Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/fP9KcS2nAtlzdr_4yXDxYjDynAI.roa
File: fP9KcS2nAtlzdr_4yXDxYjDynAI.roa (raw, json)
Hash identifier: FSiW33FPGzpnEA+aiBD/xZClQVX484dW+n0rQsuAQfU=
Subject key identifier: 7C:FF:4A:71:2D:A7:02:D9:73:76:BF:F8:C9:70:F1:62:30:F2:9C:02
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0194252166239F2F217EA504B12426159940
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/fP9KcS2nAtlzdr_4yXDxYjDynAI.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 151.145.128.0/19 maxlen: 19
158.120.48.0/24 maxlen: 24
158.120.50.0/24 maxlen: 24
158.120.52.0/24 maxlen: 24
158.120.54.0/24 maxlen: 24
158.120.56.0/24 maxlen: 24
158.120.58.0/24 maxlen: 24
158.120.60.0/24 maxlen: 24
158.120.62.0/24 maxlen: 24
170.100.128.0/22 maxlen: 22
170.100.147.0/24 maxlen: 24
170.100.148.0/22 maxlen: 22
170.100.152.0/21 maxlen: 21
170.100.192.0/21 maxlen: 21
170.100.200.0/22 maxlen: 22
170.100.204.0/24 maxlen: 24
170.100.206.0/23 maxlen: 23
192.6.64.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
192.6.252.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
192.25.232.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.137.24.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:66:23:9f:2f:21:7e:a5:04:b1:24:26:15:99:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cff4a712da702d97376bff8c970f16230f29c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:21:e8:be:f8:fc:cc:c7:0c:2a:51:c6:47:
e2:74:b2:a0:83:fb:9b:9d:88:6d:99:58:bb:71:bd:
be:7b:bc:69:fd:ea:ea:b2:b1:19:61:66:27:f7:93:
84:a2:35:5a:b5:9f:2b:72:97:10:8a:91:8b:53:db:
f3:27:9e:4e:21:e4:53:74:f7:be:70:ad:2c:ad:0d:
b6:1c:81:d3:77:56:f7:ad:e7:a8:55:e2:4a:7a:b4:
d1:d1:f9:0d:d9:8c:90:3a:33:5a:99:ec:00:ff:a9:
66:d9:77:14:2e:a9:c7:2f:6c:b1:fa:a5:02:29:ea:
a3:9e:60:ba:56:2c:f9:39:bb:c9:1d:33:da:e6:bc:
cc:a9:3b:5f:b2:59:ba:f8:e5:ad:2d:1b:ad:68:0f:
f1:ed:43:7f:21:45:9d:71:18:99:16:e7:f0:85:9c:
72:da:aa:48:e5:fb:b0:78:c2:6b:d6:97:f3:ac:51:
85:cb:e6:b3:b1:3a:66:f4:87:b4:85:3f:5c:e1:b7:
e4:19:df:cb:88:4a:70:f2:54:c3:b7:1f:79:63:a4:
d1:01:73:c4:ed:d8:a9:c7:d9:33:2d:33:85:bb:5a:
41:6d:79:57:7f:33:96:b0:23:38:c2:ed:2e:a4:91:
df:7f:92:14:d1:03:04:c4:17:54:d3:74:25:d7:91:
46:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:FF:4A:71:2D:A7:02:D9:73:76:BF:F8:C9:70:F1:62:30:F2:9C:02
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/fP9KcS2nAtlzdr_4yXDxYjDynAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.145.128.0/19
158.120.48.0/24
158.120.50.0/24
