Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/013d7e-13f5-4e6e-ab87-2013618c04ff/1/fw5Ep7-Is_8oai0y4ONnoTf45X0.roa
File: fw5Ep7-Is_8oai0y4ONnoTf45X0.roa (raw, json)
Hash identifier: l4+yLIdJevceVCmvkOM4iAvyeJ/axuhvZ6UrHEnZLEY=
Subject key identifier: 7F:0E:44:A7:BF:88:B3:FF:28:6A:2D:32:E0:E3:67:A1:37:F8:E5:7D
Certificate issuer: /CN=aee9d5086369076a78d761638b32a8a9b8ef70e7
Certificate serial: 018CC424E663769567E107DB24463B0E6B68
Authority key identifier: AE:E9:D5:08:63:69:07:6A:78:D7:61:63:8B:32:A8:A9:B8:EF:70:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/runVCGNpB2p412FjizKoqbjvcOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/013d7e-13f5-4e6e-ab87-2013618c04ff/1/fw5Ep7-Is_8oai0y4ONnoTf45X0.roa
Signing time: Mon 01 Jan 2024 08:30:01 +0000
ROA not before: Mon 01 Jan 2024 08:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48078
IP address blocks: 91.210.24.0/24 maxlen: 24
91.210.24.0/22 maxlen: 22
185.15.63.0/24 maxlen: 24
185.15.62.0/24 maxlen: 24
185.15.61.0/24 maxlen: 24
185.15.60.0/24 maxlen: 24
185.15.60.0/22 maxlen: 22
91.210.27.0/24 maxlen: 24
91.210.26.0/24 maxlen: 24
91.210.25.0/24 maxlen: 24
91.215.89.0/24 maxlen: 24
91.215.88.0/24 maxlen: 24
91.215.88.0/22 maxlen: 22
91.215.91.0/24 maxlen: 24
91.215.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e6:63:76:95:67:e1:07:db:24:46:3b:0e:6b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee9d5086369076a78d761638b32a8a9b8ef70e7
Validity
Not Before: Jan 1 08:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f0e44a7bf88b3ff286a2d32e0e367a137f8e57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:af:22:f1:d3:6d:6e:81:2a:dc:2f:29:8a:31:
ed:0d:22:e8:45:90:2b:37:f8:bb:cf:cb:ce:c3:cc:
f9:3d:dc:50:26:79:b6:41:03:13:6f:4d:50:0d:89:
fb:c4:23:5e:30:bc:aa:38:b4:74:ae:e5:87:3c:f9:
69:cb:e8:ec:b2:f0:53:5f:2f:ae:60:09:9d:6c:c9:
4e:6d:47:04:1d:7f:06:86:78:fd:64:c1:90:4c:3b:
ab:96:71:e7:4d:82:06:fe:1f:66:f2:02:76:12:2a:
bb:96:67:79:94:93:54:82:ab:fe:2d:1c:0c:01:fd:
f1:ad:92:38:90:44:2c:f6:bf:f4:53:d5:2d:db:28:
21:01:73:82:59:50:70:36:da:e4:da:6a:a4:0e:7d:
0d:f0:38:d5:ae:f4:26:72:2c:30:b0:64:a5:ac:3a:
37:ad:f1:f0:86:07:da:23:3f:f0:c1:f1:0e:be:46:
db:b9:0b:c0:d3:d4:ea:82:c2:e0:61:df:35:15:a3:
6c:f3:59:c0:fa:b5:43:4b:9f:b9:2d:63:63:2e:6d:
b0:8c:08:df:ed:bc:73:be:a4:bc:21:8d:14:c1:2e:
f3:e5:30:53:57:a8:ec:65:f7:8e:be:69:5b:e0:0e:
9a:ed:0e:1b:ab:67:31:19:11:51:da:b2:e5:ee:4f:
7e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0E:44:A7:BF:88:B3:FF:28:6A:2D:32:E0:E3:67:A1:37:F8:E5:7D
X509v3 Authority Key Identifier:
keyid:AE:E9:D5:08:63:69:07:6A:78:D7:61:63:8B:32:A8:A9:B8:EF:70:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/runVCGNpB2p412FjizKoqbjvcOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/013d7e-13f5-4e6e-ab87-2013618c04ff/1/fw5Ep7-Is_8oai0y4ONnoTf45X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/013d7e-13f5-4e6e-ab87-2013618c04ff/1/runVCGNpB2p412FjizKoqbjvcOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.24.0/22
