Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/2b587f-35e4-4bbc-bcd0-99eef6905d83/1/ftXv30Hlz-_EICPh46zy3bfImAc.roa
File: ftXv30Hlz-_EICPh46zy3bfImAc.roa (raw, json)
Hash identifier: 3S31teaHx8GBvsqpB7SE49UNoJHeSlzxpM1K7KnfX/0=
Subject key identifier: 7E:D5:EF:DF:41:E5:CF:EF:C4:20:23:E1:E3:AC:F2:DD:B7:C8:98:07
Certificate issuer: /CN=f6413486886b56231dec573fad4f8ab32cbf92a4
Certificate serial: 01942144253A4F85A35C73E0D3E81D730B18
Authority key identifier: F6:41:34:86:88:6B:56:23:1D:EC:57:3F:AD:4F:8A:B3:2C:BF:92:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9kE0hohrViMd7Fc_rU-Ksyy_kqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/2b587f-35e4-4bbc-bcd0-99eef6905d83/1/ftXv30Hlz-_EICPh46zy3bfImAc.roa
Signing time: Wed 01 Jan 2025 09:48:21 +0000
ROA not before: Wed 01 Jan 2025 09:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203311
IP address blocks: 185.139.252.0/22 maxlen: 22
2a07:1180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:25:3a:4f:85:a3:5c:73:e0:d3:e8:1d:73:0b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6413486886b56231dec573fad4f8ab32cbf92a4
Validity
Not Before: Jan 1 09:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ed5efdf41e5cfefc42023e1e3acf2ddb7c89807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:95:a6:81:31:b0:17:9b:8f:e4:b7:8d:74:9a:
2f:85:b2:2e:12:9a:bd:a0:05:14:ea:96:79:d9:54:
34:19:24:2a:0d:09:de:b6:50:54:f5:36:2f:4b:22:
e7:46:7a:17:8e:54:cd:7d:a7:d9:e7:ea:58:d7:44:
b8:f5:cb:02:79:0e:5b:1a:cf:95:ba:a5:0e:f6:cc:
b4:e4:99:94:bd:1a:79:5e:64:02:e0:7a:a0:d0:31:
ab:a0:34:5e:ad:15:6d:d1:6b:56:66:4f:0d:9e:01:
50:0a:aa:eb:5d:17:c0:9a:b6:5b:29:b8:71:09:ec:
50:e4:3b:da:0c:2c:5b:06:7a:5d:0b:f6:4d:53:bd:
c0:a9:15:17:5f:a8:83:f7:45:db:cc:6e:ea:1b:ef:
83:33:f8:97:91:93:0b:55:d7:f3:d4:6a:96:54:f9:
2b:df:32:ad:e5:2f:25:76:16:92:36:ab:e6:9b:a8:
47:2d:39:48:2c:cf:12:7e:77:03:31:ea:b6:fc:3e:
6e:b2:b4:36:40:cb:a2:5c:be:26:4a:c9:8d:71:59:
d8:ce:64:f0:53:0c:2f:e8:0f:fb:9f:b7:22:78:65:
54:26:dc:41:c9:9c:d0:b7:03:18:98:c8:b3:8f:a9:
e0:3e:50:29:83:0c:58:71:0e:e0:1b:a8:32:44:cb:
65:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D5:EF:DF:41:E5:CF:EF:C4:20:23:E1:E3:AC:F2:DD:B7:C8:98:07
X509v3 Authority Key Identifier:
keyid:F6:41:34:86:88:6B:56:23:1D:EC:57:3F:AD:4F:8A:B3:2C:BF:92:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kE0hohrViMd7Fc_rU-Ksyy_kqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/2b587f-35e4-4bbc-bcd0-99eef6905d83/1/ftXv30Hlz-_EICPh46zy3bfImAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/2b587f-35e4-4bbc-bcd0-99eef6905d83/1/9kE0hohrViMd7Fc_rU-Ksyy_kqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.252.0/22
