Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/pQW5R-zKKXoKoeJff8c5_2k7hqc.roa
File: pQW5R-zKKXoKoeJff8c5_2k7hqc.roa (raw, json)
Hash identifier: rBt7iA3N1J58taPxtPNL2j6hN1NPIb/9bqIe8PmHwc0=
Subject key identifier: A5:05:B9:47:EC:CA:29:7A:0A:A1:E2:5F:7F:C7:39:FF:69:3B:86:A7
Certificate issuer: /CN=111014ce8ad38d15350096d549ee1c5805d09dc8
Certificate serial: 0194206855126B725CC7408EFDA985D254C3
Authority key identifier: 11:10:14:CE:8A:D3:8D:15:35:00:96:D5:49:EE:1C:58:05:D0:9D:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERAUzorTjRU1AJbVSe4cWAXQncg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/pQW5R-zKKXoKoeJff8c5_2k7hqc.roa
Signing time: Wed 01 Jan 2025 05:48:15 +0000
ROA not before: Wed 01 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208499
IP address blocks: 45.132.220.0/22 maxlen: 24
2a0e:71c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:55:12:6b:72:5c:c7:40:8e:fd:a9:85:d2:54:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111014ce8ad38d15350096d549ee1c5805d09dc8
Validity
Not Before: Jan 1 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a505b947ecca297a0aa1e25f7fc739ff693b86a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3f:d6:59:54:4f:a3:77:3b:1a:41:de:90:df:
37:91:88:f0:35:d4:58:26:b9:77:a3:2f:0c:93:0b:
05:3c:bf:b9:b4:0f:b5:b3:64:b2:fd:32:df:dd:e4:
49:a3:a2:01:d9:7a:b9:fb:65:85:bd:3e:fd:51:8e:
8c:3b:84:c3:a1:8a:13:8c:3d:ef:42:dc:c5:23:95:
65:95:1a:a2:0c:fc:6f:6b:b4:e0:ce:78:bb:8d:a8:
0e:31:99:98:4e:92:30:0c:56:00:1c:4b:4a:25:85:
8b:a6:d2:0f:7f:ed:dc:af:57:e2:e1:ca:c7:fe:e5:
7e:a9:c6:b6:85:d6:4c:ac:86:69:9a:c7:c8:55:eb:
1f:8a:a1:9d:b2:9f:45:0b:c7:4e:03:17:b0:e6:02:
c0:d8:95:83:33:b0:0a:60:5d:19:89:05:1a:af:15:
05:34:c5:72:9b:1c:00:ff:60:82:cf:b3:93:68:a5:
f0:e5:2b:be:0f:11:78:a0:0d:b3:83:28:94:66:93:
5e:a4:f3:cd:9a:b5:5b:40:5a:0b:32:1c:ee:e1:a9:
63:bf:6e:d2:f0:27:14:2a:c8:99:55:10:4d:5b:84:
70:54:54:dc:af:38:5c:83:f9:32:73:6b:fa:32:5f:
5f:8f:ca:b4:0d:84:2f:a5:0e:dc:69:e0:a8:18:0a:
55:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:05:B9:47:EC:CA:29:7A:0A:A1:E2:5F:7F:C7:39:FF:69:3B:86:A7
X509v3 Authority Key Identifier:
keyid:11:10:14:CE:8A:D3:8D:15:35:00:96:D5:49:EE:1C:58:05:D0:9D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERAUzorTjRU1AJbVSe4cWAXQncg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/pQW5R-zKKXoKoeJff8c5_2k7hqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/ERAUzorTjRU1AJbVSe4cWAXQncg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.220.0/22
IPv6:
