Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/fJqV7x77nRb2Myj4lG_sx_PNw-4.roa
File: fJqV7x77nRb2Myj4lG_sx_PNw-4.roa (raw, json)
Hash identifier: zCh70VSES25/KHwSsTgt0cx68+3r91QI55cbavDhYdA=
Subject key identifier: 7C:9A:95:EF:1E:FB:9D:16:F6:33:28:F8:94:6F:EC:C7:F3:CD:C3:EE
Certificate issuer: /CN=213cb2a2181a7d36f40e41758d627f701a602042
Certificate serial: 019427B3E79E6F807E402A9808FB6A962E37
Authority key identifier: 21:3C:B2:A2:18:1A:7D:36:F4:0E:41:75:8D:62:7F:70:1A:60:20:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITyyohgafTb0DkF1jWJ_cBpgIEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/fJqV7x77nRb2Myj4lG_sx_PNw-4.roa
Signing time: Thu 02 Jan 2025 15:48:09 +0000
ROA not before: Thu 02 Jan 2025 15:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215904
IP address blocks: 185.65.68.0/24 maxlen: 24
2a14:2f40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:e7:9e:6f:80:7e:40:2a:98:08:fb:6a:96:2e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213cb2a2181a7d36f40e41758d627f701a602042
Validity
Not Before: Jan 2 15:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c9a95ef1efb9d16f63328f8946fecc7f3cdc3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b3:7a:58:c4:07:dd:67:84:e9:45:86:9d:65:
41:24:e1:39:81:c9:2e:32:b9:00:3e:5b:88:ae:96:
37:09:05:44:5b:82:7b:a5:4e:48:ad:f1:b5:f0:51:
a3:b3:8d:26:53:78:d1:c6:6f:4f:c3:19:0b:db:6b:
76:cc:92:51:c8:9e:0b:59:0a:84:7c:e3:52:6d:b6:
85:e6:01:15:ec:ff:12:9c:cb:70:ba:13:5f:5d:bf:
47:b3:47:98:91:37:75:aa:a4:c7:a8:80:ba:f9:86:
d0:ae:ac:38:d1:f7:a8:7a:80:6e:fe:f7:b3:56:09:
62:ec:cf:d6:a8:91:81:3e:ea:83:76:24:18:d8:31:
ca:5c:4c:89:10:73:50:f7:fe:df:31:49:24:cf:db:
31:81:f3:9a:09:3f:b6:ca:e8:7b:61:ac:1b:fe:b4:
97:92:27:79:bb:de:98:5a:69:48:12:3c:4b:64:10:
bb:ef:41:20:2c:d0:3d:70:17:1a:9c:c5:e1:52:fa:
79:ab:12:c5:10:f3:43:8e:d7:bf:a9:b6:95:e5:30:
74:23:9e:eb:62:27:24:ab:ad:e5:f6:21:77:b9:da:
17:0a:29:83:80:73:67:e4:ed:38:59:3f:76:80:9b:
e9:c2:9b:0b:4f:a2:ba:06:b9:50:bc:dd:ff:0d:59:
7e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9A:95:EF:1E:FB:9D:16:F6:33:28:F8:94:6F:EC:C7:F3:CD:C3:EE
X509v3 Authority Key Identifier:
keyid:21:3C:B2:A2:18:1A:7D:36:F4:0E:41:75:8D:62:7F:70:1A:60:20:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITyyohgafTb0DkF1jWJ_cBpgIEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/fJqV7x77nRb2Myj4lG_sx_PNw-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/ITyyohgafTb0DkF1jWJ_cBpgIEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.68.0/24
IPv6:
2a14:2f40::/32
