Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/093a51-1075-40be-9dc2-d15b079c35fb/1/FK1-eXhRSe8ffp_S_lHbaTgBt8o.roa
File: FK1-eXhRSe8ffp_S_lHbaTgBt8o.roa (raw, json)
Hash identifier: isewhw2bUh3V4X01VwpIosa0D4eXIb8LPC/N4oNejio=
Subject key identifier: 14:AD:7E:79:78:51:49:EF:1F:7E:9F:D2:FE:51:DB:69:38:01:B7:CA
Certificate issuer: /CN=f566016d878230128b58e279d661c195e6399588
Certificate serial: 0194228D8E3593FECC457CF772A53C252C8D
Authority key identifier: F5:66:01:6D:87:82:30:12:8B:58:E2:79:D6:61:C1:95:E6:39:95:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WYBbYeCMBKLWOJ51mHBleY5lYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/093a51-1075-40be-9dc2-d15b079c35fb/1/FK1-eXhRSe8ffp_S_lHbaTgBt8o.roa
Signing time: Wed 01 Jan 2025 15:48:09 +0000
ROA not before: Wed 01 Jan 2025 15:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.158.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:8e:35:93:fe:cc:45:7c:f7:72:a5:3c:25:2c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f566016d878230128b58e279d661c195e6399588
Validity
Not Before: Jan 1 15:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14ad7e79785149ef1f7e9fd2fe51db693801b7ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d1:c5:6b:6c:e8:58:c0:35:ca:87:b6:ca:a0:
25:84:cb:5a:51:d1:e4:c5:0b:5e:88:07:aa:15:c6:
48:4a:dc:3a:a2:95:87:7a:05:92:44:29:6e:0d:1a:
f7:d8:e7:a7:71:c8:cc:20:8f:8b:17:15:e5:4f:59:
1d:76:a8:34:77:26:d9:a2:4e:29:f1:16:49:7c:c2:
4b:fa:15:e5:24:48:54:22:99:21:e4:e5:f5:ef:5e:
db:90:99:92:27:1b:03:85:54:6a:77:32:04:f2:5e:
f6:a8:08:6a:8e:2c:3f:3b:e9:7e:d0:0f:7b:d0:20:
16:58:99:16:fd:bf:6f:2e:5b:13:07:82:69:63:55:
a5:a0:82:62:e3:49:22:f8:38:74:d1:ef:0b:7b:a1:
5e:78:38:cb:d9:2c:89:46:52:25:b0:15:54:b8:59:
a4:04:e9:86:5e:87:43:b7:89:e0:6c:7a:c2:e3:e7:
d2:b3:5a:a0:2b:41:ca:f8:57:88:80:c3:15:d6:63:
b4:56:45:c8:46:3c:e4:6e:a8:2e:c8:e0:aa:d7:1f:
03:00:ed:cd:fd:6f:b7:fe:84:ab:2c:d9:4c:94:9c:
66:ea:90:2b:0a:88:6c:fc:c2:fd:bf:ce:f3:de:b3:
a8:58:4c:46:57:ca:ae:6a:62:44:3a:f2:e8:e7:b4:
6f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AD:7E:79:78:51:49:EF:1F:7E:9F:D2:FE:51:DB:69:38:01:B7:CA
X509v3 Authority Key Identifier:
keyid:F5:66:01:6D:87:82:30:12:8B:58:E2:79:D6:61:C1:95:E6:39:95:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WYBbYeCMBKLWOJ51mHBleY5lYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/093a51-1075-40be-9dc2-d15b079c35fb/1/FK1-eXhRSe8ffp_S_lHbaTgBt8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/093a51-1075-40be-9dc2-d15b079c35fb/1/9WYBbYeCMBKLWOJ51mHBleY5lYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.109.0/24
