Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/QSe63n0wV0G34lbZHXnZK7pmzzE.roa
File: QSe63n0wV0G34lbZHXnZK7pmzzE.roa (raw, json)
Hash identifier: 7B+EEFEFOgiMUXqvkdrddtCieIKLinndsMD4DdmL4nc=
Subject key identifier: 41:27:BA:DE:7D:30:57:41:B7:E2:56:D9:1D:79:D9:2B:BA:66:CF:31
Certificate issuer: /CN=5598ae5d5f12825a84e6c401c013ca5e5dcd9ec9
Certificate serial: 0194228E185E906FF7E723C3565C5407DFC8
Authority key identifier: 55:98:AE:5D:5F:12:82:5A:84:E6:C4:01:C0:13:CA:5E:5D:CD:9E:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VZiuXV8SglqE5sQBwBPKXl3Nnsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/QSe63n0wV0G34lbZHXnZK7pmzzE.roa
Signing time: Wed 01 Jan 2025 15:48:45 +0000
ROA not before: Wed 01 Jan 2025 15:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208115
IP address blocks: 45.157.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:18:5e:90:6f:f7:e7:23:c3:56:5c:54:07:df:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5598ae5d5f12825a84e6c401c013ca5e5dcd9ec9
Validity
Not Before: Jan 1 15:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4127bade7d305741b7e256d91d79d92bba66cf31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0b:17:cb:3d:21:86:9f:33:85:ab:49:61:1e:
2c:98:af:cd:2e:1c:82:05:e0:e7:8b:c7:02:63:63:
2f:63:77:e0:6e:58:22:07:70:e9:02:84:40:c3:77:
06:7d:b6:6a:64:1f:2e:98:18:5e:6d:d3:53:f3:71:
ac:bd:df:60:86:d6:93:13:2d:2f:fc:db:da:56:90:
32:58:eb:7f:59:f0:99:af:ba:35:73:33:76:2b:d6:
ac:9f:90:f1:0a:2f:6d:34:0e:e0:68:01:61:54:af:
06:08:e2:f1:25:25:b7:f7:cb:96:f9:e5:33:b0:7e:
8a:8b:0e:fa:f1:78:0d:14:1d:80:bb:19:ab:32:bd:
6a:23:c2:aa:33:fe:27:db:2f:f8:be:94:6e:eb:18:
29:98:b3:56:02:17:19:80:25:79:7e:aa:7c:18:2e:
0f:d7:34:fd:dd:a5:e8:b2:5a:06:9c:da:1d:a5:d0:
c1:e7:83:e8:14:6e:29:07:37:90:b1:28:f0:c9:d0:
59:e2:c0:18:92:5d:50:a7:f5:ea:de:56:22:e5:13:
84:e9:fb:3b:83:f2:28:f0:b7:db:37:4d:88:c9:f5:
b8:85:72:a9:73:fb:0c:b7:92:6d:de:fb:ee:04:cc:
40:a1:2c:b9:3c:01:d1:8f:33:eb:75:e7:96:9b:69:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:27:BA:DE:7D:30:57:41:B7:E2:56:D9:1D:79:D9:2B:BA:66:CF:31
X509v3 Authority Key Identifier:
keyid:55:98:AE:5D:5F:12:82:5A:84:E6:C4:01:C0:13:CA:5E:5D:CD:9E:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VZiuXV8SglqE5sQBwBPKXl3Nnsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/QSe63n0wV0G34lbZHXnZK7pmzzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1f6073-87b2-4bb3-acb7-5c3db98bf864/1/VZiuXV8SglqE5sQBwBPKXl3Nnsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.53.0/24
