Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/FGtLl-BGyEYokPIB-Aq3lF8Fxxg.roa
File: FGtLl-BGyEYokPIB-Aq3lF8Fxxg.roa (raw, json)
Hash identifier: anAwbjnvDtr+Uh32d7UWHxBR03X4cZ/nnmKGFnLO84w=
Subject key identifier: 14:6B:4B:97:E0:46:C8:46:28:90:F2:01:F8:0A:B7:94:5F:05:C7:18
Certificate issuer: /CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Certificate serial: 0185E35550426D32D2DC549A346233215CBF
Authority key identifier: 34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/FGtLl-BGyEYokPIB-Aq3lF8Fxxg.roa
Signing time: Tue 24 Jan 2023 10:31:37 +0000
ROA not before: Tue 24 Jan 2023 10:31:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.138.164.0/24 maxlen: 24
2a11:4c02::/32 maxlen: 32
2a11:4c03::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:55:50:42:6d:32:d2:dc:54:9a:34:62:33:21:5c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a9eb6c4d3a57c9a56456ddbf0012b81750b1d3
Validity
Not Before: Jan 24 10:31:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=146b4b97e046c8462890f201f80ab7945f05c718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e5:5e:57:a8:e8:4a:e9:c3:58:fe:81:78:92:
08:e6:b7:47:da:ec:24:0f:e8:26:0d:7e:ec:c8:d9:
21:95:a5:26:3c:f6:66:2f:0e:c8:88:b0:ff:c4:1e:
94:e3:40:6b:f1:11:20:88:ce:4f:d5:91:cd:3b:d8:
c5:5f:a0:18:5a:9b:f0:e4:3c:fc:89:2a:0f:93:ee:
30:d2:5b:71:b6:dc:ad:bf:d3:ed:10:d5:40:ac:ae:
a7:bd:2a:e6:34:c9:a0:e4:fd:0b:fc:40:25:fc:13:
1b:9e:84:16:dd:8e:00:52:74:df:0a:14:c8:06:a4:
11:16:fe:3a:9e:76:2d:3d:48:06:93:ed:bd:95:ff:
24:d1:76:f6:1d:0f:69:18:4e:04:df:78:52:46:f4:
bd:6c:cd:b1:3b:17:00:72:5b:43:ba:98:e8:d8:f3:
e1:90:05:18:ff:4f:01:25:1d:ea:b5:3f:39:16:e9:
99:ef:bd:d9:39:35:cf:5a:dc:58:59:c3:bc:f6:40:
e2:2c:8f:1f:f4:ef:98:ba:87:aa:d5:ea:96:99:ec:
38:2e:ec:fd:c3:91:c6:0e:f9:47:58:fd:fd:bc:10:
36:70:80:9c:cb:f6:44:28:da:4a:60:19:c4:05:4f:
b3:ac:2f:7d:d9:11:6d:c7:b6:68:1c:16:af:66:20:
a0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:6B:4B:97:E0:46:C8:46:28:90:F2:01:F8:0A:B7:94:5F:05:C7:18
X509v3 Authority Key Identifier:
keyid:34:A9:EB:6C:4D:3A:57:C9:A5:64:56:DD:BF:00:12:B8:17:50:B1:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKnrbE06V8mlZFbdvwASuBdQsdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/FGtLl-BGyEYokPIB-Aq3lF8Fxxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9d8427-8e60-4429-84b3-345d064da7bf/1/NKnrbE06V8mlZFbdvwASuBdQsdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.164.0/24
IPv6:
