Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/qjtTNxOEgSr0b6Weeb9JJHyFnhM.roa
File: qjtTNxOEgSr0b6Weeb9JJHyFnhM.roa (raw, json)
Hash identifier: Eb0gxKs3qeMLVvYaIgIGm1oY4DsjaHktiucw1gfNHns=
Subject key identifier: AA:3B:53:37:13:84:81:2A:F4:6F:A5:9E:79:BF:49:24:7C:85:9E:13
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 01942368F76068DC69374BFE43D7DA7683BC
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/qjtTNxOEgSr0b6Weeb9JJHyFnhM.roa
Signing time: Wed 01 Jan 2025 19:47:49 +0000
ROA not before: Wed 01 Jan 2025 19:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207713
IP address blocks: 45.143.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:f7:60:68:dc:69:37:4b:fe:43:d7:da:76:83:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 1 19:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa3b53371384812af46fa59e79bf49247c859e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6f:a2:83:6b:dc:61:06:d1:46:32:60:63:96:
e3:a6:3c:e5:c4:df:01:11:59:89:5e:72:bc:55:63:
f6:0c:54:29:5b:f5:45:18:a2:9d:91:15:a8:1f:fd:
55:1c:06:75:83:a9:97:4e:d8:9a:ad:b6:83:7c:d0:
86:97:fd:a5:5b:a1:b2:19:10:32:e9:13:a8:e4:df:
90:f8:2e:2d:d3:58:46:fe:39:1b:36:04:7f:38:3b:
ac:db:74:d5:cf:10:9e:d6:7f:6b:99:88:1b:58:97:
af:37:7f:99:cf:4f:aa:39:80:39:12:3d:99:4a:1e:
66:2b:4e:eb:57:b7:dc:a1:2e:e3:40:f7:f1:c8:be:
05:3d:a5:dd:7d:f7:95:68:87:9c:ad:9c:94:22:fe:
80:5d:fa:f4:eb:13:cc:81:99:e8:9c:93:dd:ce:c6:
90:f8:a2:bd:3f:c5:a2:41:99:32:36:0e:c0:af:fe:
a7:3c:2c:59:ee:1f:ed:8c:1c:d9:57:1b:e8:c9:9a:
8f:26:6f:99:28:ed:61:97:f5:08:53:ee:22:d5:df:
8a:b7:68:2c:fd:5d:90:ff:f0:2d:e4:45:db:0d:a8:
ec:31:f0:6d:4c:9a:72:92:13:3a:0a:9d:82:44:4f:
2b:dc:76:11:7a:d2:04:d5:b9:6b:06:a5:15:a8:83:
af:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:3B:53:37:13:84:81:2A:F4:6F:A5:9E:79:BF:49:24:7C:85:9E:13
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/qjtTNxOEgSr0b6Weeb9JJHyFnhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.203.0/24
Signature Algorithm: sha256WithRSAEncryption
96:61:fc:26:b1:9c:32:e7:73:a9:57:85:63:5e:82:5a:da:71:
a9:fb:a1:0c:11:36:58:85:27:0b:71:21:58:cb:97:9d:b3:a8:
51:ab:fd:1c:e1:28:91:ce:bc:5e:c8:31:79:7d:c1:6f:4d:96:
3a:5a:c1:24:64:e9:3c:94:80:f3:dd:26:5c:cd:9e:4f:fc:8b:
c1:e0:de:8e:78:41:58:c4:c9:50:38:ed:b5:8d:7d:d0:8c:35:
22:ee:c7:d1:ad:3b:82:c1:1e:37:f8:2c:58:ba:ad:17:5e:65:
26:a0:7c:06:01:eb:68:d2:7e:12:99:91:97:1c:b5:84:9d:9f:
3a:d7:72:fd:b8:f5:82:c6:f6:5b:e0:dd:99:a9:a7:91:77:5b:
ff:7c:d8:87:41:93:a0:c0:87:c5:1e:f3:51:8d:50:a8:de:23:
97:61:8f:ac:6c:7f:52:19:fd:7c:ef:c9:61:5a:1a:80:f4:78:
ba:32:a6:ca:86:2f:95:b5:b9:01:19:fa:4f:00:93:e5:65:be:
af:4d:7c:62:ab:31:68:e8:1d:03:25:b6:84:f6:95:98:55:c9:
37:a6:14:39:35:44:98:7c:86:59:b0:e9:4d:c8:93:06:3a:60:
eb:ef:49:22:31:58:54:a8:6c:bd:09:fa:f1:35:35:22:79:8d:
ff:eb:d0:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaPdgaNxpN0v+Q9fadoO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjUwMTAxMTk0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTNiNTMzNzEzODQ4MTJhZjQ2ZmE1OWU3OWJmNDkyNDdjODU5ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm+ig2vcYQbRRjJgY5bjpjzlxN8B
EVmJXnK8VWP2DFQpW/VFGKKdkRWoH/1VHAZ1g6mXTtiarbaDfNCGl/2lW6GyGRAy
6ROo5N+Q+C4t01hG/jkbNgR/ODus23TVzxCe1n9rmYgbWJevN3+Zz0+qOYA5Ej2Z
Sh5mK07rV7fcoS7jQPfxyL4FPaXdffeVaIecrZyUIv6AXfr06xPMgZnonJPdzsaQ
+KK9P8WiQZkyNg7Ar/6nPCxZ7h/tjBzZVxvoyZqPJm+ZKO1hl/UIU+4i1d+Kt2gs
/V2Q//At5EXbDajsMfBtTJpykhM6Cp2CRE8r3HYRetIE1blrBqUVqIOv+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKo7UzcThIEq9G+lnnm/SSR8hZ4TMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvcWp0VE54T0VnU3IwYjZXZWViOUpKSHlGbmhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY/LMA0G
CSqGSIb3DQEBCwUAA4IBAQCWYfwmsZwy53OpV4VjXoJa2nGp+6EMETZYhScLcSFY
y5eds6hRq/0c4SiRzrxeyDF5fcFvTZY6WsEkZOk8lIDz3SZczZ5P/IvB4N6OeEFY
xMlQOO21jX3QjDUi7sfRrTuCwR43+CxYuq0XXmUmoHwGAeto0n4SmZGXHLWEnZ86
13L9uPWCxvZb4N2ZqaeRd1v/fNiHQZOgwIfFHvNRjVCo3iOXYY+sbH9SGf1878lh
WhqA9Hi6MqbKhi+VtbkBGfpPAJPlZb6vTXxiqzFo6B0DJbaE9pWYVck3phQ5NUSY
fIZZsOlNyJMGOmDr70kiMVhUqGy9CfrxNTUieY3/69CJ
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:20:43 2025 by rpki-client