Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/fWsFtqjlg1LQ_p_q5K_2GnL8QEw.roa
File: fWsFtqjlg1LQ_p_q5K_2GnL8QEw.roa (raw, json)
Hash identifier: CoDBOpj4/7ndyh9Jvl792nll1Mc+xm7ePsUPRUs36YE=
Subject key identifier: 7D:6B:05:B6:A8:E5:83:52:D0:FE:9F:EA:E4:AF:F6:1A:72:FC:40:4C
Certificate issuer: /CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Certificate serial: 01942067CBFA1B322E22B382048EDBC13FE2
Authority key identifier: 61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/fWsFtqjlg1LQ_p_q5K_2GnL8QEw.roa
Signing time: Wed 01 Jan 2025 05:47:40 +0000
ROA not before: Wed 01 Jan 2025 05:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52000
IP address blocks: 194.147.115.0/24 maxlen: 24
194.147.148.0/24 maxlen: 24
194.147.149.0/24 maxlen: 24
2a0f:4240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:cb:fa:1b:32:2e:22:b3:82:04:8e:db:c1:3f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6135c1f7b7140c872e7f3ff3462b4edc631d7674
Validity
Not Before: Jan 1 05:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d6b05b6a8e58352d0fe9feae4aff61a72fc404c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:74:ad:7a:9e:ce:7f:ca:76:32:48:d4:c7:bc:
6d:b2:5c:ed:b1:07:d5:f6:6c:f8:74:ca:d4:62:de:
98:b6:df:c4:73:4f:4e:37:15:60:ab:f7:ee:88:45:
e6:1b:49:c5:85:5b:8f:69:4f:f9:74:ce:21:f0:42:
5d:e1:81:a2:02:de:b7:c7:86:94:8c:59:ca:87:3f:
13:c7:ae:78:bc:b5:24:9e:fb:49:1b:9b:5f:4e:05:
64:d8:f3:33:44:91:b7:eb:03:80:6e:b3:49:6b:28:
09:e6:4a:f5:8b:36:06:06:c8:d1:00:45:1b:7e:83:
dd:5f:ed:52:ef:36:85:7d:4d:33:e5:82:d1:cd:b0:
f0:9c:19:b8:73:60:d5:fd:f3:e2:87:02:e3:76:ec:
5c:98:99:a7:26:a2:04:d5:94:f8:32:b5:85:f4:0e:
59:3d:58:0c:4b:18:66:1e:16:a5:8b:85:66:a7:f5:
6d:cb:e6:05:58:a5:96:8b:54:c8:fd:17:d9:ff:73:
16:b1:cb:48:28:82:a6:21:6d:7a:7a:3c:a8:6f:93:
46:bc:01:6f:76:db:17:14:5c:a4:25:65:ce:bc:b4:
a1:bc:2d:80:0f:39:72:ef:84:ac:30:a1:8e:bb:cb:
92:ea:a1:59:54:5d:64:49:9d:ae:47:86:4c:79:f4:
6c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:6B:05:B6:A8:E5:83:52:D0:FE:9F:EA:E4:AF:F6:1A:72:FC:40:4C
X509v3 Authority Key Identifier:
keyid:61:35:C1:F7:B7:14:0C:87:2E:7F:3F:F3:46:2B:4E:DC:63:1D:76:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTXB97cUDIcufz_zRitO3GMddnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/fWsFtqjlg1LQ_p_q5K_2GnL8QEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/433edf-aaf8-4669-877c-e3781d8fe74c/1/YTXB97cUDIcufz_zRitO3GMddnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.115.0/24
