Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/fhkP1ORLZ5XxUVy4qC8BARs5rVI.roa
File: fhkP1ORLZ5XxUVy4qC8BARs5rVI.roa (raw, json)
Hash identifier: 8dY2aE22Ya04xzDmrtlYb6ie5F49Q/sW7XRcYSjjGuo=
Subject key identifier: 7E:19:0F:D4:E4:4B:67:95:F1:51:5C:B8:A8:2F:01:01:1B:39:AD:52
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 019426D95DAC3B43F90F52A68007373E76C0
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/fhkP1ORLZ5XxUVy4qC8BARs5rVI.roa
Signing time: Thu 02 Jan 2025 11:49:26 +0000
ROA not before: Thu 02 Jan 2025 11:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204860
IP address blocks: 185.217.234.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:5d:ac:3b:43:f9:0f:52:a6:80:07:37:3e:76:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 2 11:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e190fd4e44b6795f1515cb8a82f01011b39ad52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bf:a5:c9:5b:6d:ad:5a:8e:31:8e:c1:a7:95:
ec:c2:fb:7e:00:f0:7e:0b:d0:bf:cb:e3:44:17:b7:
7f:3c:e6:0e:9f:7a:dd:82:ea:55:0f:af:50:d2:57:
f0:dd:11:2d:49:6d:7b:dd:38:f9:15:6c:d0:d5:2c:
d7:4d:84:c3:31:09:c7:ae:21:31:5b:bc:bf:22:77:
03:02:a4:a7:f4:e5:36:c9:d7:bb:6d:0f:50:14:04:
4a:41:85:3b:a3:56:8d:7d:df:f0:94:1c:fa:9e:79:
18:6f:10:ba:d4:93:48:c5:7b:4f:a8:c7:35:21:42:
de:2a:99:21:17:7d:54:87:1d:35:83:61:92:d1:55:
1b:e4:c5:99:e8:8a:65:13:f0:60:ad:26:23:70:94:
e6:15:89:4d:db:dd:23:14:ea:de:c0:cd:43:bd:6d:
a7:78:f8:1a:de:34:02:28:20:23:03:34:09:e2:ac:
ea:fe:f3:df:e9:a4:76:e7:14:82:f3:20:92:b0:b6:
cc:80:98:97:3e:fc:3a:75:e1:05:51:c9:56:5b:f0:
50:a2:da:c6:76:6f:43:77:6c:69:38:ea:f4:61:f3:
4a:8b:9b:1c:73:97:df:8f:7e:eb:4c:2a:28:0b:c7:
9b:13:dc:97:af:3e:57:4a:e2:64:6a:e7:f4:80:2d:
93:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:19:0F:D4:E4:4B:67:95:F1:51:5C:B8:A8:2F:01:01:1B:39:AD:52
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/fhkP1ORLZ5XxUVy4qC8BARs5rVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.234.0/23
Signature Algorithm: sha256WithRSAEncryption
18:ff:f6:2a:41:fa:25:de:20:bd:00:ac:1c:e8:71:3b:44:38:
4b:31:a8:e4:2b:01:9b:13:52:04:4f:c1:27:30:04:77:45:df:
1b:6a:bb:3d:8d:fb:b9:5b:41:4b:53:9d:68:82:99:e3:6d:fd:
72:26:f0:79:4b:50:33:27:46:e5:12:2f:c3:64:a1:5e:2d:b5:
41:66:45:82:ac:de:8e:bd:02:87:00:03:78:4d:44:03:63:eb:
05:9c:c8:d2:c9:bb:02:01:95:a2:d9:0e:84:ad:b4:06:d7:8c:
21:f2:88:13:38:0a:35:c0:28:46:ba:6e:64:ca:c5:3d:2d:71:
5d:55:00:d3:84:d4:78:4e:3d:b8:29:f9:80:c4:a4:be:ac:45:
49:57:01:59:cc:d3:16:76:53:0f:d0:68:ba:ae:64:a9:2c:42:
09:af:9c:e0:b8:30:2b:f1:81:a7:56:ff:88:08:30:ae:0d:81:
2b:e6:bd:9b:96:a1:e6:2c:bf:8f:fa:ea:d3:3d:ac:7c:4e:0f:
fb:60:b1:ad:ec:bb:08:03:64:ef:57:2a:20:71:35:a8:67:61:
4b:a6:a2:f9:62:ae:77:1e:1c:74:15:f3:2c:ee:5e:86:9f:c3:
da:31:22:ae:b6:bd:33:ac:e1:9b:dd:07:0b:d3:59:fc:f9:96:
33:c9:14:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2V2sO0P5D1KmgAc3PnbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjUwMTAyMTE0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTE5MGZkNGU0NGI2Nzk1ZjE1MTVjYjhhODJmMDEwMTFiMzlhZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7+lyVttrVqOMY7Bp5Xswvt+APB+
C9C/y+NEF7d/POYOn3rdgupVD69Q0lfw3REtSW173Tj5FWzQ1SzXTYTDMQnHriEx
W7y/IncDAqSn9OU2yde7bQ9QFARKQYU7o1aNfd/wlBz6nnkYbxC61JNIxXtPqMc1
IULeKpkhF31Uhx01g2GS0VUb5MWZ6IplE/BgrSYjcJTmFYlN290jFOrewM1DvW2n
ePga3jQCKCAjAzQJ4qzq/vPf6aR25xSC8yCSsLbMgJiXPvw6deEFUclWW/BQotrG
dm9Dd2xpOOr0YfNKi5scc5ffj37rTCooC8ebE9yXrz5XSuJkauf0gC2TOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4ZD9TkS2eV8VFcuKgvAQEbOa1SMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvZmhrUDFPUkxaNVh4VVZ5NHFDOEJBUnM1clZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudnqMA0G
CSqGSIb3DQEBCwUAA4IBAQAY//YqQfol3iC9AKwc6HE7RDhLMajkKwGbE1IET8En
MAR3Rd8bars9jfu5W0FLU51ogpnjbf1yJvB5S1AzJ0blEi/DZKFeLbVBZkWCrN6O
vQKHAAN4TUQDY+sFnMjSybsCAZWi2Q6ErbQG14wh8ogTOAo1wChGum5kysU9LXFd
VQDThNR4Tj24KfmAxKS+rEVJVwFZzNMWdlMP0Gi6rmSpLEIJr5zguDAr8YGnVv+I
CDCuDYEr5r2blqHmLL+P+urTPax8Tg/7YLGt7LsIA2TvVyogcTWoZ2FLpqL5Yq53
Hhx0FfMs7l6Gn8PaMSKutr0zrOGb3QcL01n8+ZYzyRQS
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:37:20 2025 by rpki-client