Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/Q3-HdEPCyjZHl-Sg4_PuJRYIuT8.roa
File: Q3-HdEPCyjZHl-Sg4_PuJRYIuT8.roa (raw, json)
Hash identifier: XEPQxkckVuIQ5rwgxJmegps237sKjQ4AEXFUBlmNa1Y=
Subject key identifier: 43:7F:87:74:43:C2:CA:36:47:97:E4:A0:E3:F3:EE:25:16:08:B9:3F
Certificate issuer: /CN=e24c9c50cf4e2dac05e1f04328224e20a4605d77
Certificate serial: 01942444D4C6499542D8EEAF1EC77E09BCA3
Authority key identifier: E2:4C:9C:50:CF:4E:2D:AC:05:E1:F0:43:28:22:4E:20:A4:60:5D:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/Q3-HdEPCyjZHl-Sg4_PuJRYIuT8.roa
Signing time: Wed 01 Jan 2025 23:47:58 +0000
ROA not before: Wed 01 Jan 2025 23:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52140
IP address blocks: 46.255.216.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d4:c6:49:95:42:d8:ee:af:1e:c7:7e:09:bc:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24c9c50cf4e2dac05e1f04328224e20a4605d77
Validity
Not Before: Jan 1 23:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=437f877443c2ca364797e4a0e3f3ee251608b93f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7c:ca:f4:09:ca:23:62:6f:9d:6d:69:b5:8a:
9e:ac:98:4e:92:9a:0a:c9:00:48:e1:e1:62:b7:b5:
50:66:cd:50:94:ab:f1:b5:a1:9b:35:2e:83:cf:0e:
73:34:c7:3e:7c:20:a7:cc:ea:15:fe:aa:99:19:5c:
13:7b:cf:6e:a3:99:24:60:41:3d:74:89:3f:a2:94:
93:b9:9c:53:11:0b:93:80:22:a0:35:eb:ec:7b:75:
53:6d:df:0e:b4:29:b2:9e:13:b3:25:b8:46:d2:8b:
97:70:70:ec:70:d5:33:52:61:4f:ed:bd:fe:50:7b:
8d:f6:0b:c5:c3:a2:1b:e1:53:15:6d:33:50:6b:3a:
24:3b:00:9c:7e:13:ba:0c:96:36:2d:56:14:d7:87:
e5:47:7a:ce:5e:b3:20:9d:77:c7:3b:41:db:c3:df:
82:f7:ab:ea:31:5e:6b:03:bb:60:5a:ed:e5:a2:49:
3e:3b:ca:b4:71:82:ca:e8:89:ad:a6:14:1e:c5:0b:
16:89:77:85:94:b2:42:48:7e:89:26:47:3c:40:07:
c0:3a:f0:1e:58:f4:40:5d:d3:55:e3:0e:af:34:07:
78:c2:13:ef:52:dc:bd:9e:1f:00:05:3a:d8:f9:f1:
1a:3e:b9:f4:cf:9c:92:b4:31:85:a3:92:bd:29:71:
45:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7F:87:74:43:C2:CA:36:47:97:E4:A0:E3:F3:EE:25:16:08:B9:3F
X509v3 Authority Key Identifier:
keyid:E2:4C:9C:50:CF:4E:2D:AC:05:E1:F0:43:28:22:4E:20:A4:60:5D:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/Q3-HdEPCyjZHl-Sg4_PuJRYIuT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.216.0/21
Signature Algorithm: sha256WithRSAEncryption
30:ba:31:a1:6f:4a:80:7a:42:d7:93:2a:a3:97:fe:08:1f:0c:
