Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/fRfYTFrvzDmGp4DgYCf5CTa4BWk.roa
File: fRfYTFrvzDmGp4DgYCf5CTa4BWk.roa (raw, json)
Hash identifier: 8+ivyjKOK9XU+rYZkbxFvkTVk6Yv/MHnjxmXiO2eTsc=
Subject key identifier: 7D:17:D8:4C:5A:EF:CC:39:86:A7:80:E0:60:27:F9:09:36:B8:05:69
Certificate issuer: /CN=d99ea9587e5ea4e963ad7ae7f125761c0e292563
Certificate serial: 0194258EDF8CC0CA43D32B8859C6A22DA473
Authority key identifier: D9:9E:A9:58:7E:5E:A4:E9:63:AD:7A:E7:F1:25:76:1C:0E:29:25:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Z6pWH5epOljrXrn8SV2HA4pJWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/fRfYTFrvzDmGp4DgYCf5CTa4BWk.roa
Signing time: Thu 02 Jan 2025 05:48:27 +0000
ROA not before: Thu 02 Jan 2025 05:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20802
IP address blocks: 185.111.220.0/22 maxlen: 24
2a06:6000::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:df:8c:c0:ca:43:d3:2b:88:59:c6:a2:2d:a4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d99ea9587e5ea4e963ad7ae7f125761c0e292563
Validity
Not Before: Jan 2 05:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d17d84c5aefcc3986a780e06027f90936b80569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cd:ab:a0:8a:bd:e1:2f:1b:9d:a4:2c:00:f4:
f9:e2:f6:0c:c6:4d:e1:df:91:4e:9e:38:db:9f:71:
92:0e:e9:13:b4:43:be:19:c5:87:93:58:be:df:9d:
d6:b9:b0:95:c4:d6:2c:c0:37:a9:50:8f:98:88:ef:
04:00:f1:e3:0c:6e:6c:48:e7:1a:97:11:b4:95:bf:
31:c3:33:53:61:7a:cf:79:a0:61:3b:14:69:20:ce:
29:e0:e7:ac:e0:85:a9:c2:05:45:a2:b7:21:62:c2:
ae:8a:ba:e2:00:04:98:93:93:95:4c:40:27:30:7f:
02:5a:e4:14:ad:16:4c:50:27:b4:2f:f0:05:7a:9d:
c3:59:ec:e5:98:1a:b9:7a:c0:a1:97:12:58:1d:77:
86:68:24:65:50:3c:b5:d0:f5:b0:2e:46:8c:98:91:
8c:a5:74:16:28:1d:57:dc:fc:d7:e5:f2:0e:03:70:
2d:0f:6d:df:4a:a8:d9:36:ab:a7:9a:df:6f:c4:91:
b1:ff:d1:17:28:23:b5:7e:03:e5:b3:3e:2e:94:0c:
e1:6f:39:61:e5:10:76:83:32:0c:59:51:a9:5a:49:
60:5d:8d:77:0d:ae:67:0b:f2:b5:92:4f:e2:66:b3:
60:02:e3:08:f5:16:a2:c1:24:ca:93:c9:41:b2:8e:
14:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:17:D8:4C:5A:EF:CC:39:86:A7:80:E0:60:27:F9:09:36:B8:05:69
X509v3 Authority Key Identifier:
keyid:D9:9E:A9:58:7E:5E:A4:E9:63:AD:7A:E7:F1:25:76:1C:0E:29:25:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Z6pWH5epOljrXrn8SV2HA4pJWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/fRfYTFrvzDmGp4DgYCf5CTa4BWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/2Z6pWH5epOljrXrn8SV2HA4pJWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.220.0/22
IPv6:
2a06:6000::/29
