Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/FjL5MqcK0dv0phSETNIP5t1SBWg.roa
File: FjL5MqcK0dv0phSETNIP5t1SBWg.roa (raw, json)
Hash identifier: HghvVzu9hsO9wX3NaFq2EgUKtQhDl/MHwAlkrJlofBE=
Subject key identifier: 16:32:F9:32:A7:0A:D1:DB:F4:A6:14:84:4C:D2:0F:E6:DD:52:05:68
Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Certificate serial: 0194266BDFF02F6DC7DDB3CC179F2CD68DCF
Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/FjL5MqcK0dv0phSETNIP5t1SBWg.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209839
IP address blocks: 94.154.152.0/22 maxlen: 22
94.154.152.0/24 maxlen: 24
94.154.153.0/24 maxlen: 24
94.154.154.0/24 maxlen: 24
94.154.155.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:df:f0:2f:6d:c7:dd:b3:cc:17:9f:2c:d6:8d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1632f932a70ad1dbf4a614844cd20fe6dd520568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:26:52:2e:ad:7e:ea:21:f6:d7:2d:5b:a2:09:
29:cf:fd:37:d6:84:f1:c9:ae:c4:b6:21:17:2d:c2:
36:1c:48:1f:d4:24:17:02:02:47:4d:28:c2:4d:4d:
b2:13:d4:a7:f2:47:c0:ac:29:1c:b2:c9:7c:a5:23:
9b:4b:42:29:f5:17:45:d8:2f:36:4c:e7:8b:eb:8c:
7b:54:a8:dc:6e:bf:df:8a:cd:44:eb:10:89:f4:a5:
fe:d0:80:5c:fa:f1:9d:8a:88:bf:72:fc:06:5a:95:
b6:c5:e2:98:da:d2:87:fb:ef:53:ce:10:ed:f1:3a:
9b:51:ca:a9:6d:3b:9c:6e:ed:0c:e5:06:f0:86:6b:
9f:aa:09:e3:66:74:90:60:2b:78:a6:30:ce:cd:a6:
b8:13:6f:cf:ab:77:cc:f4:a4:33:4f:4a:a9:e2:87:
54:94:de:42:fa:bf:91:27:d2:07:d3:2c:6f:03:06:
17:52:fd:56:38:04:d1:fe:90:2b:81:0b:1c:8c:f9:
1d:35:9d:94:32:d9:85:24:dc:9e:7f:bb:7a:75:de:
df:f7:b7:74:66:d9:38:98:ce:b5:e5:62:c0:36:d5:
53:9b:ee:f7:b1:ec:f1:38:bd:d0:ff:c9:59:0a:c5:
3d:fc:f0:40:39:30:fa:b1:9a:ca:89:8e:95:0a:08:
9c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:32:F9:32:A7:0A:D1:DB:F4:A6:14:84:4C:D2:0F:E6:DD:52:05:68
X509v3 Authority Key Identifier:
keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/FjL5MqcK0dv0phSETNIP5t1SBWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.152.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:86:76:4f:5d:a9:81:f9:e6:be:83:f4:73:86:79:90:09:11:
f7:05:74:33:c0:3f:f9:69:82:ac:f2:c2:97:90:68:ec:ff:17:
49:69:92:05:aa:a4:89:19:0d:8d:34:e4:b0:07:7f:50:7f:00:
f9:dd:b6:2f:36:54:ca:e9:3b:86:5c:a4:38:77:b1:b5:8d:aa:
e2:ba:9c:b9:a8:90:a1:e2:76:6f:c6:0b:da:b2:38:18:cd:af:
5d:18:31:cd:79:97:7c:9e:2b:37:ae:60:c4:c9:9e:86:43:9d:
8d:20:a0:6a:cb:cf:df:9b:11:ad:f9:81:81:80:d3:d5:45:01:
c2:dc:4c:4e:88:a7:b0:56:fa:20:34:3c:4e:d5:77:7a:24:0b:
f6:ad:ec:8e:21:a9:f8:91:ea:81:69:63:1b:f6:bd:f1:b8:01:
e6:41:4f:20:da:3c:64:ef:82:3d:3e:85:ff:54:a6:04:e1:b3:
b9:b4:52:d1:31:49:8d:d2:96:10:9c:a9:23:f1:68:e0:de:16:
d4:42:18:6c:58:6e:b9:42:09:18:97:41:2e:ae:16:d1:55:0f:
60:4e:f7:92:70:b0:12:90:7c:fa:27:2f:a8:45:f4:e3:e7:72:
4e:f2:26:79:0b:af:76:ed:2a:ad:8f:d6:f3:f3:2c:2b:ff:bd:
cb:8c:37:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma9/wL23H3bPMF58s1o3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTRlN2E2YmU5N2NlYzZmNWJjMWE2NzhhNzZlYTZkMTYx
OWMzMDYwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMyZjkzMmE3MGFkMWRiZjRhNjE0ODQ0Y2QyMGZlNmRkNTIwNTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiZSLq1+6iH21y1bogkpz/031oTx
ya7EtiEXLcI2HEgf1CQXAgJHTSjCTU2yE9Sn8kfArCkcssl8pSObS0Ip9RdF2C82
TOeL64x7VKjcbr/fis1E6xCJ9KX+0IBc+vGdioi/cvwGWpW2xeKY2tKH++9TzhDt
8TqbUcqpbTucbu0M5QbwhmufqgnjZnSQYCt4pjDOzaa4E2/Pq3fM9KQzT0qp4odU
lN5C+r+RJ9IH0yxvAwYXUv1WOATR/pArgQscjPkdNZ2UMtmFJNyef7t6dd7f97d0
Ztk4mM615WLANtVTm+73sezxOL3Q/8lZCsU9/PBAOTD6sZrKiY6VCgickwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBYy+TKnCtHb9KYUhEzSD+bdUgVoMB8GA1UdIwQY
MBaAFNsU56a+l87G9bwaZ4p26m0WGcMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAt
MTFmOTFkMDczOWM5LzEvRmpMNU1xY0swZHYwcGhTRVROSVA1dDFTQldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAtMTFmOTFkMDczOWM5
LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXpqYMA0G
CSqGSIb3DQEBCwUAA4IBAQCfhnZPXamB+ea+g/RzhnmQCRH3BXQzwD/5aYKs8sKX
kGjs/xdJaZIFqqSJGQ2NNOSwB39QfwD53bYvNlTK6TuGXKQ4d7G1jariupy5qJCh
4nZvxgvasjgYza9dGDHNeZd8nis3rmDEyZ6GQ52NIKBqy8/fmxGt+YGBgNPVRQHC
3ExOiKewVvogNDxO1Xd6JAv2reyOIan4keqBaWMb9r3xuAHmQU8g2jxk74I9PoX/
VKYE4bO5tFLRMUmN0pYQnKkj8Wjg3hbUQhhsWG65QgkYl0EurhbRVQ9gTveScLAS
kHz6Jy+oRfTj53JO8iZ5C6927Sqtj9bz8ywr/73LjDdv
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:51:10 2025 by rpki-client