Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/FsLVTd1Z_Y1_QKD3XsSC6T-7WSc.roa
File: FsLVTd1Z_Y1_QKD3XsSC6T-7WSc.roa (raw, json)
Hash identifier: MfqtShshWzvZLLqxVYU/rnjLf5/rPRnD2xrlVc90HQU=
Subject key identifier: 16:C2:D5:4D:DD:59:FD:8D:7F:40:A0:F7:5E:C4:82:E9:3F:BB:59:27
Certificate issuer: /CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
Certificate serial: 0194228E1236835E8D153B4E10E28B667F7D
Authority key identifier: 87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/FsLVTd1Z_Y1_QKD3XsSC6T-7WSc.roa
Signing time: Wed 01 Jan 2025 15:48:43 +0000
ROA not before: Wed 01 Jan 2025 15:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42346
IP address blocks: 185.59.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:12:36:83:5e:8d:15:3b:4e:10:e2:8b:66:7f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c37d035d95fefba1d47f98b9ff4973f17df6cd
Validity
Not Before: Jan 1 15:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16c2d54ddd59fd8d7f40a0f75ec482e93fbb5927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f6:c0:b8:b8:18:e0:84:1d:c2:27:29:80:17:
d1:ac:0f:c3:0f:c7:77:09:5f:67:d1:8f:74:19:2b:
c4:e7:fc:7d:35:ae:34:aa:47:45:af:a1:36:11:c2:
a0:9b:f2:f5:b8:3c:8e:9a:a7:e1:74:2e:20:5c:de:
ff:01:df:84:32:cd:a3:d6:ef:29:bc:34:e1:41:ed:
c4:80:40:fa:af:5f:1e:60:d2:40:38:61:d9:3b:09:
f9:6f:ac:01:c6:3e:b2:15:9d:b1:7e:60:76:c5:33:
91:60:61:81:09:f3:80:36:20:ca:d3:88:08:ad:d2:
a0:37:c0:95:a3:07:68:63:13:88:7c:eb:0e:11:a1:
0c:d8:63:04:3d:50:16:13:30:5d:d1:15:5c:bc:c8:
6e:34:9a:cd:a8:4a:cf:0a:fc:48:8d:a5:3c:d6:26:
77:ba:7c:18:df:8b:26:7b:cd:53:68:81:4c:3e:a4:
5d:5d:ec:6f:00:b7:91:3d:ab:35:c6:91:78:3c:17:
85:89:e3:62:eb:1c:61:d7:88:9a:b9:71:35:f7:7f:
10:33:97:be:7f:70:f3:8f:43:da:e8:0e:71:62:8e:
73:3f:7b:4f:0b:f2:5f:45:de:e1:69:a5:44:5a:26:
e1:cd:7e:65:2c:e9:58:cc:d7:7f:c4:c4:e9:b8:0b:
05:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C2:D5:4D:DD:59:FD:8D:7F:40:A0:F7:5E:C4:82:E9:3F:BB:59:27
X509v3 Authority Key Identifier:
keyid:87:C3:7D:03:5D:95:FE:FB:A1:D4:7F:98:B9:FF:49:73:F1:7D:F6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8N9A12V_vuh1H-Yuf9Jc_F99s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/FsLVTd1Z_Y1_QKD3XsSC6T-7WSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ef060-f473-4043-b8a2-e1b7c7649fa3/1/h8N9A12V_vuh1H-Yuf9Jc_F99s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.52.0/22
