Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fMtlG0NdSqcoNi-dUC9bijTUsCg.roa
File: fMtlG0NdSqcoNi-dUC9bijTUsCg.roa (raw, json)
Hash identifier: cx7lYhPpGDOuqLxwF+gbE+9gMNojFj38Sp8F0w0tm/U=
Subject key identifier: 7C:CB:65:1B:43:5D:4A:A7:28:36:2F:9D:50:2F:5B:8A:34:D4:B0:28
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA3A26327C4452EDDA59E9A16B1D2E
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fMtlG0NdSqcoNi-dUC9bijTUsCg.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49774
IP address blocks: 31.14.16.0/24 maxlen: 24
77.81.178.0/23 maxlen: 23
85.204.138.0/24 maxlen: 24
86.106.170.0/24 maxlen: 24
93.114.96.0/24 maxlen: 24
93.115.246.0/24 maxlen: 24
2a04:fee3::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3a:26:32:7c:44:52:ed:da:59:e9:a1:6b:1d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ccb651b435d4aa728362f9d502f5b8a34d4b028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:77:58:3a:a2:e1:b8:19:66:58:79:8b:2c:12:
2b:5f:c9:ff:29:aa:af:8d:13:98:44:8d:24:c4:61:
e2:73:0a:ca:a6:ee:23:4c:c9:3f:ef:f6:fb:20:da:
da:a4:69:a7:a1:58:7a:5f:4f:fc:da:ea:67:3d:41:
5e:c5:62:ac:e1:a0:d5:2c:c4:ed:45:c2:7b:cf:1b:
a0:84:be:8d:62:96:78:92:5f:d6:5a:6c:2b:25:ef:
65:da:2e:45:4f:3f:ef:bb:33:53:57:26:25:f7:e0:
24:22:17:5d:f9:e7:5d:90:5b:c4:89:58:41:49:98:
9e:6b:92:24:00:64:da:0d:56:a8:4b:88:fa:92:d7:
82:d3:17:7c:2c:be:3c:fe:2c:58:59:96:2a:d0:cc:
dd:98:14:16:80:d8:e3:32:f0:21:09:c8:96:3a:2c:
a3:c7:5b:5a:3f:e1:ac:b2:f5:69:f1:4a:dc:08:3a:
4c:8a:a5:2c:2e:34:d5:3d:92:6f:aa:06:d0:33:7d:
e8:ab:e5:36:9d:f4:7f:27:6b:e2:df:40:97:b7:b4:
39:f2:03:9f:b7:fb:d2:93:dd:2d:11:0e:7b:75:fb:
38:2a:4b:58:1d:df:34:37:bd:69:89:bd:f6:e6:09:
43:13:ac:bd:39:5c:3e:b6:5d:f0:f6:25:9a:3a:a6:
88:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CB:65:1B:43:5D:4A:A7:28:36:2F:9D:50:2F:5B:8A:34:D4:B0:28
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fMtlG0NdSqcoNi-dUC9bijTUsCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.16.0/24
77.81.178.0/23
85.204.138.0/24
86.106.170.0/24
93.114.96.0/24
93.115.246.0/24
IPv6:
2a04:fee3::/32
Signature Algorithm: sha256WithRSAEncryption
27:dc:4d:b5:93:6f:eb:fa:e5:a9:85:2e:56:21:2c:04:de:84:
cf:98:13:04:0f:14:33:47:c6:74:24:8c:c7:ec:16:ba:a0:56:
4b:e6:b8:6e:76:f5:e8:fb:4f:9b:5c:8e:97:5f:02:95:0f:a0:
f5:a3:52:09:17:1d:35:52:90:7c:80:4e:35:96:4d:53:4c:51:
f4:3d:65:52:17:26:6f:38:c0:91:28:c5:9c:96:77:c5:b9:9f:
1c:c3:6c:4e:13:c1:e2:a4:63:01:2a:ad:ba:eb:94:33:34:23:
e2:40:bf:73:d4:7f:94:7b:f8:6b:a7:3e:27:20:ef:d2:c9:5b:
ad:f3:67:70:44:67:85:9c:78:a5:09:c7:59:7d:19:f8:56:4e:
f6:55:5d:27:9d:aa:ba:cf:e0:a1:e9:5e:b2:d5:4b:c9:d8:9e:
47:92:72:b0:43:0f:13:f4:b1:b2:e3:c7:87:b7:87:13:c0:66:
85:c2:58:13:e6:ae:d0:3b:61:37:b9:60:b0:5f:b7:43:50:38:
97:2d:c1:02:28:ce:29:4d:15:05:d6:ab:86:08:62:94:ac:de:
4b:5a:4b:3d:2c:29:f4:f0:49:88:18:6f:5f:45:d8:ef:74:67:
d2:f7:da:12:5a:f6:19:d2:33:b6:d5:12:98:81:63:a4:c6:4c:
20:00:81:ac
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQf+jomMnxEUu3aWemhax0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2NiNjUxYjQzNWQ0YWE3MjgzNjJmOWQ1MDJmNWI4YTM0ZDRiMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63dYOqLhuBlmWHmLLBIrX8n/Kaqv
jROYRI0kxGHicwrKpu4jTMk/7/b7INrapGmnoVh6X0/82upnPUFexWKs4aDVLMTt
RcJ7zxughL6NYpZ4kl/WWmwrJe9l2i5FTz/vuzNTVyYl9+AkIhdd+eddkFvEiVhB
SZiea5IkAGTaDVaoS4j6kteC0xd8LL48/ixYWZYq0MzdmBQWgNjjMvAhCciWOiyj
x1taP+GssvVp8UrcCDpMiqUsLjTVPZJvqgbQM33oq+U2nfR/J2vi30CXt7Q58gOf
t/vSk90tEQ57dfs4KktYHd80N71pib325glDE6y9OVw+tl3w9iWaOqaIJwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHzLZRtDXUqnKDYvnVAvW4o01LAoMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvZk10bEcwTmRTcWNvTmktZFVDOWJpalRVc0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAHw4QAwQB
TVGyAwQAVcyKAwQAVmqqAwQAXXJgAwQAXXP2MA0EAgACMAcDBQAqBP7jMA0GCSqG
SIb3DQEBCwUAA4IBAQAn3E21k2/r+uWphS5WISwE3oTPmBMEDxQzR8Z0JIzH7Ba6
oFZL5rhudvXo+0+bXI6XXwKVD6D1o1IJFx01UpB8gE41lk1TTFH0PWVSFyZvOMCR
KMWclnfFuZ8cw2xOE8HipGMBKq2665QzNCPiQL9z1H+Ue/hrpz4nIO/SyVut82dw
RGeFnHilCcdZfRn4Vk72VV0nnaq6z+Ch6V6y1UvJ2J5HknKwQw8T9LGy48eHt4cT
wGaFwlgT5q7QO2E3uWCwX7dDUDiXLcECKM4pTRUF1quGCGKUrN5LWks9LCn08EmI
GG9fRdjvdGfS99oSWvYZ0jO21RKYgWOkxkwgAIGs
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:47 2025 by rpki-client