Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/FXp47Mi-5UkswqDbDFWgrQCf3yQ.roa
File: FXp47Mi-5UkswqDbDFWgrQCf3yQ.roa (raw, json)
Hash identifier: NoiNPgXtbNrEXdX4glaatZDDkePEqExLiR0bDWBn7NQ=
Subject key identifier: 15:7A:78:EC:C8:BE:E5:49:2C:C2:A0:DB:0C:55:A0:AD:00:9F:DF:24
Certificate issuer: /CN=d860f6f2c318559e65959cd5f28d159a0842d72a
Certificate serial: 01856D54135395C875E59C354DED5460D3F1
Authority key identifier: D8:60:F6:F2:C3:18:55:9E:65:95:9C:D5:F2:8D:15:9A:08:42:D7:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GD28sMYVZ5llZzV8o0VmghC1yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/FXp47Mi-5UkswqDbDFWgrQCf3yQ.roa
Signing time: Sun 01 Jan 2023 12:35:04 +0000
ROA not before: Sun 01 Jan 2023 12:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 185.234.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:13:53:95:c8:75:e5:9c:35:4d:ed:54:60:d3:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d860f6f2c318559e65959cd5f28d159a0842d72a
Validity
Not Before: Jan 1 12:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=157a78ecc8bee5492cc2a0db0c55a0ad009fdf24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:91:c7:f4:d4:73:e3:45:f8:6e:a9:3a:0f:1d:
9a:28:f4:85:73:b4:ca:f6:0f:e9:36:a2:f9:ab:50:
05:25:f6:86:fb:b7:e2:9b:de:1f:af:3f:60:81:d4:
d9:25:34:7a:b0:1a:f6:24:07:1a:3e:62:aa:84:f2:
58:9b:ee:09:32:f5:13:0b:f4:ae:92:50:f2:6b:78:
30:28:0d:57:25:f8:58:41:99:b1:c8:c5:11:49:0f:
c1:d5:05:db:48:72:e1:16:ee:46:1d:d8:50:ea:da:
81:44:2d:bf:92:e3:43:8c:90:3c:e6:2a:60:ab:7d:
38:47:1b:ee:b3:26:4d:17:4d:1d:07:4a:cb:ef:0e:
75:ce:72:dc:bf:9a:9a:7e:30:4c:dc:03:fe:5c:7a:
7a:22:56:9d:da:38:8b:da:e5:01:27:ef:18:57:16:
f5:54:a5:d2:35:b6:7a:b0:c3:e0:6e:04:1b:34:95:
4d:66:28:e8:d4:74:de:a4:ac:d2:c3:22:b4:2f:d7:
38:b1:76:93:9e:80:39:35:67:9d:32:30:53:65:ab:
24:d6:9b:74:44:1e:67:05:9c:0f:45:ad:8d:8e:a4:
a6:07:bd:a7:18:67:48:dc:7c:d4:75:dc:df:e2:83:
f7:ec:e3:40:34:1c:2a:1c:2a:40:ca:63:e9:a5:65:
5b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7A:78:EC:C8:BE:E5:49:2C:C2:A0:DB:0C:55:A0:AD:00:9F:DF:24
X509v3 Authority Key Identifier:
keyid:D8:60:F6:F2:C3:18:55:9E:65:95:9C:D5:F2:8D:15:9A:08:42:D7:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GD28sMYVZ5llZzV8o0VmghC1yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/FXp47Mi-5UkswqDbDFWgrQCf3yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76602c-c1ac-46a3-81bc-deeff3b2ae8a/1/2GD28sMYVZ5llZzV8o0VmghC1yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.12.0/24
