Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/F2yngLr3LNFPAaN1AHrUUwUs4EM.roa
File: F2yngLr3LNFPAaN1AHrUUwUs4EM.roa (raw, json)
Hash identifier: L2FCkZ7TJ0tCcGHDRQtSndFN89s2KgRpsG+gbp6xDUc=
Subject key identifier: 17:6C:A7:80:BA:F7:2C:D1:4F:01:A3:75:00:7A:D4:53:05:2C:E0:43
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 018409E86AAA1D415881ECF3A62879E95715
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/F2yngLr3LNFPAaN1AHrUUwUs4EM.roa
Signing time: Mon 24 Oct 2022 12:12:17 +0000
ROA not before: Mon 24 Oct 2022 12:12:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 212.2.236.0/22 maxlen: 24
45.132.99.0/24 maxlen: 24
141.98.72.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:e8:6a:aa:1d:41:58:81:ec:f3:a6:28:79:e9:57:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Oct 24 12:12:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=176ca780baf72cd14f01a375007ad453052ce043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:3f:fa:3e:e5:a8:cf:3f:44:bc:d0:df:13:
e9:19:4d:f2:40:9f:f0:2a:2e:ea:41:2c:4b:7e:61:
33:bf:7d:00:56:f5:a8:00:da:bd:6d:40:a5:63:5b:
ba:94:15:97:c1:fe:f1:9a:31:c8:f9:86:92:bd:8d:
95:2f:79:18:58:f0:84:97:9a:01:92:9c:be:2a:82:
e4:58:5d:42:f3:df:17:e3:c3:03:27:42:ec:1e:57:
b8:37:3b:74:a3:86:78:e3:e9:b9:53:66:bd:8f:0d:
e2:3d:97:2d:08:8d:e9:d3:a8:92:24:4a:97:6e:c4:
cf:33:96:36:64:83:15:d7:3e:a7:a3:03:8b:53:a4:
0a:54:4f:03:6a:46:22:3f:b6:f6:cc:27:8b:70:b6:
e6:31:c1:c2:56:9c:4b:6d:c3:d4:00:d4:d9:37:aa:
98:3b:4d:e0:e5:d6:13:11:e4:fc:8a:7f:8e:27:5c:
ce:ea:25:45:1f:18:f1:a4:46:dc:31:91:ee:1e:95:
f8:a7:05:80:c1:74:fa:e3:52:50:c0:f4:2a:b5:3a:
44:11:b5:6e:ed:20:dd:99:8e:79:a0:97:5c:4c:f0:
fa:0c:9c:48:4e:66:03:62:eb:ed:d2:eb:12:de:10:
66:49:26:b2:c4:be:0e:df:6d:c1:f3:82:39:45:72:
7b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6C:A7:80:BA:F7:2C:D1:4F:01:A3:75:00:7A:D4:53:05:2C:E0:43
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/F2yngLr3LNFPAaN1AHrUUwUs4EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.99.0/24
141.98.72.0/23
212.2.236.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:cb:4d:47:a4:c6:2d:7f:f0:07:40:7d:94:50:be:87:92:a3:
e8:75:77:3c:2f:5a:03:de:9a:e4:94:69:76:93:6f:1b:1f:f1:
bd:f6:33:3e:b4:ae:06:85:01:1c:d6:80:86:40:7f:20:91:46:
8b:81:cc:e2:44:2e:c6:4e:01:79:96:d9:28:51:52:b5:7d:54:
86:ab:1d:12:ad:09:23:e1:67:b1:52:79:66:62:ae:62:1e:58:
4c:4a:71:94:1c:cc:02:07:21:16:38:68:60:d5:59:c2:7c:dd:
83:4a:5a:35:42:92:db:cc:cc:44:42:2d:88:af:9a:ba:94:0d:
88:5e:b2:3a:eb:6e:0f:83:82:24:fd:a4:48:4a:46:ee:6c:99:
c5:4b:d6:a8:5d:53:0d:e8:ff:40:5d:34:0f:12:da:d7:6f:96:
78:1d:1c:77:88:cf:2d:a8:f5:1c:c9:18:bb:4d:a6:01:94:08:
c6:5b:42:fe:d9:b6:56:98:b9:47:fa:d9:0c:c4:68:33:bc:06:
75:9e:04:8c:25:a5:d1:d4:21:fd:4e:6e:aa:70:b9:d1:e6:0f:
ea:a4:37:04:a4:f2:82:f7:65:06:b7:90:2a:78:a4:78:52:6c:
3f:de:66:ac:2a:3d:c1:97:84:95:eb:b6:ea:bf:5a:f0:6a:88:
f4:22:f2:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQJ6GqqHUFYgezzpih56VcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjIxMDI0MTIxMjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzZjYTc4MGJhZjcyY2QxNGYwMWEzNzUwMDdhZDQ1MzA1MmNlMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbI/+j7lqM8/RLzQ3xPpGU3yQJ/w
Ki7qQSxLfmEzv30AVvWoANq9bUClY1u6lBWXwf7xmjHI+YaSvY2VL3kYWPCEl5oB
kpy+KoLkWF1C898X48MDJ0LsHle4Nzt0o4Z44+m5U2a9jw3iPZctCI3p06iSJEqX
bsTPM5Y2ZIMV1z6nowOLU6QKVE8DakYiP7b2zCeLcLbmMcHCVpxLbcPUANTZN6qY
O03g5dYTEeT8in+OJ1zO6iVFHxjxpEbcMZHuHpX4pwWAwXT641JQwPQqtTpEEbVu
7SDdmY55oJdcTPD6DJxITmYDYuvt0usS3hBmSSayxL4O323B84I5RXJ7CwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBdsp4C69yzRTwGjdQB61FMFLOBDMB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvRjJ5bmdMcjNMTkZQQWFOMUFIclVVd1VzNEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYRjAwQB
jWJIAwQC1ALsMA0GCSqGSIb3DQEBCwUAA4IBAQCsy01HpMYtf/AHQH2UUL6HkqPo
dXc8L1oD3prklGl2k28bH/G99jM+tK4GhQEc1oCGQH8gkUaLgcziRC7GTgF5ltko
UVK1fVSGqx0SrQkj4WexUnlmYq5iHlhMSnGUHMwCByEWOGhg1VnCfN2DSlo1QpLb
zMxEQi2Ir5q6lA2IXrI6624Pg4Ik/aRISkbubJnFS9aoXVMN6P9AXTQPEtrXb5Z4
HRx3iM8tqPUcyRi7TaYBlAjGW0L+2bZWmLlH+tkMxGgzvAZ1ngSMJaXR1CH9Tm6q
cLnR5g/qpDcEpPKC92UGt5AqeKR4Umw/3masKj3Bl4SV67bqv1rwaoj0IvLu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:59 2025 by rpki-client