Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Q1S-cfbAJMRJHy6EzsP5SwpjUhQ.roa
File: Q1S-cfbAJMRJHy6EzsP5SwpjUhQ.roa (raw, json)
Hash identifier: doEZZv5UlclizpXY7ZGgUWULN/VStqALaO3CsL7B+X8=
Subject key identifier: 43:54:BE:71:F6:C0:24:C4:49:1F:2E:84:CE:C3:F9:4B:0A:63:52:14
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E48990CF420F9D2DEFC91F5CD0166
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Q1S-cfbAJMRJHy6EzsP5SwpjUhQ.roa
Signing time: Wed 01 Jan 2025 15:48:57 +0000
ROA not before: Wed 01 Jan 2025 15:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 85.115.211.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:48:99:0c:f4:20:f9:d2:de:fc:91:f5:cd:01:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4354be71f6c024c4491f2e84cec3f94b0a635214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1a:e0:e4:18:bc:d6:81:35:fc:27:88:e8:d0:
46:54:c3:60:b5:40:a7:b5:51:7b:71:de:8f:89:4e:
ab:b8:46:2b:ed:fd:f1:5e:f6:41:5c:63:35:d6:b0:
47:98:b4:b9:88:8e:3a:c6:4c:40:a4:4a:77:e5:e3:
5f:b1:f0:42:a9:97:e2:fb:08:8f:10:54:f5:4b:4f:
00:26:cf:9f:80:83:5c:2f:5c:f3:e5:0c:ca:ca:d8:
61:57:31:10:fc:82:6b:74:1c:37:f0:3b:a9:06:83:
00:ec:2d:8f:1f:b8:95:55:40:1f:b3:c4:31:a2:db:
6f:5e:ec:47:43:4e:7e:0a:ac:46:5f:eb:10:28:4f:
b3:af:ce:af:99:7c:4f:67:f6:26:4a:11:2c:6e:ac:
bb:44:5e:e8:07:ae:f6:43:56:37:ec:57:fd:c6:a9:
9a:93:04:71:f1:e1:9d:03:9f:61:60:86:44:16:32:
18:69:fb:f2:bf:64:50:73:d9:dc:b4:38:3a:3c:69:
7e:9e:dc:f4:df:77:ce:cf:e2:7f:b0:40:85:7d:76:
dd:2f:5f:f2:c5:93:4e:7c:f9:2c:1c:2c:48:33:52:
af:2f:29:f5:08:c4:93:8e:be:39:34:0a:2d:29:f6:
54:bf:d5:48:7b:31:2f:90:ce:22:f4:dc:aa:a0:b5:
bd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:54:BE:71:F6:C0:24:C4:49:1F:2E:84:CE:C3:F9:4B:0A:63:52:14
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/Q1S-cfbAJMRJHy6EzsP5SwpjUhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.211.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:c7:04:37:b6:ec:30:92:f6:3b:7c:c9:26:e7:42:3b:e1:5c:
ea:51:03:83:4c:42:3c:0d:f6:1a:78:7b:19:64:b1:b1:8a:37:
f5:4f:5b:36:d1:d3:bc:4e:e1:19:b6:68:8e:15:c6:92:b7:2f:
ea:2c:75:48:3b:d8:4d:34:78:9b:da:6c:15:d4:a9:07:03:07:
95:7c:b9:42:7f:c2:3b:91:23:d9:e2:d7:05:0a:33:07:33:e2:
29:26:f7:5f:dc:08:c7:e8:ca:ee:54:c6:f0:7e:38:a0:ed:b9:
71:2f:c9:69:bd:5c:4d:c1:2d:43:84:c3:a2:de:5f:a3:ce:e9:
95:9f:48:29:19:74:85:84:0c:93:3e:37:ab:51:17:ab:1d:eb:
bb:2f:8d:b1:73:06:cb:9f:8f:8f:89:60:fd:a5:f0:9e:63:54:
5b:8a:47:09:67:32:4d:b3:70:3f:03:80:f0:82:51:40:0e:8b:
07:22:0f:42:ef:3d:a7:41:45:40:7e:00:33:11:88:75:34:4a:
0b:37:ee:31:0e:72:95:bc:a0:f7:f2:69:ed:e9:f2:c1:4c:3e:
84:51:82:a1:3a:c1:aa:68:59:34:05:f0:67:21:5a:dd:b3:07:
0c:fb:9b:db:c1:38:15:a9:9a:1f:af:51:1a:56:a5:fe:e2:e4:
7b:27:00:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkiZDPQg+dLe/JH1zQFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU0YmU3MWY2YzAyNGM0NDkxZjJlODRjZWMzZjk0YjBhNjM1MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhrg5Bi81oE1/CeI6NBGVMNgtUCn
tVF7cd6PiU6ruEYr7f3xXvZBXGM11rBHmLS5iI46xkxApEp35eNfsfBCqZfi+wiP
EFT1S08AJs+fgINcL1zz5QzKythhVzEQ/IJrdBw38DupBoMA7C2PH7iVVUAfs8Qx
ottvXuxHQ05+CqxGX+sQKE+zr86vmXxPZ/YmShEsbqy7RF7oB672Q1Y37Ff9xqma
kwRx8eGdA59hYIZEFjIYafvyv2RQc9nctDg6PGl+ntz033fOz+J/sECFfXbdL1/y
xZNOfPksHCxIM1KvLyn1CMSTjr45NAotKfZUv9VIezEvkM4i9NyqoLW9cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFENUvnH2wCTESR8uhM7D+UsKY1IUMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvUTFTLWNmYkFKTVJKSHk2RXpzUDVTd3BqVWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPTMA0G
CSqGSIb3DQEBCwUAA4IBAQBqxwQ3tuwwkvY7fMkm50I74VzqUQODTEI8DfYaeHsZ
ZLGxijf1T1s20dO8TuEZtmiOFcaSty/qLHVIO9hNNHib2mwV1KkHAweVfLlCf8I7
kSPZ4tcFCjMHM+IpJvdf3AjH6MruVMbwfjig7blxL8lpvVxNwS1DhMOi3l+jzumV
n0gpGXSFhAyTPjerURerHeu7L42xcwbLn4+PiWD9pfCeY1RbikcJZzJNs3A/A4Dw
glFADosHIg9C7z2nQUVAfgAzEYh1NEoLN+4xDnKVvKD38mnt6fLBTD6EUYKhOsGq
aFk0BfBnIVrdswcM+5vbwTgVqZofr1EaVqX+4uR7JwDj
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:36:48 2025 by rpki-client