2a11:4c02::-2a11:4c04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:f2:a6:06:0c:75:e5:e9:fb:ea:0f:45:46:92:86:de:d3:b5:
30:9a:b2:0d:c8:eb:d4:b5:85:db:82:3e:9f:c9:6d:e4:72:65:
fc:d9:ca:b9:b4:a3:67:e1:86:75:06:aa:7c:62:78:af:af:80:
90:33:89:71:47:40:3d:70:ea:76:ff:a3:8f:ab:6a:93:e3:d2:
4f:00:f6:94:f1:2d:25:b4:16:81:00:ea:3d:51:71:8d:d0:ec:
65:f0:2d:f1:f9:87:d6:e0:ac:7e:d2:8c:38:a9:6f:3c:44:0c:
64:71:a7:e7:f6:79:42:20:b9:d8:c2:60:2c:3c:da:e8:54:4f:
3f:f9:4b:a8:b9:f8:54:28:04:d8:f7:33:58:6a:49:5f:2f:0f:
26:26:7a:c4:0c:8c:fb:7d:9c:44:74:d7:92:f8:a8:26:63:48:
d7:6f:9e:70:e9:f2:7a:99:b1:13:20:87:08:b7:1c:b7:6c:36:
70:fe:76:3f:23:b0:05:ce:0d:e2:e6:f7:34:78:7c:08:61:62:
b4:81:71:11:83:9e:a0:e1:ff:8c:ab:06:12:51:01:8a:e6:36:
8b:c3:17:5e:35:7f:e0:ab:cc:bf:33:98:c3:21:52:45:2a:48:
c7:09:a1:4a:eb:b2:6c:a9:35:11:5b:02:52:23:5d:4d:1f:c3:
a0:4f:a2:86
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXjVVBCbTLS3FSaNGIzIVy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTllYjZjNGQzYTU3YzlhNTY0NTZkZGJmMDAxMmI4MTc1
MGIxZDMwHhcNMjMwMTI0MTAzMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDZiNGI5N2UwNDZjODQ2Mjg5MGYyMDFmODBhYjc5NDVmMDVjNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuVeV6joSunDWP6BeJII5rdH2uwk
D+gmDX7syNkhlaUmPPZmLw7IiLD/xB6U40Br8REgiM5P1ZHNO9jFX6AYWpvw5Dz8
iSoPk+4w0ltxttytv9PtENVArK6nvSrmNMmg5P0L/EAl/BMbnoQW3Y4AUnTfChTI
BqQRFv46nnYtPUgGk+29lf8k0Xb2HQ9pGE4E33hSRvS9bM2xOxcAcltDupjo2PPh
kAUY/08BJR3qtT85FumZ773ZOTXPWtxYWcO89kDiLI8f9O+Yuoeq1eqWmew4Luz9
w5HGDvlHWP39vBA2cICcy/ZEKNpKYBnEBU+zrC992RFtx7ZoHBavZiCgXQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBRrS5fgRshGKJDyAfgKt5RfBccYMB8GA1UdIwQY
MBaAFDSp62xNOlfJpWRW3b8AErgXULHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMt
MzQ1ZDA2NGRhN2JmLzEvRkd0TGwtQkd5RVlva1BJQi1BcTNsRjhGeHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85ZDg0MjctOGU2MC00NDI5LTg0YjMtMzQ1ZDA2NGRhN2Jm
LzEvTktucmJFMDZWOG1sWkZiZHZ3QVN1QmRRc2RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAuYqkMBYE
AgACMBAwDgMFASoRTAIDBQAqEUwEMA0GCSqGSIb3DQEBCwUAA4IBAQAE8qYGDHXl
6fvqD0VGkobe07UwmrINyOvUtYXbgj6fyW3kcmX82cq5tKNn4YZ1Bqp8Ynivr4CQ
M4lxR0A9cOp2/6OPq2qT49JPAPaU8S0ltBaBAOo9UXGN0Oxl8C3x+YfW4Kx+0ow4
qW88RAxkcafn9nlCILnYwmAsPNroVE8/+UuoufhUKATY9zNYaklfLw8mJnrEDIz7
fZxEdNeS+KgmY0jXb55w6fJ6mbETIIcItxy3bDZw/nY/I7AFzg3i5vc0eHwIYWK0
gXERg56g4f+MqwYSUQGK5jaLwxdeNX/gq8y/M5jDIVJFKkjHCaFK67JsqTURWwJS
I11NH8OgT6KG
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:02:40 2025 by rpki-client