Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/FWQETtkN_oL4od4Al2G3UDgEL5c.roa
File: FWQETtkN_oL4od4Al2G3UDgEL5c.roa (raw, json)
Hash identifier: xaM2HH/7hc4DXnOzRecNa3benIQdBaCSuVr3xBWruxw=
Subject key identifier: 15:64:04:4E:D9:0D:FE:82:F8:A1:DE:00:97:61:B7:50:38:04:2F:97
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA6DE01C573257891CEEB8D8FC0945
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/FWQETtkN_oL4od4Al2G3UDgEL5c.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 45.152.148.0/24 maxlen: 24
2a11:f880::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6d:e0:1c:57:32:57:89:1c:ee:b8:d8:fc:09:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1564044ed90dfe82f8a1de009761b75038042f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2c:78:08:8e:73:35:e0:f6:dd:c1:2d:ef:08:
b9:f9:04:57:f2:22:4f:f1:57:b5:77:d5:eb:28:6b:
7c:b3:1e:64:6a:8d:70:3a:b9:f7:b3:25:65:47:c6:
60:e0:fb:e5:69:d8:8c:64:44:ce:b0:b8:d1:5d:2e:
75:eb:15:e1:dc:b2:97:a4:e4:62:43:b5:f6:54:6f:
44:d3:63:8c:0a:c2:6f:68:9e:78:56:f8:06:c9:65:
55:60:6a:20:6b:58:c6:3d:b1:8b:69:4d:c5:87:00:
9d:56:04:61:a4:94:11:f2:fa:cd:d6:e8:43:47:01:
ac:d8:30:82:f5:6e:bf:ae:7c:8f:66:14:7b:61:44:
c7:2d:2e:6e:8f:e1:95:78:70:50:99:e4:26:26:3f:
a2:a8:be:21:7a:07:f5:92:a4:e5:6b:bb:09:38:c1:
30:15:38:6e:33:5f:2b:13:aa:99:8b:62:3a:6a:d4:
70:c2:86:ec:38:ad:c8:75:a2:ea:b1:39:4d:0e:c0:
7a:ff:9e:c4:54:6e:83:cf:c8:5f:4d:4a:76:30:98:
26:f5:df:07:8d:ca:4b:ce:b6:b0:0f:35:c2:56:d3:
01:8d:9e:05:2c:c8:70:0f:9d:47:45:45:0c:70:d9:
3a:2c:97:69:c9:7f:98:56:44:fe:33:3c:a1:12:fc:
2a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:64:04:4E:D9:0D:FE:82:F8:A1:DE:00:97:61:B7:50:38:04:2F:97
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/FWQETtkN_oL4od4Al2G3UDgEL5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.148.0/24
IPv6:
2a11:f880::/32
Signature Algorithm: sha256WithRSAEncryption
79:ae:90:0f:16:c0:3d:43:ec:fa:92:b4:11:1b:76:bf:6c:b3:
f5:fc:ee:99:1c:2f:6a:2f:54:98:22:db:b6:eb:07:c1:b1:b7:
51:d4:68:aa:22:66:1b:ae:1e:db:54:6b:ee:7c:2f:ef:7c:ef:
a0:fe:50:34:56:cb:74:c0:b0:0a:86:27:91:a0:46:fe:3b:34:
44:46:5a:74:24:17:d4:26:e1:17:5c:c6:ad:21:61:8b:b7:f8:
d2:02:6c:15:91:6f:14:a2:b9:aa:29:4b:74:d7:b5:b3:fe:d4:
60:81:e7:6f:34:d1:e2:01:2a:43:15:0c:d9:57:b4:db:70:2e:
a6:06:fe:f0:d6:5d:21:b8:89:7d:98:df:13:6c:b0:c9:66:3e:
ef:43:8a:99:36:54:2e:00:38:9a:00:9a:48:d0:77:e7:1e:2c:
90:8e:11:ec:a7:69:02:21:19:09:03:21:cc:2f:a3:2c:e8:32:
a2:da:53:f3:eb:b3:5a:74:fe:2b:8d:5d:14:16:3e:66:87:4b:
f7:80:12:50:7f:f8:a5:db:b7:96:58:a0:e6:2a:a4:d6:af:0f:
a1:69:50:2c:3a:e5:a3:b0:9b:2c:fd:f8:c8:b0:d8:20:19:ee:
81:14:1c:58:75:28:13:c5:9e:f3:5a:c8:39:c8:25:78:2f:11:
bf:c3:4f:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+m3gHFcyV4kc7rjY/AlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTY0MDQ0ZWQ5MGRmZTgyZjhhMWRlMDA5NzYxYjc1MDM4MDQyZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cx4CI5zNeD23cEt7wi5+QRX8iJP
8Ve1d9XrKGt8sx5kao1wOrn3syVlR8Zg4PvladiMZETOsLjRXS516xXh3LKXpORi
Q7X2VG9E02OMCsJvaJ54VvgGyWVVYGoga1jGPbGLaU3FhwCdVgRhpJQR8vrN1uhD
RwGs2DCC9W6/rnyPZhR7YUTHLS5uj+GVeHBQmeQmJj+iqL4hegf1kqTla7sJOMEw
FThuM18rE6qZi2I6atRwwobsOK3IdaLqsTlNDsB6/57EVG6Dz8hfTUp2MJgm9d8H
jcpLzrawDzXCVtMBjZ4FLMhwD51HRUUMcNk6LJdpyX+YVkT+MzyhEvwqEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBVkBE7ZDf6C+KHeAJdht1A4BC+XMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvRldRRVR0a05fb0w0b2Q0QWwyRzNVRGdFTDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZiUMA0E
AgACMAcDBQAqEfiAMA0GCSqGSIb3DQEBCwUAA4IBAQB5rpAPFsA9Q+z6krQRG3a/
bLP1/O6ZHC9qL1SYItu26wfBsbdR1GiqImYbrh7bVGvufC/vfO+g/lA0Vst0wLAK
hieRoEb+OzRERlp0JBfUJuEXXMatIWGLt/jSAmwVkW8UormqKUt017Wz/tRggedv
NNHiASpDFQzZV7TbcC6mBv7w1l0huIl9mN8TbLDJZj7vQ4qZNlQuADiaAJpI0Hfn
HiyQjhHsp2kCIRkJAyHML6Ms6DKi2lPz67NadP4rjV0UFj5mh0v3gBJQf/il27eW
WKDmKqTWrw+haVAsOuWjsJss/fjIsNggGe6BFBxYdSgTxZ7zWsg5yCV4LxG/w08l
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:15:09 2025 by rpki-client