Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/R10kzlmrHw9WAyAvK8-iRqbaBaA.roa
File: R10kzlmrHw9WAyAvK8-iRqbaBaA.roa (raw, json)
Hash identifier: XqcsBbYv+/IKS1qiI7jigpCKSJFXUkDBvTdSLdA8/XI=
Subject key identifier: 47:5D:24:CE:59:AB:1F:0F:56:03:20:2F:2B:CF:A2:46:A6:DA:05:A0
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA6AEC6A1505F9741092EBAF986475
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/R10kzlmrHw9WAyAvK8-iRqbaBaA.roa
Signing time: Wed 01 Jan 2025 03:48:12 +0000
ROA not before: Wed 01 Jan 2025 03:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210558
IP address blocks: 45.152.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6a:ec:6a:15:05:f9:74:10:92:eb:af:98:64:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=475d24ce59ab1f0f5603202f2bcfa246a6da05a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:c2:c3:26:7c:4b:6f:bf:6c:87:df:07:87:
ff:ae:f2:21:b7:0b:ab:5e:b4:99:20:1d:32:73:1e:
50:53:02:27:2d:96:0d:84:7c:78:16:77:8a:33:84:
fa:b4:6b:38:7b:c7:08:ec:e8:4b:43:5b:17:7a:1a:
08:ac:85:45:b8:f9:9d:19:29:68:6e:39:03:03:5b:
44:b8:04:47:b4:d2:34:bc:5d:d0:bc:45:51:20:0d:
34:a5:16:03:42:cc:1c:b2:af:0d:f4:91:37:38:da:
18:3a:85:38:1f:3d:0e:5e:89:ce:d7:74:45:48:89:
7c:29:e0:95:20:76:57:d1:4c:28:75:ee:22:1d:ef:
a0:35:05:71:79:21:c9:c4:9f:c7:c9:d5:2b:98:df:
1a:d8:7e:0a:61:39:71:bf:6a:df:20:d3:86:ac:a0:
d1:2e:b1:e4:99:60:2e:e1:b0:d3:40:e0:43:60:44:
49:32:fd:66:2b:d4:7a:4b:40:ad:57:fe:81:6e:41:
e2:e4:c3:9d:3e:85:75:3c:40:38:e6:42:1a:4b:3a:
62:80:7a:25:a8:0b:2f:2e:97:08:cc:46:34:12:f2:
3a:43:32:c5:9f:7c:08:8f:b0:6f:e3:0a:4e:64:17:
94:96:bf:b8:f5:cc:80:1c:c5:9c:b5:f7:b4:a0:a3:
a9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5D:24:CE:59:AB:1F:0F:56:03:20:2F:2B:CF:A2:46:A6:DA:05:A0
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/R10kzlmrHw9WAyAvK8-iRqbaBaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.149.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a2:05:90:29:44:f2:fe:04:c5:8c:85:33:b4:dd:08:cc:e8:
80:9e:a5:29:b0:81:7d:88:07:f3:67:e3:37:e2:03:0e:68:6c:
ce:54:3e:2d:08:1b:86:e1:06:06:c8:18:74:e9:3a:48:d2:22:
ce:2a:86:ff:93:3a:70:19:9c:f5:57:e8:77:ed:c2:92:18:fa:
93:8f:84:5c:fe:2b:d6:f7:b8:44:f6:1d:61:80:1b:5d:3c:b6:
ed:ba:dd:22:cc:53:bd:0f:4d:1a:b4:4c:6b:29:82:01:ee:8a:
b9:a7:9b:c2:18:5f:7f:7e:69:bb:b5:c1:de:bb:bf:2b:dc:46:
c5:a6:9c:74:c1:9a:dd:5e:2c:94:1f:38:f6:01:4f:7a:98:da:
eb:c1:54:bd:67:50:72:e3:b7:f9:6a:f3:27:14:82:3e:55:b6:
78:b0:65:d9:62:68:35:d5:45:49:d9:9a:3d:64:8f:9d:37:08:
c6:e7:b1:d6:60:88:f7:55:61:c0:47:61:e1:0b:a7:e0:b0:33:
88:3e:1f:e0:48:83:40:d8:ec:95:e9:40:c6:b9:12:3f:4c:3a:
5b:c1:80:70:09:76:07:29:a8:6f:df:b8:c7:b4:e6:7b:b5:cd:
db:16:af:0e:9c:a6:21:29:64:aa:d0:1a:fc:c6:5f:fc:86:70:
e9:c0:0a:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+mrsahUF+XQQkuuvmGR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzVkMjRjZTU5YWIxZjBmNTYwMzIwMmYyYmNmYTI0NmE2ZGEwNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjnCwyZ8S2+/bIffB4f/rvIhtwur
XrSZIB0ycx5QUwInLZYNhHx4FneKM4T6tGs4e8cI7OhLQ1sXehoIrIVFuPmdGSlo
bjkDA1tEuARHtNI0vF3QvEVRIA00pRYDQswcsq8N9JE3ONoYOoU4Hz0OXonO13RF
SIl8KeCVIHZX0Uwode4iHe+gNQVxeSHJxJ/HydUrmN8a2H4KYTlxv2rfINOGrKDR
LrHkmWAu4bDTQOBDYERJMv1mK9R6S0CtV/6BbkHi5MOdPoV1PEA45kIaSzpigHol
qAsvLpcIzEY0EvI6QzLFn3wIj7Bv4wpOZBeUlr+49cyAHMWctfe0oKOpkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEddJM5Zqx8PVgMgLyvPokam2gWgMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvUjEwa3psbXJIdzlXQXlBdks4LWlScWJhQmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZiVMA0G
CSqGSIb3DQEBCwUAA4IBAQAaogWQKUTy/gTFjIUztN0IzOiAnqUpsIF9iAfzZ+M3
4gMOaGzOVD4tCBuG4QYGyBh06TpI0iLOKob/kzpwGZz1V+h37cKSGPqTj4Rc/ivW
97hE9h1hgBtdPLbtut0izFO9D00atExrKYIB7oq5p5vCGF9/fmm7tcHeu78r3EbF
ppx0wZrdXiyUHzj2AU96mNrrwVS9Z1By47f5avMnFII+VbZ4sGXZYmg11UVJ2Zo9
ZI+dNwjG57HWYIj3VWHAR2HhC6fgsDOIPh/gSINA2OyV6UDGuRI/TDpbwYBwCXYH
Kahv37jHtOZ7tc3bFq8OnKYhKWSq0Br8xl/8hnDpwArx
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:29:53 2025 by rpki-client