Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/T65vqqQCj0Js7DJ85sBppVKxPcU.roa
File: T65vqqQCj0Js7DJ85sBppVKxPcU.roa (raw, json)
Hash identifier: FL22UNhyCGLfnbVMSxPZxrBCfuIiaLb00z7Ca3ye/lo=
Subject key identifier: 4F:AE:6F:AA:A4:02:8F:42:6C:EC:32:7C:E6:C0:69:A5:52:B1:3D:C5
Certificate issuer: /CN=7cb3a34e3dd0a71d4d9eaf358eb43d8b68e5e0e8
Certificate serial: 01941F8CA31CB172E8B0B8A381B725C1AAF9
Authority key identifier: 7C:B3:A3:4E:3D:D0:A7:1D:4D:9E:AF:35:8E:B4:3D:8B:68:E5:E0:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fLOjTj3Qpx1Nnq81jrQ9i2jl4Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/T65vqqQCj0Js7DJ85sBppVKxPcU.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43623
IP address blocks: 194.59.34.0/23 maxlen: 23
194.59.35.0/24 maxlen: 24
194.127.132.0/23 maxlen: 23
194.127.132.0/24 maxlen: 24
194.127.133.0/24 maxlen: 24
217.66.32.0/20 maxlen: 20
217.66.32.0/24 maxlen: 24
217.66.33.0/24 maxlen: 24
217.66.35.0/24 maxlen: 24
217.66.36.0/24 maxlen: 24
217.66.37.0/24 maxlen: 24
217.66.38.0/24 maxlen: 24
217.66.39.0/24 maxlen: 24
217.66.42.0/24 maxlen: 24
217.66.43.0/24 maxlen: 24
217.66.44.0/24 maxlen: 24
217.66.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a3:1c:b1:72:e8:b0:b8:a3:81:b7:25:c1:aa:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cb3a34e3dd0a71d4d9eaf358eb43d8b68e5e0e8
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fae6faaa4028f426cec327ce6c069a552b13dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3f:70:96:08:be:07:26:e7:35:71:db:07:64:
c5:60:9d:70:0c:58:ab:90:90:49:06:b0:36:fd:52:
65:b1:4c:e9:67:8f:15:6a:7f:8d:8c:4b:4f:f1:42:
0b:b0:42:3a:3e:9e:75:e5:31:30:f5:da:9c:18:2e:
f6:af:00:a3:e6:2a:b4:ee:30:56:fb:0d:cb:72:90:
0d:a9:ab:3b:79:f1:5b:13:89:ba:51:c0:b5:60:d7:
cc:d5:be:73:23:4c:07:e4:a5:4b:90:b0:ea:f4:88:
b0:49:92:9d:a8:89:db:09:e6:4a:91:99:0c:e6:98:
3c:b0:4d:6b:89:76:26:b8:40:75:a9:28:88:e1:04:
15:70:89:d2:ed:39:fa:f2:11:56:d2:01:6f:31:a2:
4d:b8:49:66:55:51:26:13:c3:8b:fc:3d:51:bf:2b:
91:fb:3b:22:e3:30:82:3c:ba:34:5a:66:fe:be:d9:
9b:aa:a0:e6:44:a8:a5:a1:78:38:19:cd:2c:03:50:
57:9a:e6:c5:d3:b8:46:e3:14:e5:3d:e0:0c:77:f1:
24:3e:da:31:a2:8f:7c:f0:94:1a:05:a1:fb:6d:f2:
08:28:43:c7:34:57:4c:4b:49:bb:9c:df:9a:cd:b3:
2a:bd:17:2a:b9:ba:35:35:b7:38:75:0a:4c:ca:a5:
1e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:AE:6F:AA:A4:02:8F:42:6C:EC:32:7C:E6:C0:69:A5:52:B1:3D:C5
X509v3 Authority Key Identifier:
keyid:7C:B3:A3:4E:3D:D0:A7:1D:4D:9E:AF:35:8E:B4:3D:8B:68:E5:E0:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fLOjTj3Qpx1Nnq81jrQ9i2jl4Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/T65vqqQCj0Js7DJ85sBppVKxPcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2f5dc5-65eb-4c08-ac4d-f46b5d57a685/1/fLOjTj3Qpx1Nnq81jrQ9i2jl4Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.34.0/23
