Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/DmQguxgVyJ_d0tpi3KUPtRcdGUQ.roa
File: DmQguxgVyJ_d0tpi3KUPtRcdGUQ.roa (raw, json)
Hash identifier: OiuAWrEvvfbOYm4huTJvJrvDJABO3FsTpYDNXs6sb+s=
Subject key identifier: 0E:64:20:BB:18:15:C8:9F:DD:D2:DA:62:DC:A5:0F:B5:17:1D:19:44
Certificate issuer: /CN=df61a292223ad9aebc8ad82c2a56475fbd97a834
Certificate serial: 019420D5CA0605D6C74C41BD5695D59FD418
Authority key identifier: DF:61:A2:92:22:3A:D9:AE:BC:8A:D8:2C:2A:56:47:5F:BD:97:A8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/32GikiI62a68itgsKlZHX72XqDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/DmQguxgVyJ_d0tpi3KUPtRcdGUQ.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35732
IP address blocks: 45.129.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ca:06:05:d6:c7:4c:41:bd:56:95:d5:9f:d4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df61a292223ad9aebc8ad82c2a56475fbd97a834
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e6420bb1815c89fddd2da62dca50fb5171d1944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:ec:ee:42:d6:3f:cc:cd:96:f7:69:ab:08:
39:78:de:47:e1:da:ec:b6:20:06:0a:ca:30:1a:2c:
ee:61:dc:73:ef:5b:7c:8a:fa:c2:57:0f:90:69:79:
3f:88:f7:3a:61:a8:cf:d3:92:d6:27:c8:01:a2:05:
02:3f:77:a7:42:1e:26:b2:7c:ce:ca:69:e2:12:c4:
77:77:b3:9f:22:ec:9b:31:80:d6:11:0e:f1:b3:8f:
cc:57:aa:e0:bd:06:20:43:a9:92:d0:d5:6c:4b:6f:
46:a7:e6:25:69:25:e8:26:0c:1d:c9:10:e1:27:c5:
86:fb:50:63:0e:ef:50:50:e5:ee:85:dd:17:96:98:
19:fa:0c:38:26:63:d9:b3:51:29:3d:bb:28:6e:32:
eb:8b:51:48:0f:af:c9:ce:38:24:8f:a0:0f:e5:12:
29:ec:16:98:0d:92:57:a7:3f:39:a9:72:c5:2f:67:
ee:3e:f2:a1:9a:2f:fc:eb:c4:13:f8:45:fa:bf:04:
49:de:54:5e:a2:a3:8b:71:e1:65:9d:24:c8:8a:4c:
e6:a7:37:6f:00:eb:ed:18:b4:ac:4d:8e:1f:e9:af:
95:ad:de:14:6e:2d:5a:b4:92:c3:8d:46:20:34:c4:
ea:45:83:09:56:38:c3:5a:95:88:c4:21:a4:3e:27:
cf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:64:20:BB:18:15:C8:9F:DD:D2:DA:62:DC:A5:0F:B5:17:1D:19:44
X509v3 Authority Key Identifier:
keyid:DF:61:A2:92:22:3A:D9:AE:BC:8A:D8:2C:2A:56:47:5F:BD:97:A8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/32GikiI62a68itgsKlZHX72XqDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/DmQguxgVyJ_d0tpi3KUPtRcdGUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/32GikiI62a68itgsKlZHX72XqDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.138.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:39:ce:ad:eb:ac:4d:e2:14:e1:af:3a:20:00:dc:58:b4:f7:
