Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/fonqMENkUurdTSsmls1gVlg_WJ4.roa
File: fonqMENkUurdTSsmls1gVlg_WJ4.roa (raw, json)
Hash identifier: BkPWWaoPqGMFHcArMOr28SMuQJKUdO9RrrY9l2uEtM4=
Subject key identifier: 7E:89:EA:30:43:64:52:EA:DD:4D:2B:26:96:CD:60:56:58:3F:58:9E
Certificate issuer: /CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2
Certificate serial: 019424B2730708DF3D7ACDFBC70D90C3364B
Authority key identifier: 27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/fonqMENkUurdTSsmls1gVlg_WJ4.roa
Signing time: Thu 02 Jan 2025 01:47:42 +0000
ROA not before: Thu 02 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61157
IP address blocks: 5.1.120.0/23 maxlen: 23
2a02:e740::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:73:07:08:df:3d:7a:cd:fb:c7:0d:90:c3:36:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2
Validity
Not Before: Jan 2 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e89ea30436452eadd4d2b2696cd6056583f589e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f3:4e:5f:32:f4:10:aa:99:c8:49:ec:31:05:
4b:e6:64:df:93:af:d8:34:a7:72:fb:fc:01:65:29:
cb:6d:a5:81:d4:f4:26:9b:cf:c6:70:12:79:00:ab:
45:83:55:79:bf:04:b9:8f:68:73:0b:0e:69:60:a0:
f4:71:31:f0:ad:47:80:9e:a3:c7:bc:82:22:6e:ed:
e2:f9:56:9a:05:cc:fa:12:d4:ed:fb:f0:55:27:ae:
ed:6c:82:92:65:fe:a9:06:86:bb:b3:d6:e3:11:66:
ae:16:0a:72:e7:f4:03:9b:b5:90:6b:78:98:72:9e:
db:27:dd:11:a8:02:68:0f:64:65:c7:51:2b:f6:1c:
f4:4b:fa:ef:68:67:38:99:6f:36:d1:cd:bf:9a:92:
24:ca:db:d8:22:d3:97:74:e3:1e:ce:bb:a2:92:68:
68:38:58:f5:8f:34:90:6c:05:b4:c1:9f:7f:59:39:
4d:f0:df:44:51:40:b0:53:a7:2c:5a:8c:58:c4:56:
97:e1:8a:80:c1:b8:57:d8:a6:5c:82:3d:92:06:5b:
b0:03:0c:9c:e9:76:1d:ef:61:04:ab:c3:f3:ea:1f:
4c:9e:b7:2d:0b:5e:8e:e2:73:70:7b:2f:40:f4:6a:
64:14:43:1c:50:7a:bb:2d:9a:48:74:d6:33:d3:dc:
d3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:89:EA:30:43:64:52:EA:DD:4D:2B:26:96:CD:60:56:58:3F:58:9E
X509v3 Authority Key Identifier:
keyid:27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/fonqMENkUurdTSsmls1gVlg_WJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.120.0/23
IPv6:
2a02:e740::/48
Signature Algorithm: sha256WithRSAEncryption
6e:71:1d:9b:d3:ee:cd:7f:5b:e5:c1:6c:26:90:26:36:e3:67:
96:8a:b2:99:11:be:e3:fe:46:24:71:df:07:0b:07:af:7d:ff:
98:39:eb:66:97:46:eb:54:dc:56:78:ca:84:04:c5:60:3c:f4:
9b:8a:23:8e:ce:df:67:21:60:43:a3:68:2a:68:4a:90:b3:92:
bc:a8:fc:44:8b:8a:7e:40:ab:6d:00:67:de:7f:01:47:97:c3:
17:46:8c:d4:90:a7:ff:0d:8c:ef:f0:61:ac:c2:7b:3f:e7:71:
ea:49:e2:8b:17:97:14:6b:93:73:5e:8d:e8:ca:2d:76:a1:a7:
c1:90:25:8f:54:c3:93:bd:87:b3:98:13:10:67:25:79:a6:80:
8b:80:6d:94:27:eb:d0:88:fe:e8:e8:f1:bb:1a:25:86:6f:34:
4d:bd:bb:49:3e:9a:6c:37:da:02:39:3e:ae:ba:59:1d:35:6a:
4b:bd:11:f6:8e:96:81:29:c0:ac:92:b4:34:98:20:d7:c9:87:
fd:c5:76:03:25:07:ab:85:f7:6b:d1:b6:ed:b4:39:92:ea:5d:
ae:5c:b4:e5:25:34:af:f0:59:34:45:fb:fd:f5:0a:7f:5a:a7:
3d:42:48:ae:63:43:8a:c5:cd:82:ad:89:5e:66:d8:33:bf:50:
e0:d2:a8:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQksnMHCN89es37xw2QwzZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3Zjk1OGMzYjc1OWIyYzc4OTZmNWVkNjYzZTgwNzc4MWYz
ZmY1YTIwHhcNMjUwMTAyMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg5ZWEzMDQzNjQ1MmVhZGQ0ZDJiMjY5NmNkNjA1NjU4M2Y1ODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/NOXzL0EKqZyEnsMQVL5mTfk6/Y
NKdy+/wBZSnLbaWB1PQmm8/GcBJ5AKtFg1V5vwS5j2hzCw5pYKD0cTHwrUeAnqPH
vIIibu3i+VaaBcz6EtTt+/BVJ67tbIKSZf6pBoa7s9bjEWauFgpy5/QDm7WQa3iY
cp7bJ90RqAJoD2Rlx1Er9hz0S/rvaGc4mW820c2/mpIkytvYItOXdOMezruikmho
OFj1jzSQbAW0wZ9/WTlN8N9EUUCwU6csWoxYxFaX4YqAwbhX2KZcgj2SBluwAwyc
6XYd72EEq8Pz6h9MnrctC16O4nNwey9A9GpkFEMcUHq7LZpIdNYz09zTgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH6J6jBDZFLq3U0rJpbNYFZYP1ieMB8GA1UdIwQY
MBaAFCf5WMO3WbLHiW9e1mPoB3gfP/WiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYt
YjI5MTA3Yjk4YWNjLzEvZm9ucU1FTmtVdXJkVFNzbWxzMWdWbGdfV0o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYtYjI5MTA3Yjk4YWNj
LzEvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBBQF4MA8E
AgACMAkDBwAqAudAAAAwDQYJKoZIhvcNAQELBQADggEBAG5xHZvT7s1/W+XBbCaQ
JjbjZ5aKspkRvuP+RiRx3wcLB699/5g562aXRutU3FZ4yoQExWA89JuKI47O32ch
YEOjaCpoSpCzkryo/ESLin5Aq20AZ95/AUeXwxdGjNSQp/8NjO/wYazCez/ncepJ
4osXlxRrk3NejejKLXahp8GQJY9Uw5O9h7OYExBnJXmmgIuAbZQn69CI/ujo8bsa
JYZvNE29u0k+mmw32gI5Pq66WR01aku9EfaOloEpwKyStDSYINfJh/3FdgMlB6uF
92vRtu20OZLqXa5ctOUlNK/wWTRF+/31Cn9apz1CSK5jQ4rFzYKtiV5m2DO/UODS
qOQ=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:57:51 2025 by rpki-client