Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/FM1ZToDPfltq70sgYZxUZRvW9lw.roa
File: FM1ZToDPfltq70sgYZxUZRvW9lw.roa (raw, json)
Hash identifier: gobn7d36Th+HhvhLfnOuWn7jGYlz7+noOsxaYpWSY6w=
Subject key identifier: 14:CD:59:4E:80:CF:7E:5B:6A:EF:4B:20:61:9C:54:65:1B:D6:F6:5C
Certificate issuer: /CN=40d55b78836a93fb6f9ec9fa7a79ed9b8bea2ba1
Certificate serial: 019427B596C34D4BCC153C1760087EF1F014
Authority key identifier: 40:D5:5B:78:83:6A:93:FB:6F:9E:C9:FA:7A:79:ED:9B:8B:EA:2B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNVbeINqk_tvnsn6enntm4vqK6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/FM1ZToDPfltq70sgYZxUZRvW9lw.roa
Signing time: Thu 02 Jan 2025 15:49:58 +0000
ROA not before: Thu 02 Jan 2025 15:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 45.129.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:96:c3:4d:4b:cc:15:3c:17:60:08:7e:f1:f0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d55b78836a93fb6f9ec9fa7a79ed9b8bea2ba1
Validity
Not Before: Jan 2 15:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14cd594e80cf7e5b6aef4b20619c54651bd6f65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c3:07:2f:f0:c7:3a:10:8b:08:19:ea:f5:69:
13:be:aa:53:87:cf:ea:64:1b:6e:29:02:04:ad:7c:
b7:d4:77:0d:d4:ad:39:5a:90:6a:1b:52:30:57:0b:
ad:9c:42:5f:9e:31:51:80:46:4c:71:25:0f:f5:78:
f4:1c:dd:98:b2:2f:c3:36:4e:57:da:bc:3c:01:b2:
51:22:88:d9:5b:5b:1d:58:c6:36:26:54:0d:bd:87:
e6:2d:f3:ca:3f:41:13:02:8e:2a:07:80:85:b0:0c:
1d:6e:b6:5f:46:47:ed:36:34:1f:3b:77:b4:ca:7d:
01:5f:29:41:ef:8c:b4:2d:79:51:dc:d2:7b:75:ee:
0f:61:ba:65:3d:73:15:5c:51:9b:52:86:e7:aa:94:
df:cd:84:4c:b0:01:c3:36:35:c7:0e:0d:9a:5f:82:
98:3f:d7:7d:c6:8c:23:9a:73:a4:70:58:c5:74:e4:
32:bb:7c:e6:e1:fc:3c:9e:ba:a4:81:69:00:1b:50:
4a:14:91:14:df:79:e7:c4:98:00:df:7c:2b:d9:14:
99:91:e5:5e:18:eb:65:76:a5:f7:55:60:b8:7c:c1:
ae:90:78:53:10:0c:dd:41:f8:70:0f:38:74:7d:07:
7e:e9:8d:32:9e:c6:d7:07:58:35:2c:df:f9:43:e8:
2f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CD:59:4E:80:CF:7E:5B:6A:EF:4B:20:61:9C:54:65:1B:D6:F6:5C
X509v3 Authority Key Identifier:
keyid:40:D5:5B:78:83:6A:93:FB:6F:9E:C9:FA:7A:79:ED:9B:8B:EA:2B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNVbeINqk_tvnsn6enntm4vqK6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/FM1ZToDPfltq70sgYZxUZRvW9lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/QNVbeINqk_tvnsn6enntm4vqK6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.193.0/24
Signature Algorithm: sha256WithRSAEncryption