Signature Algorithm: sha256WithRSAEncryption
10:c6:ac:a6:48:7c:e9:52:a8:21:f1:9a:c3:82:fd:73:88:77:
03:99:60:35:3b:15:69:5d:6f:37:19:3f:57:2b:e3:e0:84:61:
27:67:39:81:ae:22:04:ad:71:18:49:d6:46:2a:11:df:aa:11:
d0:8f:31:d5:f0:74:19:aa:1c:7c:0f:f0:b4:cf:a9:ee:fd:b7:
6f:07:b5:f3:32:77:71:6f:c4:d4:14:4b:b2:39:ab:77:df:19:
51:f1:8e:63:93:e5:4f:ee:46:49:27:02:2e:9d:5f:62:8a:c2:
77:f4:aa:fe:fa:d8:20:64:d9:43:d9:a3:23:60:bf:32:ce:af:
21:4e:27:90:09:e7:c4:09:78:aa:62:74:89:83:5a:c5:5f:bb:
dd:ec:70:07:00:10:2e:71:c6:82:7c:11:ca:18:89:c7:1b:56:
48:8f:08:48:50:0c:54:ac:30:8d:88:5e:97:29:a5:da:91:99:
dc:3f:c7:56:e6:a2:16:a8:c4:fe:6c:73:de:9e:67:ef:f4:62:
95:b8:54:26:43:41:50:ee:cb:ae:32:78:3f:03:8e:fc:86:32:
f5:82:f4:75:f8:3d:d1:82:c0:38:21:14:94:09:69:45:e2:4c:
c9:0c:30:0f:ce:06:0b:20:6b:1c:d7:ee:43:88:81:b7:ba:b6:
9d:fc:e8:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijhI2g16NFTtOEOKLZn99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzM3ZDAzNWQ5NWZlZmJhMWQ0N2Y5OGI5ZmY0OTczZjE3
ZGY2Y2QwHhcNMjUwMTAxMTU0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmMyZDU0ZGRkNTlmZDhkN2Y0MGEwZjc1ZWM0ODJlOTNmYmI1OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fbAuLgY4IQdwicpgBfRrA/DD8d3
CV9n0Y90GSvE5/x9Na40qkdFr6E2EcKgm/L1uDyOmqfhdC4gXN7/Ad+EMs2j1u8p
vDThQe3EgED6r18eYNJAOGHZOwn5b6wBxj6yFZ2xfmB2xTORYGGBCfOANiDK04gI
rdKgN8CVowdoYxOIfOsOEaEM2GMEPVAWEzBd0RVcvMhuNJrNqErPCvxIjaU81iZ3
unwY34sme81TaIFMPqRdXexvALeRPas1xpF4PBeFieNi6xxh14iauXE1938QM5e+
f3Dzj0Pa6A5xYo5zP3tPC/JfRd7haaVEWibhzX5lLOlYzNd/xMTpuAsFBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbC1U3dWf2Nf0Cg917Eguk/u1knMB8GA1UdIwQY
MBaAFIfDfQNdlf77odR/mLn/SXPxffbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTIt
ZTFiN2M3NjQ5ZmEzLzEvRnNMVlRkMVpfWTFfUUtEM1hzU0M2VC03V1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS81ZWYwNjAtZjQ3My00MDQzLWI4YTItZTFiN2M3NjQ5ZmEz
LzEvaDhOOUExMlZfdnVoMUgtWXVmOUpjX0Y5OXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTs0MA0G
CSqGSIb3DQEBCwUAA4IBAQAQxqymSHzpUqgh8ZrDgv1ziHcDmWA1OxVpXW83GT9X
K+PghGEnZzmBriIErXEYSdZGKhHfqhHQjzHV8HQZqhx8D/C0z6nu/bdvB7XzMndx
b8TUFEuyOat33xlR8Y5jk+VP7kZJJwIunV9iisJ39Kr++tggZNlD2aMjYL8yzq8h
TieQCefECXiqYnSJg1rFX7vd7HAHABAuccaCfBHKGInHG1ZIjwhIUAxUrDCNiF6X
KaXakZncP8dW5qIWqMT+bHPenmfv9GKVuFQmQ0FQ7suuMng/A478hjL1gvR1+D3R
gsA4IRSUCWlF4kzJDDAPzgYLIGsc1+5DiIG3urad/Ogn
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:23:56 2025 by rpki-client