IPv6:
2a07:1180::/29
Signature Algorithm: sha256WithRSAEncryption
46:66:2d:65:d1:e1:ab:fc:1e:e1:7a:6d:6a:85:90:86:b7:b6:
1d:8e:76:44:cf:db:c9:a3:a8:69:b7:41:68:71:b4:d9:f9:eb:
b9:3f:75:36:a6:f9:4d:54:7a:93:c3:fe:77:eb:40:89:ed:1c:
0b:4d:25:4d:01:66:97:aa:db:9a:8a:19:18:d9:cc:51:9b:4c:
dd:45:de:3f:7e:24:34:7a:59:87:8f:a3:e4:93:2b:94:e7:36:
c1:a9:c7:f8:96:01:93:c9:94:bf:c2:7a:0d:1f:b8:80:f5:7f:
08:75:ab:f4:c5:77:f5:83:c1:ed:58:97:b4:0b:6b:93:ac:16:
f7:31:5b:a8:6e:fc:30:f0:54:16:ef:5e:75:f2:fb:8e:9a:29:
14:04:5f:d9:31:7c:9d:06:07:46:50:12:71:02:01:22:c3:7d:
d0:bb:94:60:70:97:11:7c:90:8d:13:12:34:3a:68:73:5e:8d:
0b:2d:96:54:ce:b7:9c:f9:44:39:5f:6f:ea:24:32:4d:5d:7c:
8f:26:8b:0d:3b:00:01:58:65:93:91:d2:4a:0b:80:49:34:0f:
1a:54:53:fb:55:e3:03:2d:eb:9d:d7:b4:07:76:fe:ba:70:79:
74:19:8c:68:d6:7e:74:64:58:d2:7e:d9:33:13:42:2d:6e:5e:
b3:b2:ea:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRCU6T4WjXHPg0+gdcwsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDEzNDg2ODg2YjU2MjMxZGVjNTczZmFkNGY4YWIzMmNi
ZjkyYTQwHhcNMjUwMTAxMDk0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWQ1ZWZkZjQxZTVjZmVmYzQyMDIzZTFlM2FjZjJkZGI3Yzg5ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJWmgTGwF5uP5LeNdJovhbIuEpq9
oAUU6pZ52VQ0GSQqDQnetlBU9TYvSyLnRnoXjlTNfafZ5+pY10S49csCeQ5bGs+V
uqUO9sy05JmUvRp5XmQC4Hqg0DGroDRerRVt0WtWZk8NngFQCqrrXRfAmrZbKbhx
CexQ5DvaDCxbBnpdC/ZNU73AqRUXX6iD90XbzG7qG++DM/iXkZMLVdfz1GqWVPkr
3zKt5S8ldhaSNqvmm6hHLTlILM8SfncDMeq2/D5usrQ2QMuiXL4mSsmNcVnYzmTw
Uwwv6A/7n7cieGVUJtxByZzQtwMYmMizj6ngPlApgwxYcQ7gG6gyRMtliwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH7V799B5c/vxCAj4eOs8t23yJgHMB8GA1UdIwQY
MBaAFPZBNIaIa1YjHexXP61PirMsv5KkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtFMGhvaHJWaU1kN0ZjX3JVLUtzeXlfa3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8yYjU4N2YtMzVlNC00YmJjLWJjZDAt
OTllZWY2OTA1ZDgzLzEvZnRYdjMwSGx6LV9FSUNQaDQ2enkzYmZJbUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8yYjU4N2YtMzVlNC00YmJjLWJjZDAtOTllZWY2OTA1ZDgz
LzEvOWtFMGhvaHJWaU1kN0ZjX3JVLUtzeXlfa3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYv8MA0E
AgACMAcDBQMqBxGAMA0GCSqGSIb3DQEBCwUAA4IBAQBGZi1l0eGr/B7hem1qhZCG
t7YdjnZEz9vJo6hpt0FocbTZ+eu5P3U2pvlNVHqTw/5360CJ7RwLTSVNAWaXqtua
ihkY2cxRm0zdRd4/fiQ0elmHj6PkkyuU5zbBqcf4lgGTyZS/wnoNH7iA9X8Idav0
xXf1g8HtWJe0C2uTrBb3MVuobvww8FQW71518vuOmikUBF/ZMXydBgdGUBJxAgEi
w33Qu5RgcJcRfJCNExI0OmhzXo0LLZZUzrec+UQ5X2/qJDJNXXyPJosNOwABWGWT
kdJKC4BJNA8aVFP7VeMDLeud17QHdv66cHl0GYxo1n50ZFjSftkzE0Itbl6zsuoV
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:33 2025 by rpki-client