2a0e:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:ca:bd:fb:3e:a1:f5:73:5e:2c:76:af:fb:cc:0f:d8:0c:52:
66:da:11:3d:a7:0b:93:1b:01:97:40:9e:ff:92:dc:e2:2e:76:
ee:3e:04:91:73:b2:4e:1a:e0:22:31:45:ed:fc:c2:7c:bc:1f:
30:56:75:ea:6f:3d:73:5b:b0:f6:e5:7e:bf:35:f4:0f:eb:50:
17:51:1a:38:7b:97:79:ed:cd:73:28:fe:88:a4:4c:d0:dc:71:
16:0f:c2:b4:f7:0c:da:a9:7c:4a:dc:4a:9d:ce:5c:54:df:6f:
ff:1f:c3:b1:a7:08:63:f1:27:92:37:1d:91:a0:2f:54:34:0e:
1f:ad:bf:e9:6d:75:ff:26:8e:70:bf:7d:f2:ba:7f:57:de:a7:
f5:f5:b2:99:e2:ff:5d:f2:ef:6d:b5:1d:a0:b4:dd:95:9e:dd:
dc:5b:cd:10:e3:7c:08:ae:05:1f:47:11:57:2d:47:65:10:71:
9a:b9:d2:7f:5b:1a:c7:5e:2d:cf:2a:11:70:9c:2c:d9:a0:e6:
2e:23:c4:54:bd:7d:4e:f5:7e:ae:ad:bd:93:25:2f:80:36:2d:
06:36:d2:a6:6c:87:03:37:3d:23:89:ef:79:df:e9:9a:07:db:
01:96:db:cb:a9:db:51:cd:e0:f6:af:59:6c:ff:ba:8f:37:84:
5f:fd:2c:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaFUSa3Jcx0CO/amF0lTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMTAxNGNlOGFkMzhkMTUzNTAwOTZkNTQ5ZWUxYzU4MDVk
MDlkYzgwHhcNMjUwMTAxMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA1Yjk0N2VjY2EyOTdhMGFhMWUyNWY3ZmM3MzlmZjY5M2I4NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz/WWVRPo3c7GkHekN83kYjwNdRY
Jrl3oy8MkwsFPL+5tA+1s2Sy/TLf3eRJo6IB2Xq5+2WFvT79UY6MO4TDoYoTjD3v
QtzFI5VllRqiDPxva7Tgzni7jagOMZmYTpIwDFYAHEtKJYWLptIPf+3cr1fi4crH
/uV+qca2hdZMrIZpmsfIVesfiqGdsp9FC8dOAxew5gLA2JWDM7AKYF0ZiQUarxUF
NMVymxwA/2CCz7OTaKXw5Su+DxF4oA2zgyiUZpNepPPNmrVbQFoLMhzu4aljv27S
8CcUKsiZVRBNW4RwVFTcrzhcg/kyc2v6Ml9fj8q0DYQvpQ7caeCoGApVVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKUFuUfsyil6CqHiX3/HOf9pO4anMB8GA1UdIwQY
MBaAFBEQFM6K040VNQCW1UnuHFgF0J3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJBVXpvclRqUlUxQUpiVlNlNGNXQVhRbmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9kNmM3NTItYWE0Yi00ZmE3LWFiMWYt
OTFhMzk0Njg0NjQ0LzEvcFFXNVItektLWG9Lb2VKZmY4YzVfMms3aHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9kNmM3NTItYWE0Yi00ZmE3LWFiMWYtOTFhMzk0Njg0NjQ0
LzEvRVJBVXpvclRqUlUxQUpiVlNlNGNXQVhRbmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYTcMA0E
AgACMAcDBQMqDnHAMA0GCSqGSIb3DQEBCwUAA4IBAQAhyr37PqH1c14sdq/7zA/Y
DFJm2hE9pwuTGwGXQJ7/ktziLnbuPgSRc7JOGuAiMUXt/MJ8vB8wVnXqbz1zW7D2
5X6/NfQP61AXURo4e5d57c1zKP6IpEzQ3HEWD8K09wzaqXxK3EqdzlxU32//H8Ox
pwhj8SeSNx2RoC9UNA4frb/pbXX/Jo5wv33yun9X3qf19bKZ4v9d8u9ttR2gtN2V
nt3cW80Q43wIrgUfRxFXLUdlEHGaudJ/WxrHXi3PKhFwnCzZoOYuI8RUvX1O9X6u
rb2TJS+ANi0GNtKmbIcDNz0jie953+maB9sBltvLqdtRzeD2r1ls/7qPN4Rf/Swu
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:16:26 2025 by rpki-client