194.147.148.0/23
IPv6:
2a0f:4240::/29
Signature Algorithm: sha256WithRSAEncryption
60:71:9f:65:ee:a8:50:ae:0c:75:75:6f:38:95:79:26:d8:4e:
84:e3:ba:74:c7:e4:56:fc:ab:c6:28:a8:c9:0c:d2:87:ef:57:
2e:31:52:40:ab:c0:2a:ba:4d:03:64:51:dd:f4:78:cc:39:91:
d2:14:03:68:9e:06:aa:20:d7:95:94:55:e4:f7:51:c1:da:d3:
dd:c8:76:57:e0:88:30:55:97:c1:a6:ae:8a:9b:e7:45:74:e1:
c8:4d:bf:44:d1:a4:7b:61:1b:7f:a7:68:9c:b0:36:37:28:42:
9c:81:76:cd:2b:c8:bb:62:15:ed:6f:5a:72:5e:3c:2f:45:72:
43:50:48:5e:ee:3b:f4:b7:e1:9e:b1:4a:0e:01:a6:2d:de:94:
1e:bb:7b:d6:6f:27:b8:90:a7:0d:92:5d:5d:ca:23:96:9e:e9:
e7:99:2b:53:0c:93:03:b5:fc:18:91:d2:8b:cd:35:36:a1:1b:
c0:50:67:46:e1:fe:1b:be:bd:16:a3:7b:ed:2f:42:03:5d:62:
0c:ec:9f:53:9f:e1:8c:19:7d:6d:c3:71:e0:36:6d:33:89:a0:
d9:7a:c5:68:d4:8b:92:d1:52:67:fc:d2:2c:82:d2:95:fa:cf:
57:77:fe:de:d4:78:64:87:f6:41:a7:be:61:f8:91:b6:69:e2:
a5:c4:5e:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgZ8v6GzIuIrOCBI7bwT/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzVjMWY3YjcxNDBjODcyZTdmM2ZmMzQ2MmI0ZWRjNjMx
ZDc2NzQwHhcNMjUwMTAxMDU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDZiMDViNmE4ZTU4MzUyZDBmZTlmZWFlNGFmZjYxYTcyZmM0MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nStep7Of8p2MkjUx7xtslztsQfV
9mz4dMrUYt6Ytt/Ec09ONxVgq/fuiEXmG0nFhVuPaU/5dM4h8EJd4YGiAt63x4aU
jFnKhz8Tx654vLUknvtJG5tfTgVk2PMzRJG36wOAbrNJaygJ5kr1izYGBsjRAEUb
foPdX+1S7zaFfU0z5YLRzbDwnBm4c2DV/fPihwLjduxcmJmnJqIE1ZT4MrWF9A5Z
PVgMSxhmHhali4Vmp/Vty+YFWKWWi1TI/RfZ/3MWsctIKIKmIW16ejyob5NGvAFv
dtsXFFykJWXOvLShvC2ADzly74SsMKGOu8uS6qFZVF1kSZ2uR4ZMefRsYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH1rBbao5YNS0P6f6uSv9hpy/EBMMB8GA1UdIwQY
MBaAFGE1wfe3FAyHLn8/80YrTtxjHXZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2Mt
ZTM3ODFkOGZlNzRjLzEvZldzRnRxamxnMUxRX3BfcTVLXzJHbkw4UUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80MzNlZGYtYWFmOC00NjY5LTg3N2MtZTM3ODFkOGZlNzRj
LzEvWVRYQjk3Y1VESWN1ZnpfelJpdE8zR01kZG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwpNzAwQB
wpOUMA0EAgACMAcDBQMqD0JAMA0GCSqGSIb3DQEBCwUAA4IBAQBgcZ9l7qhQrgx1
dW84lXkm2E6E47p0x+RW/KvGKKjJDNKH71cuMVJAq8Aquk0DZFHd9HjMOZHSFANo
ngaqINeVlFXk91HB2tPdyHZX4IgwVZfBpq6Km+dFdOHITb9E0aR7YRt/p2icsDY3
KEKcgXbNK8i7YhXtb1pyXjwvRXJDUEhe7jv0t+GesUoOAaYt3pQeu3vWbye4kKcN
kl1dyiOWnunnmStTDJMDtfwYkdKLzTU2oRvAUGdG4f4bvr0Wo3vtL0IDXWIM7J9T
n+GMGX1tw3HgNm0ziaDZesVo1IuS0VJn/NIsgtKV+s9Xd/7e1Hhkh/ZBp75h+JG2
aeKlxF6K
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:31:42 2025 by rpki-client