Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f92a0d-f74a-4768-96c5-4dc2e9361ff1/1/FTocBAKR9rZ8eGvJRXnUQniKyzg.roa
File: FTocBAKR9rZ8eGvJRXnUQniKyzg.roa (raw, json)
Hash identifier: 4YM4aETz9NdlD+M0h7DzkMhTN0X7MVJY7wPySoWXxRA=
Subject key identifier: 15:3A:1C:04:02:91:F6:B6:7C:78:6B:C9:45:79:D4:42:78:8A:CB:38
Certificate issuer: /CN=46ffa79440c517eddbaced3aa60e5fbcbdc6502e
Certificate serial: 018CC4937166D742F1D796A8F4E3658AD00E
Authority key identifier: 46:FF:A7:94:40:C5:17:ED:DB:AC:ED:3A:A6:0E:5F:BC:BD:C6:50:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rv-nlEDFF-3brO06pg5fvL3GUC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f92a0d-f74a-4768-96c5-4dc2e9361ff1/1/FTocBAKR9rZ8eGvJRXnUQniKyzg.roa
Signing time: Mon 01 Jan 2024 10:30:46 +0000
ROA not before: Mon 01 Jan 2024 10:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62248
IP address blocks: 185.73.132.0/23 maxlen: 24
185.73.135.0/24 maxlen: 24
185.73.134.0/24 maxlen: 24
2a05:4280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:71:66:d7:42:f1:d7:96:a8:f4:e3:65:8a:d0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ffa79440c517eddbaced3aa60e5fbcbdc6502e
Validity
Not Before: Jan 1 10:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=153a1c040291f6b67c786bc94579d442788acb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:eb:19:8f:ec:6e:f5:46:22:5a:f9:b3:c6:dd:
8b:16:19:25:1c:24:43:fb:b5:03:33:39:fd:0e:73:
a9:f5:bf:fa:31:bd:1b:77:61:07:9b:20:07:34:c8:
e0:ac:c7:f9:8f:49:c9:eb:8b:52:e7:aa:b5:c0:36:
6f:66:28:3a:b9:6c:6a:e3:ae:40:74:56:53:cf:00:
79:12:66:a2:bc:de:fd:96:54:8a:bc:66:68:ec:8b:
4d:80:67:a7:36:9e:db:73:7d:48:2e:08:85:89:87:
32:86:3b:c6:13:b6:35:79:26:52:25:a6:08:79:99:
92:c2:08:93:da:9a:b3:ab:82:9e:44:31:07:d9:e2:
aa:58:34:e0:42:8b:54:3c:26:8f:e4:96:d2:c1:77:
c5:5e:92:76:f2:72:19:3a:ae:66:e1:7f:1c:c8:56:
dc:e9:5a:79:51:24:0a:53:58:c7:bc:42:f8:b1:fd:
7a:f7:fa:fe:a8:e3:de:da:3d:a8:23:20:8a:7a:88:
45:ad:05:88:9a:86:14:c3:51:41:34:08:91:cf:a8:
05:61:4c:ab:e0:c0:89:bb:03:05:92:c3:f9:5c:d9:
46:29:5c:63:fa:4a:52:dd:c4:de:74:a2:b1:86:2a:
df:21:f6:ee:e2:86:72:5a:90:b7:18:c9:a8:93:79:
73:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3A:1C:04:02:91:F6:B6:7C:78:6B:C9:45:79:D4:42:78:8A:CB:38
X509v3 Authority Key Identifier:
keyid:46:FF:A7:94:40:C5:17:ED:DB:AC:ED:3A:A6:0E:5F:BC:BD:C6:50:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rv-nlEDFF-3brO06pg5fvL3GUC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f92a0d-f74a-4768-96c5-4dc2e9361ff1/1/FTocBAKR9rZ8eGvJRXnUQniKyzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f92a0d-f74a-4768-96c5-4dc2e9361ff1/1/Rv-nlEDFF-3brO06pg5fvL3GUC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.132.0/22
