Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fioMdTJpa39svIUU0VLMSoAxkAQ.roa
File: fioMdTJpa39svIUU0VLMSoAxkAQ.roa (raw, json)
Hash identifier: 6oOzW3kGAsme+edOIB5lJZMHsZV9APznL41je3LP7Aw=
Subject key identifier: 7E:2A:0C:75:32:69:6B:7F:6C:BC:85:14:D1:52:CC:4A:80:31:90:04
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685829B816014E3A8005E07FCCE985
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fioMdTJpa39svIUU0VLMSoAxkAQ.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212128
IP address blocks: 147.45.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:58:29:b8:16:01:4e:3a:80:05:e0:7f:cc:e9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e2a0c7532696b7f6cbc8514d152cc4a80319004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:80:0d:a7:ff:43:e7:fa:06:91:c1:22:ac:1b:
db:33:05:57:3c:80:6b:9e:ba:4e:10:77:c0:57:f2:
c0:04:81:0e:d6:18:0d:3b:eb:b7:af:2f:a0:75:70:
00:d6:b6:41:72:e7:36:ab:68:0f:43:e9:2c:96:b1:
a4:bd:3a:b1:db:63:2b:65:a4:35:17:21:54:88:99:
40:c6:a2:28:87:1b:35:67:d8:db:2e:ae:07:c0:53:
23:af:03:d7:c0:f2:4a:d1:26:57:8b:e4:12:89:44:
c0:22:c8:18:c7:85:d1:9c:96:f8:6e:81:d7:03:91:
e0:4b:8c:b3:8d:d6:94:82:40:fa:1f:a0:6b:b8:97:
db:2d:29:d6:3e:28:f6:ce:cb:cd:d4:d6:36:66:c7:
85:04:7a:a5:de:eb:80:c8:ab:c3:78:35:87:a0:e5:
ce:61:ee:11:50:00:75:9c:99:fe:cb:c7:0e:be:82:
16:42:18:fa:05:51:88:d0:c5:61:9b:fb:85:b5:da:
6d:3a:ef:49:88:da:82:dd:2f:3b:96:f7:56:68:a3:
27:f1:be:3a:d2:a6:f4:80:ae:15:a4:47:1a:27:f5:
08:c1:d1:8f:ed:1d:57:81:16:7d:fb:52:e0:f1:87:
6a:34:50:b5:69:b4:72:64:df:79:4f:c9:2b:07:21:
ce:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2A:0C:75:32:69:6B:7F:6C:BC:85:14:D1:52:CC:4A:80:31:90:04
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fioMdTJpa39svIUU0VLMSoAxkAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.128.0/22
Signature Algorithm: sha256WithRSAEncryption
75:c8:96:33:f0:36:15:81:c8:c5:22:0b:13:c4:ec:d0:75:5d:
d8:bb:ad:99:0d:6b:56:ae:de:f9:52:56:d5:29:d8:27:eb:56:
9e:65:31:81:04:52:34:64:93:51:b2:b5:1b:69:ed:1e:f8:b5:
a6:de:10:8e:58:ed:0f:0e:10:7b:8b:10:9d:e3:62:5a:58:dd:
1d:09:54:a9:74:e2:8d:c0:48:9a:72:cc:63:ae:46:5b:fd:1a:
c1:76:63:7a:33:ca:65:e1:5d:cb:49:c2:69:44:d1:01:b2:ea:
29:da:51:b5:bf:3d:db:7f:94:a0:8e:e7:e8:c4:63:36:71:55:
e4:17:fd:fe:f0:82:1f:09:03:65:52:b7:d8:97:19:9f:ff:6f:
ee:fa:a4:bb:76:0e:d2:98:19:b7:65:99:fb:08:bb:e8:7e:58:
fc:6e:7a:2f:7d:c9:52:2e:a5:69:d4:07:0f:e4:62:f2:50:16:
fd:25:e4:8f:01:77:56:3a:fc:d6:f0:1f:d0:fc:5f:90:5a:4f:
2f:4d:80:bb:97:2c:0f:f6:bd:3c:31:94:35:d6:e0:4d:0a:d2:
d4:3f:6b:e9:36:97:80:6d:6f:6a:57:1b:1e:3f:ff:d4:98:94:
cb:7d:3f:e3:07:9a:fa:e2:e6:d8:e6:6f:3c:95:42:34:0f:b6:
c8:a6:31:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaFgpuBYBTjqABeB/zOmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTJhMGM3NTMyNjk2YjdmNmNiYzg1MTRkMTUyY2M0YTgwMzE5MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIANp/9D5/oGkcEirBvbMwVXPIBr
nrpOEHfAV/LABIEO1hgNO+u3ry+gdXAA1rZBcuc2q2gPQ+kslrGkvTqx22MrZaQ1
FyFUiJlAxqIohxs1Z9jbLq4HwFMjrwPXwPJK0SZXi+QSiUTAIsgYx4XRnJb4boHX
A5HgS4yzjdaUgkD6H6BruJfbLSnWPij2zsvN1NY2ZseFBHql3uuAyKvDeDWHoOXO
Ye4RUAB1nJn+y8cOvoIWQhj6BVGI0MVhm/uFtdptOu9JiNqC3S87lvdWaKMn8b46
0qb0gK4VpEcaJ/UIwdGP7R1XgRZ9+1Lg8YdqNFC1abRyZN95T8krByHOjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4qDHUyaWt/bLyFFNFSzEqAMZAEMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZmlvTWRUSnBhMzlzdklVVTBWTE1Tb0F4a0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCky2AMA0G
CSqGSIb3DQEBCwUAA4IBAQB1yJYz8DYVgcjFIgsTxOzQdV3Yu62ZDWtWrt75UlbV
Kdgn61aeZTGBBFI0ZJNRsrUbae0e+LWm3hCOWO0PDhB7ixCd42JaWN0dCVSpdOKN
wEiacsxjrkZb/RrBdmN6M8pl4V3LScJpRNEBsuop2lG1vz3bf5SgjufoxGM2cVXk
F/3+8IIfCQNlUrfYlxmf/2/u+qS7dg7SmBm3ZZn7CLvoflj8bnovfclSLqVp1AcP
5GLyUBb9JeSPAXdWOvzW8B/Q/F+QWk8vTYC7lywP9r08MZQ11uBNCtLUP2vpNpeA
bW9qVxseP//UmJTLfT/jB5r64ubY5m88lUI0D7bIpjE5
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:51:40 2025 by rpki-client