-bfc4-42b5-950b-9c98d11197b7/1/QULT-bMRJuCFAmVxXJ_DIXS1V6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.31.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:54:6d:69:fc:d4:4b:ea:41:64:9a:d3:f5:bb:68:40:32:be:
fd:e9:7b:4d:e4:ba:2f:4d:5e:22:d0:e0:4f:86:eb:77:0b:f7:
ec:1f:de:2b:b9:13:bd:0f:c0:79:a0:67:b8:77:10:27:b0:01:
14:8b:1a:72:00:de:9d:cc:f9:03:b7:2f:85:5d:6e:21:8e:11:
e0:55:bd:41:31:57:39:5c:28:ba:cd:02:b8:ab:55:ae:7d:57:
22:10:01:b4:3b:60:41:6c:e6:9e:7e:a3:63:bc:7a:83:c3:37:
79:8e:ce:d6:67:a6:f3:b7:11:aa:df:f6:79:96:ab:06:ff:ef:
6a:35:92:1f:2e:77:eb:67:21:80:b5:32:c8:26:80:14:7e:88:
25:11:90:e4:a6:96:24:0c:b5:6f:f5:64:1e:35:58:35:67:a0:
f5:08:67:47:88:c6:d0:18:5f:06:0a:3b:81:79:a5:8e:8a:72:
d5:96:b8:40:93:3f:ed:c4:9d:20:d8:90:d2:1a:26:b7:98:93:
c9:4c:e6:be:e4:ad:5c:7f:50:b7:95:57:60:a2:d8:57:02:1e:
c4:c3:0d:de:7f:6f:2d:16:3e:89:1e:0c:07:49:5c:c7:3f:c3:
b1:0c:1c:8b:f3:89:4c:13:8d:ce:4f:a9:3f:29:ac:c2:a2:0c:
3b:ac:87:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gWmjgnqJQjpCbUkrvgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNDJkM2Y5YjMxMTI2ZTA4NTAyNjU3MTVjOWZjMzIxNzRi
NTU3YTQwHhcNMjUwMTAxMDM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDBkMTRjOGNhM2ZhZjZkZTg3ZDA1ZDVkMzIzODYyMWFmYWE0ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/rod0N///CobFwaZhjCci1R017h
CI6qlL+V+wnlHD1ReKAU7n+9e/zSVvMoHL7yyEc+1/W0zV0BPFL6ChDYVoTaUVAY
VvBtiEjiqCunlUNdnRY55R9LHjHD3+ActadcCUwXDZ82REcE0o0U20v410FnhvzZ
dGLD2U7yqMywi4nagPjpLRnRJoWAlHLTm/ALVu3eCZn4PBCZFn0dJgYqUZfHqN+e
QlBCQ4YeTNce5io/Y9sRKbpgm7a5eDbd9u4fMNMpeTNKRaqkpl4s/DNLrGxRW0cv
pgeL2ImXVsPEz8eQmcLl/gH2hMD+2EDcfd3kGN8U7J7uQtYos9iEGt63uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0NFMjKP69t6H0F1dMjhiGvqk6aMB8GA1UdIwQY
MBaAFEFC0/mzESbghQJlcVyfwyF0tVekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVVMVC1iTVJKdUNGQW1WeFhKX0RJWFMxVjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hZTE5NTMtYmZjNC00MmI1LTk1MGIt
OWM5OGQxMTE5N2I3LzEvTFEwVXlNb19yMjNvZlFYVjB5T0dJYS1xVHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hZTE5NTMtYmZjNC00MmI1LTk1MGItOWM5OGQxMTE5N2I3
LzEvUVVMVC1iTVJKdUNGQW1WeFhKX0RJWFMxVjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ8fMA0G
CSqGSIb3DQEBCwUAA4IBAQBeVG1p/NRL6kFkmtP1u2hAMr796XtN5LovTV4i0OBP
hut3C/fsH94ruRO9D8B5oGe4dxAnsAEUixpyAN6dzPkDty+FXW4hjhHgVb1BMVc5
XCi6zQK4q1WufVciEAG0O2BBbOaefqNjvHqDwzd5js7WZ6bztxGq3/Z5lqsG/+9q
NZIfLnfrZyGAtTLIJoAUfoglEZDkppYkDLVv9WQeNVg1Z6D1CGdHiMbQGF8GCjuB
eaWOinLVlrhAkz/txJ0g2JDSGia3mJPJTOa+5K1cf1C3lVdgothXAh7Eww3ef28t
Fj6JHgwHSVzHP8OxDByL84lME43OT6k/KazCogw7rIe0
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:44:23 2025 by rpki-client