39:f0:93:7d:ac:51:1a:23:f3:f9:fb:63:6e:05:11:23:cb:e9:
8f:e3:17:1e:df:cf:f2:f2:09:c4:70:fa:f3:a8:1e:00:ad:98:
b8:83:1a:61:7a:4a:fc:66:46:41:fe:1a:50:d7:2d:9d:a3:c6:
bc:fe:05:72:07:fe:51:10:73:8e:19:f5:73:27:b6:27:c5:b3:
38:81:ea:9f:79:ac:b9:be:64:bc:49:99:9f:22:f8:18:88:23:
fe:89:7e:30:11:ed:fe:d6:d4:15:87:47:0d:08:fb:04:10:d1:
0a:22:6a:47:a9:d1:74:d4:37:9c:e8:48:9a:71:86:bf:20:9a:
35:ec:19:1d:f4:a7:0a:cd:68:2c:5f:89:4f:69:73:d6:d5:5f:
e0:f9:46:b2:ab:ec:5a:b9:a1:24:5c:1b:f3:4b:2c:68:7f:ee:
e3:2d:6a:a7:99:b4:c8:03:3a:ab:2d:ad:b8:aa:98:7e:ca:34:
78:55:c8:48:e9:02:0d:ae:7b:ef:54:a3:c0:78:fb:6c:e2:b4:
30:74:65:8b:b4:7b:c7:01:01:d9:0a:9e:7e:c6:99:6b:99:8f:
60:3c:8d:9b:06:3f:9e:d2:b4:8a:00:9d:96:1f:38:0a:9a:60:
26:bb:52:e1:25:49:86:d8:d5:22:a8:87:98:ed:06:31:f3:f9:
f9:bf:82:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntZbDTUvMFTwXYAh+8fAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDU1Yjc4ODM2YTkzZmI2ZjllYzlmYTdhNzllZDliOGJl
YTJiYTEwHhcNMjUwMTAyMTU0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGNkNTk0ZTgwY2Y3ZTViNmFlZjRiMjA2MTljNTQ2NTFiZDZmNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMMHL/DHOhCLCBnq9WkTvqpTh8/q
ZBtuKQIErXy31HcN1K05WpBqG1IwVwutnEJfnjFRgEZMcSUP9Xj0HN2Ysi/DNk5X
2rw8AbJRIojZW1sdWMY2JlQNvYfmLfPKP0ETAo4qB4CFsAwdbrZfRkftNjQfO3e0
yn0BXylB74y0LXlR3NJ7de4PYbplPXMVXFGbUobnqpTfzYRMsAHDNjXHDg2aX4KY
P9d9xowjmnOkcFjFdOQyu3zm4fw8nrqkgWkAG1BKFJEU33nnxJgA33wr2RSZkeVe
GOtldqX3VWC4fMGukHhTEAzdQfhwDzh0fQd+6Y0ynsbXB1g1LN/5Q+gvsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTNWU6Az35bau9LIGGcVGUb1vZcMB8GA1UdIwQY
MBaAFEDVW3iDapP7b57J+np57ZuL6iuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5WYmVJTnFrX3R2bnNuNmVubnRtNHZxSzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNzZkODUtNjg2NC00YjM3LWJkYjMt
OTJlOGJlNjI3OWJiLzEvRk0xWlRvRFBmbHRxNzBzZ1laeFVaUnZXOWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNzZkODUtNjg2NC00YjM3LWJkYjMtOTJlOGJlNjI3OWJi
LzEvUU5WYmVJTnFrX3R2bnNuNmVubnRtNHZxSzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHBMA0G
CSqGSIb3DQEBCwUAA4IBAQA58JN9rFEaI/P5+2NuBREjy+mP4xce38/y8gnEcPrz
qB4ArZi4gxphekr8ZkZB/hpQ1y2do8a8/gVyB/5REHOOGfVzJ7YnxbM4geqfeay5
vmS8SZmfIvgYiCP+iX4wEe3+1tQVh0cNCPsEENEKImpHqdF01Dec6EiacYa/IJo1
7Bkd9KcKzWgsX4lPaXPW1V/g+Uayq+xauaEkXBvzSyxof+7jLWqnmbTIAzqrLa24
qph+yjR4VchI6QINrnvvVKPAePts4rQwdGWLtHvHAQHZCp5+xplrmY9gPI2bBj+e
0rSKAJ2WHzgKmmAmu1LhJUmG2NUiqIeY7QYx8/n5v4L9
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:12 2025 by rpki-client