194.127.132.0/23
217.66.32.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:44:66:27:9c:f5:cd:f4:d1:dc:e2:3f:4e:8d:dd:22:83:11:
98:83:f4:79:de:b7:4d:cd:af:32:cb:be:ce:23:40:fa:b0:93:
af:fb:cd:79:f9:3a:8a:72:f1:bb:71:21:ad:aa:2b:2f:00:f3:
7f:6d:22:b2:00:a8:8f:ff:3e:0c:a7:0a:df:5c:ba:f0:35:f0:
05:70:f4:64:99:e7:97:bc:bf:3c:c4:76:de:35:f8:12:1e:ee:
29:6c:60:c1:bb:13:e3:52:89:bd:71:6c:20:e1:0b:c9:fe:ee:
b2:a4:26:59:f0:db:10:f6:a6:41:e5:11:20:52:f8:43:33:c7:
69:49:8a:79:a3:9a:bb:ac:18:e0:69:df:73:0f:3f:8c:d5:54:
40:7a:6a:99:d3:bb:7c:e6:d6:32:5b:b6:b3:c8:b2:b4:2f:50:
26:d5:b7:26:48:76:15:ce:f6:de:bd:ca:27:f2:f0:61:a4:78:
78:d9:4b:d5:7c:74:b2:0d:31:59:46:f9:e2:79:2d:52:25:f9:
27:3c:3f:5e:93:34:5c:c2:5f:98:5a:4a:8f:ef:a6:1d:d2:7b:
0c:30:03:e1:1a:3c:f8:71:b7:46:c0:2f:34:e4:a4:56:a3:25:
98:0c:38:7e:e4:28:14:af:00:4f:0a:ec:71:72:b8:80:d3:bd:
a6:aa:d3:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjKMcsXLosLijgbclwar5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYjNhMzRlM2RkMGE3MWQ0ZDllYWYzNThlYjQzZDhiNjhl
NWUwZTgwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmFlNmZhYWE0MDI4ZjQyNmNlYzMyN2NlNmMwNjlhNTUyYjEzZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD9wlgi+BybnNXHbB2TFYJ1wDFir
kJBJBrA2/VJlsUzpZ48Van+NjEtP8UILsEI6Pp515TEw9dqcGC72rwCj5iq07jBW
+w3LcpANqas7efFbE4m6UcC1YNfM1b5zI0wH5KVLkLDq9IiwSZKdqInbCeZKkZkM
5pg8sE1riXYmuEB1qSiI4QQVcInS7Tn68hFW0gFvMaJNuElmVVEmE8OL/D1RvyuR
+zsi4zCCPLo0Wmb+vtmbqqDmRKiloXg4Gc0sA1BXmubF07hG4xTlPeAMd/EkPtox
oo988JQaBaH7bfIIKEPHNFdMS0m7nN+azbMqvRcqubo1Nbc4dQpMyqUeSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE+ub6qkAo9CbOwyfObAaaVSsT3FMB8GA1UdIwQY
MBaAFHyzo0490KcdTZ6vNY60PYto5eDoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkxPalRqM1FweDFObnE4MWpyUTlpMmpsNE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZjVkYzUtNjVlYi00YzA4LWFjNGQt
ZjQ2YjVkNTdhNjg1LzEvVDY1dnFxUUNqMEpzN0RKODVzQnBwVkt4UGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8yZjVkYzUtNjVlYi00YzA4LWFjNGQtZjQ2YjVkNTdhNjg1
LzEvZkxPalRqM1FweDFObnE4MWpyUTlpMmpsNE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwjsiAwQB
wn+EAwQE2UIgMA0GCSqGSIb3DQEBCwUAA4IBAQAtRGYnnPXN9NHc4j9Ojd0igxGY
g/R53rdNza8yy77OI0D6sJOv+815+TqKcvG7cSGtqisvAPN/bSKyAKiP/z4Mpwrf
XLrwNfAFcPRkmeeXvL88xHbeNfgSHu4pbGDBuxPjUom9cWwg4QvJ/u6ypCZZ8NsQ
9qZB5REgUvhDM8dpSYp5o5q7rBjgad9zDz+M1VRAemqZ07t85tYyW7azyLK0L1Am
1bcmSHYVzvbevcon8vBhpHh42UvVfHSyDTFZRvnieS1SJfknPD9ekzRcwl+YWkqP
76Yd0nsMMAPhGjz4cbdGwC805KRWoyWYDDh+5CgUrwBPCuxxcriA072mqtMa
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:50 2025 by rpki-client