Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/7InXKoGXPyPmSkShdNo1bN5BHPE.roa
File: 7InXKoGXPyPmSkShdNo1bN5BHPE.roa (raw, json)
Hash identifier: p0vQNoVwsgdCf98zXzcil2JDwtIbKg4o52YVuAX43Qg=
Subject key identifier: EC:89:D7:2A:81:97:3F:23:E6:4A:44:A1:74:DA:35:6C:DE:41:1C:F1
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 0194643300BA6DBFB5AF80445767230A6587
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/7InXKoGXPyPmSkShdNo1bN5BHPE.roa
Signing time: Tue 14 Jan 2025 09:44:11 +0000
ROA not before: Tue 14 Jan 2025 09:44:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 43.230.56.0/22 maxlen: 22
45.251.60.0/22 maxlen: 22
86.104.215.0/24 maxlen: 24
86.104.227.0/24 maxlen: 24
89.32.204.0/24 maxlen: 24
89.33.83.0/24 maxlen: 24
89.47.34.0/24 maxlen: 24
103.49.84.0/22 maxlen: 22
162.218.157.0/24 maxlen: 24
162.218.158.0/24 maxlen: 24
194.26.149.0/24 maxlen: 24
194.29.70.0/24 maxlen: 24
194.29.80.0/24 maxlen: 24
212.102.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:33:00:ba:6d:bf:b5:af:80:44:57:67:23:0a:65:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 14 09:44:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec89d72a81973f23e64a44a174da356cde411cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a5:e3:8d:83:12:49:06:1f:ed:93:2a:88:6f:
bf:49:fa:4b:3d:1c:fd:d1:04:af:86:97:5f:0e:41:
65:1f:b4:7e:0e:53:c3:c5:ad:c5:86:af:be:08:25:
43:be:0c:86:8e:9a:46:17:c5:07:c1:53:fd:ec:b8:
5f:4d:02:4b:f6:02:33:d9:07:aa:7f:ce:98:ed:d3:
25:64:61:8f:93:9a:34:50:d9:10:43:b0:3f:d6:df:
ea:11:27:02:fb:d3:21:b7:bd:67:36:34:0f:d8:45:
9c:20:b2:b3:ef:2a:32:8a:64:45:d9:d8:1f:07:b1:
40:72:59:f4:99:21:0b:14:e3:87:28:ce:64:9f:5a:
c2:f9:38:6a:f1:e9:fc:7e:3f:a3:2a:47:fa:84:63:
d1:0f:20:7a:91:80:7a:87:e1:2d:d0:73:61:52:3e:
97:6e:ee:77:3d:aa:16:d3:6c:8c:fa:db:ea:ee:cd:
e3:26:33:81:48:a4:b0:42:ef:ae:b3:86:e5:7b:0f:
15:5b:c8:44:60:81:09:ef:34:fc:e2:4c:2e:ff:ca:
9b:13:9f:37:67:bf:6e:a5:d4:18:0b:50:80:89:11:
71:db:a6:9c:4a:8c:e3:e3:fb:f4:9b:30:50:18:4c:
86:b3:00:a0:3a:78:87:a5:4e:90:de:3c:86:f0:f2:
17:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:89:D7:2A:81:97:3F:23:E6:4A:44:A1:74:DA:35:6C:DE:41:1C:F1
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/7InXKoGXPyPmSkShdNo1bN5BHPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.56.0/22
45.251.60.0/22
86.104.215.0/24
86.104.227.0/24
89.32.204.0/24
89.33.83.0/24
89.47.34.0/24