Signature Algorithm: sha256WithRSAEncryption
34:90:34:2e:50:eb:1c:8f:a1:3d:5d:20:2e:4f:82:3b:42:d1:
02:75:a6:c9:04:e5:07:c5:a0:82:b7:ff:ac:89:8c:e4:39:48:
e8:ba:89:37:44:fb:ad:2e:fc:86:74:ac:93:c2:4e:03:5a:1f:
4a:41:c2:e3:53:37:10:43:1c:95:f0:38:78:b4:3b:3c:cb:e9:
7f:a4:b6:3d:1d:e7:fb:f3:4c:54:4b:e5:55:24:a1:a5:7f:c1:
91:1e:e2:8a:6a:b4:23:b1:f3:93:2b:2a:f9:dd:f0:90:f4:f0:
0c:9c:0f:ca:cb:f9:12:20:c4:12:3b:49:96:8f:94:61:6b:36:
ee:7b:05:88:e2:f8:d5:43:0a:c3:2d:34:6b:83:c2:00:09:c7:
68:2e:14:1f:94:40:4a:e8:2b:cb:8b:d8:69:a1:68:0e:2d:62:
40:fd:82:6c:b0:08:29:7f:45:e9:3c:a8:27:30:9f:13:f9:74:
ae:26:4c:54:8b:9d:6f:31:9f:ce:1c:0c:f6:34:3c:43:f0:11:
1b:3a:d8:a2:b4:d0:55:32:24:85:47:c2:7d:af:f3:bb:77:88:
7f:b0:1b:8f:79:be:bc:20:64:14:74:fa:a7:d7:ed:c2:13:63:
3a:3c:61:aa:e0:03:c9:d9:ad:b0:b8:ad:b4:db:1e:be:98:90:
5f:3b:ee:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljt+MwMpD0yuIWcaiLaRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OWVhOTU4N2U1ZWE0ZTk2M2FkN2FlN2YxMjU3NjFjMGUy
OTI1NjMwHhcNMjUwMTAyMDU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE3ZDg0YzVhZWZjYzM5ODZhNzgwZTA2MDI3ZjkwOTM2YjgwNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn82roIq94S8bnaQsAPT54vYMxk3h
35FOnjjbn3GSDukTtEO+GcWHk1i+353WubCVxNYswDepUI+YiO8EAPHjDG5sSOca
lxG0lb8xwzNTYXrPeaBhOxRpIM4p4Oes4IWpwgVForchYsKuirriAASYk5OVTEAn
MH8CWuQUrRZMUCe0L/AFep3DWezlmBq5esChlxJYHXeGaCRlUDy10PWwLkaMmJGM
pXQWKB1X3PzX5fIOA3AtD23fSqjZNqunmt9vxJGx/9EXKCO1fgPlsz4ulAzhbzlh
5RB2gzIMWVGpWklgXY13Da5nC/K1kk/iZrNgAuMI9RaiwSTKk8lBso4UFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH0X2Exa78w5hqeA4GAn+Qk2uAVpMB8GA1UdIwQY
MBaAFNmeqVh+XqTpY6165/EldhwOKSVjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlo2cFdINWVwT2xqclhybjhTVjJIQTRwSldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YzFiMDItZTY3OC00ZTg2LTk5MDUt
MDdkZjAxNmM0MWI4LzEvZlJmWVRGcnZ6RG1HcDREZ1lDZjVDVGE0QldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YzFiMDItZTY3OC00ZTg2LTk5MDUtMDdkZjAxNmM0MWI4
LzEvMlo2cFdINWVwT2xqclhybjhTVjJIQTRwSldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW/cMA0E
AgACMAcDBQMqBmAAMA0GCSqGSIb3DQEBCwUAA4IBAQA0kDQuUOscj6E9XSAuT4I7
QtECdabJBOUHxaCCt/+siYzkOUjouok3RPutLvyGdKyTwk4DWh9KQcLjUzcQQxyV
8Dh4tDs8y+l/pLY9Hef780xUS+VVJKGlf8GRHuKKarQjsfOTKyr53fCQ9PAMnA/K
y/kSIMQSO0mWj5RhazbuewWI4vjVQwrDLTRrg8IACcdoLhQflEBK6CvLi9hpoWgO
LWJA/YJssAgpf0XpPKgnMJ8T+XSuJkxUi51vMZ/OHAz2NDxD8BEbOtiitNBVMiSF
R8J9r/O7d4h/sBuPeb68IGQUdPqn1+3CE2M6PGGq4APJ2a2wuK202x6+mJBfO+4c
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:23 2025 by rpki-client