IPv6:
2a05:4280::/29
Signature Algorithm: sha256WithRSAEncryption
95:00:0b:bf:59:0e:a7:80:1c:ff:e8:6c:d5:8d:bd:18:51:b4:
e3:ad:a8:6f:f1:0f:8c:bb:68:a2:9d:e8:4e:79:d7:d7:f4:f9:
cd:26:9b:78:1e:f3:96:52:78:ea:59:93:e2:35:30:d6:2d:f1:
23:91:43:cc:bc:7d:32:b8:d4:53:48:7b:8d:a8:09:46:ae:dc:
c6:75:d2:15:d4:a2:99:c4:02:c7:09:cf:68:1e:17:92:f3:23:
be:fc:dc:94:82:f7:10:f0:4c:b3:4d:e6:84:60:4a:da:92:99:
a5:b1:85:bf:24:7f:cb:51:9b:eb:3b:40:c2:49:b4:68:2a:87:
4a:83:ba:bd:b7:96:5f:08:50:75:7c:53:05:9b:2c:c0:58:b9:
93:c3:4e:10:a1:5f:a6:24:41:89:56:d7:b4:97:1a:a8:d1:e6:
ef:d1:15:4c:46:ba:59:5a:5e:11:d8:56:c1:93:77:61:7b:5b:
81:39:14:52:a5:c8:b7:a8:ae:50:66:4b:8d:b4:d3:7f:d7:15:
b3:c7:8a:4c:1d:cb:9e:5c:d7:ea:c6:0b:18:f3:65:cf:fb:2b:
c8:c8:6b:2b:b8:e3:16:28:e6:3a:87:35:b8:eb:70:59:26:1f:
08:f5:23:96:12:0f:9a:cd:28:25:d6:e7:b8:d6:f1:a3:c7:0a:
2b:c7:77:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk3Fm10Lx15ao9ONlitAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZmZhNzk0NDBjNTE3ZWRkYmFjZWQzYWE2MGU1ZmJjYmRj
NjUwMmUwHhcNMjQwMTAxMTAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTNhMWMwNDAyOTFmNmI2N2M3ODZiYzk0NTc5ZDQ0Mjc4OGFjYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtesZj+xu9UYiWvmzxt2LFhklHCRD
+7UDMzn9DnOp9b/6Mb0bd2EHmyAHNMjgrMf5j0nJ64tS56q1wDZvZig6uWxq465A
dFZTzwB5EmaivN79llSKvGZo7ItNgGenNp7bc31ILgiFiYcyhjvGE7Y1eSZSJaYI
eZmSwgiT2pqzq4KeRDEH2eKqWDTgQotUPCaP5JbSwXfFXpJ28nIZOq5m4X8cyFbc
6Vp5USQKU1jHvEL4sf169/r+qOPe2j2oIyCKeohFrQWImoYUw1FBNAiRz6gFYUyr
4MCJuwMFksP5XNlGKVxj+kpS3cTedKKxhirfIfbu4oZyWpC3GMmok3lz9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBU6HAQCkfa2fHhryUV51EJ4iss4MB8GA1UdIwQY
MBaAFEb/p5RAxRft26ztOqYOX7y9xlAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnYtbmxFREZGLTNick8wNnBnNWZ2TDNHVUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mOTJhMGQtZjc0YS00NzY4LTk2YzUt
NGRjMmU5MzYxZmYxLzEvRlRvY0JBS1I5clo4ZUd2SlJYblVRbmlLeXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mOTJhMGQtZjc0YS00NzY4LTk2YzUtNGRjMmU5MzYxZmYx
LzEvUnYtbmxFREZGLTNick8wNnBnNWZ2TDNHVUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUmEMA0E
AgACMAcDBQMqBUKAMA0GCSqGSIb3DQEBCwUAA4IBAQCVAAu/WQ6ngBz/6GzVjb0Y
UbTjrahv8Q+Mu2iinehOedfX9PnNJpt4HvOWUnjqWZPiNTDWLfEjkUPMvH0yuNRT
SHuNqAlGrtzGddIV1KKZxALHCc9oHheS8yO+/NyUgvcQ8EyzTeaEYErakpmlsYW/
JH/LUZvrO0DCSbRoKodKg7q9t5ZfCFB1fFMFmyzAWLmTw04QoV+mJEGJVte0lxqo
0ebv0RVMRrpZWl4R2FbBk3dhe1uBORRSpci3qK5QZkuNtNN/1xWzx4pMHcueXNfq
xgsY82XP+yvIyGsruOMWKOY6hzW463BZJh8I9SOWEg+azSgl1ue41vGjxworx3e7
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:19 2025 by rpki-client