Signature Algorithm: sha256WithRSAEncryption
47:f3:5b:4e:67:0d:8f:26:8f:30:e5:fd:81:14:df:05:6f:64:
1a:9f:ab:87:47:79:2d:d2:9f:b2:9e:d6:29:80:27:4d:d1:e0:
5c:df:82:80:92:c0:25:6a:45:d7:98:14:4d:01:c2:cb:04:66:
e1:f3:4f:7f:72:14:85:40:41:a5:7b:5b:00:d0:27:33:0a:10:
00:5b:cc:ce:26:5d:3b:d6:2d:95:7e:95:63:be:8b:26:07:23:
81:40:a5:7e:ec:26:cb:fa:8d:f6:13:c0:68:bb:33:73:cc:28:
f5:a9:a8:98:93:33:28:29:8e:bd:f7:97:ef:f4:57:06:b9:e2:
67:03:a4:d7:b3:77:e2:57:a7:ce:1e:5a:f9:f7:94:ca:17:09:
a2:51:a6:ba:f3:70:b0:76:7d:27:a3:ac:6f:d2:bd:24:2c:f7:
ce:4d:c2:31:2c:32:1e:17:ce:da:1a:5c:b0:44:f2:31:eb:0a:
bf:6a:e9:9e:eb:dd:78:39:70:01:0f:9d:47:21:d5:54:10:d3:
31:ef:74:fb:ac:dc:a7:91:9f:a3:13:5a:8d:ce:53:85:4b:85:
3c:8b:f6:75:0c:bf:e9:de:2d:37:72:bf:d0:fb:78:68:16:5a:
6e:eb:51:d1:ea:0a:4d:b6:f8:4e:be:c4:1c:5c:49:99:c2:41:
29:79:b9:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijhhekG/35yPDVlxUB9/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1OThhZTVkNWYxMjgyNWE4NGU2YzQwMWMwMTNjYTVlNWRj
ZDllYzkwHhcNMjUwMTAxMTU0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI3YmFkZTdkMzA1NzQxYjdlMjU2ZDkxZDc5ZDkyYmJhNjZjZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAsXyz0hhp8zhatJYR4smK/NLhyC
BeDni8cCY2MvY3fgblgiB3DpAoRAw3cGfbZqZB8umBhebdNT83Gsvd9ghtaTEy0v
/NvaVpAyWOt/WfCZr7o1czN2K9asn5DxCi9tNA7gaAFhVK8GCOLxJSW398uW+eUz
sH6Kiw768XgNFB2AuxmrMr1qI8KqM/4n2y/4vpRu6xgpmLNWAhcZgCV5fqp8GC4P
1zT93aXosloGnNodpdDB54PoFG4pBzeQsSjwydBZ4sAYkl1Qp/Xq3lYi5ROE6fs7
g/Io8LfbN02IyfW4hXKpc/sMt5Jt3vvuBMxAoSy5PAHRjzPrdeeWm2l+1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEnut59MFdBt+JW2R152Su6Zs8xMB8GA1UdIwQY
MBaAFFWYrl1fEoJahObEAcATyl5dzZ7JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlppdVhWOFNnbHFFNXNRQndCUEtYbDNObnNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xZjYwNzMtODdiMi00YmIzLWFjYjct
NWMzZGI5OGJmODY0LzEvUVNlNjNuMHdWMEczNGxiWkhYblpLN3BtenpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xZjYwNzMtODdiMi00YmIzLWFjYjctNWMzZGI5OGJmODY0
LzEvVlppdVhWOFNnbHFFNXNRQndCUEtYbDNObnNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ01MA0G
CSqGSIb3DQEBCwUAA4IBAQBH81tOZw2PJo8w5f2BFN8Fb2Qan6uHR3kt0p+yntYp
gCdN0eBc34KAksAlakXXmBRNAcLLBGbh809/chSFQEGle1sA0CczChAAW8zOJl07
1i2VfpVjvosmByOBQKV+7CbL+o32E8BouzNzzCj1qaiYkzMoKY6995fv9FcGueJn
A6TXs3fiV6fOHlr595TKFwmiUaa683Cwdn0no6xv0r0kLPfOTcIxLDIeF87aGlyw
RPIx6wq/aume6914OXABD51HIdVUENMx73T7rNynkZ+jE1qNzlOFS4U8i/Z1DL/p
3i03cr/Q+3hoFlpu61HR6gpNtvhOvsQcXEmZwkEpebmT
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:29 2025 by rpki-client