Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/WqDFoZ4yGIm4v63J6v68a7YN25k.roa
File: WqDFoZ4yGIm4v63J6v68a7YN25k.roa (raw, json)
Hash identifier: r3McHNb+qHaNln2/heub0I5rxUCbQSlKDgIE5D8dY0g=
Subject key identifier: 5A:A0:C5:A1:9E:32:18:89:B8:BF:AD:C9:EA:FE:BC:6B:B6:0D:DB:99
Certificate issuer: /CN=a1d71853324eb060fbafc988233860499c96c53a
Certificate serial: 0194647A6914992BF9AA68EBF6F72126C5B6
Authority key identifier: A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/WqDFoZ4yGIm4v63J6v68a7YN25k.roa
Signing time: Tue 14 Jan 2025 11:02:11 +0000
ROA not before: Tue 14 Jan 2025 11:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.148.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:7a:69:14:99:2b:f9:aa:68:eb:f6:f7:21:26:c5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d71853324eb060fbafc988233860499c96c53a
Validity
Not Before: Jan 14 11:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5aa0c5a19e321889b8bfadc9eafebc6bb60ddb99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6a:8b:95:d3:66:c5:03:e0:8b:7b:83:fd:fd:
c9:3f:74:54:00:a8:01:38:f8:ff:ff:bd:0b:b8:87:
5a:2c:93:38:37:86:ce:53:5f:61:0e:de:97:77:63:
fb:1d:d3:3a:af:fa:fc:ab:72:a1:0d:ea:ad:1d:2a:
97:f5:3f:85:88:b5:6e:d4:ac:93:8c:e2:92:f8:7b:
13:1d:73:50:4c:6e:1c:a6:54:d2:8c:97:d2:b2:f3:
e7:92:70:09:7b:cb:16:a2:cb:0f:76:09:99:84:b7:
71:0b:b5:cd:99:45:e5:d4:5c:ab:b3:0f:fb:57:4b:
d7:b0:59:01:0e:97:a7:5f:54:a7:c2:cd:61:e7:89:
28:b1:13:37:62:84:e6:36:99:c7:89:8d:ab:37:f2:
d6:47:10:08:08:8d:28:26:e6:81:c0:53:8d:9c:d4:
bd:76:57:9c:1a:4e:bd:14:37:df:b5:d9:ea:70:dc:
99:72:f9:5a:d2:2a:bd:4f:40:36:cd:6d:8a:c3:bf:
9c:47:a8:65:66:02:8b:c6:6d:65:be:e2:a5:3f:ff:
bf:16:8e:48:af:ae:db:87:dc:3b:83:c2:05:b3:4f:
95:2b:ca:cc:86:1c:0a:b1:8c:ef:ba:35:e3:38:cd:
fd:71:62:e8:ba:a5:8b:13:19:db:53:fa:9d:5e:06:
37:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A0:C5:A1:9E:32:18:89:B8:BF:AD:C9:EA:FE:BC:6B:B6:0D:DB:99
X509v3 Authority Key Identifier:
keyid:A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/WqDFoZ4yGIm4v63J6v68a7YN25k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.132.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:be:c8:58:71:ec:cb:4c:61:98:e9:51:de:b2:01:98:e9:17:
af:4b:9a:2d:d9:db:58:92:fc:2b:9b:e0:09:62:1b:85:59:1b:
c2:31:85:5e:e6:5b:6c:35:0a:70:9e:45:cd:41:c3:97:fe:57:
f3:a5:7a:a0:55:06:56:89:31:45:c4:ef:e9:d7:ea:ce:a5:41:
d6:ae:1f:4e:a1:64:2b:39:eb:9e:32:dc:15:3d:0d:8a:ae:08:
00:38:31:0a:75:bb:45:f6:f5:95:3f:c5:c9:d8:a1:93:56:d5:
9f:00:3c:0f:6f:8b:1b:a8:bd:48:56:73:e4:78:ef:43:75:40:
6b:e1:53:4c:de:03:d3:73:51:b0:43:c4:6d:5d:9f:6a:e2:33:
51:79:a7:17:11:ee:ee:7f:7c:97:31:ad:91:b8:fb:01:a0:a2:
49:fe:1b:97:12:cc:68:3a:d8:81:f1:9d:b1:8f:5c:7b:12:61:
bb:51:16:09:4d:da:6a:a3:91:ba:28:ad:b0:cd:b1:1b:5e:c9:
d1:5f:43:66:23:7c:26:a3:49:1b:b7:04:05:eb:1b:fe:5a:7f:
ab:5b:68:18:58:65:df:8e:5d:22:db:c7:49:e0:fc:cd:c5:09:
33:11:0b:a8:d1:17:64:43:2a:0d:7a:cb:00:20:6a:94:ee:2a:
b5:98:62:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRkemkUmSv5qmjr9vchJsW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDcxODUzMzI0ZWIwNjBmYmFmYzk4ODIzMzg2MDQ5OWM5
NmM1M2EwHhcNMjUwMTE0MTEwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWEwYzVhMTllMzIxODg5YjhiZmFkYzllYWZlYmM2YmI2MGRkYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWqLldNmxQPgi3uD/f3JP3RUAKgB
OPj//70LuIdaLJM4N4bOU19hDt6Xd2P7HdM6r/r8q3KhDeqtHSqX9T+FiLVu1KyT
jOKS+HsTHXNQTG4cplTSjJfSsvPnknAJe8sWossPdgmZhLdxC7XNmUXl1Fyrsw/7
V0vXsFkBDpenX1Snws1h54kosRM3YoTmNpnHiY2rN/LWRxAICI0oJuaBwFONnNS9
dlecGk69FDfftdnqcNyZcvla0iq9T0A2zW2Kw7+cR6hlZgKLxm1lvuKlP/+/Fo5I
r67bh9w7g8IFs0+VK8rMhhwKsYzvujXjOM39cWLouqWLExnbU/qdXgY3vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqgxaGeMhiJuL+tyer+vGu2DduZMB8GA1UdIwQY
MBaAFKHXGFMyTrBg+6/JiCM4YEmclsU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUt
NzA2MTM1NmJlZjFiLzEvV3FERm9aNHlHSW00djYzSjZ2NjhhN1lOMjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUtNzA2MTM1NmJlZjFi
LzEvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZSEMA0G
CSqGSIb3DQEBCwUAA4IBAQBMvshYcezLTGGY6VHesgGY6RevS5ot2dtYkvwrm+AJ
YhuFWRvCMYVe5ltsNQpwnkXNQcOX/lfzpXqgVQZWiTFFxO/p1+rOpUHWrh9OoWQr
OeueMtwVPQ2KrggAODEKdbtF9vWVP8XJ2KGTVtWfADwPb4sbqL1IVnPkeO9DdUBr
4VNM3gPTc1GwQ8RtXZ9q4jNReacXEe7uf3yXMa2RuPsBoKJJ/huXEsxoOtiB8Z2x
j1x7EmG7URYJTdpqo5G6KK2wzbEbXsnRX0NmI3wmo0kbtwQF6xv+Wn+rW2gYWGXf
jl0i28dJ4PzNxQkzEQuo0RdkQyoNessAIGqU7iq1mGKG
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:18:40 2025 by rpki-client