Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fLg2SaMIQSlzSFYFGBORzBovTYk.roa
File: fLg2SaMIQSlzSFYFGBORzBovTYk.roa (raw, json)
Hash identifier: rlIWoEzmASI5VouJUKPcFn3tqT/IQL88vIzCEpCaf9k=
Subject key identifier: 7C:B8:36:49:A3:08:41:29:73:48:56:05:18:13:91:CC:1A:2F:4D:89
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E45E80FCC14AF827C60E05B89C833
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fLg2SaMIQSlzSFYFGBORzBovTYk.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 213.145.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:45:e8:0f:cc:14:af:82:7c:60:e0:5b:89:c8:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cb83649a308412973485605181391cc1a2f4d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ee:a0:9c:0a:79:a6:48:03:28:e3:e9:39:42:
5c:03:4b:b8:84:be:9c:d8:f8:b7:5d:4e:19:b1:13:
a1:40:56:32:d2:bd:d6:cf:43:1c:4a:f8:2a:24:83:
66:7d:b1:34:eb:78:4f:2f:1d:37:85:21:d0:70:12:
d5:88:9a:2a:0c:52:c4:45:f4:7f:db:c2:64:4e:87:
0f:f6:72:7b:7a:82:51:c8:fd:d5:53:2b:50:ee:de:
e0:df:1c:40:6e:e0:9f:d2:9b:e6:7a:52:09:f8:31:
c1:c0:0e:d7:40:b5:46:e6:42:b7:71:56:99:32:c6:
98:13:ad:21:4d:08:b7:61:13:a8:e3:43:0e:3b:50:
dc:c3:05:a2:af:34:ea:75:27:6d:c5:c1:84:54:08:
09:14:e8:75:32:7c:2a:05:8a:ea:fc:23:8b:06:b0:
14:bb:45:27:7a:60:e0:7d:e4:ef:4c:53:af:27:1d:
88:71:67:d7:a0:67:0a:e7:60:20:a3:e3:3b:2d:c8:
c0:f0:80:dc:01:88:0b:75:ee:6b:c7:62:28:75:4c:
da:47:c0:66:9f:ca:6e:7f:56:86:ab:b7:b8:29:d9:
d4:8c:43:3d:be:08:f5:02:89:a8:5d:82:97:03:8f:
81:0d:5c:b1:cc:a5:45:af:1e:9b:94:83:9b:df:cf:
89:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B8:36:49:A3:08:41:29:73:48:56:05:18:13:91:CC:1A:2F:4D:89
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fLg2SaMIQSlzSFYFGBORzBovTYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.67.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:b5:79:b1:bc:03:39:21:e6:93:d1:c6:79:70:28:3a:05:34:
1e:b6:66:bb:ff:4b:0f:2c:5c:74:10:38:4a:33:c4:a5:d4:be:
25:0b:23:68:2d:b0:fe:95:1a:7d:94:60:70:dd:f1:34:45:e9:
6a:bf:d3:3c:e3:2a:e6:4b:a5:ea:80:c4:24:45:56:c5:78:79:
d6:7f:1a:fa:6d:39:ae:ac:83:e1:84:76:ba:2f:a9:a9:58:35:
37:7c:40:a8:43:57:26:3e:79:b8:e9:07:a5:47:0b:52:ab:b1:
38:52:bf:f8:4f:5b:78:37:da:a1:fb:17:b1:20:03:b8:07:1e:
67:aa:9e:8f:5b:d2:eb:ed:91:65:08:c0:ce:27:1c:9a:02:a9:
93:df:b8:81:03:51:7e:c8:36:ff:81:fc:03:8b:65:ff:61:04:
b5:03:be:92:95:d5:7f:33:5e:58:a9:b2:c2:18:22:ec:ed:de:
1b:5c:b2:ae:34:16:c5:f9:8f:0d:b6:6d:0e:04:90:40:78:c4:
d1:45:25:5d:be:03:38:97:3e:ba:85:bc:d7:d8:78:2b:26:53:
9a:1d:86:09:8a:e7:c8:39:0b:24:24:27:ae:0d:7f:43:ab:fd:
43:c8:9d:fd:85:d6:5a:2b:fd:87:0a:0c:4e:9f:4a:f2:f5:ad:
b9:71:af:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkXoD8wUr4J8YOBbicgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2I4MzY0OWEzMDg0MTI5NzM0ODU2MDUxODEzOTFjYzFhMmY0ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+6gnAp5pkgDKOPpOUJcA0u4hL6c
2Pi3XU4ZsROhQFYy0r3Wz0McSvgqJINmfbE063hPLx03hSHQcBLViJoqDFLERfR/
28JkTocP9nJ7eoJRyP3VUytQ7t7g3xxAbuCf0pvmelIJ+DHBwA7XQLVG5kK3cVaZ
MsaYE60hTQi3YROo40MOO1DcwwWirzTqdSdtxcGEVAgJFOh1MnwqBYrq/COLBrAU
u0UnemDgfeTvTFOvJx2IcWfXoGcK52Ago+M7LcjA8IDcAYgLde5rx2IodUzaR8Bm
n8puf1aGq7e4KdnUjEM9vgj1AomoXYKXA4+BDVyxzKVFrx6blIOb38+JQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHy4NkmjCEEpc0hWBRgTkcwaL02JMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvZkxnMlNhTUlRU2x6U0ZZRkdCT1J6Qm92VFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZFDMA0G
CSqGSIb3DQEBCwUAA4IBAQActXmxvAM5IeaT0cZ5cCg6BTQetma7/0sPLFx0EDhK
M8Sl1L4lCyNoLbD+lRp9lGBw3fE0Relqv9M84yrmS6XqgMQkRVbFeHnWfxr6bTmu
rIPhhHa6L6mpWDU3fECoQ1cmPnm46QelRwtSq7E4Ur/4T1t4N9qh+xexIAO4Bx5n
qp6PW9Lr7ZFlCMDOJxyaAqmT37iBA1F+yDb/gfwDi2X/YQS1A76SldV/M15YqbLC
GCLs7d4bXLKuNBbF+Y8Ntm0OBJBAeMTRRSVdvgM4lz66hbzX2HgrJlOaHYYJiufI
OQskJCeuDX9Dq/1DyJ39hdZaK/2HCgxOn0ry9a25ca8W
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:14 2025 by rpki-client