91.215.88.0/22
185.15.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:79:57:49:3b:62:a6:b7:ca:f6:51:ca:30:8e:98:6e:10:6b:
d8:e0:c4:df:a5:72:1d:83:ca:a7:c0:d9:5e:c9:95:47:d2:9d:
32:bd:96:66:4e:7d:5a:3e:5f:5d:c1:42:c1:bd:14:db:22:13:
e0:4c:07:54:a0:02:51:fe:a7:2b:52:c5:30:b4:6c:ee:22:13:
b1:1a:9a:e0:5a:90:2c:e6:e8:85:6a:02:44:e2:d8:7d:c2:c6:
f6:c3:c0:ff:45:dd:12:6f:36:d2:31:2e:a6:92:7b:81:17:a8:
13:3b:ff:37:52:f4:33:a4:bc:6e:10:d8:9f:e4:f9:86:04:89:
f5:cc:30:88:e1:47:67:a7:a8:88:08:69:57:de:44:5e:27:a1:
03:6a:bc:ad:91:aa:57:56:1d:11:8a:47:1b:4a:64:bc:e5:78:
5f:a5:03:5f:6b:d6:35:f4:b6:b9:7d:5b:89:23:71:3f:08:77:
76:c9:8e:6e:cd:8e:30:b4:fc:ae:9e:c9:2a:9b:ea:4e:f7:f9:
49:97:0e:e2:71:eb:92:2c:ef:45:40:df:7e:7f:5f:17:d8:ed:
b5:c6:11:31:c7:11:5e:fc:ff:1c:ea:db:3e:28:ff:4b:21:6c:
8e:3d:2b:fe:68:9b:16:bb:2b:44:3f:28:e6:fc:fd:51:36:7d:
c2:a5:02:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJOZjdpVn4QfbJEY7DmtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTlkNTA4NjM2OTA3NmE3OGQ3NjE2MzhiMzJhOGE5Yjhl
ZjcwZTcwHhcNMjQwMTAxMDgzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBlNDRhN2JmODhiM2ZmMjg2YTJkMzJlMGUzNjdhMTM3ZjhlNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq8i8dNtboEq3C8pijHtDSLoRZAr
N/i7z8vOw8z5PdxQJnm2QQMTb01QDYn7xCNeMLyqOLR0ruWHPPlpy+jssvBTXy+u
YAmdbMlObUcEHX8Ghnj9ZMGQTDurlnHnTYIG/h9m8gJ2Eiq7lmd5lJNUgqv+LRwM
Af3xrZI4kEQs9r/0U9Ut2yghAXOCWVBwNtrk2mqkDn0N8DjVrvQmciwwsGSlrDo3
rfHwhgfaIz/wwfEOvkbbuQvA09TqgsLgYd81FaNs81nA+rVDS5+5LWNjLm2wjAjf
7bxzvqS8IY0UwS7z5TBTV6jsZfeOvmlb4A6a7Q4bq2cxGRFR2rLl7k9+7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH8ORKe/iLP/KGotMuDjZ6E3+OV9MB8GA1UdIwQY
MBaAFK7p1QhjaQdqeNdhY4syqKm473DnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVuVkNHTnBCMnA0MTJGaml6S29xYmp2Y09jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMTNkN2UtMTNmNS00ZTZlLWFiODct
MjAxMzYxOGMwNGZmLzEvZnc1RXA3LUlzXzhvYWkweTRPTm5vVGY0NVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMTNkN2UtMTNmNS00ZTZlLWFiODctMjAxMzYxOGMwNGZm
LzEvcnVuVkNHTnBCMnA0MTJGaml6S29xYmp2Y09jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW9IYAwQC
W9dYAwQCuQ88MA0GCSqGSIb3DQEBCwUAA4IBAQCeeVdJO2Kmt8r2UcowjphuEGvY
4MTfpXIdg8qnwNleyZVH0p0yvZZmTn1aPl9dwULBvRTbIhPgTAdUoAJR/qcrUsUw
tGzuIhOxGprgWpAs5uiFagJE4th9wsb2w8D/Rd0SbzbSMS6mknuBF6gTO/83UvQz
pLxuENif5PmGBIn1zDCI4Udnp6iICGlX3kReJ6EDarytkapXVh0RikcbSmS85Xhf
pQNfa9Y19La5fVuJI3E/CHd2yY5uzY4wtPyunskqm+pO9/lJlw7iceuSLO9FQN9+
f18X2O21xhExxxFe/P8c6ts+KP9LIWyOPSv+aJsWuytEPyjm/P1RNn3CpQL1
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:38:56 2025 by rpki-client