Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/Sm1L2uD9xe6VKth3NCE80Tv0dS4.roa
File: Sm1L2uD9xe6VKth3NCE80Tv0dS4.roa (raw, json)
Hash identifier: 4pEKUYq0mI20y4yprrQN9bkk++T0cMvg0WwPL7Akx3E=
Subject key identifier: 4A:6D:4B:DA:E0:FD:C5:EE:95:2A:D8:77:34:21:3C:D1:3B:F4:75:2E
Certificate issuer: /CN=fa3c481607619c835d09f2471d976d7cf74a0439
Certificate serial: 0194228DD694CAE2CEFF5F91FD8A97C32BC0
Authority key identifier: FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/Sm1L2uD9xe6VKth3NCE80Tv0dS4.roa
Signing time: Wed 01 Jan 2025 15:48:28 +0000
ROA not before: Wed 01 Jan 2025 15:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12917
IP address blocks: 85.159.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d6:94:ca:e2:ce:ff:5f:91:fd:8a:97:c3:2b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3c481607619c835d09f2471d976d7cf74a0439
Validity
Not Before: Jan 1 15:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a6d4bdae0fdc5ee952ad87734213cd13bf4752e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3f:34:1d:27:6e:bc:f3:7a:7a:ad:ff:ac:48:
43:89:60:2f:b2:7b:85:69:98:ac:a1:e6:87:db:18:
99:9c:f4:6d:d4:1b:30:3a:35:6a:c7:e0:3a:1d:6c:
25:10:69:30:7b:5a:36:83:de:f4:2d:d9:72:c3:ae:
af:1a:1c:20:0b:18:b4:75:6e:80:2d:9f:41:c2:32:
48:5f:82:5a:af:ab:4d:76:92:7b:b8:23:6b:1a:e0:
4f:cb:c7:50:5d:db:ab:42:b5:a2:7a:62:e9:a9:58:
3a:6d:c8:e9:fc:4d:e0:d0:e0:13:c8:7a:ef:b2:9d:
c7:b4:a8:c9:b0:3f:d4:f1:bc:0f:e4:97:ea:08:69:
06:db:31:78:e8:40:72:e9:05:6f:17:9f:0a:ff:cf:
03:b9:6c:5d:3f:73:9b:11:4d:d7:e1:90:b4:ff:be:
48:29:4f:18:f1:20:c5:8a:97:ca:07:ba:19:1b:89:
b9:01:13:df:68:86:86:8a:0e:6f:66:93:88:cb:5f:
81:64:ed:b0:3e:48:1b:29:10:db:62:d8:d3:10:51:
d1:be:a5:99:88:6c:67:39:d9:95:71:91:1c:2d:7f:
8c:98:07:bb:30:68:34:46:98:02:89:db:09:61:a3:
b6:da:7a:f4:4d:0e:52:7b:27:08:d3:ae:88:22:fd:
ff:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6D:4B:DA:E0:FD:C5:EE:95:2A:D8:77:34:21:3C:D1:3B:F4:75:2E
X509v3 Authority Key Identifier:
keyid:FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/Sm1L2uD9xe6VKth3NCE80Tv0dS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.107.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c0:e3:cc:3d:ba:49:4b:dc:58:eb:bd:71:1b:39:f0:ae:98:
5f:5a:d8:6c:7b:26:55:78:5a:aa:5d:ce:e9:26:95:09:b5:83:
41:cf:52:4b:b2:cf:ac:f5:43:e8:56:6d:a0:a3:91:ea:d2:ef:
f5:92:ce:75:c5:f5:65:ab:80:19:e9:d3:15:bf:53:50:26:b0:
38:5e:bc:6e:81:16:58:fe:df:f1:1d:33:59:a8:f5:df:67:3a:
ac:35:a4:3f:d6:d5:9d:c7:f3:4d:eb:9c:85:c1:c0:7f:b6:59:
90:ee:5c:7f:5e:20:a4:52:e9:25:ef:41:dc:6c:69:70:56:48:
98:cc:a3:42:a5:64:a1:d8:ad:d0:78:bf:e3:05:24:0d:5d:a4:
76:b3:1b:46:5f:69:68:d0:7b:57:fb:bb:91:b0:2a:b3:0f:62:
01:3f:a8:b8:7e:47:6f:f5:2a:3f:50:4f:ad:eb:57:62:a9:e6:
2a:42:64:88:40:54:ba:60:79:19:81:9d:ba:7e:d7:7a:7c:e0:
4b:2e:cc:21:2e:68:2f:fa:35:8b:a4:9b:6b:d2:df:f0:9f:dc:
03:67:e8:9b:1a:6f:b2:d6:ae:5e:14:da:52:fb:c2:01:6d:8e:
80:3f:34:c2:e0:3b:d0:e4:9e:03:17:76:71:1b:c2:7d:a1:bc:
55:9b:81:bf
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQijdaUyuLO/1+R/YqXwyvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2M0ODE2MDc2MTljODM1ZDA5ZjI0NzFkOTc2ZDdjZjc0
YTA0MzkwHhcNMjUwMTAxMTU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZkNGJkYWUwZmRjNWVlOTUyYWQ4NzczNDIxM2NkMTNiZjQ3NTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3T80HSduvPN6eq3/rEhDiWAvsnuF
aZisoeaH2xiZnPRt1BswOjVqx+A6HWwlEGkwe1o2g970Ldlyw66vGhwgCxi0dW6A
LZ9BwjJIX4Jar6tNdpJ7uCNrGuBPy8dQXdurQrWiemLpqVg6bcjp/E3g0OATyHrv
sp3HtKjJsD/U8bwP5JfqCGkG2zF46EBy6QVvF58K/88DuWxdP3ObEU3X4ZC0/75I
KU8Y8SDFipfKB7oZG4m5ARPfaIaGig5vZpOIy1+BZO2wPkgbKRDbYtjTEFHRvqWZ
iGxnOdmVcZEcLX+MmAe7MGg0RpgCidsJYaO22nr0TQ5SeycI066IIv3/oQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEptS9rg/cXulSrYdzQhPNE79HUuMB8GA1UdIwQY
MBaAFPo8SBYHYZyDXQnyRx2XbXz3SgQ5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qeElGZ2RobklOZENmSkhIWmR0ZlBkS0JEay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIz
LTEzMDQ0NTRiZjI5ZC8xL1NtMUwydUQ5eGU2Vkt0aDNOQ0U4MFR2MGRTNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIzLTEzMDQ0NTRiZjI5
ZC8xLzEtanhJRmdkaG5JTmRDZkpISFpkdGZQZEtCRGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVn2sw
DQYJKoZIhvcNAQELBQADggEBADTA48w9uklL3FjrvXEbOfCumF9a2Gx7JlV4Wqpd
zukmlQm1g0HPUkuyz6z1Q+hWbaCjkerS7/WSznXF9WWrgBnp0xW/U1AmsDhevG6B
Flj+3/EdM1mo9d9nOqw1pD/W1Z3H803rnIXBwH+2WZDuXH9eIKRS6SXvQdxsaXBW
SJjMo0KlZKHYrdB4v+MFJA1dpHazG0ZfaWjQe1f7u5GwKrMPYgE/qLh+R2/1Kj9Q
T63rV2Kp5ipCZIhAVLpgeRmBnbp+13p84EsuzCEuaC/6NYukm2vS3/Cf3ANn6Jsa
b7LWrl4U2lL7wgFtjoA/NMLgO9DkngMXdnEbwn2hvFWbgb8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:28:48 2025 by rpki-client