Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/FOD3WMgpxNybQzPuOwe78NsZWus.roa
File: FOD3WMgpxNybQzPuOwe78NsZWus.roa (raw, json)
Hash identifier: aFhRTJ+99Rr5uEMBT8AVfzARvPKS5dqhwYxUDD8GnV8=
Subject key identifier: 14:E0:F7:58:C8:29:C4:DC:9B:43:33:EE:3B:07:BB:F0:DB:19:5A:EB
Certificate issuer: /CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Certificate serial: 019421B1F8A3207B97C6412702BE31FB1ABE
Authority key identifier: FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/FOD3WMgpxNybQzPuOwe78NsZWus.roa
Signing time: Wed 01 Jan 2025 11:48:19 +0000
ROA not before: Wed 01 Jan 2025 11:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24961
IP address blocks: 185.231.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f8:a3:20:7b:97:c6:41:27:02:be:31:fb:1a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Validity
Not Before: Jan 1 11:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14e0f758c829c4dc9b4333ee3b07bbf0db195aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f2:03:b1:c4:60:8a:df:ea:0d:e7:c3:33:d7:
74:7a:fe:c7:b9:74:11:dd:e0:dd:7f:ee:d2:4c:a6:
f5:d4:74:18:68:dc:41:d3:86:53:47:1e:16:7a:1f:
30:99:9c:93:53:ce:43:b1:fa:5c:de:c8:11:17:c1:
d0:84:bc:6b:38:a5:0f:68:79:98:7c:fc:43:6a:27:
82:dd:b4:94:41:f2:97:12:86:94:37:3d:27:c8:bc:
fc:eb:ec:0c:97:c2:8c:50:91:e6:9a:2f:21:99:ce:
e7:7f:f1:ed:de:14:21:d0:1a:65:6e:b9:3f:a1:37:
94:22:41:78:85:74:de:0c:c2:fd:44:30:45:f8:5c:
99:1e:07:ec:1d:f1:98:cc:9c:fb:0c:80:d9:6b:0f:
3f:36:8f:18:4e:15:52:64:46:57:2c:65:34:ce:80:
be:56:bb:cc:91:2d:b6:f9:34:ca:ae:98:d4:4d:97:
33:0f:1b:1a:6a:32:d1:1e:54:ac:9a:e4:9d:3d:b8:
53:bb:8c:92:ff:ac:d6:6e:38:b0:49:b2:dd:3a:30:
d4:78:69:7b:f6:77:1c:2a:b9:7d:4c:03:88:6a:87:
7f:8d:dc:04:39:07:72:50:b2:af:af:ef:6e:72:81:
d8:90:29:03:16:d7:d5:f4:54:d0:b3:ad:36:d2:80:
0b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E0:F7:58:C8:29:C4:DC:9B:43:33:EE:3B:07:BB:F0:DB:19:5A:EB
X509v3 Authority Key Identifier:
keyid:FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/FOD3WMgpxNybQzPuOwe78NsZWus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.220.0/24
Signature Algorithm: sha256WithRSAEncryption
40:bd:c8:aa:4b:01:e5:25:d0:13:3c:8f:6b:1f:3e:ad:ba:ad:
18:41:f3:85:fd:10:a7:c3:65:c2:ce:aa:a8:f0:c6:f2:2b:57:
4c:a7:94:ae:fb:75:80:f7:0d:9d:87:27:e7:d6:73:6f:08:be:
8c:b1:16:e4:36:87:8d:0b:b8:e6:1c:b1:0f:17:7f:c2:f3:08:
fc:0b:bf:fd:9b:f9:97:51:67:b7:33:69:b9:87:ce:af:22:c9:
fe:9b:f3:77:fc:6e:75:e7:53:1d:08:9e:3e:fc:df:fd:54:0f:
c7:90:1d:41:c1:2e:d1:e0:c9:6f:19:71:d5:a0:43:bc:33:42:
80:f7:7a:52:8a:79:88:d5:55:00:67:56:f6:bf:0f:75:5f:3b:
6b:3a:e3:8e:01:27:bf:5c:a9:eb:72:c5:38:bd:eb:78:95:0a:
f1:4f:5d:23:5b:a2:11:3e:41:9a:6a:5c:3b:5b:74:6c:f9:ce:
f8:53:83:44:88:fa:eb:90:2a:bf:00:ba:44:10:4a:45:9c:40:
82:a9:49:64:de:cd:d4:9d:0b:6a:95:af:af:c6:d5:74:96:21:
2d:37:e4:48:50:8a:3d:30:a1:51:89:f2:3b:f3:82:5e:1c:88:
c2:25:c7:57:d9:a9:09:6b:2f:65:a9:43:b6:3d:09:fe:3d:d9:
a5:a3:27:c8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhsfijIHuXxkEnAr4x+xq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMmU3MmFiZjdiMTcyOGZkYTZhYTBiMDQxM2Q4ODU0ODEy
ZWEzNjEwHhcNMjUwMTAxMTE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGUwZjc1OGM4MjljNGRjOWI0MzMzZWUzYjA3YmJmMGRiMTk1YWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/IDscRgit/qDefDM9d0ev7HuXQR
3eDdf+7STKb11HQYaNxB04ZTRx4Weh8wmZyTU85Dsfpc3sgRF8HQhLxrOKUPaHmY
fPxDaieC3bSUQfKXEoaUNz0nyLz86+wMl8KMUJHmmi8hmc7nf/Ht3hQh0Bplbrk/
oTeUIkF4hXTeDML9RDBF+FyZHgfsHfGYzJz7DIDZaw8/No8YThVSZEZXLGU0zoC+
VrvMkS22+TTKrpjUTZczDxsaajLRHlSsmuSdPbhTu4yS/6zWbjiwSbLdOjDUeGl7
9nccKrl9TAOIaod/jdwEOQdyULKvr+9ucoHYkCkDFtfV9FTQs6020oALJwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBTg91jIKcTcm0Mz7jsHu/DbGVrrMB8GA1UdIwQY
MBaAFPoucqv3sXKP2mqgsEE9iFSBLqNhMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pNXlxX2V4Y29fYWFxQ3dRVDJJVklFdW8yRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlm
LWEzNjZkYTI1MWE4My8xL0ZPRDNXTWdweE55YlF6UHVPd2U3OE5zWld1cy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlmLWEzNjZkYTI1MWE4
My8xLzEtaTV5cV9leGNvX2FhcUN3UVQySVZJRXVvMkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC559ww
DQYJKoZIhvcNAQELBQADggEBAEC9yKpLAeUl0BM8j2sfPq26rRhB84X9EKfDZcLO
qqjwxvIrV0ynlK77dYD3DZ2HJ+fWc28IvoyxFuQ2h40LuOYcsQ8Xf8LzCPwLv/2b
+ZdRZ7czabmHzq8iyf6b83f8bnXnUx0Inj783/1UD8eQHUHBLtHgyW8ZcdWgQ7wz
QoD3elKKeYjVVQBnVva/D3VfO2s6444BJ79cqetyxTi963iVCvFPXSNbohE+QZpq
XDtbdGz5zvhTg0SI+uuQKr8AukQQSkWcQIKpSWTezdSdC2qVr6/G1XSWIS035EhQ
ij0woVGJ8jvzgl4ciMIlx1fZqQlrL2WpQ7Y9Cf492aWjJ8g=
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:51:31 2025 by rpki-client