Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/FJlI_74bg4yz5i4Qw4ate1BdlGs.roa
File: FJlI_74bg4yz5i4Qw4ate1BdlGs.roa (raw, json)
Hash identifier: DdeLolrcvHyVKGuaQG57s7hvarSg6H4q28j6Y3wyouw=
Subject key identifier: 14:99:48:FF:BE:1B:83:8C:B3:E6:2E:10:C3:86:AD:7B:50:5D:94:6B
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018C24A4AE4E8D56FFA68311C8842B0A1A7D
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/FJlI_74bg4yz5i4Qw4ate1BdlGs.roa
Signing time: Fri 01 Dec 2023 09:10:21 +0000
ROA not before: Fri 01 Dec 2023 09:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 88.135.96.0/20 maxlen: 24
213.159.136.0/21 maxlen: 24
141.136.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:a4:ae:4e:8d:56:ff:a6:83:11:c8:84:2b:0a:1a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Dec 1 09:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=149948ffbe1b838cb3e62e10c386ad7b505d946b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4b:e2:cd:a5:1d:b8:b3:20:e9:fb:4a:07:14:
1d:3a:95:d0:dc:b5:f8:f6:45:50:ed:70:9c:7b:75:
dc:53:88:0a:ff:62:38:b1:c7:09:7a:66:87:cd:3c:
4e:6d:68:13:2d:f0:ce:3d:17:8a:43:ae:cc:36:50:
ff:d9:80:09:40:23:6d:dc:7e:5e:f9:26:80:08:19:
9e:e5:b2:87:e6:24:1e:26:0d:55:9d:c2:69:27:09:
d9:b7:8f:de:6b:54:1c:ab:39:ed:7b:6f:92:56:43:
77:42:65:e7:58:71:29:45:fa:9c:b3:b1:d5:4a:fa:
5a:87:09:21:0d:d0:15:59:98:69:8a:1e:c9:cd:66:
72:d2:c9:79:ca:50:90:78:e3:e9:84:ae:83:3c:6c:
0e:1d:62:4a:98:5c:8d:29:1d:78:6f:7e:0e:5d:45:
cf:1f:1d:1e:51:d0:ac:12:d3:25:e2:ea:e6:77:20:
d6:73:02:36:ab:6d:72:dd:d9:7d:db:ef:44:fc:8a:
81:3e:76:cd:c5:0a:69:dc:da:96:31:ae:93:19:5b:
08:27:e8:ca:8e:d1:9f:eb:e3:fa:24:f6:2b:a8:92:
21:65:ea:c5:7b:33:9c:1e:99:ed:ff:7c:a0:c0:f0:
2d:ad:97:b4:38:4c:2e:f7:c3:88:e6:af:3b:c0:77:
f5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:99:48:FF:BE:1B:83:8C:B3:E6:2E:10:C3:86:AD:7B:50:5D:94:6B
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/FJlI_74bg4yz5i4Qw4ate1BdlGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.96.0/20
141.136.16.0/20
213.159.136.0/21
Signature Algorithm: sha256WithRSAEncryption
57:13:8d:dc:5d:48:fd:4e:8d:ff:51:08:a5:cb:81:b9:3a:2f:
dc:df:d2:ec:02:35:6b:3a:84:e3:40:48:cf:a1:97:ec:fc:ef:
70:d4:c9:ae:e0:c5:a5:be:d2:ef:92:89:fe:a9:e5:87:23:2f:
d3:04:96:9e:3f:9a:23:3b:af:e2:2c:00:5c:01:9f:fa:e6:22:
90:31:50:c3:58:d4:96:6d:11:df:50:26:f9:c8:ac:c7:61:8d:
4a:ac:e1:8a:b6:88:f3:18:26:1b:eb:eb:40:17:b4:e5:b6:b0:
1b:93:a6:54:9e:d4:53:ca:cc:99:12:3e:36:94:6e:e6:00:05:
de:17:25:55:bc:6a:26:38:40:8f:c6:fb:a0:aa:52:05:b4:95:
51:a4:b2:15:53:c6:e1:16:3a:c9:ca:cd:83:e1:f0:49:fa:7a:
e4:35:81:64:c3:ea:28:68:2d:02:2c:60:e1:1a:ab:82:ef:7a:
1d:39:c9:ee:42:bf:96:71:77:88:1a:7d:fb:92:77:6d:31:80:
d2:d3:4b:87:4c:cd:ed:05:31:8b:4a:3e:e2:33:9b:f0:d5:b1:
39:96:c5:5c:88:f4:c6:0e:73:85:25:58:c9:13:7a:08:6a:02:
5c:d7:1b:87:3b:76:33:d8:4c:e7:f9:1b:b7:b1:fa:4b:1d:76:
c6:02:51:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwkpK5OjVb/poMRyIQrChp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMxMjAxMDkxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDk5NDhmZmJlMWI4MzhjYjNlNjJlMTBjMzg2YWQ3YjUwNWQ5NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEvizaUduLMg6ftKBxQdOpXQ3LX4
9kVQ7XCce3XcU4gK/2I4sccJemaHzTxObWgTLfDOPReKQ67MNlD/2YAJQCNt3H5e
+SaACBme5bKH5iQeJg1VncJpJwnZt4/ea1Qcqznte2+SVkN3QmXnWHEpRfqcs7HV
SvpahwkhDdAVWZhpih7JzWZy0sl5ylCQeOPphK6DPGwOHWJKmFyNKR14b34OXUXP
Hx0eUdCsEtMl4urmdyDWcwI2q21y3dl92+9E/IqBPnbNxQpp3NqWMa6TGVsIJ+jK
jtGf6+P6JPYrqJIhZerFezOcHpnt/3ygwPAtrZe0OEwu98OI5q87wHf1LQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBSZSP++G4OMs+YuEMOGrXtQXZRrMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvRkpsSV83NGJnNHl6NWk0UXc0YXRlMUJkbEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEWIdgAwQE
jYgQAwQD1Z+IMA0GCSqGSIb3DQEBCwUAA4IBAQBXE43cXUj9To3/UQily4G5Oi/c
39LsAjVrOoTjQEjPoZfs/O9w1Mmu4MWlvtLvkon+qeWHIy/TBJaeP5ojO6/iLABc
AZ/65iKQMVDDWNSWbRHfUCb5yKzHYY1KrOGKtojzGCYb6+tAF7TltrAbk6ZUntRT
ysyZEj42lG7mAAXeFyVVvGomOECPxvugqlIFtJVRpLIVU8bhFjrJys2D4fBJ+nrk
NYFkw+ooaC0CLGDhGquC73odOcnuQr+WcXeIGn37kndtMYDS00uHTM3tBTGLSj7i
M5vw1bE5lsVciPTGDnOFJVjJE3oIagJc1xuHO3Yz2Ezn+Ru3sfpLHXbGAlHO
-----END CERTIFICATE-----
Generated at Mon May 12 14:55:38 2025 by rpki-client