Signature Algorithm: sha256WithRSAEncryption
12:8d:df:b6:05:78:5a:09:1a:5d:bf:f1:72:8c:ac:9a:0d:9a:
af:8b:2a:66:37:bc:5a:b2:10:c9:e8:34:f9:b0:c1:28:31:c4:
94:a0:61:f7:d9:f0:bb:26:9b:54:c5:8a:5b:bb:b4:53:1a:1d:
fe:8d:7b:70:ea:27:f2:77:be:fe:bf:9e:eb:27:54:3e:c8:31:
dc:bc:8d:2b:b2:e9:38:e3:18:f2:3a:26:63:82:7f:a0:b9:18:
76:ee:09:30:e0:52:81:59:6e:6f:87:ce:5c:9c:4b:ec:54:b4:
28:e4:b4:6c:c1:64:3a:80:1a:27:bd:be:33:7d:77:6a:28:27:
27:8e:c7:0e:80:40:3a:19:d6:3e:d4:f1:52:01:75:34:62:da:
5c:8e:1c:f1:b3:db:26:36:79:e7:f5:b3:a7:14:f5:e9:8c:73:
e2:5a:74:06:f4:81:2d:d7:99:03:69:1a:1a:55:61:47:80:ba:
64:65:51:0b:46:14:46:9f:c1:e3:ed:ed:d7:a4:c5:ef:58:df:
0a:0a:d5:9d:b3:1d:7d:6f:94:9e:f1:fc:01:f7:3a:0b:f3:9d:
c6:90:17:15:b0:02:ab:82:1c:66:7f:04:04:18:64:ac:c5:cc:
8e:47:76:30:43:32:57:89:57:e3:98:a4:3a:3a:48:a0:ad:3d:
12:0b:46:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVBNTlch15Zw1Te1UYNPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjBmNmYyYzMxODU1OWU2NTk1OWNkNWYyOGQxNTlhMDg0
MmQ3MmEwHhcNMjMwMTAxMTIzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdhNzhlY2M4YmVlNTQ5MmNjMmEwZGIwYzU1YTBhZDAwOWZkZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5HH9NRz40X4bqk6Dx2aKPSFc7TK
9g/pNqL5q1AFJfaG+7fim94frz9ggdTZJTR6sBr2JAcaPmKqhPJYm+4JMvUTC/Su
klDya3gwKA1XJfhYQZmxyMURSQ/B1QXbSHLhFu5GHdhQ6tqBRC2/kuNDjJA85ipg
q304RxvusyZNF00dB0rL7w51znLcv5qafjBM3AP+XHp6Ilad2jiL2uUBJ+8YVxb1
VKXSNbZ6sMPgbgQbNJVNZijo1HTepKzSwyK0L9c4sXaTnoA5NWedMjBTZask1pt0
RB5nBZwPRa2NjqSmB72nGGdI3HzUddzf4oP37ONANBwqHCpAymPppWVbiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBV6eOzIvuVJLMKg2wxVoK0An98kMB8GA1UdIwQY
MBaAFNhg9vLDGFWeZZWc1fKNFZoIQtcqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdEMjhzTVlWWjVsbFp6VjhvMFZtZ2hDMXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NjYwMmMtYzFhYy00NmEzLTgxYmMt
ZGVlZmYzYjJhZThhLzEvRlhwNDdNaS01VWtzd3FEYkRGV2dyUUNmM3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NjYwMmMtYzFhYy00NmEzLTgxYmMtZGVlZmYzYjJhZThh
LzEvMkdEMjhzTVlWWjVsbFp6VjhvMFZtZ2hDMXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueoMMA0G
CSqGSIb3DQEBCwUAA4IBAQASjd+2BXhaCRpdv/FyjKyaDZqviypmN7xashDJ6DT5
sMEoMcSUoGH32fC7JptUxYpbu7RTGh3+jXtw6ifyd77+v57rJ1Q+yDHcvI0rsuk4
4xjyOiZjgn+guRh27gkw4FKBWW5vh85cnEvsVLQo5LRswWQ6gBonvb4zfXdqKCcn
jscOgEA6GdY+1PFSAXU0Ytpcjhzxs9smNnnn9bOnFPXpjHPiWnQG9IEt15kDaRoa
VWFHgLpkZVELRhRGn8Hj7e3XpMXvWN8KCtWdsx19b5Se8fwB9zoL853GkBcVsAKr
ghxmfwQEGGSsxcyOR3YwQzJXiVfjmKQ6OkigrT0SC0b2
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:38:28 2025 by rpki-client