Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/FSJlPLqaM2ChwnRIk6SXXtvpcvo.roa
File: FSJlPLqaM2ChwnRIk6SXXtvpcvo.roa (raw, json)
Hash identifier: 7EMFpQ+83k+4w2/zaxXPQN6mUAkB1bd+dpxTlm/pjHc=
Subject key identifier: 15:22:65:3C:BA:9A:33:60:A1:C2:74:48:93:A4:97:5E:DB:E9:72:FA
Certificate issuer: /CN=df798581e73704ee38c9be15e72370f176c60311
Certificate serial: 018CC26CF92CD97E9207DE3D2ABA03C8F279
Authority key identifier: DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/FSJlPLqaM2ChwnRIk6SXXtvpcvo.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24631
IP address blocks: 185.128.83.0/24 maxlen: 24
185.128.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f9:2c:d9:7e:92:07:de:3d:2a:ba:03:c8:f2:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df798581e73704ee38c9be15e72370f176c60311
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1522653cba9a3360a1c2744893a4975edbe972fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e5:3e:88:2c:a1:4c:ff:d1:d5:33:5c:46:4a:
f9:05:bc:cb:ad:1d:14:bc:fd:ff:3b:9f:33:9c:92:
79:b8:aa:81:4b:4e:f7:57:6f:77:be:dc:c5:73:44:
29:8d:2c:ea:4d:03:11:95:32:4c:3e:ae:68:ca:7c:
28:a1:fa:91:fe:b0:88:70:0c:3b:bf:23:55:8d:41:
d5:f2:1e:59:4c:43:5c:56:fd:b3:05:14:d6:22:a0:
1b:73:e9:52:0c:2a:50:7c:b8:39:4e:0a:2d:b2:dd:
40:de:2b:07:18:d6:24:6a:bc:30:9c:bf:f0:94:81:
8b:93:38:15:73:cb:07:85:26:99:13:2e:fa:15:b4:
2f:f8:e6:ed:c6:52:e3:2b:b5:8a:26:66:1d:76:b5:
f7:fb:b7:ec:7d:62:e3:9e:0b:ec:07:4f:06:a7:fa:
ce:da:43:ba:85:70:9e:ff:9d:d8:4d:0c:d2:48:a7:
44:6f:9f:ec:25:82:c8:61:f1:a8:da:2b:58:cf:38:
c9:fc:6d:91:21:22:13:26:7c:3e:7a:a8:39:cd:6b:
68:75:26:71:a6:13:f9:e9:49:ee:a9:d7:33:83:c9:
f0:dc:bd:92:80:ee:09:79:6e:fd:7e:c5:a0:30:22:
ae:60:5b:06:68:86:af:3c:4a:3d:88:3d:7e:8d:b5:
33:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:22:65:3C:BA:9A:33:60:A1:C2:74:48:93:A4:97:5E:DB:E9:72:FA
X509v3 Authority Key Identifier:
keyid:DF:79:85:81:E7:37:04:EE:38:C9:BE:15:E7:23:70:F1:76:C6:03:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33mFgec3BO44yb4V5yNw8XbGAxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/FSJlPLqaM2ChwnRIk6SXXtvpcvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/a8007b-08ce-4af4-a383-c4a52dcee23d/1/33mFgec3BO44yb4V5yNw8XbGAxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.81.0/24
185.128.83.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f2:07:05:71:70:08:0f:c6:2b:db:82:65:91:21:e0:04:7f:
10:23:ab:05:b5:7a:b4:65:b1:da:ba:eb:4a:9d:19:cd:66:38:
d9:6a:ad:02:75:cc:bf:35:46:a7:24:a4:5b:19:ba:71:47:e0:
1e:fb:31:e9:d2:76:ce:8f:2e:66:43:09:34:93:5c:c6:ab:e1:
e2:37:ce:e8:1c:c4:61:8d:ab:21:ac:b0:aa:40:b9:8a:c6:b2:
83:93:bc:02:40:d7:d5:90:44:b6:f7:08:10:ed:d1:7f:bd:18:
ae:87:7d:77:34:22:00:f7:92:55:06:56:00:8c:0f:31:e8:e1:
9f:39:05:f6:57:00:0b:f9:95:89:51:b4:51:91:a2:b4:e4:38:
ff:e1:96:44:c3:1c:c1:27:cf:fa:8c:09:a2:38:ac:33:29:4a:
ac:51:4b:69:6e:12:bf:46:48:d4:5c:9a:e7:6d:68:e7:1a:6a:
0d:4a:ab:49:76:28:6f:ec:9e:0a:1b:b7:fd:72:bb:ea:d9:3b:
13:ea:cc:5b:ff:d3:25:23:61:c7:b0:56:fa:35:df:1b:6d:6f:
42:2e:ee:ba:a1:b8:3b:10:fa:e0:54:5e:56:54:f1:52:7a:bb:
7a:43:b2:dc:ad:79:57:1e:35:ff:31:df:cf:87:ff:7b:db:16:
d5:b9:4a:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbPks2X6SB949KroDyPJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzk4NTgxZTczNzA0ZWUzOGM5YmUxNWU3MjM3MGYxNzZj
NjAzMTEwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTIyNjUzY2JhOWEzMzYwYTFjMjc0NDg5M2E0OTc1ZWRiZTk3MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+U+iCyhTP/R1TNcRkr5BbzLrR0U
vP3/O58znJJ5uKqBS073V293vtzFc0QpjSzqTQMRlTJMPq5oynwoofqR/rCIcAw7
vyNVjUHV8h5ZTENcVv2zBRTWIqAbc+lSDCpQfLg5Tgotst1A3isHGNYkarwwnL/w
lIGLkzgVc8sHhSaZEy76FbQv+ObtxlLjK7WKJmYddrX3+7fsfWLjngvsB08Gp/rO
2kO6hXCe/53YTQzSSKdEb5/sJYLIYfGo2itYzzjJ/G2RISITJnw+eqg5zWtodSZx
phP56Unuqdczg8nw3L2SgO4JeW79fsWgMCKuYFsGaIavPEo9iD1+jbUzXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBUiZTy6mjNgocJ0SJOkl17b6XL6MB8GA1UdIwQY
MBaAFN95hYHnNwTuOMm+FecjcPF2xgMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMt
YzRhNTJkY2VlMjNkLzEvRlNKbFBMcWFNMkNod25SSWs2U1hYdHZwY3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9hODAwN2ItMDhjZS00YWY0LWEzODMtYzRhNTJkY2VlMjNk
LzEvMzNtRmdlYzNCTzQ0eWI0VjV5Tnc4WGJHQXhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYBRAwQA
uYBTMA0GCSqGSIb3DQEBCwUAA4IBAQAn8gcFcXAID8Yr24JlkSHgBH8QI6sFtXq0
ZbHauutKnRnNZjjZaq0Cdcy/NUanJKRbGbpxR+Ae+zHp0nbOjy5mQwk0k1zGq+Hi
N87oHMRhjashrLCqQLmKxrKDk7wCQNfVkES29wgQ7dF/vRiuh313NCIA95JVBlYA
jA8x6OGfOQX2VwAL+ZWJUbRRkaK05Dj/4ZZEwxzBJ8/6jAmiOKwzKUqsUUtpbhK/
RkjUXJrnbWjnGmoNSqtJdihv7J4KG7f9crvq2TsT6sxb/9MlI2HHsFb6Nd8bbW9C
Lu66obg7EPrgVF5WVPFSert6Q7LcrXlXHjX/Md/Ph/972xbVuUo9
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:31:01 2025 by rpki-client