103.49.84.0/22
162.218.157.0-162.218.158.255
194.26.149.0/24
194.29.70.0/24
194.29.80.0/24
212.102.116.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:76:b7:3e:4a:50:01:ef:21:dd:64:e9:ec:91:4f:80:37:a4:
ad:ac:04:40:c9:2c:15:c6:70:b9:df:cb:85:2b:4d:de:7f:dc:
eb:f6:c2:fa:bd:cf:5b:ae:e2:c2:f6:f7:0e:dc:ab:d1:66:0c:
ee:0e:b3:1a:3c:ab:df:33:23:97:7b:d3:6a:f4:1b:22:91:7f:
eb:0c:28:b6:50:c0:4e:d7:7f:09:ff:61:6c:72:f2:7f:67:b2:
e9:3a:b2:e9:02:69:21:4c:df:cf:5c:b2:3a:1c:62:a4:75:05:
b7:ef:7d:ba:7a:af:1e:1d:03:58:28:74:20:9c:37:be:fc:df:
a2:5e:10:72:17:e9:0f:36:77:9b:3d:d3:65:c2:c4:a6:2f:36:
9a:a0:17:2b:f9:3f:3e:f2:0a:8f:29:3d:5b:71:11:c9:55:45:
ad:6b:7c:7d:39:14:fe:6f:32:88:11:33:0d:19:73:84:d6:49:
9a:6f:1f:0a:5c:cc:a7:7a:05:f3:e2:c7:d6:f2:0a:1f:c0:f6:
78:43:88:99:f5:90:09:13:6a:d5:71:3a:9a:17:5a:8f:e8:65:
63:22:a6:ca:a0:85:03:22:8b:69:72:85:7e:34:a9:8c:c1:9e:
d9:92:c0:a8:15:f9:d6:35:f2:26:de:ae:6a:67:79:38:18:67:
07:d5:1d:ae
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZRkMwC6bb+1r4BEV2cjCmWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUwMTE0MDk0NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg5ZDcyYTgxOTczZjIzZTY0YTQ0YTE3NGRhMzU2Y2RlNDExY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKXjjYMSSQYf7ZMqiG+/SfpLPRz9
0QSvhpdfDkFlH7R+DlPDxa3Fhq++CCVDvgyGjppGF8UHwVP97LhfTQJL9gIz2Qeq
f86Y7dMlZGGPk5o0UNkQQ7A/1t/qEScC+9Mht71nNjQP2EWcILKz7yoyimRF2dgf
B7FAcln0mSELFOOHKM5kn1rC+Thq8en8fj+jKkf6hGPRDyB6kYB6h+Et0HNhUj6X
bu53PaoW02yM+tvq7s3jJjOBSKSwQu+us4blew8VW8hEYIEJ7zT84kwu/8qbE583
Z79updQYC1CAiRFx26acSozj4/v0mzBQGEyGswCgOniHpU6Q3jyG8PIXDwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFOyJ1yqBlz8j5kpEoXTaNWzeQRzxMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvN0luWEtvR1hQeVBtU2tTaGRObzFiTjVCSFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCK+Y4AwQC
Lfs8AwQAVmjXAwQAVmjjAwQAWSDMAwQAWSFTAwQAWS8iAwQCZzFUMAwDBACi2p0D
BACi2p4DBADCGpUDBADCHUYDBADCHVADBADUZnQwDQYJKoZIhvcNAQELBQADggEB
AAt2tz5KUAHvId1k6eyRT4A3pK2sBEDJLBXGcLnfy4UrTd5/3Ov2wvq9z1uu4sL2
9w7cq9FmDO4Osxo8q98zI5d702r0GyKRf+sMKLZQwE7Xfwn/YWxy8n9nsuk6sukC
aSFM389csjocYqR1Bbfvfbp6rx4dA1godCCcN77836JeEHIX6Q82d5s902XCxKYv
NpqgFyv5Pz7yCo8pPVtxEclVRa1rfH05FP5vMogRMw0Zc4TWSZpvHwpczKd6BfPi
x9byCh/A9nhDiJn1kAkTatVxOpoXWo/oZWMipsqghQMii2lyhX40qYzBntmSwKgV
+dY18ibermpneTgYZwfVHa4=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:09:42 2025 by rpki-client