Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/QweFyEW5MD7BAEEZ15WI0Z11l44.roa
File: QweFyEW5MD7BAEEZ15WI0Z11l44.roa (raw, json)
Hash identifier: rY8rZ5sV0MP9RFz4vhMTCIb+sly9BhW4Qjr7+zCuncU=
Subject key identifier: 43:07:85:C8:45:B9:30:3E:C1:00:41:19:D7:95:88:D1:9D:75:97:8E
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0192E85CB23AC9FD0544D08C8DB756DB469B
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/QweFyEW5MD7BAEEZ15WI0Z11l44.roa
Signing time: Fri 01 Nov 2024 15:34:01 +0000
ROA not before: Fri 01 Nov 2024 15:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21840
IP address blocks: 94.229.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e8:5c:b2:3a:c9:fd:05:44:d0:8c:8d:b7:56:db:46:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 1 15:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=430785c845b9303ec1004119d79588d19d75978e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ee:ce:60:80:0a:ee:c7:5c:f2:15:e8:bb:27:
f7:78:ee:db:96:d9:71:aa:d1:a7:a1:4f:ec:3a:59:
b0:13:6c:fa:85:a7:67:09:db:a3:37:93:d3:3c:d5:
43:9f:a7:64:1e:c2:1b:fd:2d:1c:b8:d6:51:ed:4f:
77:a1:26:5e:be:28:4f:32:21:cc:50:20:de:c3:aa:
d4:13:49:59:23:23:14:dd:a8:f4:7d:a8:6b:c3:19:
9b:59:f7:63:36:8f:fa:ae:e7:bc:f7:85:77:17:89:
1d:50:5b:4d:2e:ec:61:09:7a:1f:55:e9:77:dd:4f:
05:5a:b1:b8:4c:8e:1a:f9:45:b7:b8:ad:d9:9e:0e:
d7:fe:1b:c4:db:82:d0:f9:af:22:1a:8c:db:91:bf:
b5:c9:19:d1:e6:2d:c0:eb:54:30:bc:14:d8:7b:4e:
79:96:7f:47:0d:44:61:29:5b:1a:0e:64:91:20:88:
49:92:e1:ea:13:11:03:3b:a1:28:e1:14:a2:18:71:
ac:89:f0:00:7d:b3:a7:d7:a6:27:e7:c9:df:42:00:
e5:4e:ad:14:86:84:db:bc:0e:5b:c1:19:0b:52:21:
53:9e:da:a1:ee:f9:3a:7e:f1:22:ed:17:0c:5f:a9:
52:46:80:ab:72:2b:09:86:71:57:b2:6f:06:c0:61:
da:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:07:85:C8:45:B9:30:3E:C1:00:41:19:D7:95:88:D1:9D:75:97:8E
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/QweFyEW5MD7BAEEZ15WI0Z11l44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.221.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:1e:9a:fc:ee:43:d6:3c:57:1b:b3:e8:e5:b3:d6:9f:ea:e5:
c4:11:69:a3:a5:1d:04:40:43:8b:98:e5:7f:20:4f:f7:54:35:
57:15:d6:f7:f0:c2:4a:26:fa:81:c9:e7:61:05:5e:46:80:01:
6f:19:46:79:da:e5:b5:1d:cf:e7:a7:66:63:18:b7:df:70:ad:
19:e6:b1:f6:ec:19:25:1c:54:00:8a:fe:ee:3d:bb:9c:3f:cc:
7d:d0:48:1c:0d:14:b5:88:a0:75:83:be:aa:8e:72:e8:53:00:
1d:36:9e:6f:0a:cf:38:30:ef:24:af:d3:76:80:10:d2:c2:f9:
27:b5:75:47:7a:45:1a:d8:d4:46:6e:09:91:cd:eb:b3:9d:22:
72:f4:96:13:b7:9d:dc:42:8e:ef:a8:5d:05:32:69:42:23:53:
00:d4:c0:dc:fa:45:14:12:c5:ce:d3:93:08:b5:f6:18:71:16:
d8:2e:ad:23:04:eb:72:ee:fb:a0:ed:de:f0:67:47:68:c9:e8:
19:7b:42:57:65:bc:3a:81:b6:f5:4b:05:e6:dd:91:22:5b:75:
5b:b3:8d:61:e7:fc:42:cb:18:f9:c2:b5:0d:55:03:38:3c:e0:
70:b3:2c:d1:2b:6a:f0:50:c7:bf:03:37:9f:80:5c:0f:8c:64:
a6:37:9e:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLoXLI6yf0FRNCMjbdW20abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMTAxMTUzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzA3ODVjODQ1YjkzMDNlYzEwMDQxMTlkNzk1ODhkMTlkNzU5NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+7OYIAK7sdc8hXouyf3eO7bltlx
qtGnoU/sOlmwE2z6hadnCdujN5PTPNVDn6dkHsIb/S0cuNZR7U93oSZevihPMiHM
UCDew6rUE0lZIyMU3aj0fahrwxmbWfdjNo/6rue894V3F4kdUFtNLuxhCXofVel3
3U8FWrG4TI4a+UW3uK3Zng7X/hvE24LQ+a8iGozbkb+1yRnR5i3A61QwvBTYe055
ln9HDURhKVsaDmSRIIhJkuHqExEDO6Eo4RSiGHGsifAAfbOn16Yn58nfQgDlTq0U
hoTbvA5bwRkLUiFTntqh7vk6fvEi7RcMX6lSRoCrcisJhnFXsm8GwGHaXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMHhchFuTA+wQBBGdeViNGddZeOMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvUXdlRnlFVzVNRDdCQUVFWjE1V0kwWjExbDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXuXdMA0G
CSqGSIb3DQEBCwUAA4IBAQDWHpr87kPWPFcbs+jls9af6uXEEWmjpR0EQEOLmOV/
IE/3VDVXFdb38MJKJvqByedhBV5GgAFvGUZ52uW1Hc/np2ZjGLffcK0Z5rH27Bkl
HFQAiv7uPbucP8x90EgcDRS1iKB1g76qjnLoUwAdNp5vCs84MO8kr9N2gBDSwvkn
tXVHekUa2NRGbgmRzeuznSJy9JYTt53cQo7vqF0FMmlCI1MA1MDc+kUUEsXO05MI
tfYYcRbYLq0jBOty7vug7d7wZ0doyegZe0JXZbw6gbb1SwXm3ZEiW3Vbs41h5/xC
yxj5wrUNVQM4POBwsyzRK2rwUMe/AzefgFwPjGSmN56k
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:15 2025 by rpki-client