Signature Algorithm: sha256WithRSAEncryption
af:51:98:d0:63:bc:e6:65:95:bd:d7:84:93:e3:32:74:d4:9f:
41:4e:ee:b2:b6:10:54:55:d0:fa:b3:40:1a:0d:8c:46:73:e0:
b1:11:ef:e9:b9:8a:f1:42:df:d5:1b:fb:85:0a:e1:ed:61:71:
a9:ce:19:bc:43:07:c1:d4:26:67:9f:4f:31:85:02:47:42:ad:
00:9d:a2:94:95:92:9f:08:92:c4:60:8a:ea:27:8c:9e:84:e9:
3c:d0:cb:64:2f:79:01:37:00:f2:70:58:85:7f:77:0b:bb:7d:
91:d8:33:4a:fe:4d:f1:67:2a:d0:79:91:62:43:1e:ab:aa:aa:
a9:44:e8:7a:92:6e:e4:c2:58:41:71:8c:48:bf:44:95:b5:97:
3b:d2:2b:8e:22:8b:2f:29:d4:6f:5a:02:64:fb:02:99:82:3d:
e0:d0:c7:c2:ef:07:86:13:c1:21:8c:05:66:44:62:c0:c2:b1:
81:27:ac:bc:90:4f:a1:96:7f:c5:07:41:17:ab:43:f9:08:a2:
8f:a3:f3:4f:ca:d7:ed:74:87:34:ce:6c:7a:0c:d4:f0:82:2c:
da:28:81:52:b1:83:0a:a3:08:df:00:6a:64:77:95:a2:0d:a0:
f1:b7:1d:60:d2:7d:38:60:ae:c0:53:56:2d:78:35:29:9f:5d:
d7:7c:ee:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQns+eeb4B+QCqYCPtqli43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2NiMmEyMTgxYTdkMzZmNDBlNDE3NThkNjI3ZjcwMWE2
MDIwNDIwHhcNMjUwMTAyMTU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzlhOTVlZjFlZmI5ZDE2ZjYzMzI4Zjg5NDZmZWNjN2YzY2RjM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrN6WMQH3WeE6UWGnWVBJOE5gcku
MrkAPluIrpY3CQVEW4J7pU5IrfG18FGjs40mU3jRxm9PwxkL22t2zJJRyJ4LWQqE
fONSbbaF5gEV7P8SnMtwuhNfXb9Hs0eYkTd1qqTHqIC6+YbQrqw40feoeoBu/vez
Vgli7M/WqJGBPuqDdiQY2DHKXEyJEHNQ9/7fMUkkz9sxgfOaCT+2yuh7Yawb/rSX
kid5u96YWmlIEjxLZBC770EgLNA9cBcanMXhUvp5qxLFEPNDjte/qbaV5TB0I57r
Yickq63l9iF3udoXCimDgHNn5O04WT92gJvpwpsLT6K6BrlQvN3/DVl+EwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHyale8e+50W9jMo+JRv7MfzzcPuMB8GA1UdIwQY
MBaAFCE8sqIYGn029A5BdY1if3AaYCBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVR5eW9oZ2FmVGIwRGtGMWpXSl9jQnBnSUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kYzExZDYtNGMzNS00ZGFhLWE3ZGUt
M2U1MWJjZDE0NzM2LzEvZkpxVjd4NzduUmIyTXlqNGxHX3N4X1BOdy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kYzExZDYtNGMzNS00ZGFhLWE3ZGUtM2U1MWJjZDE0NzM2
LzEvSVR5eW9oZ2FmVGIwRGtGMWpXSl9jQnBnSUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUFEMA0E
AgACMAcDBQAqFC9AMA0GCSqGSIb3DQEBCwUAA4IBAQCvUZjQY7zmZZW914ST4zJ0
1J9BTu6ythBUVdD6s0AaDYxGc+CxEe/puYrxQt/VG/uFCuHtYXGpzhm8QwfB1CZn
n08xhQJHQq0AnaKUlZKfCJLEYIrqJ4yehOk80MtkL3kBNwDycFiFf3cLu32R2DNK
/k3xZyrQeZFiQx6rqqqpROh6km7kwlhBcYxIv0SVtZc70iuOIosvKdRvWgJk+wKZ
gj3g0MfC7weGE8EhjAVmRGLAwrGBJ6y8kE+hln/FB0EXq0P5CKKPo/NPytftdIc0
zmx6DNTwgizaKIFSsYMKowjfAGpkd5WiDaDxtx1g0n04YK7AU1YteDUpn13XfO4J
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:44:17 2025 by rpki-client