c0:19:cc:59:b4:bf:87:14:11:95:ef:d5:19:46:ff:b9:ec:3b:
fa:c7:3f:63:6f:88:57:6f:06:8a:ea:b6:66:79:04:cb:af:15:
27:67:55:84:d9:cc:17:88:3b:ba:68:de:cd:83:06:dd:5b:d1:
f7:d3:1d:f7:6e:67:6a:10:e9:e5:86:27:3b:ef:fe:bb:7c:78:
95:5c:70:99:73:de:d3:fe:61:41:e2:ff:5d:24:59:41:56:7b:
46:e2:88:90:74:fc:97:74:a0:00:3b:a5:4a:ad:99:44:50:54:
bd:db:f9:7f:64:c6:de:1b:66:54:40:de:11:d2:1a:9a:75:5c:
fa:17:aa:60:20:0e:bb:11:a1:92:a9:fb:80:1f:75:e9:9e:4e:
20:7c:4c:9c:33:e9:4c:9f:a2:66:18:ba:57:ee:39:af:df:9d:
f6:da:df:d0:8b:01:f2:23:45:fc:b2:25:b9:4a:f5:91:74:c9:
d1:b7:ee:1e:03:49:98:65:07:32:67:04:6f:ad:9c:5e:9a:67:
67:f1:0a:0c:e6:97:58:1a:86:50:0b:29:69:36:cc:7e:56:82:
9a:25:43:53:53:e3:67:42:6f:00:d8:f6:51:76:98:dd:f8:ff:
c1:68:6d:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNTGSZVC2O6vHsd+CbyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGM5YzUwY2Y0ZTJkYWMwNWUxZjA0MzI4MjI0ZTIwYTQ2
MDVkNzcwHhcNMjUwMTAxMjM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzdmODc3NDQzYzJjYTM2NDc5N2U0YTBlM2YzZWUyNTE2MDhiOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHzK9AnKI2JvnW1ptYqerJhOkpoK
yQBI4eFit7VQZs1QlKvxtaGbNS6Dzw5zNMc+fCCnzOoV/qqZGVwTe89uo5kkYEE9
dIk/opSTuZxTEQuTgCKgNevse3VTbd8OtCmynhOzJbhG0ouXcHDscNUzUmFP7b3+
UHuN9gvFw6Ib4VMVbTNQazokOwCcfhO6DJY2LVYU14flR3rOXrMgnXfHO0Hbw9+C
96vqMV5rA7tgWu3lokk+O8q0cYLK6ImtphQexQsWiXeFlLJCSH6JJkc8QAfAOvAe
WPRAXdNV4w6vNAd4whPvUty9nh8ABTrY+fEaPrn0z5yStDGFo5K9KXFFOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEN/h3RDwso2R5fkoOPz7iUWCLk/MB8GA1UdIwQY
MBaAFOJMnFDPTi2sBeHwQygiTiCkYF13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMTdjYzEtNjRjMi00NzJlLTkxNGIt
MGJmYjg2ODg0NDA0LzEvUTMtSGRFUEN5alpIbC1TZzRfUHVKUllJdVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMTdjYzEtNjRjMi00NzJlLTkxNGItMGJmYjg2ODg0NDA0
LzEvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv/YMA0G
CSqGSIb3DQEBCwUAA4IBAQAwujGhb0qAekLXkyqjl/4IHwzAGcxZtL+HFBGV79UZ
Rv+57Dv6xz9jb4hXbwaK6rZmeQTLrxUnZ1WE2cwXiDu6aN7NgwbdW9H30x33bmdq
EOnlhic77/67fHiVXHCZc97T/mFB4v9dJFlBVntG4oiQdPyXdKAAO6VKrZlEUFS9
2/l/ZMbeG2ZUQN4R0hqadVz6F6pgIA67EaGSqfuAH3Xpnk4gfEycM+lMn6JmGLpX
7jmv35322t/QiwHyI0X8siW5SvWRdMnRt+4eA0mYZQcyZwRvrZxemmdn8QoM5pdY
GoZQCylpNsx+VoKaJUNTU+NnQm8A2PZRdpjd+P/BaG2C
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:09:29 2025 by rpki-client