158.120.52.0/24
158.120.54.0/24
158.120.56.0/24
158.120.58.0/24
158.120.60.0/24
158.120.62.0/24
170.100.128.0/22
170.100.147.0-170.100.159.255
170.100.192.0-170.100.204.255
170.100.206.0/23
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
38:00:ec:a7:05:8b:ba:20:96:18:ef:e0:15:da:f3:62:c4:6e:
98:e4:87:07:4e:e3:6d:2a:15:6f:2d:a7:f4:59:bd:4e:ad:b9:
e0:33:85:06:04:92:39:37:d3:4c:b8:3f:23:52:09:1b:6d:3b:
00:f7:f8:50:8b:bb:56:0d:23:1d:19:9b:58:b6:14:44:48:39:
26:9d:75:1f:da:41:8c:35:66:34:7c:4d:a6:b6:4c:88:90:85:
1d:07:3e:fc:48:e0:fd:d9:74:ad:90:e8:ff:50:4e:c8:07:94:
af:ff:18:23:09:4a:b6:e3:ce:cf:18:76:08:6b:0d:23:5f:c9:
b6:d7:3a:ac:a4:7b:9a:c3:0a:0d:f4:18:2e:5b:37:35:1b:4b:
ff:7a:53:92:6b:96:cc:e6:fb:cc:f1:61:9f:20:b2:b4:b9:ca:
11:09:56:44:89:2b:1f:3c:43:a1:a9:d2:40:5a:a8:96:5e:f1:
86:b3:68:37:76:a7:fe:9a:ba:d1:c4:c3:1d:47:c8:e3:8b:1e:
d0:57:1d:1c:f5:d4:3c:17:c8:e7:5f:ba:38:27:52:50:e9:2d:
e0:b7:1d:43:2f:74:6a:0c:05:35:96:8d:03:2a:ed:53:25:99:
cc:aa:50:e3:e6:8e:6d:8b:28:a1:16:ac:b9:f1:1d:d9:8d:14:
a4:c0:03:01
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZQlIWYjny8hfqUEsSQmFZlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2ZmNGE3MTJkYTcwMmQ5NzM3NmJmZjhjOTcwZjE2MjMwZjI5YzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZUh6L74/MzHDCpRxkfidLKgg/ub
nYhtmVi7cb2+e7xp/erqsrEZYWYn95OEojVatZ8rcpcQipGLU9vzJ55OIeRTdPe+
cK0srQ22HIHTd1b3reeoVeJKerTR0fkN2YyQOjNamewA/6lm2XcULqnHL2yx+qUC
KeqjnmC6Viz5ObvJHTPa5rzMqTtfslm6+OWtLRutaA/x7UN/IUWdcRiZFufwhZxy
2qpI5fuweMJr1pfzrFGFy+azsTpm9Ie0hT9c4bfkGd/LiEpw8lTDtx95Y6TRAXPE
7dipx9kzLTOFu1pBbXlXfzOWsCM4wu0upJHff5IU0QMExBdU03Ql15FGYQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFHz/SnEtpwLZc3a/+Mlw8WIw8pwCMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvZlA5S2NTMm5BdGx6ZHJfNHlYRHhZakR5bkFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAWX
kYADBACeeDADBACeeDIDBACeeDQDBACeeDYDBACeeDgDBACeeDoDBACeeDwDBACe
eD4DBAKqZIAwDAMEAKpkkwMEBapkgDAMAwQGqmTAAwQAqmTMAwQBqmTOAwQCwAZA
AwQCwAasAwQCwAb8AwQCwBm0AwQCwBnIAwQCwBnQAwQCwBnoAwQCwBn0AwQCwIkY
MA0GCSqGSIb3DQEBCwUAA4IBAQA4AOynBYu6IJYY7+AV2vNixG6Y5IcHTuNtKhVv
Laf0Wb1OrbngM4UGBJI5N9NMuD8jUgkbbTsA9/hQi7tWDSMdGZtYthRESDkmnXUf
2kGMNWY0fE2mtkyIkIUdBz78SOD92XStkOj/UE7IB5Sv/xgjCUq2487PGHYIaw0j
X8m21zqspHuawwoN9BguWzc1G0v/elOSa5bM5vvM8WGfILK0ucoRCVZEiSsfPEOh
qdJAWqiWXvGGs2g3dqf+mrrRxMMdR8jjix7QVx0c9dQ8F8jnX7o4J1JQ6S3gtx1D
L3RqDAU1lo0DKu1TJZnMqlDj5o5tiyihFqy58R3ZjRSkwAMB
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:37 2025 by rpki-client