f0:ec:c0:a7:00:10:46:9c:01:53:25:bf:b9:df:88:a7:f0:9d:
c6:c0:39:eb:c4:7d:3d:4f:d4:60:39:7e:b3:00:b9:0f:e6:e8:
0d:66:6e:3d:c9:4c:60:60:c4:69:79:13:9f:3e:7b:38:ae:15:
6a:d7:37:48:53:ef:45:09:a1:26:75:ac:8c:ba:32:f8:ad:86:
e3:45:ab:d7:a3:9f:d8:39:61:06:78:87:62:62:ff:89:d9:56:
58:3a:3d:0d:ab:5e:9e:92:f0:06:22:6d:ce:7d:7d:15:21:a3:
eb:d9:17:12:50:76:b8:ac:48:70:85:70:f4:21:57:32:f8:c9:
72:03:55:5f:5a:69:c0:09:2f:1c:f7:31:45:b0:0e:ea:c1:2c:
14:ef:a8:76:eb:76:28:eb:27:38:61:75:48:53:d4:54:51:93:
8a:03:95:4a:38:48:50:68:7d:dc:d3:f7:6a:aa:4e:68:08:cb:
ed:3c:5f:77:47:29:14:ca:1b:7b:4b:0b:a6:df:aa:4a:e8:fc:
24:08:69:04:09:f2:c3:6f:cd:46:2f:84:9e:14:ca:06:44:87:
2f:2f:3f:a8:d6:0f:c5:a3:96:b9:03:f9:08:cd:b9:e5:54:fc:
dd:92:5c:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1coGBdbHTEG9VpXVn9QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNjFhMjkyMjIzYWQ5YWViYzhhZDgyYzJhNTY0NzVmYmQ5
N2E4MzQwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTY0MjBiYjE4MTVjODlmZGRkMmRhNjJkY2E1MGZiNTE3MWQxOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl3s7kLWP8zNlvdpqwg5eN5H4drs
tiAGCsowGizuYdxz71t8ivrCVw+QaXk/iPc6YajP05LWJ8gBogUCP3enQh4msnzO
ymniEsR3d7OfIuybMYDWEQ7xs4/MV6rgvQYgQ6mS0NVsS29Gp+YlaSXoJgwdyRDh
J8WG+1BjDu9QUOXuhd0XlpgZ+gw4JmPZs1EpPbsobjLri1FID6/Jzjgkj6AP5RIp
7BaYDZJXpz85qXLFL2fuPvKhmi/868QT+EX6vwRJ3lReoqOLceFlnSTIikzmpzdv
AOvtGLSsTY4f6a+Vrd4Ubi1atJLDjUYgNMTqRYMJVjjDWpWIxCGkPifPKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5kILsYFcif3dLaYtylD7UXHRlEMB8GA1UdIwQY
MBaAFN9hopIiOtmuvIrYLCpWR1+9l6g0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzJHaWtpSTYyYTY4aXRnc0tsWkhYNzJYcURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iN2Q4NzUtYjEyYy00ZWQ4LWI4MGYt
NDE0ODdmNGQ0MTcxLzEvRG1RZ3V4Z1Z5Sl9kMHRwaTNLVVB0UmNkR1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iN2Q4NzUtYjEyYy00ZWQ4LWI4MGYtNDE0ODdmNGQ0MTcx
LzEvMzJHaWtpSTYyYTY4aXRnc0tsWkhYNzJYcURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYGKMA0G
CSqGSIb3DQEBCwUAA4IBAQBdOc6t66xN4hThrzogANxYtPfw7MCnABBGnAFTJb+5
34in8J3GwDnrxH09T9RgOX6zALkP5ugNZm49yUxgYMRpeROfPns4rhVq1zdIU+9F
CaEmdayMujL4rYbjRavXo5/YOWEGeIdiYv+J2VZYOj0Nq16ekvAGIm3OfX0VIaPr
2RcSUHa4rEhwhXD0IVcy+MlyA1VfWmnACS8c9zFFsA7qwSwU76h263Yo6yc4YXVI
U9RUUZOKA5VKOEhQaH3c0/dqqk5oCMvtPF93RykUyht7Swum36pK6PwkCGkECfLD
b81GL4SeFMoGRIcvLz+o1g/Fo5a5A/kIzbnlVPzdklzR
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:11:25 2025 by rpki-client