Signature Algorithm: sha256WithRSAEncryption
41:92:b9:6b:0f:9b:d1:c1:9e:75:71:64:68:43:4d:62:44:15:
10:c0:1f:fe:ef:81:96:d5:23:c1:ca:85:2c:d4:d1:01:69:7e:
b1:ce:76:75:66:23:84:ea:c8:c7:0f:88:4a:d2:95:60:b2:f7:
eb:56:af:5f:f3:da:cc:c1:43:68:86:68:1c:32:8c:db:61:e4:
86:a8:08:23:a0:79:15:fd:cb:25:8a:77:d7:b2:fc:cb:41:e3:
89:26:d3:ba:2d:a7:a3:4d:26:b5:13:16:92:46:67:8e:94:75:
95:fb:a0:00:ef:ad:73:d9:61:62:57:f6:f1:55:b9:b4:5e:2f:
db:21:36:43:44:be:1f:c3:c3:ee:2c:82:87:4d:ac:37:bb:5c:
1e:63:52:af:2a:17:a4:a0:72:c6:36:07:35:49:bd:aa:3a:79:
70:c9:72:67:e8:92:b0:21:f6:0f:c6:34:71:05:5e:90:fb:04:
2e:d9:aa:c0:10:6c:f6:34:c1:04:67:02:aa:51:49:c7:8f:0e:
8e:be:b7:bb:92:92:5f:a4:01:ed:b7:f7:1d:01:31:8b:cb:70:
80:49:06:7c:de:f5:20:ca:eb:26:62:ce:91:42:58:90:e4:1d:
5b:5a:f6:9e:7c:1a:9e:bf:fb:0e:1b:5e:27:d2:2b:65:18:04:
e3:6f:d3:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijY41k/7MRXz3cqU8JSyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NjYwMTZkODc4MjMwMTI4YjU4ZTI3OWQ2NjFjMTk1ZTYz
OTk1ODgwHhcNMjUwMTAxMTU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGFkN2U3OTc4NTE0OWVmMWY3ZTlmZDJmZTUxZGI2OTM4MDFiN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9HFa2zoWMA1yoe2yqAlhMtaUdHk
xQteiAeqFcZIStw6opWHegWSRCluDRr32OenccjMII+LFxXlT1kddqg0dybZok4p
8RZJfMJL+hXlJEhUIpkh5OX1717bkJmSJxsDhVRqdzIE8l72qAhqjiw/O+l+0A97
0CAWWJkW/b9vLlsTB4JpY1WloIJi40ki+Dh00e8Le6FeeDjL2SyJRlIlsBVUuFmk
BOmGXodDt4ngbHrC4+fSs1qgK0HK+FeIgMMV1mO0VkXIRjzkbqguyOCq1x8DAO3N
/W+3/oSrLNlMlJxm6pArCohs/ML9v87z3rOoWExGV8quamJEOvLo57RvAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBStfnl4UUnvH36f0v5R22k4AbfKMB8GA1UdIwQY
MBaAFPVmAW2HgjASi1jiedZhwZXmOZWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdZQmJZZUNNQktMV09KNTFtSEJsZVk1bFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8wOTNhNTEtMTA3NS00MGJlLTlkYzIt
ZDE1YjA3OWMzNWZiLzEvRksxLWVYaFJTZThmZnBfU19sSGJhVGdCdDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8wOTNhNTEtMTA3NS00MGJlLTlkYzItZDE1YjA3OWMzNWZi
LzEvOVdZQmJZZUNNQktMV09KNTFtSEJsZVk1bFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ5tMA0G
CSqGSIb3DQEBCwUAA4IBAQBBkrlrD5vRwZ51cWRoQ01iRBUQwB/+74GW1SPByoUs
1NEBaX6xznZ1ZiOE6sjHD4hK0pVgsvfrVq9f89rMwUNohmgcMozbYeSGqAgjoHkV
/cslinfXsvzLQeOJJtO6LaejTSa1ExaSRmeOlHWV+6AA761z2WFiV/bxVbm0Xi/b
ITZDRL4fw8PuLIKHTaw3u1weY1KvKhekoHLGNgc1Sb2qOnlwyXJn6JKwIfYPxjRx
BV6Q+wQu2arAEGz2NMEEZwKqUUnHjw6Ovre7kpJfpAHtt/cdATGLy3CASQZ83vUg
yusmYs6RQliQ5B1bWvaefBqev/sOG14n0itlGATjb9Ok
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:17:54 2025 by rpki-client