Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/FIOPjgBkgq7xEXRKyPRQ1Oqa0NU.roa
File: FIOPjgBkgq7xEXRKyPRQ1Oqa0NU.roa (raw, json)
Hash identifier: UWt78DgDOwppGpFR4S+tA4PHXjI0OjWHkXa+j+bLBU4=
Subject key identifier: 14:83:8F:8E:00:64:82:AE:F1:11:74:4A:C8:F4:50:D4:EA:9A:D0:D5
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 0194228DF2E280AE3025BDBBAF6126514E16
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/FIOPjgBkgq7xEXRKyPRQ1Oqa0NU.roa
Signing time: Wed 01 Jan 2025 15:48:35 +0000
ROA not before: Wed 01 Jan 2025 15:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45794
IP address blocks: 134.97.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f2:e2:80:ae:30:25:bd:bb:af:61:26:51:4e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 1 15:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14838f8e006482aef111744ac8f450d4ea9ad0d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:86:11:18:2c:52:4a:3e:95:0a:d3:b2:d0:b0:
1b:be:56:0a:e7:6b:42:27:a9:2a:46:78:b0:cd:c8:
78:12:53:74:90:1c:3b:4e:7a:76:3a:cc:ee:25:b9:
0f:3a:2c:29:ee:38:28:07:04:fb:f7:76:e2:73:99:
cd:7e:5b:a3:96:1a:1d:b5:e6:47:5d:94:25:11:83:
db:c9:98:35:f2:2c:fa:29:03:48:d4:2e:e3:e5:06:
73:ed:75:d3:93:49:24:ee:80:ae:81:19:e0:94:0f:
bc:8f:1b:30:d8:ef:5c:c1:07:b6:29:de:ab:33:07:
bb:70:9c:30:bf:07:47:4c:62:1d:bc:04:d4:de:e6:
66:f8:da:73:c2:ca:a7:3c:ef:47:2f:66:74:e3:15:
fc:15:58:d6:58:83:61:cb:8e:b4:d2:e1:10:85:97:
71:31:98:28:12:55:f0:b6:5c:b2:43:2a:84:d3:8e:
24:65:eb:d4:53:a2:5c:c3:9d:42:4d:b1:2c:0a:1c:
a7:49:9f:ba:51:ca:cf:50:e1:c8:e9:b4:45:fa:db:
6d:54:c7:4c:c2:13:9a:f1:a0:25:56:52:d1:83:fb:
49:a3:dd:fd:3b:81:21:01:2e:fb:1b:ce:9c:df:34:
e6:9e:ac:e9:51:83:2a:a2:a2:cf:eb:a9:f9:84:8c:
4b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:83:8F:8E:00:64:82:AE:F1:11:74:4A:C8:F4:50:D4:EA:9A:D0:D5
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/FIOPjgBkgq7xEXRKyPRQ1Oqa0NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.97.18.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:f3:3a:35:c3:eb:cd:3e:43:a5:11:2b:1d:cd:85:05:9c:77:
5c:ef:4f:f6:63:bf:86:f5:83:a9:7c:5e:68:f1:de:9b:78:bb:
25:82:be:2f:d6:7b:8f:b4:2b:62:94:4f:f8:f1:94:c2:92:1e:
84:c0:9d:35:91:06:d3:17:84:74:46:13:96:d2:83:f7:4f:c5:
b3:84:96:58:2a:39:c7:b8:41:33:35:c7:3f:1d:da:10:8d:dd:
1a:3f:da:59:09:c9:8d:8a:dc:e1:68:73:92:d0:76:cb:e1:6a:
b2:05:eb:c4:df:b7:cf:55:b8:fe:eb:74:68:f0:ef:9a:92:f8:
77:3d:30:1b:90:f8:74:1c:93:bb:7e:0e:4e:51:fb:41:a0:34:
9c:8c:60:50:1a:be:4f:33:df:0b:e4:76:85:d3:c6:d7:6b:2d:
cf:7e:d9:e6:de:ba:82:bb:09:2a:7d:78:85:21:20:e0:41:9f:
ee:c4:23:77:11:59:8b:dd:d2:5b:f2:5e:01:d5:93:83:c8:34:
d0:dc:d0:1b:07:00:51:41:10:03:98:60:13:b3:a5:79:5c:37:
64:2d:b5:95:2f:36:cd:1f:20:ae:7e:04:ee:54:8d:db:06:a5:
3f:8c:f3:11:c6:dd:e4:29:37:28:09:36:92:36:a1:07:97:c4:
7b:9a:30:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfLigK4wJb27r2EmUU4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4
YWUwZDMwHhcNMjUwMTAxMTU0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDgzOGY4ZTAwNjQ4MmFlZjExMTc0NGFjOGY0NTBkNGVhOWFkMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYYRGCxSSj6VCtOy0LAbvlYK52tC
J6kqRniwzch4ElN0kBw7Tnp2OszuJbkPOiwp7jgoBwT793bic5nNflujlhodteZH
XZQlEYPbyZg18iz6KQNI1C7j5QZz7XXTk0kk7oCugRnglA+8jxsw2O9cwQe2Kd6r
Mwe7cJwwvwdHTGIdvATU3uZm+NpzwsqnPO9HL2Z04xX8FVjWWINhy4600uEQhZdx
MZgoElXwtlyyQyqE044kZevUU6Jcw51CTbEsChynSZ+6UcrPUOHI6bRF+tttVMdM
whOa8aAlVlLRg/tJo939O4EhAS77G86c3zTmnqzpUYMqoqLP66n5hIxLhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSDj44AZIKu8RF0Ssj0UNTqmtDVMB8GA1UdIwQY
MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt
NTNjYzVkYWY1MmNmLzEvRklPUGpnQmtncTd4RVhSS3lQUlExT3FhME5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm
LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAhmESMA0G
CSqGSIb3DQEBCwUAA4IBAQA68zo1w+vNPkOlESsdzYUFnHdc70/2Y7+G9YOpfF5o
8d6beLslgr4v1nuPtCtilE/48ZTCkh6EwJ01kQbTF4R0RhOW0oP3T8WzhJZYKjnH
uEEzNcc/HdoQjd0aP9pZCcmNitzhaHOS0HbL4WqyBevE37fPVbj+63Ro8O+akvh3
PTAbkPh0HJO7fg5OUftBoDScjGBQGr5PM98L5HaF08bXay3Pftnm3rqCuwkqfXiF
ISDgQZ/uxCN3EVmL3dJb8l4B1ZODyDTQ3NAbBwBRQRADmGATs6V5XDdkLbWVLzbN
HyCufgTuVI3bBqU/jPMRxt3kKTcoCTaSNqEHl8R7mjBN
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:50 2025 by rpki-client